1 /*
2 * Copyright (C) 2008 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #define LOG_TAG "CameraService"
18 #define ATRACE_TAG ATRACE_TAG_CAMERA
19 //#define LOG_NDEBUG 0
20
21 #include <algorithm>
22 #include <climits>
23 #include <stdio.h>
24 #include <cstdlib>
25 #include <cstring>
26 #include <ctime>
27 #include <iostream>
28 #include <sstream>
29 #include <string>
30 #include <sys/types.h>
31 #include <inttypes.h>
32 #include <pthread.h>
33 #include <poll.h>
34
35 #include <android/hardware/ICamera.h>
36 #include <android/hardware/ICameraClient.h>
37
38 #include <aidl/AidlCameraService.h>
39 #include <android-base/macros.h>
40 #include <android-base/parseint.h>
41 #include <android_companion_virtualdevice_flags.h>
42 #include <android/companion/virtualnative/IVirtualDeviceManagerNative.h>
43 #include <binder/ActivityManager.h>
44 #include <binder/AppOpsManager.h>
45 #include <binder/IPCThreadState.h>
46 #include <binder/MemoryBase.h>
47 #include <binder/MemoryHeapBase.h>
48 #include <binder/PermissionController.h>
49 #include <binder/IResultReceiver.h>
50 #include <binderthreadstate/CallerUtils.h>
51 #include <com_android_internal_camera_flags.h>
52 #include <cutils/atomic.h>
53 #include <cutils/properties.h>
54 #include <cutils/misc.h>
55 #include <gui/Surface.h>
56 #include <hardware/hardware.h>
57 #include "hidl/HidlCameraService.h"
58 #include <hidl/HidlTransportSupport.h>
59 #include <hwbinder/IPCThreadState.h>
60 #include <memunreachable/memunreachable.h>
61 #include <media/AudioSystem.h>
62 #include <media/IMediaHTTPService.h>
63 #include <media/mediaplayer.h>
64 #include <mediautils/BatteryNotifier.h>
65 #include <processinfo/ProcessInfoService.h>
66 #include <utils/Errors.h>
67 #include <utils/Log.h>
68 #include <utils/String16.h>
69 #include <utils/SystemClock.h>
70 #include <utils/Trace.h>
71 #include <utils/CallStack.h>
72 #include <private/android_filesystem_config.h>
73 #include <system/camera_vendor_tags.h>
74 #include <system/camera_metadata.h>
75 #include <binder/IServiceManager.h>
76 #include <binder/IActivityManager.h>
77 #include <camera/CameraUtils.h>
78 #include <camera/StringUtils.h>
79
80 #include <system/camera.h>
81
82 #include "CameraService.h"
83 #include "api1/Camera2Client.h"
84 #include "api2/CameraDeviceClient.h"
85 #include "utils/CameraServiceProxyWrapper.h"
86 #include "utils/CameraTraces.h"
87 #include "utils/SessionConfigurationUtils.h"
88 #include "utils/TagMonitor.h"
89 #include "utils/Utils.h"
90
91 namespace {
92 const char* kActivityServiceName = "activity";
93 const char* kSensorPrivacyServiceName = "sensor_privacy";
94 const char* kAppopsServiceName = "appops";
95 const char* kProcessInfoServiceName = "processinfo";
96 const char* kVirtualDeviceBackCameraId = "0";
97 const char* kVirtualDeviceFrontCameraId = "1";
98 const char* kUnknownPackageName = "<unknown>";
99
getDeviceId(const android::CameraMetadata & cameraInfo)100 int32_t getDeviceId(const android::CameraMetadata& cameraInfo) {
101 if (!cameraInfo.exists(ANDROID_INFO_DEVICE_ID)) {
102 return android::kDefaultDeviceId;
103 }
104
105 const auto &deviceIdEntry = cameraInfo.find(ANDROID_INFO_DEVICE_ID);
106 return deviceIdEntry.data.i32[0];
107 }
108
appOpModeToPermissionResult(int32_t res)109 static android::PermissionChecker::PermissionResult appOpModeToPermissionResult(int32_t res) {
110 switch (res) {
111 case android::AppOpsManager::MODE_ERRORED:
112 return android::PermissionChecker::PERMISSION_HARD_DENIED;
113 case android::AppOpsManager::MODE_IGNORED:
114 return android::PermissionChecker::PERMISSION_SOFT_DENIED;
115 case android::AppOpsManager::MODE_ALLOWED:
116 return android::PermissionChecker::PERMISSION_GRANTED;
117 }
118
119 ALOGE("%s: Unexpected appOpMode %d", __FUNCTION__, res);
120 return android::PermissionChecker::PERMISSION_HARD_DENIED;
121 }
122 } // namespace anonymous
123
124 namespace android {
125
126 using namespace camera3;
127 using namespace camera3::SessionConfigurationUtils;
128
129 using binder::Status;
130 using companion::virtualnative::IVirtualDeviceManagerNative;
131 using frameworks::cameraservice::service::V2_0::implementation::HidlCameraService;
132 using frameworks::cameraservice::service::implementation::AidlCameraService;
133 using hardware::ICamera;
134 using hardware::ICameraClient;
135 using hardware::ICameraServiceListener;
136 using hardware::camera2::ICameraInjectionCallback;
137 using hardware::camera2::ICameraInjectionSession;
138 using hardware::camera2::utils::CameraIdAndSessionConfiguration;
139 using hardware::camera2::utils::ConcurrentCameraIdCombination;
140
141 namespace flags = com::android::internal::camera::flags;
142 namespace vd_flags = android::companion::virtualdevice::flags;
143
144 // ----------------------------------------------------------------------------
145 // Logging support -- this is for debugging only
146 // Use "adb shell dumpsys media.camera -v 1" to change it.
147 volatile int32_t gLogLevel = 0;
148
149 #define LOG1(...) ALOGD_IF(gLogLevel >= 1, __VA_ARGS__);
150 #define LOG2(...) ALOGD_IF(gLogLevel >= 2, __VA_ARGS__);
151
setLogLevel(int level)152 static void setLogLevel(int level) {
153 android_atomic_write(level, &gLogLevel);
154 }
155
format_as(CameraService::StatusInternal s)156 int32_t format_as(CameraService::StatusInternal s) {
157 return fmt::underlying(s);
158 }
159
160 // ----------------------------------------------------------------------------
161
162 // Permission strings (references to AttributionAndPermissionUtils for brevity)
163 static const std::string &sDumpPermission =
164 AttributionAndPermissionUtils::sDumpPermission;
165 static const std::string &sManageCameraPermission =
166 AttributionAndPermissionUtils::sManageCameraPermission;
167 static const std::string &sCameraSendSystemEventsPermission =
168 AttributionAndPermissionUtils::sCameraSendSystemEventsPermission;
169 static const std::string &sCameraInjectExternalCameraPermission =
170 AttributionAndPermissionUtils::sCameraInjectExternalCameraPermission;
171
172 // Constant integer for FGS Logging, used to denote the API type for logger
173 static const int LOG_FGS_CAMERA_API = 1;
174 const char *sFileName = "lastOpenSessionDumpFile";
175 static constexpr int32_t kSystemNativeClientScore = resource_policy::PERCEPTIBLE_APP_ADJ;
176 static constexpr int32_t kSystemNativeClientState =
177 ActivityManager::PROCESS_STATE_PERSISTENT_UI;
178 static const std::string kServiceName("cameraserver");
179
180 const std::string CameraService::kOfflineDevice("offline-");
181 const std::string CameraService::kWatchAllClientsFlag("all");
182
183 constexpr int32_t kInvalidDeviceId = -1;
184
185 // Set to keep track of logged service error events.
186 static std::set<std::string> sServiceErrorEventSet;
187
CameraService(std::shared_ptr<CameraServiceProxyWrapper> cameraServiceProxyWrapper,std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils)188 CameraService::CameraService(
189 std::shared_ptr<CameraServiceProxyWrapper> cameraServiceProxyWrapper,
190 std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils) :
191 AttributionAndPermissionUtilsEncapsulator(attributionAndPermissionUtils == nullptr ?
192 std::make_shared<AttributionAndPermissionUtils>()\
193 : attributionAndPermissionUtils),
194 mCameraServiceProxyWrapper(cameraServiceProxyWrapper == nullptr ?
195 std::make_shared<CameraServiceProxyWrapper>() : cameraServiceProxyWrapper),
196 mEventLog(DEFAULT_EVENT_LOG_LENGTH),
197 mNumberOfCameras(0),
198 mNumberOfCamerasWithoutSystemCamera(0),
199 mSoundRef(0), mInitialized(false),
200 mAudioRestriction(hardware::camera2::ICameraDeviceUser::AUDIO_RESTRICTION_NONE) {
201 ALOGI("CameraService started (pid=%d)", getpid());
202 mAttributionAndPermissionUtils->setCameraService(this);
203 mServiceLockWrapper = std::make_shared<WaitableMutexWrapper>(&mServiceLock);
204 mMemFd = memfd_create(sFileName, MFD_ALLOW_SEALING);
205 if (mMemFd == -1) {
206 ALOGE("%s: Error while creating the file: %s", __FUNCTION__, sFileName);
207 }
208 }
209
210 // Enable processes with isolated AID to request the binder
instantiate()211 void CameraService::instantiate() {
212 CameraService::publish(true);
213 }
214
onServiceRegistration(const String16 & name,const sp<IBinder> &)215 void CameraService::onServiceRegistration(const String16& name, const sp<IBinder>&) {
216 if (name != toString16(kAppopsServiceName)) {
217 return;
218 }
219
220 ALOGV("appops service registered. setting camera audio restriction");
221 mAppOps.setCameraAudioRestriction(mAudioRestriction);
222 }
223
onFirstRef()224 void CameraService::onFirstRef()
225 {
226 ALOGI("CameraService process starting");
227
228 BnCameraService::onFirstRef();
229
230 // Update battery life tracking if service is restarting
231 BatteryNotifier& notifier(BatteryNotifier::getInstance());
232 notifier.noteResetCamera();
233 notifier.noteResetFlashlight();
234
235 status_t res = INVALID_OPERATION;
236
237 res = enumerateProviders();
238 if (res == OK) {
239 mInitialized = true;
240 }
241
242 mUidPolicy = new UidPolicy(this);
243 mUidPolicy->registerSelf();
244 mSensorPrivacyPolicy = new SensorPrivacyPolicy(this, mAttributionAndPermissionUtils);
245 mSensorPrivacyPolicy->registerSelf();
246 mInjectionStatusListener = new InjectionStatusListener(this);
247
248 // appops function setCamerAudioRestriction uses getService which
249 // is blocking till the appops service is ready. To enable early
250 // boot availability for cameraservice, use checkService which is
251 // non blocking and register for notifications
252 sp<IServiceManager> sm = defaultServiceManager();
253 sp<IBinder> binder = sm->checkService(toString16(kAppopsServiceName));
254 if (!binder) {
255 sm->registerForNotifications(toString16(kAppopsServiceName), this);
256 } else {
257 mAppOps.setCameraAudioRestriction(mAudioRestriction);
258 }
259
260 sp<HidlCameraService> hcs = HidlCameraService::getInstance(this);
261 if (hcs->registerAsService() != android::OK) {
262 // Deprecated, so it will fail to register on newer devices
263 ALOGW("%s: Did not register default [email protected]",
264 __FUNCTION__);
265 }
266
267 if (!AidlCameraService::registerService(this)) {
268 ALOGE("%s: Failed to register default AIDL VNDK CameraService", __FUNCTION__);
269 }
270
271 // This needs to be last call in this function, so that it's as close to
272 // ServiceManager::addService() as possible.
273 mCameraServiceProxyWrapper->pingCameraServiceProxy();
274 ALOGI("CameraService pinged cameraservice proxy");
275 }
276
enumerateProviders()277 status_t CameraService::enumerateProviders() {
278 status_t res;
279
280 std::vector<std::string> deviceIds;
281 std::unordered_map<std::string, std::set<std::string>> unavailPhysicalIds;
282 {
283 Mutex::Autolock l(mServiceLock);
284
285 if (nullptr == mCameraProviderManager.get()) {
286 mCameraProviderManager = new CameraProviderManager();
287 res = mCameraProviderManager->initialize(this);
288 if (res != OK) {
289 ALOGE("%s: Unable to initialize camera provider manager: %s (%d)",
290 __FUNCTION__, strerror(-res), res);
291 logServiceError("Unable to initialize camera provider manager",
292 ERROR_DISCONNECTED);
293 return res;
294 }
295 }
296
297 // Setup vendor tags before we call get_camera_info the first time
298 // because HAL might need to setup static vendor keys in get_camera_info
299 // TODO: maybe put this into CameraProviderManager::initialize()?
300 mCameraProviderManager->setUpVendorTags();
301
302 if (nullptr == mFlashlight.get()) {
303 mFlashlight = new CameraFlashlight(mCameraProviderManager, this);
304 }
305
306 res = mFlashlight->findFlashUnits();
307 if (res != OK) {
308 ALOGE("Failed to enumerate flash units: %s (%d)", strerror(-res), res);
309 }
310
311 deviceIds = mCameraProviderManager->getCameraDeviceIds(&unavailPhysicalIds);
312 }
313
314 for (auto& cameraId : deviceIds) {
315 if (getCameraState(cameraId) == nullptr) {
316 onDeviceStatusChanged(cameraId, CameraDeviceStatus::PRESENT);
317 }
318 if (unavailPhysicalIds.count(cameraId) > 0) {
319 for (const auto& physicalId : unavailPhysicalIds[cameraId]) {
320 onDeviceStatusChanged(cameraId, physicalId, CameraDeviceStatus::NOT_PRESENT);
321 }
322 }
323 }
324
325 // Derive primary rear/front cameras, and filter their charactierstics.
326 // This needs to be done after all cameras are enumerated and camera ids are sorted.
327 if (SessionConfigurationUtils::IS_PERF_CLASS) {
328 // Assume internal cameras are advertised from the same
329 // provider. If multiple providers are registered at different time,
330 // and each provider contains multiple internal color cameras, the current
331 // logic may filter the characteristics of more than one front/rear color
332 // cameras.
333 Mutex::Autolock l(mServiceLock);
334 filterSPerfClassCharacteristicsLocked();
335 }
336
337 return OK;
338 }
339
broadcastTorchModeStatus(const std::string & cameraId,TorchModeStatus status,SystemCameraKind systemCameraKind)340 void CameraService::broadcastTorchModeStatus(const std::string& cameraId, TorchModeStatus status,
341 SystemCameraKind systemCameraKind) {
342 // Get the device id and app-visible camera id for the given HAL-visible camera id.
343 auto [deviceId, mappedCameraId] =
344 mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(cameraId);
345
346 Mutex::Autolock lock(mStatusListenerLock);
347 for (auto& i : mListenerList) {
348 if (shouldSkipStatusUpdates(systemCameraKind, i->isVendorListener(), i->getListenerPid(),
349 i->getListenerUid())) {
350 ALOGV("%s: Skipping torch callback for system-only camera device %s",
351 __FUNCTION__, cameraId.c_str());
352 continue;
353 }
354
355 auto ret = i->getListener()->onTorchStatusChanged(mapToInterface(status),
356 mappedCameraId, deviceId);
357 i->handleBinderStatus(ret, "%s: Failed to trigger onTorchStatusChanged for %d:%d: %d",
358 __FUNCTION__, i->getListenerUid(), i->getListenerPid(), ret.exceptionCode());
359 }
360 }
361
~CameraService()362 CameraService::~CameraService() {
363 VendorTagDescriptor::clearGlobalVendorTagDescriptor();
364 mUidPolicy->unregisterSelf();
365 mSensorPrivacyPolicy->unregisterSelf();
366 mInjectionStatusListener->removeListener();
367 }
368
onNewProviderRegistered()369 void CameraService::onNewProviderRegistered() {
370 enumerateProviders();
371 }
372
filterAPI1SystemCameraLocked(const std::vector<std::string> & normalDeviceIds)373 void CameraService::filterAPI1SystemCameraLocked(
374 const std::vector<std::string> &normalDeviceIds) {
375 mNormalDeviceIdsWithoutSystemCamera.clear();
376 for (auto &cameraId : normalDeviceIds) {
377 if (vd_flags::camera_device_awareness()) {
378 CameraMetadata cameraInfo;
379 status_t res = mCameraProviderManager->getCameraCharacteristics(
380 cameraId, false, &cameraInfo,
381 hardware::ICameraService::ROTATION_OVERRIDE_NONE);
382 int32_t deviceId = kDefaultDeviceId;
383 if (res != OK) {
384 ALOGW("%s: Not able to get camera characteristics for camera id %s",
385 __FUNCTION__, cameraId.c_str());
386 } else {
387 deviceId = getDeviceId(cameraInfo);
388 }
389 // Cameras associated with non-default device id's (i.e., virtual cameras) can never be
390 // system cameras, so skip for non-default device id's.
