Loading services/surfaceflinger/SurfaceFlinger.cpp +1 −1 Original line number Diff line number Diff line Loading @@ -5110,7 +5110,7 @@ status_t SurfaceFlinger::setTransactionState( const int originPid = ipc->getCallingPid(); const int originUid = ipc->getCallingUid(); uint32_t permissions = LayerStatePermissions::getTransactionPermissions(originPid, originUid); for (auto composerState : states) { for (auto& composerState : states) { composerState.state.sanitize(permissions); } Loading services/surfaceflinger/tests/Credentials_test.cpp +13 −5 Original line number Diff line number Diff line Loading @@ -358,8 +358,13 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { .apply(); } // Called from non privileged process Transaction().setTrustedOverlay(surfaceControl, true); // Attempt to set a trusted overlay from a non-privileged process. This should fail silently. { UIDFaker f{AID_BIN}; Transaction().setTrustedOverlay(surfaceControl, true).apply(/*synchronous=*/true); } // Verify that the layer was not made a trusted overlay. { UIDFaker f(AID_SYSTEM); auto windowIsPresentAndNotTrusted = [&](const std::vector<WindowInfo>& windowInfos) { Loading @@ -370,12 +375,14 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { } return !foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY); }; windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndNotTrusted); ASSERT_TRUE( windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndNotTrusted)); } // Verify that privileged processes are able to set trusted overlays. { UIDFaker f(AID_SYSTEM); Transaction().setTrustedOverlay(surfaceControl, true); Transaction().setTrustedOverlay(surfaceControl, true).apply(/*synchronous=*/true); auto windowIsPresentAndTrusted = [&](const std::vector<WindowInfo>& windowInfos) { auto foundWindowInfo = WindowInfosListenerUtils::findMatchingWindowInfo(windowInfo, windowInfos); Loading @@ -384,7 +391,8 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { } return foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY); }; windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndTrusted); ASSERT_TRUE( windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndTrusted)); } } Loading Loading
services/surfaceflinger/SurfaceFlinger.cpp +1 −1 Original line number Diff line number Diff line Loading @@ -5110,7 +5110,7 @@ status_t SurfaceFlinger::setTransactionState( const int originPid = ipc->getCallingPid(); const int originUid = ipc->getCallingUid(); uint32_t permissions = LayerStatePermissions::getTransactionPermissions(originPid, originUid); for (auto composerState : states) { for (auto& composerState : states) { composerState.state.sanitize(permissions); } Loading
services/surfaceflinger/tests/Credentials_test.cpp +13 −5 Original line number Diff line number Diff line Loading @@ -358,8 +358,13 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { .apply(); } // Called from non privileged process Transaction().setTrustedOverlay(surfaceControl, true); // Attempt to set a trusted overlay from a non-privileged process. This should fail silently. { UIDFaker f{AID_BIN}; Transaction().setTrustedOverlay(surfaceControl, true).apply(/*synchronous=*/true); } // Verify that the layer was not made a trusted overlay. { UIDFaker f(AID_SYSTEM); auto windowIsPresentAndNotTrusted = [&](const std::vector<WindowInfo>& windowInfos) { Loading @@ -370,12 +375,14 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { } return !foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY); }; windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndNotTrusted); ASSERT_TRUE( windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndNotTrusted)); } // Verify that privileged processes are able to set trusted overlays. { UIDFaker f(AID_SYSTEM); Transaction().setTrustedOverlay(surfaceControl, true); Transaction().setTrustedOverlay(surfaceControl, true).apply(/*synchronous=*/true); auto windowIsPresentAndTrusted = [&](const std::vector<WindowInfo>& windowInfos) { auto foundWindowInfo = WindowInfosListenerUtils::findMatchingWindowInfo(windowInfo, windowInfos); Loading @@ -384,7 +391,8 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { } return foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY); }; windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndTrusted); ASSERT_TRUE( windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndTrusted)); } } Loading
