From b89ea9d9533864bc6f73a24a4d33d3edba6d1365 Mon Sep 17 00:00:00 2001 From: Robert Carr Date: Mon, 10 Dec 2018 13:01:14 -0800 Subject: SurfaceFlinger: Removed createScopedConnection. Scoped connections existed to constrain clients to only making surfaces with parents. However now that we support off-screen parents this is no longer required and we can use normal connections everywhere. We take however care that only priviledged clients can place layers in the current state. Test: Manual Bug: 62536731 Bug: 111373437 Bug: 111297488 Change-Id: I0a034767e92becec63071d7b1e3e71b95d505b77 --- services/surfaceflinger/Client.cpp | 63 ++------------------------------------ 1 file changed, 2 insertions(+), 61 deletions(-) (limited to 'services/surfaceflinger/Client.cpp') diff --git a/services/surfaceflinger/Client.cpp b/services/surfaceflinger/Client.cpp index 0b59147c5a..ee4ec506f7 100644 --- a/services/surfaceflinger/Client.cpp +++ b/services/surfaceflinger/Client.cpp @@ -35,13 +35,7 @@ const String16 sAccessSurfaceFlinger("android.permission.ACCESS_SURFACE_FLINGER" // --------------------------------------------------------------------------- Client::Client(const sp& flinger) - : Client(flinger, nullptr) -{ -} - -Client::Client(const sp& flinger, const sp& parentLayer) - : mFlinger(flinger), - mParentLayer(parentLayer) + : mFlinger(flinger) { } @@ -65,25 +59,6 @@ Client::~Client() } } -void Client::updateParent(const sp& parentLayer) { - Mutex::Autolock _l(mLock); - - // If we didn't ever have a parent, then we must instead be - // relying on permissions and we never need a parent. - if (mParentLayer != nullptr) { - mParentLayer = parentLayer; - } -} - -sp Client::getParentLayer(bool* outParentDied) const { - Mutex::Autolock _l(mLock); - sp parent = mParentLayer.promote(); - if (outParentDied != nullptr) { - *outParentDied = (mParentLayer != nullptr && parent == nullptr); - } - return parent; -} - status_t Client::initCheck() const { return NO_ERROR; } @@ -119,32 +94,6 @@ sp Client::getLayerUser(const sp& handle) const } -status_t Client::onTransact( - uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags) -{ - // these must be checked - IPCThreadState* ipc = IPCThreadState::self(); - const int pid = ipc->getCallingPid(); - const int uid = ipc->getCallingUid(); - const int self_pid = getpid(); - // If we are called from another non root process without the GRAPHICS, SYSTEM, or ROOT - // uid we require the sAccessSurfaceFlinger permission. - // We grant an exception in the case that the Client has a "parent layer", as its - // effects will be scoped to that layer. - if (CC_UNLIKELY(pid != self_pid && uid != AID_GRAPHICS && uid != AID_SYSTEM && uid != 0) - && (getParentLayer() == nullptr)) { - // we're called from a different process, do the real check - if (!PermissionCache::checkCallingPermission(sAccessSurfaceFlinger)) - { - ALOGE("Permission Denial: " - "can't openGlobalTransaction pid=%d, uid<=%d", pid, uid); - return PERMISSION_DENIED; - } - } - return BnSurfaceComposerClient::onTransact(code, data, reply, flags); -} - - status_t Client::createSurface( const String8& name, uint32_t w, uint32_t h, PixelFormat format, uint32_t flags, @@ -160,16 +109,8 @@ status_t Client::createSurface( return NAME_NOT_FOUND; } } - if (parent == nullptr) { - bool parentDied; - parent = getParentLayer(&parentDied); - // If we had a parent, but it died, we've lost all - // our capabilities. - if (parentDied) { - return NAME_NOT_FOUND; - } - } + // We rely on createLayer to check permissions. return mFlinger->createLayer(name, this, w, h, format, flags, windowType, ownerUid, handle, gbp, &parent); } -- cgit v1.2.3-59-g8ed1b