Merge "SF: check secure layers in screenshot message handler" into nyc-dev

      mFlags(),

      mFlags(),

      mPageFlipCount(),

      mPageFlipCount(),

      mIsSecure(isSecure),

      mIsSecure(isSecure),

      mSecureLayerVisible(false),

      mLayerStack(NO_LAYER_STACK),

      mLayerStack(NO_LAYER_STACK),

      mOrientation(),

      mOrientation(),

      mPowerMode(HWC_POWER_MODE_OFF),

      mPowerMode(HWC_POWER_MODE_OFF),

void DisplayDevice::setVisibleLayersSortedByZ(const Vector< sp<Layer> >& layers) {

void DisplayDevice::setVisibleLayersSortedByZ(const Vector< sp<Layer> >& layers) {

    mVisibleLayersSortedByZ = layers;

    mVisibleLayersSortedByZ = layers;

    mSecureLayerVisible = false;

    size_t count = layers.size();

    for (size_t i=0 ; i<count ; i++) {

        const sp<Layer>& layer(layers[i]);

        if (layer->isSecure()) {

            mSecureLayerVisible = true;

        }

    }

}

}

const Vector< sp<Layer> >& DisplayDevice::getVisibleLayersSortedByZ() const {

const Vector< sp<Layer> >& DisplayDevice::getVisibleLayersSortedByZ() const {

    return mVisibleLayersSortedByZ;

    return mVisibleLayersSortedByZ;

}

}

bool DisplayDevice::getSecureLayerVisible() const {

    return mSecureLayerVisible;

}

Region DisplayDevice::getDirtyRegion(bool repaintEverything) const {

Region DisplayDevice::getDirtyRegion(bool repaintEverything) const {

    Region dirty;

    Region dirty;

    if (repaintEverything) {

    if (repaintEverything) {

    result.appendFormat(

    result.appendFormat(

        "+ DisplayDevice: %s\n"

        "+ DisplayDevice: %s\n"

        "   type=%x, hwcId=%d, layerStack=%u, (%4dx%4d), ANativeWindow=%p, orient=%2d (type=%08x), "

        "   type=%x, hwcId=%d, layerStack=%u, (%4dx%4d), ANativeWindow=%p, orient=%2d (type=%08x), "

        "flips=%u, isSecure=%d, secureVis=%d, powerMode=%d, activeConfig=%d, numLayers=%zu\n"

        "flips=%u, isSecure=%d, powerMode=%d, activeConfig=%d, numLayers=%zu\n"

        "   v:[%d,%d,%d,%d], f:[%d,%d,%d,%d], s:[%d,%d,%d,%d],"

        "   v:[%d,%d,%d,%d], f:[%d,%d,%d,%d], s:[%d,%d,%d,%d],"

        "transform:[[%0.3f,%0.3f,%0.3f][%0.3f,%0.3f,%0.3f][%0.3f,%0.3f,%0.3f]]\n",

        "transform:[[%0.3f,%0.3f,%0.3f][%0.3f,%0.3f,%0.3f][%0.3f,%0.3f,%0.3f]]\n",

        mDisplayName.string(), mType, mHwcDisplayId,

        mDisplayName.string(), mType, mHwcDisplayId,

        mLayerStack, mDisplayWidth, mDisplayHeight, mNativeWindow.get(),

        mLayerStack, mDisplayWidth, mDisplayHeight, mNativeWindow.get(),

        mOrientation, tr.getType(), getPageFlipCount(),

        mOrientation, tr.getType(), getPageFlipCount(),

        mIsSecure, mSecureLayerVisible, mPowerMode, mActiveConfig,

        mIsSecure, mPowerMode, mActiveConfig,

        mVisibleLayersSortedByZ.size(),

        mVisibleLayersSortedByZ.size(),

        mViewport.left, mViewport.top, mViewport.right, mViewport.bottom,

        mViewport.left, mViewport.top, mViewport.right, mViewport.bottom,

        mFrame.left, mFrame.top, mFrame.right, mFrame.bottom,

        mFrame.left, mFrame.top, mFrame.right, mFrame.bottom,

    void                    setVisibleLayersSortedByZ(const Vector< sp<Layer> >& layers);

    void                    setVisibleLayersSortedByZ(const Vector< sp<Layer> >& layers);

    const Vector< sp<Layer> >& getVisibleLayersSortedByZ() const;

    const Vector< sp<Layer> >& getVisibleLayersSortedByZ() const;

    bool                    getSecureLayerVisible() const;

