Fix transaction sanitization
Bug: 336648041
Test: CredentialsTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:04e41761914c3c3aaca965103be3679b7a7af76f)
Merged-In: I53894d014bfabc9c958a6f533d7e3b3a6dcd0a34
Change-Id: I53894d014bfabc9c958a6f533d7e3b3a6dcd0a34
diff --git a/services/surfaceflinger/SurfaceFlinger.cpp b/services/surfaceflinger/SurfaceFlinger.cpp
index cf5f55d..117fa0d 100644
--- a/services/surfaceflinger/SurfaceFlinger.cpp
+++ b/services/surfaceflinger/SurfaceFlinger.cpp
@@ -5029,7 +5029,7 @@
const int originPid = ipc->getCallingPid();
const int originUid = ipc->getCallingUid();
uint32_t permissions = LayerStatePermissions::getTransactionPermissions(originPid, originUid);
- for (auto composerState : states) {
+ for (auto& composerState : states) {
composerState.state.sanitize(permissions);
}
diff --git a/services/surfaceflinger/tests/Credentials_test.cpp b/services/surfaceflinger/tests/Credentials_test.cpp
index 822ac4d..51fc868 100644
--- a/services/surfaceflinger/tests/Credentials_test.cpp
+++ b/services/surfaceflinger/tests/Credentials_test.cpp
@@ -389,8 +389,13 @@
.apply();
}
- // Called from non privileged process
- Transaction().setTrustedOverlay(surfaceControl, true);
+ // Attempt to set a trusted overlay from a non-privileged process. This should fail silently.
+ {
+ UIDFaker f{AID_BIN};
+ Transaction().setTrustedOverlay(surfaceControl, true).apply(/*synchronous=*/true);
+ }
+
+ // Verify that the layer was not made a trusted overlay.
{
UIDFaker f(AID_SYSTEM);
auto windowIsPresentAndNotTrusted = [&](const std::vector<WindowInfo>& windowInfos) {
@@ -401,12 +406,14 @@
}
return !foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY);
};
- windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndNotTrusted);
+ ASSERT_TRUE(
+ windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndNotTrusted));
}
+ // Verify that privileged processes are able to set trusted overlays.
{
UIDFaker f(AID_SYSTEM);
- Transaction().setTrustedOverlay(surfaceControl, true);
+ Transaction().setTrustedOverlay(surfaceControl, true).apply(/*synchronous=*/true);
auto windowIsPresentAndTrusted = [&](const std::vector<WindowInfo>& windowInfos) {
auto foundWindowInfo =
WindowInfosListenerUtils::findMatchingWindowInfo(windowInfo, windowInfos);
@@ -415,7 +422,8 @@
}
return foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY);
};
- windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndTrusted);
+ ASSERT_TRUE(
+ windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndTrusted));
}
}