391 if (deviceId != kDefaultDeviceId) {
392 continue;
393 }
394 }
395
396 SystemCameraKind deviceKind = SystemCameraKind::PUBLIC;
397 if (getSystemCameraKind(cameraId, &deviceKind) != OK) {
398 ALOGE("%s: Invalid camera id %s, skipping", __FUNCTION__, cameraId.c_str());
399 continue;
400 }
401 if (deviceKind == SystemCameraKind::SYSTEM_ONLY_CAMERA) {
402 // All system camera ids will necessarily come after public camera
403 // device ids as per the HAL interface contract.
404 break;
405 }
406 mNormalDeviceIdsWithoutSystemCamera.push_back(cameraId);
407 }
408 ALOGV("%s: number of API1 compatible public cameras is %zu", __FUNCTION__,
409 mNormalDeviceIdsWithoutSystemCamera.size());
410 }
411
getSystemCameraKind(const std::string & cameraId,SystemCameraKind * kind) const412 status_t CameraService::getSystemCameraKind(const std::string& cameraId,
413 SystemCameraKind *kind) const {
414 auto state = getCameraState(cameraId);
415 if (state != nullptr) {
416 *kind = state->getSystemCameraKind();
417 return OK;
418 }
419 // Hidden physical camera ids won't have CameraState
420 return mCameraProviderManager->getSystemCameraKind(cameraId, kind);
421 }
422
updateCameraNumAndIds()423 void CameraService::updateCameraNumAndIds() {
424 Mutex::Autolock l(mServiceLock);
425 std::pair<int, int> systemAndNonSystemCameras = mCameraProviderManager->getCameraCount();
426 // Excludes hidden secure cameras
427 mNumberOfCameras =
428 systemAndNonSystemCameras.first + systemAndNonSystemCameras.second;
429 mNumberOfCamerasWithoutSystemCamera = systemAndNonSystemCameras.second;
430 mNormalDeviceIds =
431 mCameraProviderManager->getAPI1CompatibleCameraDeviceIds();
432 filterAPI1SystemCameraLocked(mNormalDeviceIds);
433 }
434
filterSPerfClassCharacteristicsLocked()435 void CameraService::filterSPerfClassCharacteristicsLocked() {
436 // To claim to be S Performance primary cameras, the cameras must be
437 // backward compatible. So performance class primary camera Ids must be API1
438 // compatible.
439 bool firstRearCameraSeen = false, firstFrontCameraSeen = false;
440 for (const auto& cameraId : mNormalDeviceIdsWithoutSystemCamera) {
441 int facing = -1;
442 int orientation = 0;
443 int portraitRotation;
444 getDeviceVersion(cameraId,
445 /*rotationOverride*/hardware::ICameraService::ROTATION_OVERRIDE_NONE,
446 /*out*/&portraitRotation, /*out*/&facing, /*out*/&orientation);
447 if (facing == -1) {
448 ALOGE("%s: Unable to get camera device \"%s\" facing", __FUNCTION__, cameraId.c_str());
449 return;
450 }
451
452 if ((facing == hardware::CAMERA_FACING_BACK && !firstRearCameraSeen) ||
453 (facing == hardware::CAMERA_FACING_FRONT && !firstFrontCameraSeen)) {
454 status_t res = mCameraProviderManager->filterSmallJpegSizes(cameraId);
455 if (res == OK) {
456 mPerfClassPrimaryCameraIds.insert(cameraId);
457 } else {
458 ALOGE("%s: Failed to filter small JPEG sizes for performance class primary "
459 "camera %s: %s(%d)", __FUNCTION__, cameraId.c_str(), strerror(-res), res);
460 break;
461 }
462
463 if (facing == hardware::CAMERA_FACING_BACK) {
464 firstRearCameraSeen = true;
465 }
466 if (facing == hardware::CAMERA_FACING_FRONT) {
467 firstFrontCameraSeen = true;
468 }
469 }
470
471 if (firstRearCameraSeen && firstFrontCameraSeen) {
472 break;
473 }
474 }
475 }
476
addStates(const std::string & cameraId)477 void CameraService::addStates(const std::string& cameraId) {
478 CameraResourceCost cost;
479 status_t res = mCameraProviderManager->getResourceCost(cameraId, &cost);
480 if (res != OK) {
481 ALOGE("Failed to query device resource cost: %s (%d)", strerror(-res), res);
482 return;
483 }
484 SystemCameraKind deviceKind = SystemCameraKind::PUBLIC;
485 res = mCameraProviderManager->getSystemCameraKind(cameraId, &deviceKind);
486 if (res != OK) {
487 ALOGE("Failed to query device kind: %s (%d)", strerror(-res), res);
488 return;
489 }
490 std::vector<std::string> physicalCameraIds;
491 mCameraProviderManager->isLogicalCamera(cameraId, &physicalCameraIds);
492 std::set<std::string> conflicting;
493 for (size_t i = 0; i < cost.conflictingDevices.size(); i++) {
494 conflicting.emplace(cost.conflictingDevices[i]);
495 }
496
497 {
498 Mutex::Autolock lock(mCameraStatesLock);
499 mCameraStates.emplace(cameraId, std::make_shared<CameraState>(cameraId, cost.resourceCost,
500 conflicting, deviceKind, physicalCameraIds));
501 }
502
503 if (mFlashlight->hasFlashUnit(cameraId)) {
504 Mutex::Autolock al(mTorchStatusMutex);
505 mTorchStatusMap.add(cameraId, TorchModeStatus::AVAILABLE_OFF);
506
507 broadcastTorchModeStatus(cameraId, TorchModeStatus::AVAILABLE_OFF, deviceKind);
508 }
509
510 updateCameraNumAndIds();
511 logDeviceAdded(cameraId, "Device added");
512 }
513
removeStates(const std::string & cameraId)514 void CameraService::removeStates(const std::string& cameraId) {
515 updateCameraNumAndIds();
516 if (mFlashlight->hasFlashUnit(cameraId)) {
517 Mutex::Autolock al(mTorchStatusMutex);
518 mTorchStatusMap.removeItem(cameraId);
519 }
520
521 {
522 Mutex::Autolock lock(mCameraStatesLock);
523 mCameraStates.erase(cameraId);
524 }
525 }
526
onDeviceStatusChanged(const std::string & cameraId,CameraDeviceStatus newHalStatus)527 void CameraService::onDeviceStatusChanged(const std::string& cameraId,
528 CameraDeviceStatus newHalStatus) {
529 ALOGI("%s: Status changed for cameraId=%s, newStatus=%d", __FUNCTION__,
530 cameraId.c_str(), eToI(newHalStatus));
531
532 StatusInternal newStatus = mapToInternal(newHalStatus);
533
534 std::shared_ptr<CameraState> state = getCameraState(cameraId);
535
536 if (state == nullptr) {
537 if (newStatus == StatusInternal::PRESENT) {
538 ALOGI("%s: Unknown camera ID %s, a new camera is added",
539 __FUNCTION__, cameraId.c_str());
540
541 // First add as absent to make sure clients are notified below
542 addStates(cameraId);
543
544 updateStatus(newStatus, cameraId);
545 } else {
546 ALOGE("%s: Bad camera ID %s", __FUNCTION__, cameraId.c_str());
547 }
548 return;
549 }
550
551 StatusInternal oldStatus = state->getStatus();
552
553 if (oldStatus == newStatus) {
554 ALOGE("%s: State transition to the same status %#x not allowed", __FUNCTION__,
555 eToI(newStatus));
556 return;
557 }
558
559 if (newStatus == StatusInternal::NOT_PRESENT) {
560 logDeviceRemoved(cameraId, fmt::format("Device status changed from {} to {}",
561 oldStatus, newStatus));
562 // Set the device status to NOT_PRESENT, clients will no longer be able to connect
563 // to this device until the status changes
564 updateStatus(StatusInternal::NOT_PRESENT, cameraId);
565 mVirtualDeviceCameraIdMapper.removeCamera(cameraId);
566
567 std::vector<sp<BasicClient>> clientsToDisconnectOnline, clientsToDisconnectOffline;
568 {
569 // Don't do this in updateStatus to avoid deadlock over mServiceLock
570 Mutex::Autolock lock(mServiceLock);
571
572 // Remove cached shim parameters
573 state->setShimParams(CameraParameters());
574
575 // Remove online as well as offline client from the list of active clients,
576 // if they are present
577 clientsToDisconnectOnline = removeClientsLocked(cameraId);
578 clientsToDisconnectOffline = removeClientsLocked(kOfflineDevice + cameraId);
579 }
580
581 disconnectClients(cameraId, clientsToDisconnectOnline);
582 disconnectClients(kOfflineDevice + cameraId, clientsToDisconnectOffline);
583
584 removeStates(cameraId);
585 } else {
586 if (oldStatus == StatusInternal::NOT_PRESENT) {
587 logDeviceAdded(cameraId, fmt::format("Device status changed from {} to {}",
588 oldStatus, newStatus));
589 }
590 updateStatus(newStatus, cameraId);
591 }
592 }
593
onDeviceStatusChanged(const std::string & id,const std::string & physicalId,CameraDeviceStatus newHalStatus)594 void CameraService::onDeviceStatusChanged(const std::string& id,
595 const std::string& physicalId,
596 CameraDeviceStatus newHalStatus) {
597 ALOGI("%s: Status changed for cameraId=%s, physicalCameraId=%s, newStatus=%d",
598 __FUNCTION__, id.c_str(), physicalId.c_str(), eToI(newHalStatus));
599
600 StatusInternal newStatus = mapToInternal(newHalStatus);
601
602 std::shared_ptr<CameraState> state = getCameraState(id);
603
604 if (state == nullptr) {
605 ALOGE("%s: Physical camera id %s status change on a non-present ID %s",
606 __FUNCTION__, physicalId.c_str(), id.c_str());
607 return;
608 }
609
610 StatusInternal logicalCameraStatus = state->getStatus();
611 if (logicalCameraStatus != StatusInternal::PRESENT &&
612 logicalCameraStatus != StatusInternal::NOT_AVAILABLE) {
613 ALOGE("%s: Physical camera id %s status %d change for an invalid logical camera state %d",
614 __FUNCTION__, physicalId.c_str(), eToI(newHalStatus), eToI(logicalCameraStatus));
615 return;
616 }
617
618 bool updated = false;
619 if (newStatus == StatusInternal::PRESENT) {
620 updated = state->removeUnavailablePhysicalId(physicalId);
621 } else {
622 updated = state->addUnavailablePhysicalId(physicalId);
623 }
624
625 if (updated) {
626 std::string idCombo = id + " : " + physicalId;
627 if (newStatus == StatusInternal::PRESENT) {
628 logDeviceAdded(idCombo, fmt::format("Device status changed to {}", newStatus));
629 } else {
630 logDeviceRemoved(idCombo, fmt::format("Device status changed to {}", newStatus));
631 }
632 // Avoid calling getSystemCameraKind() with mStatusListenerLock held (b/141756275)
633 SystemCameraKind deviceKind = SystemCameraKind::PUBLIC;
634 if (getSystemCameraKind(id, &deviceKind) != OK) {
635 ALOGE("%s: Invalid camera id %s, skipping", __FUNCTION__, id.c_str());
636 return;
637 }
638 Mutex::Autolock lock(mStatusListenerLock);
639 for (auto& listener : mListenerList) {
640 if (shouldSkipStatusUpdates(deviceKind, listener->isVendorListener(),
641 listener->getListenerPid(), listener->getListenerUid())) {
642 ALOGV("Skipping discovery callback for system-only camera device %s",
643 id.c_str());
644 continue;
645 }
646 auto ret = listener->getListener()->onPhysicalCameraStatusChanged(
647 mapToInterface(newStatus), id, physicalId, kDefaultDeviceId);
648 listener->handleBinderStatus(ret,
649 "%s: Failed to trigger onPhysicalCameraStatusChanged for %d:%d: %d",
650 __FUNCTION__, listener->getListenerUid(), listener->getListenerPid(),
651 ret.exceptionCode());
652 }
653 }
654 }
655
disconnectClients(const std::string & id,std::vector<sp<BasicClient>> clientsToDisconnect)656 void CameraService::disconnectClients(const std::string& id,
657 std::vector<sp<BasicClient>> clientsToDisconnect) {
658 for (auto& client : clientsToDisconnect) {
659 disconnectClient(id, client);
660 }
661 }
662
disconnectClient(const std::string & id,sp<BasicClient> clientToDisconnect)663 void CameraService::disconnectClient(const std::string& id, sp<BasicClient> clientToDisconnect) {
664 if (clientToDisconnect.get() != nullptr) {
665 ALOGI("%s: Client for camera ID %s evicted due to device status change from HAL",
666 __FUNCTION__, id.c_str());
667 // Notify the client of disconnection
668 clientToDisconnect->notifyError(
669 hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISCONNECTED,
670 CaptureResultExtras{});
671 clientToDisconnect->disconnect();
672 }
673 }
674
onTorchStatusChanged(const std::string & cameraId,TorchModeStatus newStatus)675 void CameraService::onTorchStatusChanged(const std::string& cameraId,
676 TorchModeStatus newStatus) {
677 SystemCameraKind systemCameraKind = SystemCameraKind::PUBLIC;
678 status_t res = getSystemCameraKind(cameraId, &systemCameraKind);
679 if (res != OK) {
680 ALOGE("%s: Could not get system camera kind for camera id %s", __FUNCTION__,
681 cameraId.c_str());
682 return;
683 }
684 Mutex::Autolock al(mTorchStatusMutex);
685 onTorchStatusChangedLocked(cameraId, newStatus, systemCameraKind);
686 }
687
onTorchStatusChanged(const std::string & cameraId,TorchModeStatus newStatus,SystemCameraKind systemCameraKind)688 void CameraService::onTorchStatusChanged(const std::string& cameraId,
689 TorchModeStatus newStatus, SystemCameraKind systemCameraKind) {
690 Mutex::Autolock al(mTorchStatusMutex);
691 onTorchStatusChangedLocked(cameraId, newStatus, systemCameraKind);
692 }
693
broadcastTorchStrengthLevel(const std::string & cameraId,int32_t newStrengthLevel)694 void CameraService::broadcastTorchStrengthLevel(const std::string& cameraId,
695 int32_t newStrengthLevel) {
696 // Get the device id and app-visible camera id for the given HAL-visible camera id.
697 auto [deviceId, mappedCameraId] =
698 mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(cameraId);
699
700 Mutex::Autolock lock(mStatusListenerLock);
701 for (auto& i : mListenerList) {
702 auto ret = i->getListener()->onTorchStrengthLevelChanged(mappedCameraId,
703 newStrengthLevel, deviceId);
704 i->handleBinderStatus(ret,
705 "%s: Failed to trigger onTorchStrengthLevelChanged for %d:%d: %d", __FUNCTION__,
706 i->getListenerUid(), i->getListenerPid(), ret.exceptionCode());
707 }
708 }
709
onTorchStatusChangedLocked(const std::string & cameraId,TorchModeStatus newStatus,SystemCameraKind systemCameraKind)710 void CameraService::onTorchStatusChangedLocked(const std::string& cameraId,
711 TorchModeStatus newStatus, SystemCameraKind systemCameraKind) {
712 ALOGI("%s: Torch status changed for cameraId=%s, newStatus=%d",
713 __FUNCTION__, cameraId.c_str(), eToI(newStatus));
714
715 TorchModeStatus status;
716 status_t res = getTorchStatusLocked(cameraId, &status);
717 if (res) {
718 ALOGE("%s: cannot get torch status of camera %s: %s (%d)",
719 __FUNCTION__, cameraId.c_str(), strerror(-res), res);
720 return;
721 }
722 if (status == newStatus) {
723 return;
724 }
725
726 res = setTorchStatusLocked(cameraId, newStatus);
727 if (res) {
728 ALOGE("%s: Failed to set the torch status to %d: %s (%d)", __FUNCTION__,
729 (uint32_t)newStatus, strerror(-res), res);
730 return;
731 }
732
733 {
734 // Update battery life logging for flashlight
735 Mutex::Autolock al(mTorchUidMapMutex);
736 auto iter = mTorchUidMap.find(cameraId);
737 if (iter != mTorchUidMap.end()) {
738 int oldUid = iter->second.second;
739 int newUid = iter->second.first;
740 BatteryNotifier& notifier(BatteryNotifier::getInstance());
741 if (oldUid != newUid) {
742 // If the UID has changed, log the status and update current UID in mTorchUidMap
743 if (status == TorchModeStatus::AVAILABLE_ON) {
744 notifier.noteFlashlightOff(toString8(cameraId), oldUid);
745 }
746 if (newStatus == TorchModeStatus::AVAILABLE_ON) {
747 notifier.noteFlashlightOn(toString8(cameraId), newUid);
748 }
749 iter->second.second = newUid;
750 } else {
751 // If the UID has not changed, log the status
752 if (newStatus == TorchModeStatus::AVAILABLE_ON) {
753 notifier.noteFlashlightOn(toString8(cameraId), oldUid);
754 } else {
755 notifier.noteFlashlightOff(toString8(cameraId), oldUid);
756 }
757 }
758 }
759 }
760 broadcastTorchModeStatus(cameraId, newStatus, systemCameraKind);
761 }
762
isAutomotiveExteriorSystemCamera(const std::string & cam_id) const763 bool CameraService::isAutomotiveExteriorSystemCamera(const std::string& cam_id) const {
764 // Returns false if this is not an automotive device type.
