Loading services/camera/libcameraservice/CameraService.cpp +6 −2 Original line number Original line Diff line number Diff line Loading @@ -2742,7 +2742,7 @@ CameraService::BasicClient::BasicClient(const sp<CameraService>& cameraService, mClientPackageName(clientPackageName), mClientPackageName(clientPackageName), mClientPid(clientPid), mClientUid(clientUid), mClientPid(clientPid), mClientUid(clientUid), mServicePid(servicePid), mServicePid(servicePid), mDisconnected(false), mDisconnected(false), mUidIsTrusted(false), mAudioRestriction(hardware::camera2::ICameraDeviceUser::AUDIO_RESTRICTION_NONE), mAudioRestriction(hardware::camera2::ICameraDeviceUser::AUDIO_RESTRICTION_NONE), mRemoteBinder(remoteCallback) mRemoteBinder(remoteCallback) { { Loading Loading @@ -2791,6 +2791,8 @@ CameraService::BasicClient::BasicClient(const sp<CameraService>& cameraService, if (getCurrentServingCall() != BinderCallType::HWBINDER) { if (getCurrentServingCall() != BinderCallType::HWBINDER) { mAppOpsManager = std::make_unique<AppOpsManager>(); mAppOpsManager = std::make_unique<AppOpsManager>(); } } mUidIsTrusted = isTrustedCallingUid(mClientUid); } } CameraService::BasicClient::~BasicClient() { CameraService::BasicClient::~BasicClient() { Loading Loading @@ -2905,7 +2907,9 @@ status_t CameraService::BasicClient::startCameraOps() { return PERMISSION_DENIED; return PERMISSION_DENIED; } } if (res == AppOpsManager::MODE_IGNORED) { // If the calling Uid is trusted (a native service), the AppOpsManager could // return MODE_IGNORED. Do not treat such case as error. if (!mUidIsTrusted && res == AppOpsManager::MODE_IGNORED) { ALOGI("Camera %s: Access for \"%s\" has been restricted", ALOGI("Camera %s: Access for \"%s\" has been restricted", mCameraIdStr.string(), String8(mClientPackageName).string()); mCameraIdStr.string(), String8(mClientPackageName).string()); // Return the same error as for device policy manager rejection // Return the same error as for device policy manager rejection Loading services/camera/libcameraservice/CameraService.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -323,6 +323,7 @@ public: const uid_t mClientUid; const uid_t mClientUid; const pid_t mServicePid; const pid_t mServicePid; bool mDisconnected; bool mDisconnected; bool mUidIsTrusted; mutable Mutex mAudioRestrictionLock; mutable Mutex mAudioRestrictionLock; int32_t mAudioRestriction; int32_t mAudioRestriction; Loading services/camera/libcameraservice/api2/CameraOfflineSessionClient.cpp +3 −1 Original line number Original line Diff line number Diff line Loading @@ -197,7 +197,9 @@ status_t CameraOfflineSessionClient::startCameraOps() { return PERMISSION_DENIED; return PERMISSION_DENIED; } } if (res == AppOpsManager::MODE_IGNORED) { // If the calling Uid is trusted (a native service), the AppOpsManager could // return MODE_IGNORED. Do not treat such case as error. if (!mUidIsTrusted && res == AppOpsManager::MODE_IGNORED) { ALOGI("Offline Camera %s: Access for \"%s\" has been restricted", ALOGI("Offline Camera %s: Access for \"%s\" has been restricted", mCameraIdStr.string(), String8(mClientPackageName).string()); mCameraIdStr.string(), String8(mClientPackageName).string()); // Return the same error as for device policy manager rejection // Return the same error as for device policy manager rejection Loading Loading
services/camera/libcameraservice/CameraService.cpp +6 −2 Original line number Original line Diff line number Diff line Loading @@ -2742,7 +2742,7 @@ CameraService::BasicClient::BasicClient(const sp<CameraService>& cameraService, mClientPackageName(clientPackageName), mClientPackageName(clientPackageName), mClientPid(clientPid), mClientUid(clientUid), mClientPid(clientPid), mClientUid(clientUid), mServicePid(servicePid), mServicePid(servicePid), mDisconnected(false), mDisconnected(false), mUidIsTrusted(false), mAudioRestriction(hardware::camera2::ICameraDeviceUser::AUDIO_RESTRICTION_NONE), mAudioRestriction(hardware::camera2::ICameraDeviceUser::AUDIO_RESTRICTION_NONE), mRemoteBinder(remoteCallback) mRemoteBinder(remoteCallback) { { Loading Loading @@ -2791,6 +2791,8 @@ CameraService::BasicClient::BasicClient(const sp<CameraService>& cameraService, if (getCurrentServingCall() != BinderCallType::HWBINDER) { if (getCurrentServingCall() != BinderCallType::HWBINDER) { mAppOpsManager = std::make_unique<AppOpsManager>(); mAppOpsManager = std::make_unique<AppOpsManager>(); } } mUidIsTrusted = isTrustedCallingUid(mClientUid); } } CameraService::BasicClient::~BasicClient() { CameraService::BasicClient::~BasicClient() { Loading Loading @@ -2905,7 +2907,9 @@ status_t CameraService::BasicClient::startCameraOps() { return PERMISSION_DENIED; return PERMISSION_DENIED; } } if (res == AppOpsManager::MODE_IGNORED) { // If the calling Uid is trusted (a native service), the AppOpsManager could // return MODE_IGNORED. Do not treat such case as error. if (!mUidIsTrusted && res == AppOpsManager::MODE_IGNORED) { ALOGI("Camera %s: Access for \"%s\" has been restricted", ALOGI("Camera %s: Access for \"%s\" has been restricted", mCameraIdStr.string(), String8(mClientPackageName).string()); mCameraIdStr.string(), String8(mClientPackageName).string()); // Return the same error as for device policy manager rejection // Return the same error as for device policy manager rejection Loading
services/camera/libcameraservice/CameraService.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -323,6 +323,7 @@ public: const uid_t mClientUid; const uid_t mClientUid; const pid_t mServicePid; const pid_t mServicePid; bool mDisconnected; bool mDisconnected; bool mUidIsTrusted; mutable Mutex mAudioRestrictionLock; mutable Mutex mAudioRestrictionLock; int32_t mAudioRestriction; int32_t mAudioRestriction; Loading
services/camera/libcameraservice/api2/CameraOfflineSessionClient.cpp +3 −1 Original line number Original line Diff line number Diff line Loading @@ -197,7 +197,9 @@ status_t CameraOfflineSessionClient::startCameraOps() { return PERMISSION_DENIED; return PERMISSION_DENIED; } } if (res == AppOpsManager::MODE_IGNORED) { // If the calling Uid is trusted (a native service), the AppOpsManager could // return MODE_IGNORED. Do not treat such case as error. if (!mUidIsTrusted && res == AppOpsManager::MODE_IGNORED) { ALOGI("Offline Camera %s: Access for \"%s\" has been restricted", ALOGI("Offline Camera %s: Access for \"%s\" has been restricted", mCameraIdStr.string(), String8(mClientPackageName).string()); mCameraIdStr.string(), String8(mClientPackageName).string()); // Return the same error as for device policy manager rejection // Return the same error as for device policy manager rejection Loading