From ac76ed94045f6efc28ce6f3bbaa77c2a22f8e53d Mon Sep 17 00:00:00 2001 From: Chavi Weingarten Date: Fri, 17 Nov 2023 20:48:00 +0000 Subject: Move LayoutParam secure flag so it's set on the WS level The LayoutParam secure flag set by the client is set on the WSA level. This causes a few issues: 1. Child windows don't inherit this flag since child windows are added beneath WS 2. Prevents moving the WSA's SC to the client since the secure flag needs to be set in WMS. Test: FlagSecureTest Bug: 308662081 Change-Id: I724ab0d834b0d74b33ccbb6bbd2c6f9c622c2a15 --- .../android/window/flags/window_surfaces.aconfig | 8 +++++++ data/etc/services.core.protolog.json | 12 +++++----- .../com/android/server/wm/RootWindowContainer.java | 2 +- .../android/server/wm/WindowManagerService.java | 4 ++-- .../java/com/android/server/wm/WindowState.java | 26 ++++++++++++++++++++++ .../com/android/server/wm/WindowStateAnimator.java | 14 +++++------- .../android/server/wm/WindowSurfaceController.java | 19 ---------------- 7 files changed, 48 insertions(+), 37 deletions(-) diff --git a/core/java/android/window/flags/window_surfaces.aconfig b/core/java/android/window/flags/window_surfaces.aconfig index 0da03fb5aaeb..2c9e1f2a9bcc 100644 --- a/core/java/android/window/flags/window_surfaces.aconfig +++ b/core/java/android/window/flags/window_surfaces.aconfig @@ -48,3 +48,11 @@ flag { is_fixed_read_only: true bug: "262477923" } + +flag { + namespace: "window_surfaces" + name: "secure_window_state" + description: "Move SC secure flag to WindowState level" + is_fixed_read_only: true + bug: "308662081" +} diff --git a/data/etc/services.core.protolog.json b/data/etc/services.core.protolog.json index f19acbe023b8..d36ac3914ff3 100644 --- a/data/etc/services.core.protolog.json +++ b/data/etc/services.core.protolog.json @@ -991,12 +991,6 @@ "group": "WM_DEBUG_WINDOW_INSETS", "at": "com\/android\/server\/wm\/InsetsSourceProvider.java" }, - "-1176488860": { - "message": "SURFACE isSecure=%b: %s", - "level": "INFO", - "group": "WM_SHOW_TRANSACTIONS", - "at": "com\/android\/server\/wm\/WindowSurfaceController.java" - }, "-1164930508": { "message": "Moving to RESUMED: %s (starting new instance) callers=%s", "level": "VERBOSE", @@ -3277,6 +3271,12 @@ "group": "WM_DEBUG_ORIENTATION", "at": "com\/android\/server\/wm\/ActivityRecord.java" }, + "810599500": { + "message": "SURFACE isSecure=%b: %s", + "level": "INFO", + "group": "WM_SHOW_TRANSACTIONS", + "at": "com\/android\/server\/wm\/WindowState.java" + }, "829434921": { "message": "Draw state now committed in %s", "level": "VERBOSE", diff --git a/services/core/java/com/android/server/wm/RootWindowContainer.java b/services/core/java/com/android/server/wm/RootWindowContainer.java index 0c235bae2006..7f5f178b4ace 100644 --- a/services/core/java/com/android/server/wm/RootWindowContainer.java +++ b/services/core/java/com/android/server/wm/RootWindowContainer.java @@ -627,7 +627,7 @@ class RootWindowContainer extends WindowContainer void refreshSecureSurfaceState() { forAllWindows((w) -> { if (w.mHasSurface) { - w.mWinAnimator.setSecureLocked(w.isSecureLocked()); + w.setSecureLocked(w.isSecureLocked()); } }, true /* traverseTopToBottom */); } diff --git a/services/core/java/com/android/server/wm/WindowManagerService.java