765 if (!isAutomotiveDevice())
766 return false;
767
768 // Returns false if no camera id is provided.
769 if (cam_id.empty())
770 return false;
771
772 SystemCameraKind systemCameraKind = SystemCameraKind::PUBLIC;
773 if (getSystemCameraKind(cam_id, &systemCameraKind) != OK) {
774 // This isn't a known camera ID, so it's not a system camera.
775 ALOGE("%s: Unknown camera id %s, ", __FUNCTION__, cam_id.c_str());
776 return false;
777 }
778
779 if (systemCameraKind != SystemCameraKind::SYSTEM_ONLY_CAMERA) {
780 ALOGE("%s: camera id %s is not a system camera", __FUNCTION__, cam_id.c_str());
781 return false;
782 }
783
784 CameraMetadata cameraInfo;
785 status_t res = mCameraProviderManager->getCameraCharacteristics(
786 cam_id, false, &cameraInfo, hardware::ICameraService::ROTATION_OVERRIDE_NONE);
787 if (res != OK){
788 ALOGE("%s: Not able to get camera characteristics for camera id %s",__FUNCTION__,
789 cam_id.c_str());
790 return false;
791 }
792
793 camera_metadata_entry auto_location = cameraInfo.find(ANDROID_AUTOMOTIVE_LOCATION);
794 if (auto_location.count != 1)
795 return false;
796
797 uint8_t location = auto_location.data.u8[0];
798 if ((location != ANDROID_AUTOMOTIVE_LOCATION_EXTERIOR_FRONT) &&
799 (location != ANDROID_AUTOMOTIVE_LOCATION_EXTERIOR_REAR) &&
800 (location != ANDROID_AUTOMOTIVE_LOCATION_EXTERIOR_LEFT) &&
801 (location != ANDROID_AUTOMOTIVE_LOCATION_EXTERIOR_RIGHT)) {
802 return false;
803 }
804
805 return true;
806 }
807
getNumberOfCameras(int32_t type,const AttributionSourceState & clientAttribution,int32_t devicePolicy,int32_t * numCameras)808 Status CameraService::getNumberOfCameras(int32_t type,
809 const AttributionSourceState& clientAttribution, int32_t devicePolicy,
810 int32_t* numCameras) {
811 ATRACE_CALL();
812 if (vd_flags::camera_device_awareness() && (clientAttribution.deviceId != kDefaultDeviceId)
813 && (devicePolicy != IVirtualDeviceManagerNative::DEVICE_POLICY_DEFAULT)) {
814 *numCameras = mVirtualDeviceCameraIdMapper.getNumberOfCameras(clientAttribution.deviceId);
815 return Status::ok();
816 }
817
818 Mutex::Autolock l(mServiceLock);
819 bool hasSystemCameraPermissions =
820 hasPermissionsForSystemCamera(std::string(), getCallingPid(),
821 getCallingUid());
822 switch (type) {
823 case CAMERA_TYPE_BACKWARD_COMPATIBLE:
824 if (hasSystemCameraPermissions) {
825 *numCameras = static_cast<int>(mNormalDeviceIds.size());
826 } else {
827 *numCameras = static_cast<int>(mNormalDeviceIdsWithoutSystemCamera.size());
828 }
829 break;
830 case CAMERA_TYPE_ALL:
831 if (hasSystemCameraPermissions) {
832 *numCameras = mNumberOfCameras;
833 } else {
834 *numCameras = mNumberOfCamerasWithoutSystemCamera;
835 }
836 break;
837 default:
838 ALOGW("%s: Unknown camera type %d",
839 __FUNCTION__, type);
840 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT,
841 "Unknown camera type %d", type);
842 }
843 return Status::ok();
844 }
845
createDefaultRequest(const std::string & unresolvedCameraId,int templateId,const AttributionSourceState & clientAttribution,int32_t devicePolicy,hardware::camera2::impl::CameraMetadataNative * request)846 Status CameraService::createDefaultRequest(const std::string& unresolvedCameraId, int templateId,
847 const AttributionSourceState& clientAttribution, int32_t devicePolicy,
848 /* out */
849 hardware::camera2::impl::CameraMetadataNative* request) {
850 ATRACE_CALL();
851
852 if (!mInitialized) {
853 ALOGE("%s: Camera subsystem is not available", __FUNCTION__);
854 logServiceError("Camera subsystem is not available", ERROR_DISCONNECTED);
855 return STATUS_ERROR(ERROR_DISCONNECTED, "Camera subsystem is not available");
856 }
857
858 std::optional<std::string> cameraIdOptional =
859 resolveCameraId(unresolvedCameraId, clientAttribution.deviceId, devicePolicy);
860 if (!cameraIdOptional.has_value()) {
861 std::string msg = fmt::sprintf("Camera %s: Invalid camera id for device id %d",
862 unresolvedCameraId.c_str(), clientAttribution.deviceId);
863 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
864 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
865 }
866 std::string cameraId = cameraIdOptional.value();
867
868 binder::Status res;
869 if (request == nullptr) {
870 res = STATUS_ERROR_FMT(CameraService::ERROR_INVALID_OPERATION,
871 "Camera %s: Error creating default request", cameraId.c_str());
872 return res;
873 }
874 camera_request_template_t tempId = camera_request_template_t::CAMERA_TEMPLATE_COUNT;
875 res = SessionConfigurationUtils::mapRequestTemplateFromClient(
876 cameraId, templateId, &tempId);
877 if (!res.isOk()) {
878 ALOGE("%s: Camera %s: failed to map request Template %d",
879 __FUNCTION__, cameraId.c_str(), templateId);
880 return res;
881 }
882
883 if (shouldRejectSystemCameraConnection(cameraId)) {
884 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, "Unable to create default"
885 "request for system only device %s: ", cameraId.c_str());
886 }
887
888 CameraMetadata metadata;
889 status_t err = mCameraProviderManager->createDefaultRequest(cameraId, tempId, &metadata);
890 if (err == OK) {
891 request->swap(metadata);
892 } else if (err == BAD_VALUE) {
893 res = STATUS_ERROR_FMT(CameraService::ERROR_ILLEGAL_ARGUMENT,
894 "Camera %s: Template ID %d is invalid or not supported: %s (%d)",
895 cameraId.c_str(), templateId, strerror(-err), err);
896 } else {
897 res = STATUS_ERROR_FMT(CameraService::ERROR_INVALID_OPERATION,
898 "Camera %s: Error creating default request for template %d: %s (%d)",
899 cameraId.c_str(), templateId, strerror(-err), err);
900 }
901 return res;
902 }
903
isSessionConfigurationWithParametersSupported(const std::string & unresolvedCameraId,int targetSdkVersion,const SessionConfiguration & sessionConfiguration,const AttributionSourceState & clientAttribution,int32_t devicePolicy,bool * supported)904 Status CameraService::isSessionConfigurationWithParametersSupported(
905 const std::string& unresolvedCameraId, int targetSdkVersion,
906 const SessionConfiguration& sessionConfiguration,
907 const AttributionSourceState& clientAttribution, int32_t devicePolicy,
908 /*out*/ bool* supported) {
909 ATRACE_CALL();
910
911 if (!mInitialized) {
912 ALOGE("%s: Camera HAL couldn't be initialized", __FUNCTION__);
913 logServiceError("Camera subsystem is not available", ERROR_DISCONNECTED);
914 return STATUS_ERROR(ERROR_DISCONNECTED, "Camera subsystem is not available");
915 }
916
917 std::optional<std::string> cameraIdOptional =
918 resolveCameraId(unresolvedCameraId, clientAttribution.deviceId, devicePolicy);
919 if (!cameraIdOptional.has_value()) {
920 std::string msg = fmt::sprintf("Camera %s: Invalid camera id for device id %d",
921 unresolvedCameraId.c_str(), clientAttribution.deviceId);
922 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
923 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
924 }
925 std::string cameraId = cameraIdOptional.value();
926
927 if (supported == nullptr) {
928 std::string msg = fmt::sprintf("Camera %s: Invalid 'support' input!",
929 unresolvedCameraId.c_str());
930 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
931 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
932 }
933
934 if (shouldRejectSystemCameraConnection(cameraId)) {
935 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, "Unable to query "
936 "session configuration with parameters support for system only device %s: ",
937 cameraId.c_str());
938 }
939
940 bool overrideForPerfClass = SessionConfigurationUtils::targetPerfClassPrimaryCamera(
941 mPerfClassPrimaryCameraIds, cameraId, targetSdkVersion);
942
943 auto ret = isSessionConfigurationWithParametersSupportedUnsafe(cameraId,
944 sessionConfiguration, overrideForPerfClass, supported);
945 if (flags::analytics_24q3()) {
946 mCameraServiceProxyWrapper->logFeatureCombinationQuery(cameraId,
947 getCallingUid(), sessionConfiguration, ret);
948 }
949 return ret;
950 }
951
isSessionConfigurationWithParametersSupportedUnsafe(const std::string & cameraId,const SessionConfiguration & sessionConfiguration,bool overrideForPerfClass,bool * supported)952 Status CameraService::isSessionConfigurationWithParametersSupportedUnsafe(
953 const std::string& cameraId, const SessionConfiguration& sessionConfiguration,
954 bool overrideForPerfClass, /*out*/ bool* supported) {
955 *supported = false;
956 status_t ret = mCameraProviderManager->isSessionConfigurationSupported(
957 cameraId, sessionConfiguration, overrideForPerfClass,
958 /*checkSessionParams=*/true, supported);
959 binder::Status res;
960 switch (ret) {
961 case OK:
962 // Expected. Do Nothing.
963 return Status::ok();
964 case INVALID_OPERATION: {
965 std::string msg = fmt::sprintf(
966 "Camera %s: Session configuration with parameters supported query not "
967 "supported!",
968 cameraId.c_str());
969 ALOGW("%s: %s", __FUNCTION__, msg.c_str());
970 logServiceError(msg, CameraService::ERROR_INVALID_OPERATION);
971 *supported = false;
972 return STATUS_ERROR(CameraService::ERROR_INVALID_OPERATION, msg.c_str());
973 }
974 break;
975 case NAME_NOT_FOUND: {
976 std::string msg = fmt::sprintf("Camera %s: Unknown camera ID.", cameraId.c_str());
977 ALOGW("%s: %s", __FUNCTION__, msg.c_str());
978 logServiceError(msg, CameraService::ERROR_ILLEGAL_ARGUMENT);
979 *supported = false;
980 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
981 }
982 break;
983 default: {
984 std::string msg = fmt::sprintf(
985 "Unable to retrieve session configuration support for camera "
986 "device %s: Error: %s (%d)",
987 cameraId.c_str(), strerror(-ret), ret);
988 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
989 logServiceError(msg, CameraService::ERROR_ILLEGAL_ARGUMENT);
990 *supported = false;
991 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
992 }
993 break;
994 }
995 }
996
getSessionCharacteristics(const std::string & unresolvedCameraId,int targetSdkVersion,int rotationOverride,const SessionConfiguration & sessionConfiguration,const AttributionSourceState & clientAttribution,int32_t devicePolicy,CameraMetadata * outMetadata)997 Status CameraService::getSessionCharacteristics(const std::string& unresolvedCameraId,
998 int targetSdkVersion, int rotationOverride,
999 const SessionConfiguration& sessionConfiguration,
1000 const AttributionSourceState& clientAttribution, int32_t devicePolicy,
1001 /*out*/ CameraMetadata* outMetadata) {
1002 ATRACE_CALL();
1003
1004 if (outMetadata == nullptr) {
1005 std::string msg =
1006 fmt::sprintf("Camera %s: Invalid 'outMetadata' input!", unresolvedCameraId.c_str());
1007 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
1008 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
1009 }
1010
1011 if (!mInitialized) {
1012 ALOGE("%s: Camera HAL couldn't be initialized", __FUNCTION__);
1013 logServiceError("Camera subsystem is not available", ERROR_DISCONNECTED);
1014 return STATUS_ERROR(ERROR_DISCONNECTED, "Camera subsystem is not available");
1015 }
1016
1017 std::optional<std::string> cameraIdOptional =
1018 resolveCameraId(unresolvedCameraId, clientAttribution.deviceId, devicePolicy);
1019 if (!cameraIdOptional.has_value()) {
1020 std::string msg = fmt::sprintf("Camera %s: Invalid camera id for device id %d",
1021 unresolvedCameraId.c_str(), clientAttribution.deviceId);
1022 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
1023 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
1024 }
1025 std::string cameraId = cameraIdOptional.value();
1026
1027 if (shouldRejectSystemCameraConnection(cameraId)) {
1028 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
1029 "Unable to retrieve camera"
1030 "characteristics for system only device %s: ",
1031 cameraId.c_str());
1032 }
1033
1034 bool overrideForPerfClass = SessionConfigurationUtils::targetPerfClassPrimaryCamera(
1035 mPerfClassPrimaryCameraIds, cameraId, targetSdkVersion);
1036
1037 bool sessionConfigSupported;
1038 Status res = isSessionConfigurationWithParametersSupportedUnsafe(
1039 cameraId, sessionConfiguration, overrideForPerfClass, &sessionConfigSupported);
1040 if (!res.isOk()) {
1041 // isSessionConfigurationWithParametersSupportedUnsafe should log what went wrong and
1042 // report the correct Status to send to the client. Simply forward the error to
1043 // the client.
1044 outMetadata->clear();
1045 return res;
1046 }
1047
1048 if (!sessionConfigSupported) {
1049 std::string msg = fmt::sprintf("Session configuration not supported for camera device %s.",
1050 cameraId.c_str());
1051 outMetadata->clear();
1052 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
1053 }
1054
1055 status_t ret = mCameraProviderManager->getSessionCharacteristics(
1056 cameraId, sessionConfiguration, overrideForPerfClass, rotationOverride, outMetadata);
1057
1058 switch (ret) {
1059 case OK:
1060 // Expected, no handling needed.
1061 break;
1062 case INVALID_OPERATION: {
1063 std::string msg = fmt::sprintf(
1064 "Camera %s: Session characteristics query not supported!",
1065 cameraId.c_str());
1066 ALOGW("%s: %s", __FUNCTION__, msg.c_str());
1067 logServiceError(msg, CameraService::ERROR_INVALID_OPERATION);
1068 outMetadata->clear();
1069 return STATUS_ERROR(CameraService::ERROR_INVALID_OPERATION, msg.c_str());
1070 }
1071 break;
1072 case NAME_NOT_FOUND: {
1073 std::string msg = fmt::sprintf(
1074 "Camera %s: Unknown camera ID.",
1075 cameraId.c_str());
1076 ALOGW("%s: %s", __FUNCTION__, msg.c_str());
1077 logServiceError(msg, CameraService::ERROR_ILLEGAL_ARGUMENT);
1078 outMetadata->clear();
1079 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
1080 }
1081 break;
1082 default: {
1083 std::string msg = fmt::sprintf(
1084 "Unable to retrieve session characteristics for camera device %s: "
1085 "Error: %s (%d)",
1086 cameraId.c_str(), strerror(-ret), ret);
1087 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
1088 logServiceError(msg, CameraService::ERROR_INVALID_OPERATION);
1089 outMetadata->clear();
1090 return STATUS_ERROR(CameraService::ERROR_INVALID_OPERATION, msg.c_str());
1091 }
1092 }
1093
1094 res = filterSensitiveMetadataIfNeeded(cameraId, outMetadata);
1095 if (flags::analytics_24q3()) {
1096 mCameraServiceProxyWrapper->logSessionCharacteristicsQuery(cameraId,
1097 getCallingUid(), sessionConfiguration, res);
1098 }
1099 return res;
1100 }
1101
filterSensitiveMetadataIfNeeded(const std::string & cameraId,CameraMetadata * metadata)1102 Status CameraService::filterSensitiveMetadataIfNeeded(
1103 const std::string& cameraId, CameraMetadata* metadata) {
1104 int callingPid = getCallingPid();
1105 int callingUid = getCallingUid();
1106
1107 if (callingPid == getpid()) {
1108 // Caller is cameraserver; no need to remove keys
1109 return Status::ok();
1110 }
1111
1112 SystemCameraKind deviceKind = SystemCameraKind::PUBLIC;
1113 if (getSystemCameraKind(cameraId, &deviceKind) != OK) {
1114 ALOGE("%s: Couldn't get camera kind for camera id %s", __FUNCTION__, cameraId.c_str());
1115 metadata->clear();
1116 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
1117 "Unable to retrieve camera kind for device %s", cameraId.c_str());
1118 }
1119 if (deviceKind == SystemCameraKind::SYSTEM_ONLY_CAMERA) {
1120 // Attempting to query system only camera without system camera permission would have
1121 // failed the shouldRejectSystemCameraConnection in the caller. So if we get here
1122 // for a system only camera, then the caller has the required permission.
