Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 108b2c7d authored by Robert Carr's avatar Robert Carr
Browse files

SurfaceFlinger: Indicate whether we have captured secure layers. 

For purposes of the screen rotation animation the system server is allowed
to capture secure (not protected) layers and trusted not to persist screenshots
which may contain secure layers. However when displaying the screen rotation animation,
the layer the screenshot is placed on will itself not be secure, so if we record
the animation the recording will contain persisted versions of the secure content. Here
we forward whether the screenshot contains secure content so that system server can do the right thing.

Bug: 69703445
Test: Transaction_test#SetFlagsSecureEuidSystem
Change-Id: I828cfe3faee3a0c84525f90b9df8b66e392bc240
parent dee669c2

libs/gui/ISurfaceComposer.cpp

+10 −4
Original line number Original line Diff line number Diff line
@@ -109,7 +109,7 @@ public: 
    }

    }





    virtual status_t captureScreen(const sp<IBinder>& display, sp<GraphicBuffer>* outBuffer,

    virtual status_t captureScreen(const sp<IBinder>& display, sp<GraphicBuffer>* outBuffer,

                                   const ui::Dataspace reqDataspace,

                                   bool& outCapturedSecureLayers, const ui::Dataspace reqDataspace,

                                   const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                                   const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                                   uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

                                   uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

                                   ISurfaceComposer::Rotation rotation, bool captureSecureLayers) {

                                   ISurfaceComposer::Rotation rotation, bool captureSecureLayers) {
@@ -137,6 +137,7 @@ public: 




        *outBuffer = new GraphicBuffer();

        *outBuffer = new GraphicBuffer();

        reply.read(**outBuffer);

        reply.read(**outBuffer);

        outCapturedSecureLayers = reply.readBool();





        return result;

        return result;

    }

    }
@@ -1027,12 +1028,17 @@ status_t BnSurfaceComposer::onTransact( 
            int32_t rotation = data.readInt32();

            int32_t rotation = data.readInt32();

            bool captureSecureLayers = static_cast<bool>(data.readInt32());

            bool captureSecureLayers = static_cast<bool>(data.readInt32());





            status_t res = captureScreen(display, &outBuffer, reqDataspace, reqPixelFormat,

            bool capturedSecureLayers = false;

                                         sourceCrop, reqWidth, reqHeight, useIdentityTransform,

            status_t res = captureScreen(display, &outBuffer, capturedSecureLayers, reqDataspace,

                                         static_cast<ISurfaceComposer::Rotation>(rotation), captureSecureLayers);

                                         reqPixelFormat, sourceCrop, reqWidth, reqHeight,

                                         useIdentityTransform,

                                         static_cast<ISurfaceComposer::Rotation>(rotation),

                                         captureSecureLayers);



            reply->writeInt32(res);

            reply->writeInt32(res);

            if (res == NO_ERROR) {

            if (res == NO_ERROR) {

                reply->write(*outBuffer);

                reply->write(*outBuffer);

                reply->writeBool(capturedSecureLayers);

            }

            }

            return NO_ERROR;

            return NO_ERROR;

        }

        }

libs/gui/SurfaceComposerClient.cpp

+10 −7
Original line number Original line Diff line number Diff line
@@ -1542,11 +1542,13 @@ status_t SurfaceComposerClient::setDisplayBrightness(const sp<IBinder>& displayT 
status_t ScreenshotClient::capture(const sp<IBinder>& display, const ui::Dataspace reqDataSpace,

status_t ScreenshotClient::capture(const sp<IBinder>& display, const ui::Dataspace reqDataSpace,

                                   const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                                   const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                                   uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

