Refactor out originalClientPid in connectHelper.

}

Status CameraService::validateConnectLocked(const std::string& cameraId,

        const std::string& clientName8, /*inout*/int& clientUid, /*inout*/int& clientPid,

        /*out*/int& originalClientPid) const {

        const std::string& clientName8, /*inout*/int& clientUid, /*inout*/int& clientPid) const {

#ifdef __BRILLO__

    UNUSED(clientName8);

    UNUSED(clientUid);

    UNUSED(clientPid);

    UNUSED(originalClientPid);

#else

    Status allowed = validateClientPermissionsLocked(cameraId, clientName8, clientUid, clientPid,

            originalClientPid);

    Status allowed = validateClientPermissionsLocked(cameraId, clientName8, clientUid, clientPid);

    if (!allowed.isOk()) {

        return allowed;

    }

}

Status CameraService::validateClientPermissionsLocked(const std::string& cameraId,

        const std::string& clientName, int& clientUid, int& clientPid,

        /*out*/int& originalClientPid) const {

        const std::string& clientName, int& clientUid, int& clientPid) const {

    int callingPid = getCallingPid();

    int callingUid = getCallingUid();

                "is enabled", clientName.c_str(), clientPid, clientUid, cameraId.c_str());

    }

    userid_t clientUserId = multiuser_get_user_id(clientUid);

    // Only use passed in clientPid to check permission. Use calling PID as the client PID that's

    // connected to camera service directly.

    originalClientPid = clientPid;

    clientPid = callingPid;

    userid_t clientUserId = multiuser_get_user_id(clientUid);

    // For non-system clients : Only allow clients who are being used by the current foreground

    // device user, unless calling from our own process.

        if (isHeadlessSystemUserMode()

                && (clientUserId == USER_SYSTEM)

                && !hasPermissionsForCameraHeadlessSystemUser(cameraId, callingPid, callingUid)) {

            ALOGE("Permission Denial: can't use the camera pid=%d, uid=%d", clientPid, clientUid);

            ALOGE("Permission Denial: can't use the camera pid=%d, uid=%d", callingPid, clientUid);

            return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,

                    "Caller \"%s\" (PID %d, UID %d) cannot open camera \"%s\" as Headless System \

                    User without camera headless system user permission",

                    clientName.c_str(), clientPid, clientUid, cameraId.c_str());

                    clientName.c_str(), callingPid, clientUid, cameraId.c_str());

        }

    }

    std::string clientPackageName;

    int packageUid = (clientUid == USE_CALLING_UID) ?

            getCallingUid() : clientUid;

    int callingPid = getCallingPid();

    if (clientPackageNameMaybe.size() <= 0) {

        // NDK calls don't come with package names, but we need one for various cases.

        // Generally, there's a 1:1 mapping between UID and package name, but shared UIDs

        clientPackageName = clientPackageNameMaybe;

    }

    int originalClientPid = 0;

    int packagePid = (clientPid == USE_CALLING_PID) ?

        getCallingPid() : clientPid;

        callingPid : clientPid;

    ALOGI("CameraService::connect call (PID %d \"%s\", camera ID %s) and "

            "Camera API version %d", packagePid, clientPackageName.c_str(), cameraId.c_str(),

            static_cast<int>(effectiveApiLevel));

        // Enforce client permissions and do basic validity checks

        if (!(ret = validateConnectLocked(cameraId, clientPackageName,

                /*inout*/clientUid, /*inout*/clientPid, /*out*/originalClientPid)).isOk()) {

                /*inout*/clientUid, /*inout*/clientPid)).isOk()) {

            return ret;

        }

        sp<BasicClient> clientTmp = nullptr;

        std::shared_ptr<resource_policy::ClientDescriptor<std::string, sp<BasicClient>>> partial;

        if ((err = handleEvictionsLocked(cameraId, originalClientPid, effectiveApiLevel,

        if ((err = handleEvictionsLocked(cameraId, clientPid, effectiveApiLevel,

                IInterface::asBinder(cameraCb), clientPackageName, oomScoreOffset,

                systemNativeClient, /*out*/&clientTmp, /*out*/&partial)) != NO_ERROR) {

            switch (err) {

        bool overrideForPerfClass = SessionConfigurationUtils::targetPerfClassPrimaryCamera(

                mPerfClassPrimaryCameraIds, cameraId, targetSdkVersion);

        // Only use passed in clientPid to check permission. Use calling PID as the client PID

        // that's connected to camera service directly.

        if(!(ret = makeClient(this, cameraCb, clientPackageName, systemNativeClient,

                clientFeatureId, cameraId, api1CameraId, facing,

                orientation, clientPid, clientUid, getpid(),

                orientation, callingPid, clientUid, getpid(),

                deviceVersionAndTransport, effectiveApiLevel, overrideForPerfClass,

                rotationOverride, forceSlowJpegMode, originalCameraId,

                /*out*/&tmp)).isOk()) {

    void removeStates(const std::string& id);

    // Check if we can connect, before we acquire the service lock.

    // The returned originalClientPid is the PID of the original process that wants to connect to

    // camera.

    // The returned clientPid is the PID of the client that directly connects to camera.

    // originalClientPid and clientPid are usually the same except when the application uses

    // mediaserver to connect to camera (using MediaRecorder to connect to camera). In that case,

    // clientPid is the PID of mediaserver and originalClientPid is the PID of the application.

    // If clientPid/clientUid are USE_CALLING_PID/USE_CALLING_UID, they will be overwritten with

    // the calling pid/uid.

    binder::Status validateConnectLocked(const std::string& cameraId, const std::string& clientName,

            /*inout*/int& clientUid, /*inout*/int& clientPid, /*out*/int& originalClientPid) const;

            /*inout*/int& clientUid, /*inout*/int& clientPid) const;

    binder::Status validateClientPermissionsLocked(const std::string& cameraId,

            const std::string& clientName, /*inout*/int& clientUid, /*inout*/int& clientPid,

            /*out*/int& originalClientPid) const;

            const std::string& clientName, /*inout*/int& clientUid, /*inout*/int& clientPid) const;

    bool isCameraPrivacyEnabled(const String16& packageName,const std::string& cameraId,

           int clientPid, int ClientUid);