Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4e916b04 authored by Patrick Williams's avatar Patrick Williams Committed by Cherrypicker Worker
Browse files

Fix transaction sanitization 

Bug: 336648041
Test: CredentialsTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:04e41761914c3c3aaca965103be3679b7a7af76f)
Merged-In: I53894d014bfabc9c958a6f533d7e3b3a6dcd0a34
Change-Id: I53894d014bfabc9c958a6f533d7e3b3a6dcd0a34
24D1-dev is based on 24Q2-release. Therefore, we merged this CL to 24D1-dev.
parent e188462f

services/surfaceflinger/SurfaceFlinger.cpp

+1 −1
Original line number Diff line number Diff line
@@ -5050,7 +5050,7 @@ status_t SurfaceFlinger::setTransactionState( 
    const int originPid = ipc->getCallingPid();

    const int originUid = ipc->getCallingUid();

    uint32_t permissions = LayerStatePermissions::getTransactionPermissions(originPid, originUid);

    for (auto composerState : states) {

    for (auto& composerState : states) {

        composerState.state.sanitize(permissions);

    }

services/surfaceflinger/tests/Credentials_test.cpp

+13 −5
Original line number Diff line number Diff line
@@ -389,8 +389,13 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { 
                .apply();

    }



    // Called from non privileged process

    Transaction().setTrustedOverlay(surfaceControl, true);

    // Attempt to set a trusted overlay from a non-privileged process. This should fail silently.

    {

        UIDFaker f{AID_BIN};

        Transaction().setTrustedOverlay(surfaceControl, true).apply(/*synchronous=*/true);

    }



    // Verify that the layer was not made a trusted overlay.

    {

        UIDFaker f(AID_SYSTEM);

        auto windowIsPresentAndNotTrusted = [&](const std::vector<WindowInfo>& windowInfos) {
@@ -401,12 +406,14 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { 
            }

            return !foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY);

        };

        windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndNotTrusted);

        ASSERT_TRUE(

                windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndNotTrusted));

    }



    // Verify that privileged processes are able to set trusted overlays.

    {

        UIDFaker f(AID_SYSTEM);

        Transaction().setTrustedOverlay(surfaceControl, true);

        Transaction().setTrustedOverlay(surfaceControl, true).apply(/*synchronous=*/true);

        auto windowIsPresentAndTrusted = [&](const std::vector<WindowInfo>& windowInfos) {

            auto foundWindowInfo =

                    WindowInfosListenerUtils::findMatchingWindowInfo(windowInfo, windowInfos);
@@ -415,7 +422,8 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { 
            }

            return foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY);

        };

        windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndTrusted);

        ASSERT_TRUE(

                windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndTrusted));

    }

}