1123 // No need to remove keys
1124 return Status::ok();
1125 }
1126
1127 std::vector<int32_t> tagsRemoved;
1128 // Get the device id that owns this camera.
1129 auto [cameraOwnerDeviceId, _] = mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(
1130 cameraId);
1131 bool hasCameraPermission = hasPermissionsForCamera(cameraId, callingPid, callingUid,
1132 cameraOwnerDeviceId);
1133 if (hasCameraPermission) {
1134 // Caller has camera permission; no need to remove keys
1135 return Status::ok();
1136 }
1137
1138 status_t ret = metadata->removePermissionEntries(
1139 mCameraProviderManager->getProviderTagIdLocked(cameraId), &tagsRemoved);
1140 if (ret != OK) {
1141 metadata->clear();
1142 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
1143 "Failed to remove camera characteristics needing camera permission "
1144 "for device %s:%s (%d)",
1145 cameraId.c_str(), strerror(-ret), ret);
1146 }
1147
1148 if (!tagsRemoved.empty()) {
1149 ret = metadata->update(ANDROID_REQUEST_CHARACTERISTIC_KEYS_NEEDING_PERMISSION,
1150 tagsRemoved.data(), tagsRemoved.size());
1151 if (ret != OK) {
1152 metadata->clear();
1153 return STATUS_ERROR_FMT(
1154 ERROR_INVALID_OPERATION,
1155 "Failed to insert camera keys needing permission for device %s: %s (%d)",
1156 cameraId.c_str(), strerror(-ret), ret);
1157 }
1158 }
1159 return Status::ok();
1160 }
1161
injectSessionParams(const std::string & cameraId,const CameraMetadata & sessionParams)1162 Status CameraService::injectSessionParams(
1163 const std::string& cameraId,
1164 const CameraMetadata& sessionParams) {
1165 if (!checkCallingPermission(toString16(sCameraInjectExternalCameraPermission))) {
1166 const int pid = getCallingPid();
1167 const int uid = getCallingUid();
1168 ALOGE("%s: Permission Denial: can't inject session params pid=%d, uid=%d",
1169 __FUNCTION__, pid, uid);
1170 return STATUS_ERROR(ERROR_PERMISSION_DENIED,
1171 "Permission Denial: no permission to inject session params");
1172 }
1173
1174 // Do not allow session params injection for a virtual camera.
1175 auto [deviceId, _] = mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(cameraId);
1176 if (deviceId != kDefaultDeviceId) {
1177 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT,
1178 "Cannot inject session params for a virtual camera");
1179 }
1180
1181 std::unique_ptr<AutoConditionLock> serviceLockWrapper =
1182 AutoConditionLock::waitAndAcquire(mServiceLockWrapper);
1183
1184 auto clientDescriptor = mActiveClientManager.get(cameraId);
1185 if (clientDescriptor == nullptr) {
1186 ALOGI("%s: No active client for camera id %s", __FUNCTION__, cameraId.c_str());
1187 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
1188 "No active client for camera id %s", cameraId.c_str());
1189 }
1190
1191 sp<BasicClient> clientSp = clientDescriptor->getValue();
1192 status_t res = clientSp->injectSessionParams(sessionParams);
1193
1194 if (res != OK) {
1195 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
1196 "Error injecting session params into camera \"%s\": %s (%d)",
1197 cameraId.c_str(), strerror(-res), res);
1198 }
1199 return Status::ok();
1200 }
1201
resolveCameraId(const std::string & inputCameraId,int32_t deviceId,int32_t devicePolicy)1202 std::optional<std::string> CameraService::resolveCameraId(
1203 const std::string& inputCameraId,
1204 int32_t deviceId,
1205 int32_t devicePolicy) {
1206 if ((deviceId == kDefaultDeviceId)
1207 || (devicePolicy == IVirtualDeviceManagerNative::DEVICE_POLICY_DEFAULT)) {
1208 auto [storedDeviceId, _] =
1209 mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(inputCameraId);
1210 if (storedDeviceId != kDefaultDeviceId) {
1211 // Trying to access a virtual camera from default-policy device context, we should fail.
1212 std::string msg = fmt::sprintf("Camera %s: Invalid camera id for device id %d",
1213 inputCameraId.c_str(), deviceId);
1214 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
1215 return std::nullopt;
1216 }
1217 return inputCameraId;
1218 }
1219
1220 return mVirtualDeviceCameraIdMapper.getActualCameraId(deviceId, inputCameraId);
1221 }
1222
getCameraInfo(int cameraId,int rotationOverride,const AttributionSourceState & clientAttribution,int32_t devicePolicy,CameraInfo * cameraInfo)1223 Status CameraService::getCameraInfo(int cameraId, int rotationOverride,
1224 const AttributionSourceState& clientAttribution, int32_t devicePolicy,
1225 CameraInfo* cameraInfo) {
1226 ATRACE_CALL();
1227 Mutex::Autolock l(mServiceLock);
1228 std::string cameraIdStr =
1229 cameraIdIntToStrLocked(cameraId, clientAttribution.deviceId, devicePolicy);
1230 if (cameraIdStr.empty()) {
1231 std::string msg = fmt::sprintf("Camera %d: Invalid camera id for device id %d",
1232 cameraId, clientAttribution.deviceId);
1233 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
1234 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
1235 }
1236
1237 if (shouldRejectSystemCameraConnection(cameraIdStr)) {
1238 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, "Unable to retrieve camera"
1239 "characteristics for system only device %s: ", cameraIdStr.c_str());
1240 }
1241
1242 if (!mInitialized) {
1243 logServiceError("Camera subsystem is not available", ERROR_DISCONNECTED);
1244 return STATUS_ERROR(ERROR_DISCONNECTED,
1245 "Camera subsystem is not available");
1246 }
1247 bool hasSystemCameraPermissions = hasPermissionsForSystemCamera(std::to_string(cameraId),
1248 getCallingPid(), getCallingUid());
1249 int cameraIdBound = mNumberOfCamerasWithoutSystemCamera;
1250 if (hasSystemCameraPermissions) {
1251 cameraIdBound = mNumberOfCameras;
1252 }
1253 if (cameraId < 0 || cameraId >= cameraIdBound) {
1254 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT,
1255 "CameraId is not valid");
1256 }
1257
1258 Status ret = Status::ok();
1259 int portraitRotation;
1260 status_t err = mCameraProviderManager->getCameraInfo(
1261 cameraIdStr, rotationOverride, &portraitRotation, cameraInfo);
1262 if (err != OK) {
1263 ret = STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
1264 "Error retrieving camera info from device %d: %s (%d)", cameraId,
1265 strerror(-err), err);
1266 logServiceError(std::string("Error retrieving camera info from device ")
1267 + std::to_string(cameraId), ERROR_INVALID_OPERATION);
1268 }
1269
1270 return ret;
1271 }
1272
cameraIdIntToStrLocked(int cameraIdInt,int32_t deviceId,int32_t devicePolicy)1273 std::string CameraService::cameraIdIntToStrLocked(int cameraIdInt,
1274 int32_t deviceId, int32_t devicePolicy) {
1275 if (vd_flags::camera_device_awareness() && (deviceId != kDefaultDeviceId)
1276 && (devicePolicy != IVirtualDeviceManagerNative::DEVICE_POLICY_DEFAULT)) {
1277 std::optional<std::string> cameraIdOptional =
1278 mVirtualDeviceCameraIdMapper.getActualCameraId(cameraIdInt, deviceId);
1279 return cameraIdOptional.has_value() ? cameraIdOptional.value() : std::string{};
1280 }
1281
1282 const std::vector<std::string> *cameraIds = &mNormalDeviceIdsWithoutSystemCamera;
1283 auto callingPid = getCallingPid();
1284 auto callingUid = getCallingUid();
1285 bool systemCameraPermissions = hasPermissionsForSystemCamera(std::to_string(cameraIdInt),
1286 callingPid, callingUid, /* checkCameraPermissions= */ false);
1287 if (systemCameraPermissions || getpid() == callingPid) {
1288 cameraIds = &mNormalDeviceIds;
1289 }
1290 if (cameraIdInt < 0 || cameraIdInt >= static_cast<int>(cameraIds->size())) {
1291 ALOGE("%s: input id %d invalid: valid range (0, %zu)",
1292 __FUNCTION__, cameraIdInt, cameraIds->size());
1293 return std::string{};
1294 }
1295
1296 return (*cameraIds)[cameraIdInt];
1297 }
1298
cameraIdIntToStr(int cameraIdInt,int32_t deviceId,int32_t devicePolicy)1299 std::string CameraService::cameraIdIntToStr(int cameraIdInt, int32_t deviceId,
1300 int32_t devicePolicy) {
1301 Mutex::Autolock lock(mServiceLock);
1302 return cameraIdIntToStrLocked(cameraIdInt, deviceId, devicePolicy);
1303 }
1304
getCameraCharacteristics(const std::string & unresolvedCameraId,int targetSdkVersion,int rotationOverride,const AttributionSourceState & clientAttribution,int32_t devicePolicy,CameraMetadata * cameraInfo)1305 Status CameraService::getCameraCharacteristics(const std::string& unresolvedCameraId,
1306 int targetSdkVersion, int rotationOverride, const AttributionSourceState& clientAttribution,
1307 int32_t devicePolicy, CameraMetadata* cameraInfo) {
1308 ATRACE_CALL();
1309
1310 if (!cameraInfo) {
1311 ALOGE("%s: cameraInfo is NULL", __FUNCTION__);
1312 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "cameraInfo is NULL");
1313 }
1314
1315 if (!mInitialized) {
1316 ALOGE("%s: Camera HAL couldn't be initialized", __FUNCTION__);
1317 logServiceError("Camera subsystem is not available", ERROR_DISCONNECTED);
1318 return STATUS_ERROR(ERROR_DISCONNECTED,
1319 "Camera subsystem is not available");;
1320 }
1321
1322 std::optional<std::string> cameraIdOptional =
1323 resolveCameraId(unresolvedCameraId, clientAttribution.deviceId, devicePolicy);
1324 if (!cameraIdOptional.has_value()) {
1325 std::string msg = fmt::sprintf("Camera %s: Invalid camera id for device id %d",
1326 unresolvedCameraId.c_str(), clientAttribution.deviceId);
1327 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
1328 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
1329 }
1330 std::string cameraId = cameraIdOptional.value();
1331
1332 if (shouldRejectSystemCameraConnection(cameraId)) {
1333 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, "Unable to retrieve camera"
1334 "characteristics for system only device %s: ", cameraId.c_str());
1335 }
1336
1337 bool overrideForPerfClass =
1338 SessionConfigurationUtils::targetPerfClassPrimaryCamera(mPerfClassPrimaryCameraIds,
1339 cameraId, targetSdkVersion);
1340 status_t res = mCameraProviderManager->getCameraCharacteristics(
1341 cameraId, overrideForPerfClass, cameraInfo, rotationOverride);
1342 if (res != OK) {
1343 if (res == NAME_NOT_FOUND) {
1344 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, "Unable to retrieve camera "
1345 "characteristics for unknown device %s: %s (%d)", cameraId.c_str(),
1346 strerror(-res), res);
1347 } else {
1348 logServiceError(fmt::sprintf("Unable to retrieve camera characteristics for device %s.",
1349 cameraId.c_str()), ERROR_INVALID_OPERATION);
1350 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, "Unable to retrieve camera "
1351 "characteristics for device %s: %s (%d)", cameraId.c_str(),
1352 strerror(-res), res);
1353 }
1354 }
1355
1356 return filterSensitiveMetadataIfNeeded(cameraId, cameraInfo);
1357 }
1358
getTorchStrengthLevel(const std::string & unresolvedCameraId,const AttributionSourceState & clientAttribution,int32_t devicePolicy,int32_t * torchStrength)1359 Status CameraService::getTorchStrengthLevel(const std::string& unresolvedCameraId,
1360 const AttributionSourceState& clientAttribution,
1361 int32_t devicePolicy, int32_t* torchStrength) {
1362 ATRACE_CALL();
1363 Mutex::Autolock l(mServiceLock);
1364
1365 std::optional<std::string> cameraIdOptional = resolveCameraId(unresolvedCameraId,
1366 clientAttribution.deviceId, devicePolicy);
1367 if (!cameraIdOptional.has_value()) {
1368 std::string msg = fmt::sprintf("Camera %s: Invalid camera id for device id %d",
1369 unresolvedCameraId.c_str(), clientAttribution.deviceId);
1370 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
1371 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
1372 }
1373 std::string cameraId = cameraIdOptional.value();
1374
1375 if (!mInitialized) {
1376 ALOGE("%s: Camera HAL couldn't be initialized.", __FUNCTION__);
1377 return STATUS_ERROR(ERROR_DISCONNECTED, "Camera HAL couldn't be initialized.");
1378 }
1379
1380 if (torchStrength == NULL) {
1381 ALOGE("%s: strength level must not be null.", __FUNCTION__);
1382 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Strength level should not be null.");
1383 }
1384
1385 status_t res = mCameraProviderManager->getTorchStrengthLevel(cameraId, torchStrength);
1386 if (res != OK) {
1387 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, "Unable to retrieve torch "
1388 "strength level for device %s: %s (%d)", cameraId.c_str(),
1389 strerror(-res), res);
1390 }
1391 ALOGI("%s: Torch strength level is: %d", __FUNCTION__, *torchStrength);
1392 return Status::ok();
1393 }
1394
getFormattedCurrentTime()1395 std::string CameraService::getFormattedCurrentTime() {
1396 time_t now = time(nullptr);
1397 char formattedTime[64];
1398 strftime(formattedTime, sizeof(formattedTime), "%m-%d %H:%M:%S", localtime(&now));
1399 return std::string(formattedTime);
1400 }
1401
getCameraVendorTagDescriptor(hardware::camera2::params::VendorTagDescriptor * desc)1402 Status CameraService::getCameraVendorTagDescriptor(
1403 /*out*/
1404 hardware::camera2::params::VendorTagDescriptor* desc) {
1405 ATRACE_CALL();
1406 if (!mInitialized) {
1407 ALOGE("%s: Camera HAL couldn't be initialized", __FUNCTION__);
1408 return STATUS_ERROR(ERROR_DISCONNECTED, "Camera subsystem not available");
1409 }
1410 sp<VendorTagDescriptor> globalDescriptor = VendorTagDescriptor::getGlobalVendorTagDescriptor();
1411 if (globalDescriptor != nullptr) {
1412 *desc = *(globalDescriptor.get());
1413 }
1414 return Status::ok();
1415 }
1416
getCameraVendorTagCache(hardware::camera2::params::VendorTagDescriptorCache * cache)1417 Status CameraService::getCameraVendorTagCache(
1418 /*out*/ hardware::camera2::params::VendorTagDescriptorCache* cache) {
1419 ATRACE_CALL();
1420 if (!mInitialized) {
1421 ALOGE("%s: Camera HAL couldn't be initialized", __FUNCTION__);
1422 return STATUS_ERROR(ERROR_DISCONNECTED,
1423 "Camera subsystem not available");
1424 }
1425 sp<VendorTagDescriptorCache> globalCache =
1426 VendorTagDescriptorCache::getGlobalVendorTagCache();
1427 if (globalCache != nullptr) {
1428 *cache = *(globalCache.get());
1429 }
1430 return Status::ok();
1431 }
1432
clearCachedVariables()1433 void CameraService::clearCachedVariables() {
1434 BasicClient::BasicClient::sCameraService = nullptr;
1435 }
1436
getDeviceVersion(const std::string & cameraId,int rotationOverride,int * portraitRotation,int * facing,int * orientation)1437 std::pair<int, IPCTransport> CameraService::getDeviceVersion(const std::string& cameraId,
1438 int rotationOverride, int* portraitRotation, int* facing,
1439 int* orientation) {
1440 ATRACE_CALL();
1441
1442 int deviceVersion = 0;
1443
1444 status_t res;
1445 hardware::hidl_version maxVersion{0,0};
1446 IPCTransport transport = IPCTransport::INVALID;
1447 res = mCameraProviderManager->getHighestSupportedVersion(cameraId, &maxVersion, &transport);
1448 if (res != OK || transport == IPCTransport::INVALID) {
1449 ALOGE("%s: Unable to get highest supported version for camera id %s", __FUNCTION__,
1450 cameraId.c_str());
1451 return std::make_pair(-1, IPCTransport::INVALID) ;
1452 }
1453 deviceVersion = HARDWARE_DEVICE_API_VERSION(maxVersion.get_major(), maxVersion.get_minor());
1454
1455 hardware::CameraInfo info;
1456 if (facing) {
1457 res = mCameraProviderManager->getCameraInfo(cameraId, rotationOverride,
1458 portraitRotation, &info);
1459 if (res != OK) {
1460 return std::make_pair(-1, IPCTransport::INVALID);
1461 }
1462 *facing = info.facing;
1463 if (orientation) {
1464 *orientation = info.orientation;
1465 }
1466 }
1467
1468 return std::make_pair(deviceVersion, transport);
1469 }
1470
filterGetInfoErrorCode(status_t err)1471 Status CameraService::filterGetInfoErrorCode(status_t err) {
1472 switch(err) {
1473 case NO_ERROR:
1474 return Status::ok();
1475 case BAD_VALUE:
1476 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT,
1477 "CameraId is not valid for HAL module");
1478 case NO_INIT:
1479 return STATUS_ERROR(ERROR_DISCONNECTED,
1480 "Camera device not available");
1481 default:
1482 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
1483 "Camera HAL encountered error %d: %s",
1484 err, strerror(-err));
1485 }
1486 }
1487
makeClient(const sp<CameraService> & cameraService,const sp<IInterface> & cameraCb,const AttributionSourceState & clientAttribution,int callingPid,bool systemNativeClient,const std::string & cameraId,int api1CameraId,int facing,int sensorOrientation,int servicePid,std::pair<int,IPCTransport> deviceVersionAndTransport,apiLevel effectiveApiLevel,bool overrideForPerfClass,int rotationOverride,bool forceSlowJpegMode,const std::string & originalCameraId,bool sharedMode,bool isVendorClient,sp<BasicClient> * client)1488 Status CameraService::makeClient(
1489 const sp<CameraService>& cameraService, const sp<IInterface>& cameraCb,
1490 const AttributionSourceState& clientAttribution, int callingPid, bool systemNativeClient,
1491 const std::string& cameraId, int api1CameraId, int facing, int sensorOrientation,
1492 int servicePid, std::pair<int, IPCTransport> deviceVersionAndTransport,
1493 apiLevel effectiveApiLevel, bool overrideForPerfClass, int rotationOverride,
1494 bool forceSlowJpegMode, const std::string& originalCameraId, bool sharedMode,
1495 bool isVendorClient,
1496 /*out*/sp<BasicClient>* client) {
1497 // For HIDL devices
1498 if (deviceVersionAndTransport.second == IPCTransport::HIDL) {
1499 // Create CameraClient based on device version reported by the HAL.