    Region                  getDirtyRegion(bool repaintEverything) const;

    Region                  getDirtyRegion(bool repaintEverything) const;

    void                    setLayerStack(uint32_t stack);

    void                    setLayerStack(uint32_t stack);

    // list of visible layers on that display

    // list of visible layers on that display

    Vector< sp<Layer> > mVisibleLayersSortedByZ;

    Vector< sp<Layer> > mVisibleLayersSortedByZ;

    // Whether we have a visible secure layer on this display

    bool mSecureLayerVisible;

    /*

    /*

     * Transaction state

     * Transaction state

     */

     */

    // if we have secure windows on this display, never allow the screen capture

    // if we have secure windows on this display, never allow the screen capture

    // unless the producer interface is local (i.e.: we can take a screenshot for

    // unless the producer interface is local (i.e.: we can take a screenshot for

    // ourselves).

    // ourselves).

    if (!IInterface::asBinder(producer)->localBinder()) {

    bool isLocalScreenshot = IInterface::asBinder(producer)->localBinder();

        Mutex::Autolock _l(mStateLock);

        sp<const DisplayDevice> hw(getDisplayDevice(display));

        if (hw->getSecureLayerVisible()) {

            ALOGW("FB is protected: PERMISSION_DENIED");

            return PERMISSION_DENIED;

        }

    }

    // Convert to surfaceflinger's internal rotation type.

    // Convert to surfaceflinger's internal rotation type.

    Transform::orientation_flags rotationFlags;

    Transform::orientation_flags rotationFlags;

        bool useIdentityTransform;

        bool useIdentityTransform;

        Transform::orientation_flags rotation;

        Transform::orientation_flags rotation;

        status_t result;

        status_t result;

        bool isLocalScreenshot;

    public:

    public:

        MessageCaptureScreen(SurfaceFlinger* flinger,

        MessageCaptureScreen(SurfaceFlinger* flinger,

                const sp<IBinder>& display,

                const sp<IBinder>& display,

                const sp<IGraphicBufferProducer>& producer,

                const sp<IGraphicBufferProducer>& producer,

                Rect sourceCrop, uint32_t reqWidth, uint32_t reqHeight,

                Rect sourceCrop, uint32_t reqWidth, uint32_t reqHeight,

                uint32_t minLayerZ, uint32_t maxLayerZ,

                uint32_t minLayerZ, uint32_t maxLayerZ,

                bool useIdentityTransform, Transform::orientation_flags rotation)

                bool useIdentityTransform,

                Transform::orientation_flags rotation,

                bool isLocalScreenshot)

            : flinger(flinger), display(display), producer(producer),

            : flinger(flinger), display(display), producer(producer),

              sourceCrop(sourceCrop), reqWidth(reqWidth), reqHeight(reqHeight),

              sourceCrop(sourceCrop), reqWidth(reqWidth), reqHeight(reqHeight),

              minLayerZ(minLayerZ), maxLayerZ(maxLayerZ),

              minLayerZ(minLayerZ), maxLayerZ(maxLayerZ),

              useIdentityTransform(useIdentityTransform),

              useIdentityTransform(useIdentityTransform),

              rotation(rotation),

              rotation(rotation), result(PERMISSION_DENIED),

              result(PERMISSION_DENIED)

              isLocalScreenshot(isLocalScreenshot)

