cameraserver: Enforce system only camera permissions in camera1 api. In camera1 api - getNumberOfCameras won't count hidden secure cameras. - getNumberOfCameras will return public non system cameras or public cameras depending on whether the client has SYSTEM_CAMERA and CAMERA permissions or not. - getCameraInfo checks for SYSTEM_CAMERA and CAMERA permissions in case the info is requested for a system camera. Bug: 140243224 Test: Harcode all cameras as SYSTEM_ONLY_CAMERA; cts camera1 tests get 0 on calling getNumberOfCameras() without using adoptShellPermissionIdentity(). Test: Harcode all cameras as SYSTEM_ONLY_CAMERA; cts camera1 tests get a finite number on calling getNumberOfCameras() when adoptShellPermissionIdentity() is used. Test: Harcode all cameras as HIDDEN_CAMERA; cts camera1 tests get 0 when calling getNumberOfCameras. Change-Id: I9d1721fd5e94fa7f692c3da52aa667ae9247d368 Signed-off-by: Jayant Chowdhary <jchowdhary@google.com>

commit: 847947d80ddf61c74c9a36161ba55f37acc730f0 [log] [tgz]
author: Jayant Chowdhary <jchowdhary@google.com> Fri Aug 30 18:02:59 2019 -0700
committer: Jayant Chowdhary <jchowdhary@google.com> Wed Sep 18 09:18:33 2019 -0700
tree: 85a02f981c026951cd06b2e014aa95db25396aeb
parent: 20ea1ca9e0cee18b1e3097865a8c105951407493 [diff] [blame]
diff --git a/services/camera/libcameraservice/CameraService.h b/services/camera/libcameraservice/CameraService.h
index 7c77e16..058d57e 100644
--- a/services/camera/libcameraservice/CameraService.h
+++ b/services/camera/libcameraservice/CameraService.h

@@ -667,6 +667,13 @@
         return mCameraProviderManager->getSystemCameraKind(cameraId.c_str());
     }
 
+    // Update the set of API1Compatible camera devices without including system
+    // cameras and secure cameras. This is used for hiding system only cameras
+    // from clients using camera1 api and not having android.permission.SYSTEM_CAMERA.
+    // This function expects @param normalDeviceIds, to have normalDeviceIds
+    // sorted in alpha-numeric order.
+    void filterAPI1SystemCameraLocked(const std::vector<std::string> &normalDeviceIds);
+
     // Single implementation shared between the various connect calls
     template<class CALLBACK, class CLIENT>
     binder::Status connectHelper(const sp<CALLBACK>& cameraCb, const String8& cameraId,
@@ -821,9 +828,14 @@
      */
     void updateCameraNumAndIds();
 
+    // Number of camera devices (excluding hidden secure cameras)
     int                 mNumberOfCameras;
+    // Number of camera devices (excluding hidden secure cameras and
+    // system cameras)
+    int                 mNumberOfCamerasWithoutSystemCamera;
 
     std::vector<std::string> mNormalDeviceIds;
+    std::vector<std::string> mNormalDeviceIdsWithoutSystemCamera;
 
     // sounds
     sp<MediaPlayer>     newMediaPlayer(const char *file);
commit	847947d80ddf61c74c9a36161ba55f37acc730f0	[log] [tgz]
author	Jayant Chowdhary <jchowdhary@google.com>	Fri Aug 30 18:02:59 2019 -0700
committer	Jayant Chowdhary <jchowdhary@google.com>	Wed Sep 18 09:18:33 2019 -0700
tree	85a02f981c026951cd06b2e014aa95db25396aeb
parent	20ea1ca9e0cee18b1e3097865a8c105951407493 [diff] [blame]