Camera: Fix client permission check
Modify StageFright's CameraSource to forward calling PID as
client PID when connecting to CameraService so CameraService
can check if the client PID has permission to use camera.
Change CameraService to check calling UID is trusted before
using the passed in client PID and client UID to verify permission.
Bug: 24511454
Change-Id: I4906ab73510e2c75714690bed675e3c13aca3ccf
diff --git a/include/camera/Camera.h b/include/camera/Camera.h
index f7bf29c..f19d296 100644
--- a/include/camera/Camera.h
+++ b/include/camera/Camera.h
@@ -52,7 +52,7 @@
typedef ICamera TCamUser;
typedef ICameraClient TCamCallbacks;
typedef status_t (ICameraService::*TCamConnectService)(const sp<ICameraClient>&,
- int, const String16&, int,
+ int, const String16&, int, int,
/*out*/
sp<ICamera>&);
static TCamConnectService fnConnectService;
@@ -67,12 +67,15 @@
enum {
USE_CALLING_UID = ICameraService::USE_CALLING_UID
};
+ enum {
+ USE_CALLING_PID = ICameraService::USE_CALLING_PID
+ };
// construct a camera client from an existing remote
static sp<Camera> create(const sp<ICamera>& camera);
static sp<Camera> connect(int cameraId,
const String16& clientPackageName,
- int clientUid);
+ int clientUid, int clientPid);
static status_t connectLegacy(int cameraId, int halVersion,
const String16& clientPackageName,
diff --git a/include/camera/CameraBase.h b/include/camera/CameraBase.h
index 1b93157..d8561ed 100644
--- a/include/camera/CameraBase.h
+++ b/include/camera/CameraBase.h
@@ -61,7 +61,7 @@
static sp<TCam> connect(int cameraId,
const String16& clientPackageName,
- int clientUid);
+ int clientUid, int clientPid);
virtual void disconnect();
void setListener(const sp<TCamListener>& listener);
diff --git a/include/camera/ICameraService.h b/include/camera/ICameraService.h
index 1b68b5f..d568b4d 100644
--- a/include/camera/ICameraService.h
+++ b/include/camera/ICameraService.h
@@ -55,6 +55,10 @@
};
enum {
+ USE_CALLING_PID = -1
+ };
+
+ enum {
USE_CALLING_UID = -1
};
@@ -113,14 +117,17 @@
virtual status_t removeListener(const sp<ICameraServiceListener>& listener)
= 0;
/**
- * clientPackageName and clientUid are used for permissions checking. if
- * clientUid == USE_CALLING_UID, then the calling UID is used instead. Only
- * trusted callers can set a clientUid other than USE_CALLING_UID.
+ * clientPackageName, clientUid, and clientPid are used for permissions checking. If
+ * clientUid == USE_CALLING_UID, then the calling UID is used instead. If
+ * clientPid == USE_CALLING_PID, then the calling PID is used instead. Only
+ * trusted callers can set a clientUid and clientPid other than USE_CALLING_UID and
+ * USE_CALLING_UID respectively.
*/
virtual status_t connect(const sp<ICameraClient>& cameraClient,
int cameraId,
const String16& clientPackageName,
int clientUid,
+ int clientPid,
/*out*/
sp<ICamera>& device) = 0;