b/services/core/java/com/android/server/wm/WindowManagerService.java index a69a07f9aee0..bf33742ed8bb 100644 --- a/services/core/java/com/android/server/wm/WindowManagerService.java +++ b/services/core/java/com/android/server/wm/WindowManagerService.java @@ -2327,8 +2327,8 @@ public class WindowManagerService extends IWindowManager.Stub boolean wallpaperMayMove = win.mViewVisibility != viewVisibility && win.hasWallpaper(); wallpaperMayMove |= (flagChanges & FLAG_SHOW_WALLPAPER) != 0; - if ((flagChanges & FLAG_SECURE) != 0 && winAnimator.mSurfaceController != null) { - winAnimator.mSurfaceController.setSecure(win.isSecureLocked()); + if ((flagChanges & FLAG_SECURE) != 0) { + win.setSecureLocked(win.isSecureLocked()); } final boolean wasVisible = win.isVisible(); diff --git a/services/core/java/com/android/server/wm/WindowState.java b/services/core/java/com/android/server/wm/WindowState.java index 3e43908994ad..4103d980f75c 100644 --- a/services/core/java/com/android/server/wm/WindowState.java +++ b/services/core/java/com/android/server/wm/WindowState.java @@ -109,6 +109,7 @@ import static com.android.internal.protolog.ProtoLogGroup.WM_DEBUG_RESIZE; import static com.android.internal.protolog.ProtoLogGroup.WM_DEBUG_STARTING_WINDOW; import static com.android.internal.protolog.ProtoLogGroup.WM_DEBUG_SYNC_ENGINE; import static com.android.internal.protolog.ProtoLogGroup.WM_DEBUG_WINDOW_INSETS; +import static com.android.internal.protolog.ProtoLogGroup.WM_SHOW_TRANSACTIONS; import static com.android.server.policy.WindowManagerPolicy.FINISH_LAYOUT_REDO_WALLPAPER; import static com.android.server.policy.WindowManagerPolicy.TRANSIT_ENTER; import static com.android.server.policy.WindowManagerPolicy.TRANSIT_EXIT; @@ -177,6 +178,7 @@ import static com.android.server.wm.WindowStateProto.UNRESTRICTED_KEEP_CLEAR_ARE import static com.android.server.wm.WindowStateProto.VIEW_VISIBILITY; import static com.android.server.wm.WindowStateProto.WINDOW_CONTAINER; import static com.android.server.wm.WindowStateProto.WINDOW_FRAMES; +import static com.android.window.flags.Flags.secureWindowState; import static com.android.window.flags.Flags.surfaceTrustedOverlay; import android.annotation.CallSuper; @@ -1195,6 +1197,9 @@ class WindowState extends WindowContainer implements WindowManagerP if (surfaceTrustedOverlay() && isWindowTrustedOverlay()) { getPendingTransaction().setTrustedOverlay(mSurfaceControl, true); } + if (secureWindowState()) { + getPendingTransaction().setSecure(mSurfaceControl, isSecureLocked()); + } } void updateTrustedOverlay() { @@ -6040,4 +6045,25 @@ class WindowState extends WindowContainer implements WindowManagerP // Cancel any draw requests during a sync. return mPrepareSyncSeqId > 0; } + + void setSecureLocked(boolean isSecure) { + ProtoLog.i(WM_SHOW_TRANSACTIONS, "SURFACE isSecure=%b: %s", isSecure, getName()); + if (secureWindowState()) { + if (mSurfaceControl == null) { + return; + } + getPendingTransaction().setSecure(mSurfaceControl, isSecure); + } else { + if (mWinAnimator.mSurfaceController == null + || mWinAnimator.mSurfaceController.mSurfaceControl == null) { + return; + } + getPendingTransaction().setSecure(mWinAnimator.mSurfaceController.mSurfaceControl, + isSecure); + } + if (mDisplayContent != null) { + mDisplayContent.refreshImeSecureFlag(getSyncTransaction()); + } + mWmService.scheduleAnimationLocked(); + } } diff --git a/services/core/java/com/android/server/wm/WindowStateAnimator.java b/services/core/java/com/android/server/wm/WindowStateAnimator.java index 3aac816fcd7a..44cd23d037c6 100644 --- a/services/core/java/com/android/server/wm/WindowStateAnimator.java +++ b/services/core/java/com/android/server/wm/WindowStateAnimator.java @@ -44,6 +44,7 @@ import static com.android.server.wm.WindowManagerService.logWithStack; import static com.android.server.wm.WindowStateAnimatorProto.DRAW_STATE; import static com.android.server.wm.WindowStateAnimatorProto.SURFACE; import static com.android.server.wm.WindowStateAnimatorProto.SYSTEM_DECOR_RECT; +import static com.android.window.flags.Flags.secureWindowState; import android.content.Context; import android.graphics.PixelFormat; @@ -286,8 +287,10 @@ class WindowStateAnimator { int flags = SurfaceControl.HIDDEN; final WindowManager.LayoutParams attrs = w.mAttrs; - if (w.isSecureLocked()) { - flags |= SurfaceControl.SECURE; + if (!secureWindowState()) { + if (w.isSecureLocked()) { + flags |= SurfaceControl.SECURE; + } } if ((mWin.mAttrs.privateFlags & PRIVATE_FLAG_IS_ROUNDED_CORNERS_OVERLAY) != 0) { @@ -488,13 +491,6 @@ class WindowStateAnimator { mSurfaceController.setOpaque(isOpaque); } - void setSecureLocked(boolean isSecure) { - if (mSurfaceController == null) { - return; - } - mSurfaceController.setSecure(isSecure); - } - void setColorSpaceAgnosticLocked(boolean agnostic) { if (mSurfaceController == null) { return; diff --git a/services/core/java/com/android/server/wm/WindowSurfaceController.java b/services/core/java/com/android/server/wm/WindowSurfaceController.java index d348491b3d2a..4456a94ef510 100644 --- a/services/core/java/com/android/server/wm/WindowSurfaceController.java +++ b/services/core/java/com/android/server/wm/WindowSurfaceController.java @@ -24,7 +24,6 @@ import static android.view.SurfaceControl.METADATA_WINDOW_TYPE; import static com.android.internal.protolog.ProtoLogGroup.WM_SHOW_SURFACE_ALLOC; import static com.android.internal.protolog.ProtoLogGroup.WM_SHOW_TRANSACTIONS; import static com.android.server.wm.WindowManagerDebugConfig.DEBUG_VISIBILITY; -import static com.android.server.wm.WindowManagerDebugConfig.SHOW_LIGHT_TRANSACTIONS; import static com.android.server.wm.WindowManagerDebugConfig.TAG_WITH_CLASS_NAME; import static com.android.server.wm.WindowManagerDebugConfig.TAG_WM; import static com.android.server.wm.WindowSurfaceControllerProto.SHOWN; @@ -152,24 +151,6 @@ class WindowSurfaceController { mService.scheduleAnimationLocked(); } - void setSecure(boolean isSecure) { - ProtoLog.i(WM_SHOW_TRANSACTIONS, "SURFACE isSecure=%b: %s", isSecure, title); - - if (mSurfaceControl == null) { - return; - } - if (SHOW_LIGHT_TRANSACTIONS) Slog.i(TAG, ">>> OPEN TRANSACTION setSecureLocked"); - - final SurfaceControl.Transaction t = mAnimator.mWin.getPendingTransaction(); - t.setSecure(mSurfaceControl, isSecure); - - final DisplayContent dc = mAnimator.mWin.mDisplayContent; - if (dc != null) { - dc.refreshImeSecureFlag(t); - } - mService.scheduleAnimationLocked(); - } - void setColorSpaceAgnostic(SurfaceControl.Transaction t, boolean agnostic) { ProtoLog.i(WM_SHOW_TRANSACTIONS, "SURFACE isColorSpaceAgnostic=%b: %s", agnostic, title); -- cgit v1.2.3-59-g8ed1b