Merge "Cleaned up transaction sanitize calls" into udc-dev am: eb7596b8 am: e2ba12e4

        "ITransactionCompletedListener.cpp",

        "LayerDebugInfo.cpp",

        "LayerMetadata.cpp",

        "LayerStatePermissions.cpp",

        "LayerState.cpp",

        "OccupancyTracker.cpp",

        "StreamSplitter.cpp",

    status_t setTransactionState(const FrameTimelineInfo& frameTimelineInfo,

                                 Vector<ComposerState>& state, const Vector<DisplayState>& displays,

                                 uint32_t flags, const sp<IBinder>& applyToken,

                                 const InputWindowCommands& commands, int64_t desiredPresentTime,

                                 InputWindowCommands commands, int64_t desiredPresentTime,

                                 bool isAutoTimestamp,

                                 const std::vector<client_cache_t>& uncacheBuffers,

                                 bool hasListenerCallbacks,

            SAFE_PARCEL(data.readUint64, &transactionId);

            return setTransactionState(frameTimelineInfo, state, displays, stateFlags, applyToken,

                                       inputWindowCommands, desiredPresentTime, isAutoTimestamp,

                                       uncacheBuffers, hasListenerCallbacks, listenerCallbacks,

                                       transactionId);

                                       std::move(inputWindowCommands), desiredPresentTime,

                                       isAutoTimestamp, uncacheBuffers, hasListenerCallbacks,

                                       listenerCallbacks, transactionId);

        }

        default: {

            return BBinder::onTransact(code, data, reply, flags);

/*

 * Copyright (C) 2023 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#include <binder/IPCThreadState.h>

#include <gui/LayerStatePermissions.h>

#include <private/android_filesystem_config.h>

#ifndef __ANDROID_VNDK__

#include <binder/PermissionCache.h>

#endif // __ANDROID_VNDK__

#include <gui/LayerState.h>

namespace android {

std::unordered_map<std::string, int> LayerStatePermissions::mPermissionMap = {

        // If caller has ACCESS_SURFACE_FLINGER, they automatically get ROTATE_SURFACE_FLINGER

        // permission, as well

        {"android.permission.ACCESS_SURFACE_FLINGER",

         layer_state_t::Permission::ACCESS_SURFACE_FLINGER |

                 layer_state_t::Permission::ROTATE_SURFACE_FLINGER},

        {"android.permission.ROTATE_SURFACE_FLINGER",

         layer_state_t::Permission::ROTATE_SURFACE_FLINGER},

        {"android.permission.INTERNAL_SYSTEM_WINDOW",

         layer_state_t::Permission::INTERNAL_SYSTEM_WINDOW},

};

static bool callingThreadHasPermission(const std::string& permission __attribute__((unused)),

                                       int pid __attribute__((unused)),

                                       int uid __attribute__((unused))) {

#ifndef __ANDROID_VNDK__

    return uid == AID_GRAPHICS || uid == AID_SYSTEM ||

            PermissionCache::checkPermission(String16(permission.c_str()), pid, uid);

#endif // __ANDROID_VNDK__

    return false;

}

uint32_t LayerStatePermissions::getTransactionPermissions(int pid, int uid) {

    uint32_t permissions = 0;

    for (auto [permissionName, permissionVal] : mPermissionMap) {

        if (callingThreadHasPermission(permissionName, pid, uid)) {

            permissions |= permissionVal;

        }

    }

    return permissions;

}

} // namespace android

#include <ui/DynamicDisplayInfo.h>

#include <android-base/thread_annotations.h>

#include <gui/LayerStatePermissions.h>

#include <private/gui/ComposerService.h>

#include <private/gui/ComposerServiceAIDL.h>

    mListenerCallbacks = other.mListenerCallbacks;

}

void SurfaceComposerClient::Transaction::sanitize() {

void SurfaceComposerClient::Transaction::sanitize(int pid, int uid) {

    uint32_t permissions = LayerStatePermissions::getTransactionPermissions(pid, uid);

    for (auto & [handle, composerState] : mComposerStates) {

        composerState.state.sanitize(0 /* permissionMask */);

        composerState.state.sanitize(permissions);

    }

    if (!mInputWindowCommands.empty() &&

        (permissions & layer_state_t::Permission::ACCESS_SURFACE_FLINGER) == 0) {

        ALOGE("Only privileged callers are allowed to send input commands.");

        mInputWindowCommands.clear();

    }

}

std::unique_ptr<SurfaceComposerClient::Transaction>

SurfaceComposerClient::Transaction::createFromParcel(const Parcel* parcel) {

    virtual status_t setTransactionState(

            const FrameTimelineInfo& frameTimelineInfo, Vector<ComposerState>& state,

            const Vector<DisplayState>& displays, uint32_t flags, const sp<IBinder>& applyToken,

            const InputWindowCommands& inputWindowCommands, int64_t desiredPresentTime,

            InputWindowCommands inputWindowCommands, int64_t desiredPresentTime,

            bool isAutoTimestamp, const std::vector<client_cache_t>& uncacheBuffer,

            bool hasListenerCallbacks, const std::vector<ListenerCallbacks>& listenerCallbacks,

            uint64_t transactionId) = 0;