1500 int deviceVersion = deviceVersionAndTransport.first;
1501 switch(deviceVersion) {
1502 case CAMERA_DEVICE_API_VERSION_1_0:
1503 ALOGE("Camera using old HAL version: %d", deviceVersion);
1504 return STATUS_ERROR_FMT(ERROR_DEPRECATED_HAL,
1505 "Camera device \"%s\" HAL version %d no longer supported",
1506 cameraId.c_str(), deviceVersion);
1507 break;
1508 case CAMERA_DEVICE_API_VERSION_3_0:
1509 case CAMERA_DEVICE_API_VERSION_3_1:
1510 case CAMERA_DEVICE_API_VERSION_3_2:
1511 case CAMERA_DEVICE_API_VERSION_3_3:
1512 case CAMERA_DEVICE_API_VERSION_3_4:
1513 case CAMERA_DEVICE_API_VERSION_3_5:
1514 case CAMERA_DEVICE_API_VERSION_3_6:
1515 case CAMERA_DEVICE_API_VERSION_3_7:
1516 break;
1517 default:
1518 // Should not be reachable
1519 ALOGE("Unknown camera device HAL version: %d", deviceVersion);
1520 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
1521 "Camera device \"%s\" has unknown HAL version %d",
1522 cameraId.c_str(), deviceVersion);
1523 }
1524 }
1525 if (effectiveApiLevel == API_1) { // Camera1 API route
1526 sp<ICameraClient> tmp = static_cast<ICameraClient*>(cameraCb.get());
1527 *client = new Camera2Client(cameraService, tmp, cameraService->mCameraServiceProxyWrapper,
1528 cameraService->mAttributionAndPermissionUtils,
1529 clientAttribution, callingPid, cameraId, api1CameraId, facing,
1530 sensorOrientation, servicePid, overrideForPerfClass,
1531 rotationOverride, forceSlowJpegMode, /*sharedMode*/false);
1532 ALOGI("%s: Camera1 API (legacy), rotationOverride %d, forceSlowJpegMode %d",
1533 __FUNCTION__, rotationOverride, forceSlowJpegMode);
1534 } else { // Camera2 API route
1535 sp<hardware::camera2::ICameraDeviceCallbacks> tmp =
1536 static_cast<hardware::camera2::ICameraDeviceCallbacks*>(cameraCb.get());
1537 *client = new CameraDeviceClient(
1538 cameraService, tmp, cameraService->mCameraServiceProxyWrapper,
1539 cameraService->mAttributionAndPermissionUtils, clientAttribution, callingPid,
1540 systemNativeClient, cameraId, facing, sensorOrientation, servicePid,
1541 overrideForPerfClass, rotationOverride, originalCameraId, sharedMode,
1542 isVendorClient);
1543 ALOGI("%s: Camera2 API, rotationOverride %d", __FUNCTION__, rotationOverride);
1544 }
1545 return Status::ok();
1546 }
1547
toString(std::set<userid_t> intSet)1548 std::string CameraService::toString(std::set<userid_t> intSet) {
1549 std::ostringstream s;
1550 bool first = true;
1551 for (userid_t i : intSet) {
1552 if (first) {
1553 s << std::to_string(i);
1554 first = false;
1555 } else {
1556 s << ", " << std::to_string(i);
1557 }
1558 }
1559 return s.str();
1560 }
1561
mapToInterface(TorchModeStatus status)1562 int32_t CameraService::mapToInterface(TorchModeStatus status) {
1563 int32_t serviceStatus = ICameraServiceListener::TORCH_STATUS_NOT_AVAILABLE;
1564 switch (status) {
1565 case TorchModeStatus::NOT_AVAILABLE:
1566 serviceStatus = ICameraServiceListener::TORCH_STATUS_NOT_AVAILABLE;
1567 break;
1568 case TorchModeStatus::AVAILABLE_OFF:
1569 serviceStatus = ICameraServiceListener::TORCH_STATUS_AVAILABLE_OFF;
1570 break;
1571 case TorchModeStatus::AVAILABLE_ON:
1572 serviceStatus = ICameraServiceListener::TORCH_STATUS_AVAILABLE_ON;
1573 break;
1574 default:
1575 ALOGW("Unknown new flash status: %d", eToI(status));
1576 }
1577 return serviceStatus;
1578 }
1579
mapToInternal(CameraDeviceStatus status)1580 CameraService::StatusInternal CameraService::mapToInternal(CameraDeviceStatus status) {
1581 StatusInternal serviceStatus = StatusInternal::NOT_PRESENT;
1582 switch (status) {
1583 case CameraDeviceStatus::NOT_PRESENT:
1584 serviceStatus = StatusInternal::NOT_PRESENT;
1585 break;
1586 case CameraDeviceStatus::PRESENT:
1587 serviceStatus = StatusInternal::PRESENT;
1588 break;
1589 case CameraDeviceStatus::ENUMERATING:
1590 serviceStatus = StatusInternal::ENUMERATING;
1591 break;
1592 default:
1593 ALOGW("Unknown new HAL device status: %d", eToI(status));
1594 }
1595 return serviceStatus;
1596 }
1597
mapToInterface(StatusInternal status)1598 int32_t CameraService::mapToInterface(StatusInternal status) {
1599 int32_t serviceStatus = ICameraServiceListener::STATUS_NOT_PRESENT;
1600 switch (status) {
1601 case StatusInternal::NOT_PRESENT:
1602 serviceStatus = ICameraServiceListener::STATUS_NOT_PRESENT;
1603 break;
1604 case StatusInternal::PRESENT:
1605 serviceStatus = ICameraServiceListener::STATUS_PRESENT;
1606 break;
1607 case StatusInternal::ENUMERATING:
1608 serviceStatus = ICameraServiceListener::STATUS_ENUMERATING;
1609 break;
1610 case StatusInternal::NOT_AVAILABLE:
1611 serviceStatus = ICameraServiceListener::STATUS_NOT_AVAILABLE;
1612 break;
1613 case StatusInternal::UNKNOWN:
1614 serviceStatus = ICameraServiceListener::STATUS_UNKNOWN;
1615 break;
1616 default:
1617 ALOGW("Unknown new internal device status: %d", eToI(status));
1618 }
1619 return serviceStatus;
1620 }
1621
initializeShimMetadata(int cameraId)1622 Status CameraService::initializeShimMetadata(int cameraId) {
1623 int uid = getCallingUid();
1624
1625 std::string cameraIdStr = std::to_string(cameraId);
1626 Status ret = Status::ok();
1627 sp<Client> tmp = nullptr;
1628
1629 int callingPid = getCallingPid();
1630 logConnectionAttempt(callingPid, kServiceName, cameraIdStr, API_1);
1631
1632 AttributionSourceState clientAttribution =
1633 buildAttributionSource(callingPid, uid, kServiceName, kDefaultDeviceId);
1634
1635 if (!(ret = connectHelper<ICameraClient, Client>(
1636 sp<ICameraClient>{nullptr}, cameraIdStr, cameraId, clientAttribution,
1637 /*systemNativeClient*/ false, API_1, /*shimUpdateOnly*/ true,
1638 /*oomScoreOffset*/ 0,
1639 /*targetSdkVersion*/ __ANDROID_API_FUTURE__,
1640 /*rotationOverride*/
1641 hardware::ICameraService::ROTATION_OVERRIDE_OVERRIDE_TO_PORTRAIT,
1642 /*forceSlowJpegMode*/ false, cameraIdStr, /*isNonSystemNdk*/ false,
1643 /*sharedMode*/false, /*isVendorClient*/false,/*out*/ tmp))
1644 .isOk()) {
1645 ALOGE("%s: Error initializing shim metadata: %s", __FUNCTION__, ret.toString8().c_str());
1646 }
1647 return ret;
1648 }
1649
getLegacyParametersLazy(int cameraId,CameraParameters * parameters)1650 Status CameraService::getLegacyParametersLazy(int cameraId,
1651 /*out*/
1652 CameraParameters* parameters) {
1653
1654 ALOGV("%s: for cameraId: %d", __FUNCTION__, cameraId);
1655
1656 Status ret = Status::ok();
1657
1658 if (parameters == NULL) {
1659 ALOGE("%s: parameters must not be null", __FUNCTION__);
1660 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Parameters must not be null");
1661 }
1662
1663 std::string cameraIdStr = std::to_string(cameraId);
1664
1665 // Check if we already have parameters
1666 {
1667 // Scope for service lock
1668 Mutex::Autolock lock(mServiceLock);
1669 auto cameraState = getCameraState(cameraIdStr);
1670 if (cameraState == nullptr) {
1671 ALOGE("%s: Invalid camera ID: %s", __FUNCTION__, cameraIdStr.c_str());
1672 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT,
1673 "Invalid camera ID: %s", cameraIdStr.c_str());
1674 }
1675 CameraParameters p = cameraState->getShimParams();
1676 if (!p.isEmpty()) {
1677 *parameters = p;
1678 return ret;
1679 }
1680 }
1681
1682 int64_t token = clearCallingIdentity();
1683 ret = initializeShimMetadata(cameraId);
1684 restoreCallingIdentity(token);
1685 if (!ret.isOk()) {
1686 // Error already logged by callee
1687 return ret;
1688 }
1689
1690 // Check for parameters again
1691 {
1692 // Scope for service lock
1693 Mutex::Autolock lock(mServiceLock);
1694 auto cameraState = getCameraState(cameraIdStr);
1695 if (cameraState == nullptr) {
1696 ALOGE("%s: Invalid camera ID: %s", __FUNCTION__, cameraIdStr.c_str());
1697 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT,
1698 "Invalid camera ID: %s", cameraIdStr.c_str());
1699 }
1700 CameraParameters p = cameraState->getShimParams();
1701 if (!p.isEmpty()) {
1702 *parameters = p;
1703 return ret;
1704 }
1705 }
1706
1707 ALOGE("%s: Parameters were not initialized, or were empty. Device may not be present.",
1708 __FUNCTION__);
1709 return STATUS_ERROR(ERROR_INVALID_OPERATION, "Unable to initialize legacy parameters");
1710 }
1711
validateConnectLocked(const std::string & cameraId,const AttributionSourceState & clientAttribution,bool sharedMode) const1712 Status CameraService::validateConnectLocked(const std::string& cameraId,
1713 const AttributionSourceState& clientAttribution,
1714 bool sharedMode) const {
1715 #ifdef __BRILLO__
1716 UNUSED(clientAttribution);
1717 #else
1718 Status allowed = validateClientPermissionsLocked(cameraId, clientAttribution, sharedMode);
1719 if (!allowed.isOk()) {
1720 return allowed;
1721 }
1722 #endif // __BRILLO__
1723
1724 int callingPid = getCallingPid();
1725
1726 if (!mInitialized) {
1727 ALOGE("CameraService::connect X (PID %d) rejected (camera HAL module not loaded)",
1728 callingPid);
1729 return STATUS_ERROR_FMT(ERROR_DISCONNECTED,
1730 "No camera HAL module available to open camera device \"%s\"", cameraId.c_str());
1731 }
1732
1733 if (getCameraState(cameraId) == nullptr) {
1734 ALOGE("CameraService::connect X (PID %d) rejected (invalid camera ID %s)", callingPid,
1735 cameraId.c_str());
1736 return STATUS_ERROR_FMT(ERROR_DISCONNECTED,
1737 "No camera device with ID \"%s\" available", cameraId.c_str());
1738 }
1739
1740 status_t err = checkIfDeviceIsUsable(cameraId);
1741 if (err != NO_ERROR) {
1742 switch(err) {
1743 case -ENODEV:
1744 case -EBUSY:
1745 return STATUS_ERROR_FMT(ERROR_DISCONNECTED,
1746 "No camera device with ID \"%s\" currently available", cameraId.c_str());
1747 default:
1748 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
1749 "Unknown error connecting to ID \"%s\"", cameraId.c_str());
1750 }
1751 }
1752 return Status::ok();
1753 }
1754
validateClientPermissionsLocked(const std::string & cameraId,const AttributionSourceState & clientAttribution,bool sharedMode) const1755 Status CameraService::validateClientPermissionsLocked(
1756 const std::string& cameraId, const AttributionSourceState& clientAttribution,
1757 bool sharedMode) const {
1758 int callingPid = getCallingPid();
1759 int callingUid = getCallingUid();
1760
1761 int clientPid = clientAttribution.pid;
1762 int clientUid = clientAttribution.uid;
1763 const std::string clientName = clientAttribution.packageName.value_or(kUnknownPackageName);
1764
1765 if (shouldRejectSystemCameraConnection(cameraId)) {
1766 ALOGW("Attempting to connect to system-only camera id %s, connection rejected",
1767 cameraId.c_str());
1768 return STATUS_ERROR_FMT(ERROR_DISCONNECTED, "No camera device with ID \"%s\" is"
1769 "available", cameraId.c_str());
1770 }
1771 SystemCameraKind deviceKind = SystemCameraKind::PUBLIC;
1772 if (getSystemCameraKind(cameraId, &deviceKind) != OK) {
1773 ALOGE("%s: Invalid camera id %s, skipping", __FUNCTION__, cameraId.c_str());
1774 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, "No camera device with ID \"%s\""
1775 "found while trying to query device kind", cameraId.c_str());
1776 }
1777
1778 if (flags::camera_multi_client() && sharedMode
1779 && (deviceKind != SystemCameraKind::SYSTEM_ONLY_CAMERA)) {
1780 ALOGE("%s: camera id %s is not system camera. Device sharing only supported for"
1781 " system cameras.", __FUNCTION__, cameraId.c_str());
1782 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, "camera device sharing not supported for "
1783 "camera ID \"%s\"", cameraId.c_str());
1784 }
1785
1786 // Get the device id that owns this camera.
1787 auto [deviceId, _] = mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(cameraId);
1788 AttributionSourceState clientAttributionWithDeviceId = clientAttribution;
1789 clientAttributionWithDeviceId.deviceId = deviceId;
1790
1791 // If it's not calling from cameraserver, check the permission if the
1792 // device isn't a system only camera (shouldRejectSystemCameraConnection already checks for
1793 // android.permission.SYSTEM_CAMERA for system only camera devices).
