Merge "Cleaned up transaction sanitize calls" into udc-dev am: eb7596b865

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/native/+/22652584 Change-Id: Iaf9163dd707561a14f5b4e101890dec73f814b78 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
author: Chavi Weingarten <chaviw@google.com> 2023-05-09 18:05:37 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2023-05-09 18:05:37 +0000
commit: e2ba12e4e241ea2f2acf3ca4e68b34fc5579256b (patch)
tree: f5c54eed9b34d565b8db422498ac69edcc96a0d5 /libs/gui/SurfaceComposerClient.cpp
parent: 4963163cda4c670abbebd5deb1c1d65ce876084f (diff)
parent: eb7596b865f35d9498e8d1e0f4169018cf423736 (diff)
1 files changed, 9 insertions, 3 deletions
diff --git a/libs/gui/SurfaceComposerClient.cpp b/libs/gui/SurfaceComposerClient.cpp
index eb5cc4f8ab..1b13ec1c06 100644
--- a/libs/gui/SurfaceComposerClient.cpp
+++ b/libs/gui/SurfaceComposerClient.cpp
@@ -54,6 +54,7 @@
 #include <ui/DynamicDisplayInfo.h>
 
 #include <android-base/thread_annotations.h>
+#include <gui/LayerStatePermissions.h>
 #include <private/gui/ComposerService.h>
 #include <private/gui/ComposerServiceAIDL.h>
 
@@ -716,11 +717,16 @@ SurfaceComposerClient::Transaction::Transaction(const Transaction& other)
     mListenerCallbacks = other.mListenerCallbacks;
 }
 
-void SurfaceComposerClient::Transaction::sanitize() {
+void SurfaceComposerClient::Transaction::sanitize(int pid, int uid) {
+    uint32_t permissions = LayerStatePermissions::getTransactionPermissions(pid, uid);
     for (auto & [handle, composerState] : mComposerStates) {
-        composerState.state.sanitize(0 /* permissionMask */);
+        composerState.state.sanitize(permissions);
+    }
+    if (!mInputWindowCommands.empty() &&
+        (permissions & layer_state_t::Permission::ACCESS_SURFACE_FLINGER) == 0) {
+        ALOGE("Only privileged callers are allowed to send input commands.");
+        mInputWindowCommands.clear();
     }
-    mInputWindowCommands.clear();
 }
 
 std::unique_ptr<SurfaceComposerClient::Transaction>
author	Chavi Weingarten <chaviw@google.com>	2023-05-09 18:05:37 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-05-09 18:05:37 +0000
commit	e2ba12e4e241ea2f2acf3ca4e68b34fc5579256b (patch)
tree	f5c54eed9b34d565b8db422498ac69edcc96a0d5 /libs/gui/SurfaceComposerClient.cpp
parent	4963163cda4c670abbebd5deb1c1d65ce876084f (diff)
parent	eb7596b865f35d9498e8d1e0f4169018cf423736 (diff)