                                   uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

                                   uint32_t rotation, bool captureSecureLayers, sp<GraphicBuffer>* outBuffer) {

                                   uint32_t rotation, bool captureSecureLayers,

                                   sp<GraphicBuffer>* outBuffer, bool& outCapturedSecureLayers) {

    sp<ISurfaceComposer> s(ComposerService::getComposerService());

    sp<ISurfaceComposer> s(ComposerService::getComposerService());

    if (s == nullptr) return NO_INIT;

    if (s == nullptr) return NO_INIT;

    status_t ret = s->captureScreen(display, outBuffer, reqDataSpace, reqPixelFormat, sourceCrop,

    status_t ret =

            reqWidth, reqHeight, useIdentityTransform,

            s->captureScreen(display, outBuffer, outCapturedSecureLayers, reqDataSpace,

                             reqPixelFormat, sourceCrop, reqWidth, reqHeight, useIdentityTransform,

                             static_cast<ISurfaceComposer::Rotation>(rotation),

                             static_cast<ISurfaceComposer::Rotation>(rotation),

                             captureSecureLayers);

                             captureSecureLayers);

    if (ret != NO_ERROR) {

    if (ret != NO_ERROR) {
@@ -1559,8 +1561,9 @@ status_t ScreenshotClient::capture(const sp<IBinder>& display, const ui::Dataspa 
                                   const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                                   const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                                   uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

                                   uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

                                   uint32_t rotation, sp<GraphicBuffer>* outBuffer) {

                                   uint32_t rotation, sp<GraphicBuffer>* outBuffer) {

    return capture(display, reqDataSpace, reqPixelFormat, sourceCrop, reqWidth,

    bool ignored;

            reqHeight, useIdentityTransform, rotation, false, outBuffer);

    return capture(display, reqDataSpace, reqPixelFormat, sourceCrop, reqWidth, reqHeight,

                   useIdentityTransform, rotation, false, outBuffer, ignored);

}

}





status_t ScreenshotClient::captureLayers(const sp<IBinder>& layerHandle,

status_t ScreenshotClient::captureLayers(const sp<IBinder>& layerHandle,

libs/gui/include/gui/ISurfaceComposer.h

+5 −3
Original line number Original line Diff line number Diff line
@@ -212,7 +212,7 @@ public: 
     * it) around its center.

     * it) around its center.

     */

     */

    virtual status_t captureScreen(const sp<IBinder>& display, sp<GraphicBuffer>* outBuffer,

    virtual status_t captureScreen(const sp<IBinder>& display, sp<GraphicBuffer>* outBuffer,

                                   const ui::Dataspace reqDataspace,

                                   bool& outCapturedSecureLayers, const ui::Dataspace reqDataspace,

                                   const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                                   const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                                   uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

                                   uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

                                   Rotation rotation = eRotateNone,

                                   Rotation rotation = eRotateNone,
@@ -241,8 +241,10 @@ public: 
    virtual status_t captureScreen(const sp<IBinder>& display, sp<GraphicBuffer>* outBuffer,

    virtual status_t captureScreen(const sp<IBinder>& display, sp<GraphicBuffer>* outBuffer,

                                   Rect sourceCrop, uint32_t reqWidth, uint32_t reqHeight,

                                   Rect sourceCrop, uint32_t reqWidth, uint32_t reqHeight,

                                   bool useIdentityTransform, Rotation rotation = eRotateNone) {

                                   bool useIdentityTransform, Rotation rotation = eRotateNone) {

        return captureScreen(display, outBuffer, ui::Dataspace::V0_SRGB, ui::PixelFormat::RGBA_8888,

        bool outIgnored;

                             sourceCrop, reqWidth, reqHeight, useIdentityTransform, rotation);

        return captureScreen(display, outBuffer, outIgnored, ui::Dataspace::V0_SRGB,

                             ui::PixelFormat::RGBA_8888, sourceCrop, reqWidth, reqHeight,

                             useIdentityTransform, rotation);

    }

    }





    template <class AA>

    template <class AA>

libs/gui/include/gui/SurfaceComposerClient.h

+2 −1
Original line number Original line Diff line number Diff line
@@ -509,7 +509,8 @@ public: 
    static status_t capture(const sp<IBinder>& display, const ui::Dataspace reqDataSpace,

    static status_t capture(const sp<IBinder>& display, const ui::Dataspace reqDataSpace,

                            const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                            const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                            uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

                            uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

                            uint32_t rotation, bool captureSecureLayers, sp<GraphicBuffer>* outBuffer);