1794 bool checkPermissionForCamera =
1795 hasPermissionsForCamera(cameraId, clientAttributionWithDeviceId);
1796 if (callingPid != getpid() &&
1797 (deviceKind != SystemCameraKind::SYSTEM_ONLY_CAMERA) && !checkPermissionForCamera) {
1798 ALOGE("Permission Denial: can't use the camera pid=%d, uid=%d", clientPid, clientUid);
1799 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
1800 "Caller \"%s\" (PID %d, UID %d) cannot open camera \"%s\" without camera permission",
1801 clientName.c_str(), clientPid, clientUid, cameraId.c_str());
1802 }
1803
1804 // Make sure the UID is in an active state to use the camera
1805 if (!mUidPolicy->isUidActive(callingUid, clientName)) {
1806 int32_t procState = mUidPolicy->getProcState(callingUid);
1807 ALOGE("Access Denial: can't use the camera from an idle UID pid=%d, uid=%d",
1808 clientPid, clientUid);
1809 return STATUS_ERROR_FMT(ERROR_DISABLED,
1810 "Caller \"%s\" (PID %d, UID %d) cannot open camera \"%s\" from background ("
1811 "calling UID %d proc state %" PRId32 ")",
1812 clientName.c_str(), clientPid, clientUid, cameraId.c_str(),
1813 callingUid, procState);
1814 }
1815
1816 // Automotive privileged client AID_AUTOMOTIVE_EVS using exterior system camera for use cases
1817 // such as rear view and surround view cannot be disabled and are exempt from sensor privacy
1818 // policy. In all other cases,if sensor privacy is enabled then prevent access to the camera.
1819 if ((!isAutomotivePrivilegedClient(callingUid) ||
1820 !isAutomotiveExteriorSystemCamera(cameraId)) &&
1821 mSensorPrivacyPolicy->isSensorPrivacyEnabled()) {
1822 ALOGE("Access Denial: cannot use the camera when sensor privacy is enabled");
1823 return STATUS_ERROR_FMT(ERROR_DISABLED,
1824 "Caller \"%s\" (PID %d, UID %d) cannot open camera \"%s\" when sensor privacy "
1825 "is enabled", clientName.c_str(), clientPid, clientUid, cameraId.c_str());
1826 }
1827
1828 userid_t clientUserId = multiuser_get_user_id(clientUid);
1829
1830 // Only use passed in clientPid to check permission. Use calling PID as the client PID that's
1831 // connected to camera service directly.
1832
1833 // For non-system clients : Only allow clients who are being used by the current foreground
1834 // device user, unless calling from our own process.
1835 if (!callerHasSystemUid() && callingPid != getpid() &&
1836 (mAllowedUsers.find(clientUserId) == mAllowedUsers.end())) {
1837 ALOGE("CameraService::connect X (PID %d) rejected (cannot connect from "
1838 "device user %d, currently allowed device users: %s)", callingPid, clientUserId,
1839 toString(mAllowedUsers).c_str());
1840 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
1841 "Callers from device user %d are not currently allowed to connect to camera \"%s\"",
1842 clientUserId, cameraId.c_str());
1843 }
1844
1845 if (flags::camera_hsum_permission()) {
1846 // If the System User tries to access the camera when the device is running in
1847 // headless system user mode, ensure that client has the required permission
1848 // CAMERA_HEADLESS_SYSTEM_USER.
1849 if (isHeadlessSystemUserMode()
1850 && (clientUserId == USER_SYSTEM)
1851 && !hasPermissionsForCameraHeadlessSystemUser(cameraId, callingPid, callingUid)) {
1852 ALOGE("Permission Denial: can't use the camera pid=%d, uid=%d", callingPid, clientUid);
1853 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
1854 "Caller \"%s\" (PID %d, UID %d) cannot open camera \"%s\" as Headless System \
1855 User without camera headless system user permission",
1856 clientName.c_str(), callingPid, clientUid, cameraId.c_str());
1857 }
1858 }
1859
1860 return Status::ok();
1861 }
1862
checkIfDeviceIsUsable(const std::string & cameraId) const1863 status_t CameraService::checkIfDeviceIsUsable(const std::string& cameraId) const {
1864 auto cameraState = getCameraState(cameraId);
1865 int callingPid = getCallingPid();
1866 if (cameraState == nullptr) {
1867 ALOGE("CameraService::connect X (PID %d) rejected (invalid camera ID %s)", callingPid,
1868 cameraId.c_str());
1869 return -ENODEV;
1870 }
1871
1872 StatusInternal currentStatus = cameraState->getStatus();
1873 if (currentStatus == StatusInternal::NOT_PRESENT) {
1874 ALOGE("CameraService::connect X (PID %d) rejected (camera %s is not connected)",
1875 callingPid, cameraId.c_str());
1876 return -ENODEV;
1877 } else if (currentStatus == StatusInternal::ENUMERATING) {
1878 ALOGE("CameraService::connect X (PID %d) rejected, (camera %s is initializing)",
1879 callingPid, cameraId.c_str());
1880 return -EBUSY;
1881 }
1882
1883 return NO_ERROR;
1884 }
1885
finishConnectLocked(const sp<BasicClient> & client,const CameraService::DescriptorPtr & desc,int oomScoreOffset,bool systemNativeClient)1886 void CameraService::finishConnectLocked(const sp<BasicClient>& client,
1887 const CameraService::DescriptorPtr& desc, int oomScoreOffset, bool systemNativeClient) {
1888
1889 // Make a descriptor for the incoming client
1890 auto clientDescriptor =
1891 CameraService::CameraClientManager::makeClientDescriptor(client, desc,
1892 oomScoreOffset, systemNativeClient);
1893 auto evicted = mActiveClientManager.addAndEvict(clientDescriptor);
1894
1895 logConnected(desc->getKey(), static_cast<int>(desc->getOwnerId()),
1896 client->getPackageName());
1897
1898 if (evicted.size() > 0) {
1899 // This should never happen - clients should already have been removed in disconnect
1900 for (auto& i : evicted) {
1901 ALOGE("%s: Invalid state: Client for camera %s was not removed in disconnect",
1902 __FUNCTION__, i->getKey().c_str());
1903 }
1904
1905 LOG_ALWAYS_FATAL("%s: Invalid state for CameraService, clients not evicted properly",
1906 __FUNCTION__);
1907 }
1908
1909 if (flags::camera_multi_client()) {
1910 sp<BasicClient> clientSp = clientDescriptor->getValue();
1911 auto primaryClient = mActiveClientManager.getPrimaryClient(desc->getKey());
1912 if (primaryClient == nullptr) {
1913 // There is no primary client yet. Assign this first client as
1914 // primary
1915 clientSp->setPrimaryClient(true);
1916 } else {
1917 // There is already primary client. If the incoming client has a
1918 // higher priority than the existing primary, then assign incoming
1919 // client as primary and change the existing client to secondary.
1920 // Otherwise incoming client is secondary client.
1921 if (clientDescriptor->getPriority() <= primaryClient->getPriority()) {
1922 clientSp->setPrimaryClient(true);
1923 primaryClient->getValue()->setPrimaryClient(false);
1924 primaryClient->getValue()->notifyClientSharedAccessPriorityChanged(false);
1925 } else {
1926 clientSp->setPrimaryClient(false);
1927 }
1928 }
1929 }
1930
1931 // And register a death notification for the client callback. Do
1932 // this last to avoid Binder policy where a nested Binder
1933 // transaction might be pre-empted to service the client death
1934 // notification if the client process dies before linkToDeath is
1935 // invoked.
1936 sp<IBinder> remoteCallback = client->getRemote();
1937 if (remoteCallback != nullptr) {
1938 remoteCallback->linkToDeath(this);
1939 }
1940 }
1941
handleEvictionsLocked(const std::string & cameraId,int clientPid,apiLevel effectiveApiLevel,const sp<IBinder> & remoteCallback,const std::string & packageName,int oomScoreOffset,bool systemNativeClient,bool sharedMode,sp<BasicClient> * client,std::shared_ptr<resource_policy::ClientDescriptor<std::string,sp<BasicClient>>> * partial)1942 status_t CameraService::handleEvictionsLocked(const std::string& cameraId, int clientPid,
1943 apiLevel effectiveApiLevel, const sp<IBinder>& remoteCallback,
1944 const std::string& packageName, int oomScoreOffset, bool systemNativeClient,
1945 bool sharedMode,
1946 /*out*/
1947 sp<BasicClient>* client,
1948 std::shared_ptr<resource_policy::ClientDescriptor<std::string, sp<BasicClient>>>* partial) {
1949 ATRACE_CALL();
1950 status_t ret = NO_ERROR;
1951 std::vector<DescriptorPtr> evictedClients;
1952 DescriptorPtr clientDescriptor;
1953 {
1954 if (effectiveApiLevel == API_1) {
1955 // If we are using API1, any existing client for this camera ID with the same remote
1956 // should be returned rather than evicted to allow MediaRecorder to work properly.
1957
1958 auto current = mActiveClientManager.get(cameraId);
1959 if (current != nullptr) {
1960 auto clientSp = current->getValue();
1961 if (clientSp.get() != nullptr) { // should never be needed
1962 if (!clientSp->canCastToApiClient(effectiveApiLevel)) {
1963 ALOGW("CameraService connect called with a different"
1964 " API level, evicting prior client...");
1965 } else if (clientSp->getRemote() == remoteCallback) {
1966 ALOGI("CameraService::connect X (PID %d) (second call from same"
1967 " app binder, returning the same client)", clientPid);
1968 *client = clientSp;
1969 return NO_ERROR;
1970 }
1971 }
1972 }
1973 }
1974
1975 // Get state for the given cameraId
1976 auto state = getCameraState(cameraId);
1977 if (state == nullptr) {
1978 ALOGE("CameraService::connect X (PID %d) rejected (no camera device with ID %s)",
1979 clientPid, cameraId.c_str());
1980 // Should never get here because validateConnectLocked should have errored out
1981 return BAD_VALUE;
1982 }
1983
1984 sp<IServiceManager> sm = defaultServiceManager();
1985 sp<IBinder> binder = sm->checkService(String16(kProcessInfoServiceName));
1986 if (!binder && isAutomotivePrivilegedClient(getCallingUid())) {
1987 // If processinfo service is not available and the client is automotive privileged
1988 // client used for safety critical uses cases such as rear-view and surround-view which
1989 // needs to be available before android boot completes, then use the hardcoded values
1990 // for the process state and priority score. As this scenario is before android system
1991 // services are up and client is native client, hence using NATIVE_ADJ as the priority
1992 // score and state as PROCESS_STATE_BOUND_TOP as such automotive apps need to be
1993 // visible on the top.
1994 clientDescriptor = CameraClientManager::makeClientDescriptor(cameraId,
1995 sp<BasicClient>{nullptr}, static_cast<int32_t>(state->getCost()),
1996 state->getConflicting(), resource_policy::NATIVE_ADJ, clientPid,
1997 ActivityManager::PROCESS_STATE_BOUND_TOP, oomScoreOffset, systemNativeClient,
1998 sharedMode);
1999 } else {
2000 // Get current active client PIDs
2001 std::vector<int> ownerPids(mActiveClientManager.getAllOwners());
2002 ownerPids.push_back(clientPid);
2003
2004 std::vector<int> priorityScores(ownerPids.size());
2005 std::vector<int> states(ownerPids.size());
2006
2007 // Get priority scores of all active PIDs
2008 status_t err = ProcessInfoService::getProcessStatesScoresFromPids(ownerPids.size(),
2009 &ownerPids[0], /*out*/&states[0], /*out*/&priorityScores[0]);
2010 if (err != OK) {
2011 ALOGE("%s: Priority score query failed: %d", __FUNCTION__, err);
2012 return err;
2013 }
2014
2015 // Update all active clients' priorities
2016 std::map<int,resource_policy::ClientPriority> pidToPriorityMap;
2017 for (size_t i = 0; i < ownerPids.size() - 1; i++) {
2018 pidToPriorityMap.emplace(ownerPids[i],
2019 resource_policy::ClientPriority(priorityScores[i], states[i],
2020 /* isVendorClient won't get copied over*/ false,
2021 /* oomScoreOffset won't get copied over*/ 0));
2022 }
2023 mActiveClientManager.updatePriorities(pidToPriorityMap);
2024
2025 int32_t actualScore = priorityScores[priorityScores.size() - 1];
2026 int32_t actualState = states[states.size() - 1];
2027
2028 // Make descriptor for incoming client. We store the oomScoreOffset
2029 // since we might need it later on new handleEvictionsLocked and
2030 // ProcessInfoService would not take that into account.
