Allow screen capture for a specified uid.

Currently, screenshots can either be done on the entire display or for a
layer hierarchy. Screenshots can only be taken by a system process or a
process with the correct permission. This change introduces a way for an
app to screenshot itself without introducing security issues

The following checks are done:

1. If the request is from graphics or has READ_FRAME_BUFFER permission
flag, the request is allowed. If a uid was set to non -1, only layers
from the specified uid will be captured. If uid in args is -1,
everything will be in the screenshot, so no layers will be skipped

2. If the request doesn't have the permissions, the calling uid is
compared to the uid in the request. If they match, we allow the
screenshot code to proceed and only screenshot the layers with the
matching uid.

3. Otherwise, we return with PERMISSION_DENIED

Test: ScreenCaptureTest
Bug: 155825630

Change-Id: I129b5a7f489383bf6d2f0ee333a416babc1444a2

1 files changed, 4 insertions, 2 deletions

diff --git a/libs/gui/LayerState.cpp b/libs/gui/LayerState.cpp
index b215756d56..d07d4352ec 100644
--- a/libs/gui/LayerState.cpp
+++ b/libs/gui/LayerState.cpp
@@ -509,7 +509,8 @@ status_t CaptureArgs::write(Parcel& output) const {
     status_t status = output.writeInt32(static_cast<int32_t>(pixelFormat)) ?:
         output.write(sourceCrop) ?:
         output.writeFloat(frameScale) ?:
-        output.writeBool(captureSecureLayers);
+        output.writeBool(captureSecureLayers) ?:
+        output.writeInt32(uid);
     return status;
 }
 
@@ -518,7 +519,8 @@ status_t CaptureArgs::read(const Parcel& input) {
     status_t status = input.readInt32(&format) ?:
         input.read(sourceCrop) ?:
         input.readFloat(&frameScale) ?:
-        input.readBool(&captureSecureLayers);
+        input.readBool(&captureSecureLayers) ?:
+        input.readInt32(&uid);
 
     pixelFormat = static_cast<ui::PixelFormat>(format);
     return status;