        {

        {

        }

        }

        status_t getResult() const {

        status_t getResult() const {

            sp<const DisplayDevice> hw(flinger->getDisplayDevice(display));

            sp<const DisplayDevice> hw(flinger->getDisplayDevice(display));

            result = flinger->captureScreenImplLocked(hw, producer,

            result = flinger->captureScreenImplLocked(hw, producer,

                    sourceCrop, reqWidth, reqHeight, minLayerZ, maxLayerZ,

                    sourceCrop, reqWidth, reqHeight, minLayerZ, maxLayerZ,

                    useIdentityTransform, rotation);

                    useIdentityTransform, rotation, isLocalScreenshot);

            static_cast<GraphicProducerWrapper*>(IInterface::asBinder(producer).get())->exit(result);

            static_cast<GraphicProducerWrapper*>(IInterface::asBinder(producer).get())->exit(result);

            return true;

            return true;

        }

        }

    sp<MessageBase> msg = new MessageCaptureScreen(this,

    sp<MessageBase> msg = new MessageCaptureScreen(this,

            display, IGraphicBufferProducer::asInterface( wrapper ),

            display, IGraphicBufferProducer::asInterface( wrapper ),

            sourceCrop, reqWidth, reqHeight, minLayerZ, maxLayerZ,

            sourceCrop, reqWidth, reqHeight, minLayerZ, maxLayerZ,

            useIdentityTransform, rotationFlags);

            useIdentityTransform, rotationFlags, isLocalScreenshot);

    status_t res = postMessageAsync(msg);

    status_t res = postMessageAsync(msg);

    if (res == NO_ERROR) {

    if (res == NO_ERROR) {

        const sp<IGraphicBufferProducer>& producer,

        const sp<IGraphicBufferProducer>& producer,

        Rect sourceCrop, uint32_t reqWidth, uint32_t reqHeight,

        Rect sourceCrop, uint32_t reqWidth, uint32_t reqHeight,

        uint32_t minLayerZ, uint32_t maxLayerZ,

        uint32_t minLayerZ, uint32_t maxLayerZ,

        bool useIdentityTransform, Transform::orientation_flags rotation)

        bool useIdentityTransform, Transform::orientation_flags rotation,

        bool isLocalScreenshot)

{

{

    ATRACE_CALL();

    ATRACE_CALL();

    reqWidth  = (!reqWidth)  ? hw_w : reqWidth;

    reqWidth  = (!reqWidth)  ? hw_w : reqWidth;

    reqHeight = (!reqHeight) ? hw_h : reqHeight;

    reqHeight = (!reqHeight) ? hw_h : reqHeight;

    bool secureLayerIsVisible = false;

    const LayerVector& layers(mDrawingState.layersSortedByZ);

    const size_t count = layers.size();

    for (size_t i = 0 ; i < count ; ++i) {

        const sp<Layer>& layer(layers[i]);

        const Layer::State& state(layer->getDrawingState());

        if (state.layerStack == hw->getLayerStack() && state.z >= minLayerZ &&

                state.z <= maxLayerZ && layer->isVisible() &&

                layer->isSecure()) {

            secureLayerIsVisible = true;

        }

    }

    if (!isLocalScreenshot && secureLayerIsVisible) {

        ALOGW("FB is protected: PERMISSION_DENIED");

        return PERMISSION_DENIED;

    }

    // create a surface (because we're a producer, and we need to

    // create a surface (because we're a producer, and we need to

    // dequeue/queue a buffer)

    // dequeue/queue a buffer)

    sp<Surface> sur = new Surface(producer, false);

    sp<Surface> sur = new Surface(producer, false);

            const sp<IGraphicBufferProducer>& producer,

            const sp<IGraphicBufferProducer>& producer,

            Rect sourceCrop, uint32_t reqWidth, uint32_t reqHeight,

            Rect sourceCrop, uint32_t reqWidth, uint32_t reqHeight,

            uint32_t minLayerZ, uint32_t maxLayerZ,

            uint32_t minLayerZ, uint32_t maxLayerZ,

            bool useIdentityTransform, Transform::orientation_flags rotation);

            bool useIdentityTransform, Transform::orientation_flags rotation,

            bool isLocalScreenshot);

    /* ------------------------------------------------------------------------

    /* ------------------------------------------------------------------------

     * EGL

     * EGL