2031 clientDescriptor = CameraClientManager::makeClientDescriptor(cameraId,
2032 sp<BasicClient>{nullptr}, static_cast<int32_t>(state->getCost()),
2033 state->getConflicting(), actualScore, clientPid, actualState,
2034 oomScoreOffset, systemNativeClient, sharedMode);
2035 }
2036
2037 resource_policy::ClientPriority clientPriority = clientDescriptor->getPriority();
2038
2039 // Find clients that would be evicted
2040 auto evicted = mActiveClientManager.wouldEvict(clientDescriptor);
2041
2042 // If the incoming client was 'evicted,' higher priority clients have the camera in the
2043 // background, so we cannot do evictions
2044 if (std::find(evicted.begin(), evicted.end(), clientDescriptor) != evicted.end()) {
2045 ALOGE("CameraService::connect X (PID %d) rejected (existing client(s) with higher"
2046 " priority).", clientPid);
2047
2048 sp<BasicClient> clientSp = clientDescriptor->getValue();
2049 std::string curTime = getFormattedCurrentTime();
2050 auto incompatibleClients =
2051 mActiveClientManager.getIncompatibleClients(clientDescriptor);
2052
2053 std::string msg = fmt::sprintf("%s : DENIED connect device %s client for package %s "
2054 "(PID %d, score %d state %d) due to eviction policy", curTime.c_str(),
2055 cameraId.c_str(), packageName.c_str(), clientPid,
2056 clientPriority.getScore(), clientPriority.getState());
2057
2058 for (auto& i : incompatibleClients) {
2059 msg += fmt::sprintf("\n - Blocked by existing device %s client for package %s"
2060 "(PID %" PRId32 ", score %" PRId32 ", state %" PRId32 ")",
2061 i->getKey().c_str(),
2062 i->getValue()->getPackageName().c_str(),
2063 i->getOwnerId(), i->getPriority().getScore(),
2064 i->getPriority().getState());
2065 ALOGE(" Conflicts with: Device %s, client package %s (PID %"
2066 PRId32 ", score %" PRId32 ", state %" PRId32 ")", i->getKey().c_str(),
2067 i->getValue()->getPackageName().c_str(), i->getOwnerId(),
2068 i->getPriority().getScore(), i->getPriority().getState());
2069 }
2070
2071 // Log the client's attempt
2072 Mutex::Autolock l(mLogLock);
2073 mEventLog.add(msg);
2074
2075 auto current = mActiveClientManager.get(cameraId);
2076 if (current != nullptr) {
2077 return -EBUSY; // CAMERA_IN_USE
2078 } else {
2079 return -EUSERS; // MAX_CAMERAS_IN_USE
2080 }
2081 }
2082
2083 for (auto& i : evicted) {
2084 sp<BasicClient> clientSp = i->getValue();
2085 if (clientSp.get() == nullptr) {
2086 ALOGE("%s: Invalid state: Null client in active client list.", __FUNCTION__);
2087
2088 // TODO: Remove this
2089 LOG_ALWAYS_FATAL("%s: Invalid state for CameraService, null client in active list",
2090 __FUNCTION__);
2091 mActiveClientManager.remove(i);
2092 continue;
2093 }
2094
2095 ALOGE("CameraService::connect evicting conflicting client for camera ID %s",
2096 i->getKey().c_str());
2097 evictedClients.push_back(i);
2098
2099 // Log the clients evicted
2100 logEvent(fmt::sprintf("EVICT device %s client held by package %s (PID"
2101 " %" PRId32 ", score %" PRId32 ", state %" PRId32 ")\n - Evicted by device %s client for"
2102 " package %s (PID %d, score %" PRId32 ", state %" PRId32 ")",
2103 i->getKey().c_str(), clientSp->getPackageName().c_str(),
2104 i->getOwnerId(), i->getPriority().getScore(),
2105 i->getPriority().getState(), cameraId.c_str(),
2106 packageName.c_str(), clientPid, clientPriority.getScore(),
2107 clientPriority.getState()));
2108
2109 // Notify the client of disconnection
2110 clientSp->notifyError(hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISCONNECTED,
2111 CaptureResultExtras());
2112 }
2113 }
2114
2115 // Do not hold mServiceLock while disconnecting clients, but retain the condition blocking
2116 // other clients from connecting in mServiceLockWrapper if held
2117 mServiceLock.unlock();
2118
2119 // Clear caller identity temporarily so client disconnect PID checks work correctly
2120 int64_t token = clearCallingIdentity();
2121
2122 // Destroy evicted clients
2123 for (auto& i : evictedClients) {
2124 // Disconnect is blocking, and should only have returned when HAL has cleaned up
2125 i->getValue()->disconnect(); // Clients will remove themselves from the active client list
2126 }
2127
2128 restoreCallingIdentity(token);
2129
2130 for (const auto& i : evictedClients) {
2131 ALOGV("%s: Waiting for disconnect to complete for client for device %s (PID %" PRId32 ")",
2132 __FUNCTION__, i->getKey().c_str(), i->getOwnerId());
2133 ret = mActiveClientManager.waitUntilRemoved(i, DEFAULT_DISCONNECT_TIMEOUT_NS);
2134 if (ret == TIMED_OUT) {
2135 ALOGE("%s: Timed out waiting for client for device %s to disconnect, "
2136 "current clients:\n%s", __FUNCTION__, i->getKey().c_str(),
2137 mActiveClientManager.toString().c_str());
2138 return -EBUSY;
2139 }
2140 if (ret != NO_ERROR) {
2141 ALOGE("%s: Received error waiting for client for device %s to disconnect: %s (%d), "
2142 "current clients:\n%s", __FUNCTION__, i->getKey().c_str(), strerror(-ret),
2143 ret, mActiveClientManager.toString().c_str());
2144 return ret;
2145 }
2146 }
2147
2148 evictedClients.clear();
2149
2150 // Once clients have been disconnected, relock
2151 mServiceLock.lock();
2152
2153 // Check again if the device was unplugged or something while we weren't holding mServiceLock
2154 if ((ret = checkIfDeviceIsUsable(cameraId)) != NO_ERROR) {
2155 return ret;
2156 }
2157
2158 *partial = clientDescriptor;
2159 return NO_ERROR;
2160 }
2161
connect(const sp<ICameraClient> & cameraClient,int api1CameraId,int targetSdkVersion,int rotationOverride,bool forceSlowJpegMode,const AttributionSourceState & clientAttribution,int32_t devicePolicy,sp<ICamera> * device)2162 Status CameraService::connect(
2163 const sp<ICameraClient>& cameraClient,
2164 int api1CameraId,
2165 int targetSdkVersion,
2166 int rotationOverride,
2167 bool forceSlowJpegMode,
2168 const AttributionSourceState& clientAttribution,
2169 int32_t devicePolicy,
2170 /*out*/
2171 sp<ICamera>* device) {
2172 ATRACE_CALL();
2173 Status ret = Status::ok();
2174
2175 std::string cameraIdStr =
2176 cameraIdIntToStr(api1CameraId, clientAttribution.deviceId, devicePolicy);
2177 if (cameraIdStr.empty()) {
2178 std::string msg = fmt::sprintf("Camera %d: Invalid camera id for device id %d",
2179 api1CameraId, clientAttribution.deviceId);
2180 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
2181 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
2182 }
2183
2184 std::string clientPackageNameMaybe = clientAttribution.packageName.value_or("");
2185 bool isNonSystemNdk = clientPackageNameMaybe.size() == 0;
2186
2187 AttributionSourceState resolvedClientAttribution(clientAttribution);
2188 ret = resolveAttributionSource(resolvedClientAttribution, __FUNCTION__, cameraIdStr);
2189 if (!ret.isOk()) {
2190 logRejected(cameraIdStr, getCallingPid(),
2191 clientAttribution.packageName.value_or(kUnknownPackageName),
2192 toStdString(ret.toString8()));
2193 return ret;
2194 }
2195
2196 const int clientPid = resolvedClientAttribution.pid;
2197 const int clientUid = resolvedClientAttribution.uid;
2198 const std::string& clientPackageName = *resolvedClientAttribution.packageName;
2199
2200 logConnectionAttempt(clientPid, clientPackageName, cameraIdStr, API_1);
2201
2202 sp<Client> client = nullptr;
2203 ret = connectHelper<ICameraClient, Client>(
2204 cameraClient, cameraIdStr, api1CameraId, resolvedClientAttribution,
2205 /*systemNativeClient*/ false, API_1,
2206 /*shimUpdateOnly*/ false, /*oomScoreOffset*/ 0, targetSdkVersion, rotationOverride,
2207 forceSlowJpegMode, cameraIdStr, isNonSystemNdk, /*sharedMode*/false,
2208 /*isVendorClient*/ false, /*out*/ client);
2209
2210 if (!ret.isOk()) {
2211 logRejected(cameraIdStr, getCallingPid(),
2212 clientAttribution.packageName.value_or(kUnknownPackageName),
2213 toStdString(ret.toString8()));
2214 return ret;
2215 }
2216
2217 *device = client;
2218
2219 const sp<IServiceManager> sm(defaultServiceManager());
2220 const auto& mActivityManager = getActivityManager();
2221 if (mActivityManager) {
2222 mActivityManager->logFgsApiBegin(LOG_FGS_CAMERA_API,
2223 getCallingUid(),
2224 getCallingPid());
2225 }
2226
2227 return ret;
2228 }
2229
shouldSkipStatusUpdates(SystemCameraKind systemCameraKind,bool isVendorListener,int clientPid,int clientUid)2230 bool CameraService::shouldSkipStatusUpdates(SystemCameraKind systemCameraKind,
2231 bool isVendorListener, int clientPid, int clientUid) {
2232 // If the client is not a vendor client, don't add listener if
2233 // a) the camera is a publicly hidden secure camera OR
2234 // b) the camera is a system only camera and the client doesn't
2235 // have android.permission.SYSTEM_CAMERA permissions.
2236 if (!isVendorListener && (systemCameraKind == SystemCameraKind::HIDDEN_SECURE_CAMERA ||
2237 (systemCameraKind == SystemCameraKind::SYSTEM_ONLY_CAMERA &&
2238 !hasPermissionsForSystemCamera(std::string(), clientPid, clientUid)))) {
2239 return true;
2240 }
2241 return false;
2242 }
2243
shouldRejectSystemCameraConnection(const std::string & cameraId) const2244 bool CameraService::shouldRejectSystemCameraConnection(const std::string& cameraId) const {
2245 // Rules for rejection:
2246 // 1) If cameraserver tries to access this camera device, accept the
2247 // connection.
2248 // 2) The camera device is a publicly hidden secure camera device AND some
2249 // non system component is trying to access it.
2250 // 3) if the camera device is advertised by the camera HAL as SYSTEM_ONLY
2251 // and the serving thread is a non hwbinder thread, the client must have
2252 // android.permission.SYSTEM_CAMERA permissions to connect.
2253
2254 int cPid = getCallingPid();
2255 int cUid = getCallingUid();
2256 bool systemClient = callerHasSystemUid();
2257 SystemCameraKind systemCameraKind = SystemCameraKind::PUBLIC;
2258 if (getSystemCameraKind(cameraId, &systemCameraKind) != OK) {
2259 // This isn't a known camera ID, so it's not a system camera
2260 ALOGV("%s: Unknown camera id %s, ", __FUNCTION__, cameraId.c_str());
2261 return false;
2262 }
2263
2264 // (1) Cameraserver trying to connect, accept.
2265 if (isCallerCameraServerNotDelegating()) {
2266 return false;
2267 }
2268 // (2)
2269 if (!systemClient && systemCameraKind == SystemCameraKind::HIDDEN_SECURE_CAMERA) {
2270 ALOGW("Rejecting access to secure hidden camera %s", cameraId.c_str());
2271 return true;
2272 }
2273 // (3) Here we only check for permissions if it is a system only camera device. This is since
2274 // getCameraCharacteristics() allows for calls to succeed (albeit after hiding some
2275 // characteristics) even if clients don't have android.permission.CAMERA. We do not want the
2276 // same behavior for system camera devices.
2277 if (!systemClient && systemCameraKind == SystemCameraKind::SYSTEM_ONLY_CAMERA &&
2278 !hasPermissionsForSystemCamera(cameraId, cPid, cUid)) {
2279 ALOGW("Rejecting access to system only camera %s, inadequete permissions",
2280 cameraId.c_str());
2281 return true;
2282 }
2283
2284 return false;
2285 }
2286
connectDevice(const sp<hardware::camera2::ICameraDeviceCallbacks> & cameraCb,const std::string & unresolvedCameraId,int oomScoreOffset,int targetSdkVersion,int rotationOverride,const AttributionSourceState & clientAttribution,int32_t devicePolicy,bool sharedMode,sp<hardware::camera2::ICameraDeviceUser> * device)2287 Status CameraService::connectDevice(
2288 const sp<hardware::camera2::ICameraDeviceCallbacks>& cameraCb,
2289 const std::string& unresolvedCameraId,
2290 int oomScoreOffset, int targetSdkVersion,
2291 int rotationOverride, const AttributionSourceState& clientAttribution, int32_t devicePolicy,
2292 bool sharedMode,
2293 /*out*/sp<hardware::camera2::ICameraDeviceUser>* device) {
2294 return connectDeviceImpl(cameraCb, unresolvedCameraId, oomScoreOffset, targetSdkVersion,
2295 rotationOverride, clientAttribution, devicePolicy, sharedMode,
2296 /*isVendorClient*/false, device);
2297 }
2298
connectDeviceVendor(const sp<hardware::camera2::ICameraDeviceCallbacks> & cameraCb,const std::string & unresolvedCameraId,int oomScoreOffset,int targetSdkVersion,int rotationOverride,const AttributionSourceState & clientAttribution,int32_t devicePolicy,bool sharedMode,sp<hardware::camera2::ICameraDeviceUser> * device)2299 Status CameraService::connectDeviceVendor(
2300 const sp<hardware::camera2::ICameraDeviceCallbacks>& cameraCb,
2301 const std::string& unresolvedCameraId,
2302 int oomScoreOffset, int targetSdkVersion,
2303 int rotationOverride, const AttributionSourceState& clientAttribution, int32_t devicePolicy,
2304 bool sharedMode,
2305 /*out*/sp<hardware::camera2::ICameraDeviceUser>* device) {
2306 return connectDeviceImpl(cameraCb, unresolvedCameraId, oomScoreOffset, targetSdkVersion,
2307 rotationOverride, clientAttribution, devicePolicy, sharedMode,
2308 /*isVendorClient*/true, device);
2309 }
2310
connectDeviceImpl(const sp<hardware::camera2::ICameraDeviceCallbacks> & cameraCb,const std::string & unresolvedCameraId,int oomScoreOffset,int targetSdkVersion,int rotationOverride,const AttributionSourceState & clientAttribution,int32_t devicePolicy,bool sharedMode,bool isVendorClient,sp<hardware::camera2::ICameraDeviceUser> * device)2311 Status CameraService::connectDeviceImpl(
2312 const sp<hardware::camera2::ICameraDeviceCallbacks>& cameraCb,
2313 const std::string& unresolvedCameraId,
2314 int oomScoreOffset, int targetSdkVersion,
2315 int rotationOverride, const AttributionSourceState& clientAttribution, int32_t devicePolicy,
2316 bool sharedMode, bool isVendorClient,
2317 /*out*/sp<hardware::camera2::ICameraDeviceUser>* device) {
2318 ATRACE_CALL();
2319 RunThreadWithRealtimePriority priorityBump;
2320 Status ret = Status::ok();
2321 sp<CameraDeviceClient> client = nullptr;
2322 std::string clientPackageNameMaybe = clientAttribution.packageName.value_or("");
2323 int callingPid = getCallingPid();
2324 int callingUid = getCallingUid();
2325 bool systemNativeClient = false;
2326 AttributionSourceState resolvedClientAttribution(clientAttribution);
2327 if (callerHasSystemUid() && (clientPackageNameMaybe.size() == 0)) {
2328 std::string systemClient = fmt::sprintf("client.pid<%d>", callingPid);
2329 clientPackageNameMaybe = systemClient;
2330 // Pass in packageName since AttributionAndPermissionUtils can't resolve vndk clients.
2331 resolvedClientAttribution.packageName = clientPackageNameMaybe;
2332 systemNativeClient = true;
2333 }
2334
2335 std::optional<std::string> cameraIdOptional = resolveCameraId(unresolvedCameraId,
2336 clientAttribution.deviceId, devicePolicy);
2337 if (!cameraIdOptional.has_value()) {
2338 std::string msg = fmt::sprintf("Camera %s: Invalid camera id for device id %d",
2339 unresolvedCameraId.c_str(), clientAttribution.deviceId);
2340 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
2341 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
2342 }
2343 std::string cameraId = cameraIdOptional.value();
2344
2345 bool isNonSystemNdk = clientPackageNameMaybe.size() == 0;
2346
2347 if (!flags::data_delivery_permission_checks()) {
2348 resolvedClientAttribution.pid = USE_CALLING_PID;
2349 }
2350
2351 ret = resolveAttributionSource(resolvedClientAttribution, __FUNCTION__, cameraId);
2352 if (!ret.isOk()) {
2353 logRejected(cameraId, getCallingPid(), clientAttribution.packageName.value_or(""),
2354 toStdString(ret.toString8()));
2355 return ret;
2356 }
2357
2358 const int clientPid = resolvedClientAttribution.pid;
2359 const int clientUid = resolvedClientAttribution.uid;
2360 const std::string& clientPackageName = *resolvedClientAttribution.packageName;
2361 userid_t clientUserId = multiuser_get_user_id(resolvedClientAttribution.uid);
2362
2363 logConnectionAttempt(clientPid, clientPackageName, cameraId, API_2);
2364
2365 if (oomScoreOffset < 0) {
2366 std::string msg = fmt::sprintf(
2367 "Cannot increase the priority of a client %s pid %d for "
2368 "camera id %s",
2369 clientPackageName.c_str(), clientPid, cameraId.c_str());
2370 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
2371 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, msg.c_str());
2372 }
2373
2374 // Automotive privileged client AID_AUTOMOTIVE_EVS using exterior system camera for use cases
2375 // such as rear view and surround view cannot be disabled.
2376 if ((!isAutomotivePrivilegedClient(callingUid) || !isAutomotiveExteriorSystemCamera(cameraId))
2377 && mCameraServiceProxyWrapper->isCameraDisabled(clientUserId)) {
2378 std::string msg = "Camera disabled by device policy";
2379 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
2380 return STATUS_ERROR(ERROR_DISABLED, msg.c_str());
2381 }
2382
2383 // enforce system camera permissions
2384 if (oomScoreOffset > 0 && !hasPermissionsForSystemCamera(cameraId, clientPid, callingUid) &&
2385 !isTrustedCallingUid(callingUid)) {
2386 std::string msg = fmt::sprintf(
2387 "Cannot change the priority of a client %s pid %d for "
2388 "camera id %s without SYSTEM_CAMERA permissions",
2389 clientPackageName.c_str(), clientPid, cameraId.c_str());
2390 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
2391 return STATUS_ERROR(ERROR_PERMISSION_DENIED, msg.c_str());
2392 }
2393
2394 ret = connectHelper<hardware::camera2::ICameraDeviceCallbacks, CameraDeviceClient>(
2395 cameraCb, cameraId, /*api1CameraId*/ -1, resolvedClientAttribution, systemNativeClient,
2396 API_2, /*shimUpdateOnly*/ false, oomScoreOffset, targetSdkVersion, rotationOverride,
2397 /*forceSlowJpegMode*/ false, unresolvedCameraId, isNonSystemNdk, sharedMode,
2398 isVendorClient, /*out*/ client);
2399
2400 if (!ret.isOk()) {
2401 logRejected(cameraId, clientPid, clientPackageName, toStdString(ret.toString8()));
2402 return ret;
2403 }
2404
2405 *device = client;
2406 Mutex::Autolock lock(mServiceLock);
2407
2408 // Clear the previous cached logs and reposition the
2409 // file offset to beginning of the file to log new data.
2410 // If either truncate or lseek fails, close the previous file and create a new one.
2411 if ((ftruncate(mMemFd, 0) == -1) || (lseek(mMemFd, 0, SEEK_SET) == -1)) {
2412 ALOGE("%s: Error while truncating the file: %s", __FUNCTION__, sFileName);
2413 // Close the previous memfd.
2414 close(mMemFd);
2415 // If failure to wipe the data, then create a new file and
2416 // assign the new value to mMemFd.
2417 mMemFd = memfd_create(sFileName, MFD_ALLOW_SEALING);
2418 if (mMemFd == -1) {
2419 ALOGE("%s: Error while creating the file: %s", __FUNCTION__, sFileName);
2420 }
2421 }
2422 const sp<IServiceManager> sm(defaultServiceManager());
2423 const auto& mActivityManager = getActivityManager();
2424 if (mActivityManager) {
2425 mActivityManager->logFgsApiBegin(LOG_FGS_CAMERA_API,
2426 callingUid,
2427 callingPid);
2428 }
2429 return ret;
2430 }
2431
isCameraPrivacyEnabled(const String16 & packageName,const std::string & cam_id,int callingPid,int callingUid)2432 bool CameraService::isCameraPrivacyEnabled(const String16& packageName, const std::string& cam_id,
2433 int callingPid, int callingUid) {
2434 if (!isAutomotiveDevice()) {
2435 return mSensorPrivacyPolicy->isCameraPrivacyEnabled();
2436 }
2437
2438 // Automotive privileged client AID_AUTOMOTIVE_EVS using exterior system camera for
2439 // safety-critical use cases cannot be disabled and are exempt from camera privacy policy.
