Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 00bf6427 authored by Krzysztof Kosiński's avatar Krzysztof Kosiński
Browse files

Do not allocate protected AHardwareBuffers with CPU access. 

Depending on the gralloc implementation, allocating AHardwareBuffers
with PROTECTED_CONTENT usage and nonzero CPU read or write mask may
succeed, but the buffer won't be accessible by the CPU - either
because the lock() call will fail, or there will be memory violation
when trying to access the memory. Prevent allocating such buffers.

Bug: 77461051
Test: Builds and passes CtsNativeHardwareTestCases on Pixel XL.
Change-Id: I822c9fb2d8ce24cd0c0fc0ac765b7a71fd372199
parent b62346a3

libs/nativewindow/AHardwareBuffer.cpp

+7 −0
Original line number Diff line number Diff line
@@ -60,6 +60,13 @@ int AHardwareBuffer_allocate(const AHardwareBuffer_Desc* desc, AHardwareBuffer** 
        return BAD_VALUE;

    }



    if ((desc->usage & (AHARDWAREBUFFER_USAGE_CPU_READ_MASK | AHARDWAREBUFFER_USAGE_CPU_WRITE_MASK)) &&

        (desc->usage & AHARDWAREBUFFER_USAGE_PROTECTED_CONTENT)) {

        ALOGE("AHARDWAREBUFFER_USAGE_PROTECTED_CONTENT requires AHARDWAREBUFFER_USAGE_CPU_READ_NEVER "

              "and AHARDWAREBUFFER_USAGE_CPU_WRITE_NEVER");

        return BAD_VALUE;

    }



    uint64_t usage =  AHardwareBuffer_convertToGrallocUsageBits(desc->usage);

    sp<GraphicBuffer> gbuffer(new GraphicBuffer(

            desc->width, desc->height, format, desc->layers, usage,