Camera: Fix client permission check
Modify StageFright's CameraSource to forward calling PID as
client PID when connecting to CameraService so CameraService
can check if the client PID has permission to use camera.
Change CameraService to check calling UID is trusted before
using the passed in client PID and client UID to verify permission.
Bug: 24511454
Change-Id: I4906ab73510e2c75714690bed675e3c13aca3ccf
diff --git a/include/camera/Camera.h b/include/camera/Camera.h
index f7bf29c..f19d296 100644
--- a/include/camera/Camera.h
+++ b/include/camera/Camera.h
@@ -52,7 +52,7 @@
typedef ICamera TCamUser;
typedef ICameraClient TCamCallbacks;
typedef status_t (ICameraService::*TCamConnectService)(const sp<ICameraClient>&,
- int, const String16&, int,
+ int, const String16&, int, int,
/*out*/
sp<ICamera>&);
static TCamConnectService fnConnectService;
@@ -67,12 +67,15 @@
enum {
USE_CALLING_UID = ICameraService::USE_CALLING_UID
};
+ enum {
+ USE_CALLING_PID = ICameraService::USE_CALLING_PID
+ };
// construct a camera client from an existing remote
static sp<Camera> create(const sp<ICamera>& camera);
static sp<Camera> connect(int cameraId,
const String16& clientPackageName,
- int clientUid);
+ int clientUid, int clientPid);
static status_t connectLegacy(int cameraId, int halVersion,
const String16& clientPackageName,
diff --git a/include/camera/CameraBase.h b/include/camera/CameraBase.h
index 1b93157..d8561ed 100644
--- a/include/camera/CameraBase.h
+++ b/include/camera/CameraBase.h
@@ -61,7 +61,7 @@
static sp<TCam> connect(int cameraId,
const String16& clientPackageName,
- int clientUid);
+ int clientUid, int clientPid);
virtual void disconnect();
void setListener(const sp<TCamListener>& listener);
diff --git a/include/camera/ICameraService.h b/include/camera/ICameraService.h
index 1b68b5f..d568b4d 100644
--- a/include/camera/ICameraService.h
+++ b/include/camera/ICameraService.h
@@ -55,6 +55,10 @@
};
enum {
+ USE_CALLING_PID = -1
+ };
+
+ enum {
USE_CALLING_UID = -1
};
@@ -113,14 +117,17 @@
virtual status_t removeListener(const sp<ICameraServiceListener>& listener)
= 0;
/**
- * clientPackageName and clientUid are used for permissions checking. if
- * clientUid == USE_CALLING_UID, then the calling UID is used instead. Only
- * trusted callers can set a clientUid other than USE_CALLING_UID.
+ * clientPackageName, clientUid, and clientPid are used for permissions checking. If
+ * clientUid == USE_CALLING_UID, then the calling UID is used instead. If
+ * clientPid == USE_CALLING_PID, then the calling PID is used instead. Only
+ * trusted callers can set a clientUid and clientPid other than USE_CALLING_UID and
+ * USE_CALLING_UID respectively.
*/
virtual status_t connect(const sp<ICameraClient>& cameraClient,
int cameraId,
const String16& clientPackageName,
int clientUid,
+ int clientPid,
/*out*/
sp<ICamera>& device) = 0;
diff --git a/include/media/stagefright/CameraSource.h b/include/media/stagefright/CameraSource.h
index 769adf8..3d00d30 100644
--- a/include/media/stagefright/CameraSource.h
+++ b/include/media/stagefright/CameraSource.h
@@ -61,6 +61,8 @@
* permissions checking.
* @param clientUid the UID of the camera-using application if camera is
* NULL; otherwise ignored. Used for permissions checking.
+ * @param clientPid the PID of the camera-using application if camera is
+ * NULL; otherwise ignored. Used for permissions checking.
* @param videoSize the dimension (in pixels) of the video frame
* @param frameRate the target frames per second
* @param surface the preview surface for display where preview
@@ -81,6 +83,7 @@
int32_t cameraId,
const String16& clientName,
uid_t clientUid,
+ pid_t clientPid,
Size videoSize,
int32_t frameRate,
const sp<IGraphicBufferProducer>& surface,
@@ -198,7 +201,7 @@
int64_t mTimeBetweenFrameCaptureUs;
CameraSource(const sp<ICamera>& camera, const sp<ICameraRecordingProxy>& proxy,
- int32_t cameraId, const String16& clientName, uid_t clientUid,
+ int32_t cameraId, const String16& clientName, uid_t clientUid, pid_t clientPid,
Size videoSize, int32_t frameRate,
const sp<IGraphicBufferProducer>& surface,
bool storeMetaDataInVideoBuffers);
@@ -258,12 +261,12 @@
void processBufferQueueFrame(const BufferItem& buffer);
status_t init(const sp<ICamera>& camera, const sp<ICameraRecordingProxy>& proxy,
- int32_t cameraId, const String16& clientName, uid_t clientUid,
+ int32_t cameraId, const String16& clientName, uid_t clientUid, pid_t clientPid,
Size videoSize, int32_t frameRate, bool storeMetaDataInVideoBuffers);
status_t initWithCameraAccess(
const sp<ICamera>& camera, const sp<ICameraRecordingProxy>& proxy,
- int32_t cameraId, const String16& clientName, uid_t clientUid,
+ int32_t cameraId, const String16& clientName, uid_t clientUid, pid_t clientPid,
Size videoSize, int32_t frameRate, bool storeMetaDataInVideoBuffers);
// Initialize the buffer queue used in VIDEO_BUFFER_MODE_BUFFER_QUEUE mode.
@@ -274,7 +277,8 @@
const sp<ICameraRecordingProxy>& proxy,
int32_t cameraId,
const String16& clientName,
- uid_t clientUid);
+ uid_t clientUid,
+ pid_t clientPid);
status_t isCameraColorFormatSupported(const CameraParameters& params);
status_t configureCamera(CameraParameters* params,
diff --git a/include/media/stagefright/CameraSourceTimeLapse.h b/include/media/stagefright/CameraSourceTimeLapse.h
index 34213be..1023027 100644
--- a/include/media/stagefright/CameraSourceTimeLapse.h
+++ b/include/media/stagefright/CameraSourceTimeLapse.h
@@ -38,6 +38,7 @@
int32_t cameraId,
const String16& clientName,
uid_t clientUid,
+ pid_t clientPid,
Size videoSize,
int32_t videoFrameRate,
const sp<IGraphicBufferProducer>& surface,
@@ -114,6 +115,7 @@
int32_t cameraId,
const String16& clientName,
uid_t clientUid,
+ pid_t clientPid,
Size videoSize,
int32_t videoFrameRate,
const sp<IGraphicBufferProducer>& surface,