diff options
| author | 2022-04-05 22:13:47 +0000 | |
|---|---|---|
| committer | 2022-04-05 22:13:47 +0000 | |
| commit | 7c8d637adfdbd11c75449e172fe155ee6e42790c (patch) | |
| tree | 65855dae2b788b4efb8f64ea61a05c48e930052b /libs/gui/LayerState.cpp | |
| parent | 36cf85e10ab0e1275349d68a220bd1f4f29de8e8 (diff) | |
| parent | 842a412840fbab2332a27d646a167177b110abf4 (diff) | |
Merge "DO NOT MERGE: SurfaceFlinger: Add Transaction#sanitize" into sc-qpr1-dev
Diffstat (limited to 'libs/gui/LayerState.cpp')
| -rw-r--r-- | libs/gui/LayerState.cpp | 65 | 
1 files changed, 65 insertions, 0 deletions
| diff --git a/libs/gui/LayerState.cpp b/libs/gui/LayerState.cpp index 2f31fbbb68..bb4b44684f 100644 --- a/libs/gui/LayerState.cpp +++ b/libs/gui/LayerState.cpp @@ -381,6 +381,71 @@ void DisplayState::merge(const DisplayState& other) {      }  } +void layer_state_t::sanitize(int32_t permissions) { +    // TODO: b/109894387 +    // +    // SurfaceFlinger's renderer is not prepared to handle cropping in the face of arbitrary +    // rotation. To see the problem observe that if we have a square parent, and a child +    // of the same size, then we rotate the child 45 degrees around its center, the child +    // must now be cropped to a non rectangular 8 sided region. +    // +    // Of course we can fix this in the future. For now, we are lucky, SurfaceControl is +    // private API, and arbitrary rotation is used in limited use cases, for instance: +    // - WindowManager only uses rotation in one case, which is on a top level layer in which +    //   cropping is not an issue. +    // - Launcher, as a privileged app, uses this to transition an application to PiP +    //   (picture-in-picture) mode. +    // +    // However given that abuse of rotation matrices could lead to surfaces extending outside +    // of cropped areas, we need to prevent non-root clients without permission +    // ACCESS_SURFACE_FLINGER nor ROTATE_SURFACE_FLINGER +    // (a.k.a. everyone except WindowManager / tests / Launcher) from setting non rectangle +    // preserving transformations. +    if (what & eMatrixChanged) { +        if (!(permissions & Permission::ROTATE_SURFACE_FLINGER)) { +            ui::Transform t; +            t.set(matrix.dsdx, matrix.dtdy, matrix.dtdx, matrix.dsdy); +            if (!t.preserveRects()) { +                what &= ~eMatrixChanged; +                ALOGE("Stripped non rect preserving matrix in sanitize"); +            } +        } +    } + +    if (what & layer_state_t::eInputInfoChanged) { +        if (!(permissions & Permission::ACCESS_SURFACE_FLINGER)) { +            what &= ~eInputInfoChanged; +            ALOGE("Stripped attempt to set eInputInfoChanged in sanitize"); +        } +    } +    if (what & layer_state_t::eTrustedOverlayChanged) { +        if (!(permissions & Permission::ACCESS_SURFACE_FLINGER)) { +            what &= ~eTrustedOverlayChanged; +            ALOGE("Stripped attempt to set eTrustedOverlay in sanitize"); +        } +    } +    if (what & layer_state_t::eDropInputModeChanged) { +        if (!(permissions & Permission::ACCESS_SURFACE_FLINGER)) { +            what &= ~eDropInputModeChanged; +            ALOGE("Stripped attempt to set eDropInputModeChanged in sanitize"); +        } +    } +    if (what & layer_state_t::eFrameRateSelectionPriority) { +        if (!(permissions & Permission::ACCESS_SURFACE_FLINGER)) { +            what &= ~eFrameRateSelectionPriority; +            ALOGE("Stripped attempt to set eFrameRateSelectionPriority in sanitize"); +        } +    } +    if (what & layer_state_t::eFrameRateChanged) { +        if (!ValidateFrameRate(frameRate, frameRateCompatibility, +                               changeFrameRateStrategy, +                               "layer_state_t::sanitize", +                               permissions & Permission::ACCESS_SURFACE_FLINGER)) { +            what &= ~eFrameRateChanged; // logged in ValidateFrameRate +        } +    } +} +  void layer_state_t::merge(const layer_state_t& other) {      if (other.what & ePositionChanged) {          what |= ePositionChanged; |