                            uint32_t rotation, bool captureSecureLayers,

                            sp<GraphicBuffer>* outBuffer, bool& outCapturedSecureLayers);

    static status_t capture(const sp<IBinder>& display, const ui::Dataspace reqDataSpace,

    static status_t capture(const sp<IBinder>& display, const ui::Dataspace reqDataSpace,

                            const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                            const ui::PixelFormat reqPixelFormat, Rect sourceCrop,

                            uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

                            uint32_t reqWidth, uint32_t reqHeight, bool useIdentityTransform,

libs/gui/tests/Surface_test.cpp

+5 −3
Original line number Original line Diff line number Diff line
@@ -126,7 +126,7 @@ TEST_F(SurfaceTest, QueuesToWindowComposerIsTrueWhenPurgatorized) { 
}

}





// This test probably doesn't belong here.

// This test probably doesn't belong here.

TEST_F(SurfaceTest, ScreenshotsOfProtectedBuffersSucceed) {

TEST_F(SurfaceTest, ScreenshotsOfProtectedBuffersDontSucceed) {

    sp<ANativeWindow> anw(mSurface);

    sp<ANativeWindow> anw(mSurface);





    // Verify the screenshot works with no protected buffers.

    // Verify the screenshot works with no protected buffers.
@@ -136,8 +136,9 @@ TEST_F(SurfaceTest, ScreenshotsOfProtectedBuffersSucceed) { 
    ASSERT_FALSE(display == nullptr);

    ASSERT_FALSE(display == nullptr);





    sp<GraphicBuffer> outBuffer;

    sp<GraphicBuffer> outBuffer;

    bool ignored;

    ASSERT_EQ(NO_ERROR,

    ASSERT_EQ(NO_ERROR,

              sf->captureScreen(display, &outBuffer, ui::Dataspace::V0_SRGB,

              sf->captureScreen(display, &outBuffer, ignored, ui::Dataspace::V0_SRGB,

                                ui::PixelFormat::RGBA_8888, Rect(), 64, 64, false));

                                ui::PixelFormat::RGBA_8888, Rect(), 64, 64, false));





    ASSERT_EQ(NO_ERROR, native_window_api_connect(anw.get(),

    ASSERT_EQ(NO_ERROR, native_window_api_connect(anw.get(),
@@ -169,7 +170,7 @@ TEST_F(SurfaceTest, ScreenshotsOfProtectedBuffersSucceed) { 
        ASSERT_EQ(NO_ERROR, anw->queueBuffer(anw.get(), buf, -1));

        ASSERT_EQ(NO_ERROR, anw->queueBuffer(anw.get(), buf, -1));

    }

    }

    ASSERT_EQ(NO_ERROR,

    ASSERT_EQ(NO_ERROR,

              sf->captureScreen(display, &outBuffer, ui::Dataspace::V0_SRGB,

              sf->captureScreen(display, &outBuffer, ignored, ui::Dataspace::V0_SRGB,

                                ui::PixelFormat::RGBA_8888, Rect(), 64, 64, false));

                                ui::PixelFormat::RGBA_8888, Rect(), 64, 64, false));

}

}
@@ -615,6 +616,7 @@ public: 
    status_t setActiveColorMode(const sp<IBinder>& /*display*/,

    status_t setActiveColorMode(const sp<IBinder>& /*display*/,

        ColorMode /*colorMode*/) override { return NO_ERROR; }

        ColorMode /*colorMode*/) override { return NO_ERROR; }

    status_t captureScreen(const sp<IBinder>& /*display*/, sp<GraphicBuffer>* /*outBuffer*/,

    status_t captureScreen(const sp<IBinder>& /*display*/, sp<GraphicBuffer>* /*outBuffer*/,

                           bool& /* outCapturedSecureLayers */,

                           const ui::Dataspace /*reqDataspace*/,

                           const ui::Dataspace /*reqDataspace*/,

                           const ui::PixelFormat /*reqPixelFormat*/, Rect /*sourceCrop*/,

                           const ui::PixelFormat /*reqPixelFormat*/, Rect /*sourceCrop*/,

                           uint32_t /*reqWidth*/, uint32_t /*reqHeight*/,

                           uint32_t /*reqWidth*/, uint32_t /*reqHeight*/,