Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2cf25e0d authored by Vladimir Komsiyski's avatar Vladimir Komsiyski
Browse files

Allow system windows for virtual devices only on trusted displays. 

Today CREATE_VIRTUAL_DEVICE permission is equivalent to
ADD_TRUSTED_DISPLAY permission - they're always granted together.
However, we want to decouple these in the future and allow for
"limited" virtual devices that cannot create trusted displays.

Bug: 350007866
Fix: 370656717
Test: cts
Flag: android.companion.virtualdevice.flags.status_bar_and_insets
Change-Id: I6cf021f292d6bf1ea4d4da4722c98b2d1a547c73
parent fc270041

services/core/java/com/android/server/policy/PhoneWindowManager.java

+2 −1
Original line number Diff line number Diff line
@@ -3177,8 +3177,9 @@ public class PhoneWindowManager implements WindowManagerPolicy { 
            return ADD_OKAY;

        }



        // Allow virtual device owners to add overlays on the displays they own.

        // Allow virtual device owners to add overlays on the trusted displays they own.

        if (mWindowManagerFuncs.isCallerVirtualDeviceOwner(displayId, callingUid)

                && mWindowManagerFuncs.isDisplayTrusted(displayId)

                && mContext.checkCallingOrSelfPermission(CREATE_VIRTUAL_DEVICE)

                == PERMISSION_GRANTED) {

            return ADD_OKAY;

services/core/java/com/android/server/policy/WindowManagerPolicy.java

+5 −0
Original line number Diff line number Diff line
@@ -368,6 +368,11 @@ public interface WindowManagerPolicy extends WindowManagerPolicyConstants { 
         * belongs to.

         */

        boolean isCallerVirtualDeviceOwner(int displayId, int callingUid);



        /**

         * Returns whether the display with the given ID is trusted.

         */

        boolean isDisplayTrusted(int displayId);

    }



    /**

services/core/java/com/android/server/wm/DisplayPolicy.java

+2 −1
Original line number Diff line number Diff line
@@ -1073,7 +1073,8 @@ public class DisplayPolicy { 


        final String systemUiPermission =

                mService.isCallerVirtualDeviceOwner(mDisplayContent.getDisplayId(), callingUid)

                        // Allow virtual device owners to add system windows on their displays.

                        && mDisplayContent.isTrusted()

                        // Virtual device owners can add system windows on their trusted displays.

                        ? android.Manifest.permission.CREATE_VIRTUAL_DEVICE

                        : android.Manifest.permission.STATUS_BAR_SERVICE;

services/core/java/com/android/server/wm/WindowManagerService.java

+16 −0
Original line number Diff line number Diff line
@@ -10170,6 +10170,22 @@ public class WindowManagerService extends IWindowManager.Stub 
        }

    }



    /**

     * Returns whether the display with the given ID is trusted.

     */

    @Override

    public boolean isDisplayTrusted(int displayId) {

        final long identity = Binder.clearCallingIdentity();

        try {

            synchronized (mGlobalLock) {

                DisplayContent dc = mRoot.getDisplayContent(displayId);

                return dc != null && dc.isTrusted();

            }

        } finally {

            Binder.restoreCallingIdentity(identity);

        }

    }



    @RequiresPermission(ACCESS_SURFACE_FLINGER)

    @Override

    public boolean replaceContentOnDisplay(int displayId, SurfaceControl sc) {