2440 if ((isAutomotivePrivilegedClient(callingUid) && isAutomotiveExteriorSystemCamera(cam_id))) {
2441 ALOGI("Camera privacy cannot be enabled for automotive privileged client %d "
2442 "using camera %s", callingUid, cam_id.c_str());
2443 return false;
2444 }
2445
2446 if (mSensorPrivacyPolicy->isCameraPrivacyEnabled(packageName)) {
2447 return true;
2448 } else if (mSensorPrivacyPolicy->getCameraPrivacyState() == SensorPrivacyManager::DISABLED) {
2449 return false;
2450 } else if (mSensorPrivacyPolicy->getCameraPrivacyState()
2451 == SensorPrivacyManager::ENABLED_EXCEPT_ALLOWLISTED_APPS) {
2452 if (hasPermissionsForCameraPrivacyAllowlist(callingPid, callingUid)) {
2453 return false;
2454 } else {
2455 return true;
2456 }
2457 }
2458 return false;
2459 }
2460
logConnectionAttempt(int clientPid,const std::string & clientPackageName,const std::string & cameraId,apiLevel effectiveApiLevel) const2461 void CameraService::logConnectionAttempt(int clientPid, const std::string& clientPackageName,
2462 const std::string& cameraId,
2463 apiLevel effectiveApiLevel) const {
2464 ALOGI("CameraService::connect call (PID %d \"%s\", camera ID %s) and "
2465 "Camera API version %d",
2466 clientPid, clientPackageName.c_str(), cameraId.c_str(),
2467 static_cast<int>(effectiveApiLevel));
2468 }
2469
2470 template <class CALLBACK, class CLIENT>
connectHelper(const sp<CALLBACK> & cameraCb,const std::string & cameraId,int api1CameraId,const AttributionSourceState & clientAttribution,bool systemNativeClient,apiLevel effectiveApiLevel,bool shimUpdateOnly,int oomScoreOffset,int targetSdkVersion,int rotationOverride,bool forceSlowJpegMode,const std::string & originalCameraId,bool isNonSystemNdk,bool sharedMode,bool isVendorClient,sp<CLIENT> & device)2471 Status CameraService::connectHelper(const sp<CALLBACK>& cameraCb, const std::string& cameraId,
2472 int api1CameraId,
2473 const AttributionSourceState& clientAttribution,
2474 bool systemNativeClient, apiLevel effectiveApiLevel,
2475 bool shimUpdateOnly, int oomScoreOffset, int targetSdkVersion,
2476 int rotationOverride, bool forceSlowJpegMode,
2477 const std::string& originalCameraId, bool isNonSystemNdk,
2478 bool sharedMode, bool isVendorClient,
2479 /*out*/ sp<CLIENT>& device) {
2480 binder::Status ret = binder::Status::ok();
2481
2482 nsecs_t openTimeNs = systemTime();
2483
2484 sp<CLIENT> client = nullptr;
2485 int facing = -1;
2486 int orientation = 0;
2487
2488 const std::string clientPackageName =
2489 clientAttribution.packageName.value_or(kUnknownPackageName);
2490
2491 {
2492 // Acquire mServiceLock and prevent other clients from connecting
2493 std::unique_ptr<AutoConditionLock> lock =
2494 AutoConditionLock::waitAndAcquire(mServiceLockWrapper, DEFAULT_CONNECT_TIMEOUT_NS);
2495
2496 if (lock == nullptr) {
2497 ALOGE("CameraService::connect (PID %d) rejected (too many other clients connecting).",
2498 clientAttribution.pid);
2499 return STATUS_ERROR_FMT(
2500 ERROR_MAX_CAMERAS_IN_USE,
2501 "Cannot open camera %s for \"%s\" (PID %d): Too many other clients connecting",
2502 cameraId.c_str(), clientPackageName.c_str(), clientAttribution.pid);
2503 }
2504
2505 // Enforce client permissions and do basic validity checks
2506 if (!(ret = validateConnectLocked(cameraId, clientAttribution, sharedMode)).isOk()) {
2507 return ret;
2508 }
2509
2510 // Check the shim parameters after acquiring lock, if they have already been updated and
2511 // we were doing a shim update, return immediately
2512 if (shimUpdateOnly) {
2513 auto cameraState = getCameraState(cameraId);
2514 if (cameraState != nullptr) {
2515 if (!cameraState->getShimParams().isEmpty()) return ret;
2516 }
2517 }
2518
2519 status_t err;
2520
2521 sp<BasicClient> clientTmp = nullptr;
2522 std::shared_ptr<resource_policy::ClientDescriptor<std::string, sp<BasicClient>>> partial;
2523 if ((err = handleEvictionsLocked(
2524 cameraId, clientAttribution.pid, effectiveApiLevel,
2525 IInterface::asBinder(cameraCb),
2526 clientAttribution.packageName.value_or(kUnknownPackageName), oomScoreOffset,
2527 systemNativeClient, sharedMode, /*out*/ &clientTmp,
2528 /*out*/ &partial)) != NO_ERROR) {
2529 switch (err) {
2530 case -ENODEV:
2531 return STATUS_ERROR_FMT(ERROR_DISCONNECTED,
2532 "No camera device with ID \"%s\" currently available",
2533 cameraId.c_str());
2534 case -EBUSY:
2535 return STATUS_ERROR_FMT(ERROR_CAMERA_IN_USE,
2536 "Higher-priority client using camera, ID \"%s\" currently unavailable",
2537 cameraId.c_str());
2538 case -EUSERS:
2539 return STATUS_ERROR_FMT(ERROR_MAX_CAMERAS_IN_USE,
2540 "Too many cameras already open, cannot open camera \"%s\"",
2541 cameraId.c_str());
2542 default:
2543 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
2544 "Unexpected error %s (%d) opening camera \"%s\"",
2545 strerror(-err), err, cameraId.c_str());
2546 }
2547 }
2548
2549 if (clientTmp.get() != nullptr) {
2550 // Handle special case for API1 MediaRecorder where the existing client is returned
2551 device = static_cast<CLIENT*>(clientTmp.get());
2552 return ret;
2553 }
2554
2555 // give flashlight a chance to close devices if necessary.
2556 mFlashlight->prepareDeviceOpen(cameraId);
2557
2558 int portraitRotation;
2559 auto deviceVersionAndTransport =
2560 getDeviceVersion(cameraId, rotationOverride, /*out*/&portraitRotation,
2561 /*out*/&facing, /*out*/&orientation);
2562 if (facing == -1) {
2563 ALOGE("%s: Unable to get camera device \"%s\" facing", __FUNCTION__, cameraId.c_str());
2564 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
2565 "Unable to get camera device \"%s\" facing", cameraId.c_str());
2566 }
2567
2568 sp<BasicClient> tmp = nullptr;
2569 bool overrideForPerfClass = SessionConfigurationUtils::targetPerfClassPrimaryCamera(
2570 mPerfClassPrimaryCameraIds, cameraId, targetSdkVersion);
2571
2572 // Only use passed in clientPid to check permission. Use calling PID as the client PID
2573 // that's connected to camera service directly.
2574 if (!(ret = makeClient(this, cameraCb, clientAttribution, getCallingPid(),
2575 systemNativeClient, cameraId, api1CameraId, facing, orientation,
2576 getpid(), deviceVersionAndTransport, effectiveApiLevel,
2577 overrideForPerfClass, rotationOverride, forceSlowJpegMode,
2578 originalCameraId, sharedMode, isVendorClient,
2579 /*out*/ &tmp))
2580 .isOk()) {
2581 return ret;
2582 }
2583 client = static_cast<CLIENT*>(tmp.get());
2584
2585 LOG_ALWAYS_FATAL_IF(client.get() == nullptr, "%s: CameraService in invalid state",
2586 __FUNCTION__);
2587
2588 std::string monitorTags = isClientWatched(client.get()) ? mMonitorTags : std::string();
2589 err = client->initialize(mCameraProviderManager, monitorTags);
2590 if (err != OK) {
2591 ALOGE("%s: Could not initialize client from HAL.", __FUNCTION__);
2592 // Errors could be from the HAL module open call or from AppOpsManager
2593 mServiceLock.unlock();
2594 client->disconnect();
2595 mServiceLock.lock();
2596 switch(err) {
2597 case BAD_VALUE:
2598 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT,
2599 "Illegal argument to HAL module for camera \"%s\"", cameraId.c_str());
2600 case -EBUSY:
2601 return STATUS_ERROR_FMT(ERROR_CAMERA_IN_USE,
2602 "Camera \"%s\" is already open", cameraId.c_str());
2603 case -EUSERS:
2604 return STATUS_ERROR_FMT(ERROR_MAX_CAMERAS_IN_USE,
2605 "Too many cameras already open, cannot open camera \"%s\"",
2606 cameraId.c_str());
2607 case PERMISSION_DENIED:
2608 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
2609 "No permission to open camera \"%s\"", cameraId.c_str());
2610 case -EACCES:
2611 return STATUS_ERROR_FMT(ERROR_DISABLED,
2612 "Camera \"%s\" disabled by policy", cameraId.c_str());
2613 case -ENODEV:
2614 default:
2615 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
2616 "Failed to initialize camera \"%s\": %s (%d)", cameraId.c_str(),
2617 strerror(-err), err);
2618 }
2619 }
2620
2621 // Update shim paremeters for legacy clients
2622 if (effectiveApiLevel == API_1) {
2623 // Assume we have always received a Client subclass for API1
2624 sp<Client> shimClient = reinterpret_cast<Client*>(client.get());
2625 String8 rawParams = shimClient->getParameters();
2626 CameraParameters params(rawParams);
2627
2628 auto cameraState = getCameraState(cameraId);
2629 if (cameraState != nullptr) {
2630 cameraState->setShimParams(params);
2631 } else {
2632 ALOGE("%s: Cannot update shim parameters for camera %s, no such device exists.",
2633 __FUNCTION__, cameraId.c_str());
2634 }
2635 }
2636
2637 // Enable/disable camera service watchdog
2638 client->setCameraServiceWatchdog(mCameraServiceWatchdogEnabled);
2639
2640 CameraMetadata chars;
2641 bool rotateAndCropSupported = true;
2642 err = mCameraProviderManager->getCameraCharacteristics(cameraId, overrideForPerfClass,
2643 &chars, rotationOverride);
2644 if (err == OK) {
2645 auto availableRotateCropEntry = chars.find(
2646 ANDROID_SCALER_AVAILABLE_ROTATE_AND_CROP_MODES);
2647 if (availableRotateCropEntry.count <= 1) {
2648 rotateAndCropSupported = false;
2649 }
2650 } else {
2651 ALOGE("%s: Unable to query static metadata for camera %s: %s (%d)", __FUNCTION__,
2652 cameraId.c_str(), strerror(-err), err);
2653 }
2654
2655 if (rotateAndCropSupported) {
2656 // Set rotate-and-crop override behavior
2657 if (mOverrideRotateAndCropMode != ANDROID_SCALER_ROTATE_AND_CROP_AUTO) {
2658 client->setRotateAndCropOverride(mOverrideRotateAndCropMode);
2659 } else if (rotationOverride != hardware::ICameraService::ROTATION_OVERRIDE_NONE &&
2660 portraitRotation != 0) {
2661 uint8_t rotateAndCropMode = ANDROID_SCALER_ROTATE_AND_CROP_AUTO;
2662 switch (portraitRotation) {
2663 case 90:
2664 rotateAndCropMode = ANDROID_SCALER_ROTATE_AND_CROP_90;
2665 break;
2666 case 180:
2667 rotateAndCropMode = ANDROID_SCALER_ROTATE_AND_CROP_180;
2668 break;
2669 case 270:
2670 rotateAndCropMode = ANDROID_SCALER_ROTATE_AND_CROP_270;
2671 break;
2672 default:
2673 ALOGE("Unexpected portrait rotation: %d", portraitRotation);
2674 break;
2675 }
2676 // Here we're communicating to the client the chosen rotate
2677 // and crop mode to send to the HAL
2678 client->setRotateAndCropOverride(rotateAndCropMode);
2679 } else {
2680 client->setRotateAndCropOverride(
2681 mCameraServiceProxyWrapper->getRotateAndCropOverride(
2682 clientPackageName, facing,
2683 multiuser_get_user_id(clientAttribution.uid)));
2684 }
2685 }
2686
2687 bool autoframingSupported = true;
2688 auto availableAutoframingEntry = chars.find(ANDROID_CONTROL_AUTOFRAMING_AVAILABLE);
2689 if ((availableAutoframingEntry.count == 1) && (availableAutoframingEntry.data.u8[0] ==
2690 ANDROID_CONTROL_AUTOFRAMING_AVAILABLE_FALSE)) {
2691 autoframingSupported = false;
2692 }
2693
2694 if (autoframingSupported) {
2695 // Set autoframing override behaviour
2696 if (mOverrideAutoframingMode != ANDROID_CONTROL_AUTOFRAMING_AUTO) {
2697 client->setAutoframingOverride(mOverrideAutoframingMode);
2698 } else {
2699 client->setAutoframingOverride(
2700 mCameraServiceProxyWrapper->getAutoframingOverride(
2701 clientPackageName));
2702 }
2703 }
2704
2705 bool isCameraPrivacyEnabled;
2706 if (flags::camera_privacy_allowlist()) {
2707 // Set camera muting behavior.
2708 isCameraPrivacyEnabled =
2709 this->isCameraPrivacyEnabled(toString16(client->getPackageName()), cameraId,
2710 clientAttribution.pid, clientAttribution.uid);
2711 } else {
2712 isCameraPrivacyEnabled =
2713 mSensorPrivacyPolicy->isCameraPrivacyEnabled();
2714 }
2715
2716 if (client->supportsCameraMute()) {
2717 client->setCameraMute(
2718 mOverrideCameraMuteMode || isCameraPrivacyEnabled);
2719 } else if (isCameraPrivacyEnabled) {
2720 // no camera mute supported, but privacy is on! => disconnect
2721 ALOGI("Camera mute not supported for package: %s, camera id: %s",
2722 client->getPackageName().c_str(), cameraId.c_str());
2723 // Do not hold mServiceLock while disconnecting clients, but
2724 // retain the condition blocking other clients from connecting
2725 // in mServiceLockWrapper if held.
2726 mServiceLock.unlock();
2727 // Clear caller identity temporarily so client disconnect PID
2728 // checks work correctly
2729 int64_t token = clearCallingIdentity();
2730 // Note AppOp to trigger the "Unblock" dialog
2731 client->noteAppOp();
2732 client->disconnect();
2733 restoreCallingIdentity(token);
2734 // Reacquire mServiceLock
2735 mServiceLock.lock();
2736
2737 return STATUS_ERROR_FMT(ERROR_DISABLED,
2738 "Camera \"%s\" disabled due to camera mute", cameraId.c_str());
2739 }
2740
2741 if (shimUpdateOnly) {
2742 // If only updating legacy shim parameters, immediately disconnect client
2743 mServiceLock.unlock();
2744 client->disconnect();
2745 mServiceLock.lock();
2746 } else {
2747 // Otherwise, add client to active clients list
2748 finishConnectLocked(client, partial, oomScoreOffset, systemNativeClient);
2749 }
2750
2751 client->setImageDumpMask(mImageDumpMask);
2752 client->setStreamUseCaseOverrides(mStreamUseCaseOverrides);
2753 client->setZoomOverride(mZoomOverrideValue);
2754 } // lock is destroyed, allow further connect calls
2755
2756 // Important: release the mutex here so the client can call back into the service from its
2757 // destructor (can be at the end of the call)
2758 device = client;
2759
2760 int32_t openLatencyMs = ns2ms(systemTime() - openTimeNs);
2761 mCameraServiceProxyWrapper->logOpen(cameraId, facing, clientPackageName,
2762 effectiveApiLevel, isNonSystemNdk, openLatencyMs);
2763
2764 {
2765 Mutex::Autolock lock(mInjectionParametersLock);
2766 if (cameraId == mInjectionInternalCamId && mInjectionInitPending) {
2767 mInjectionInitPending = false;
2768 status_t res = NO_ERROR;
2769 auto clientDescriptor = mActiveClientManager.get(mInjectionInternalCamId);
2770 if (clientDescriptor != nullptr) {
2771 sp<BasicClient> clientSp = clientDescriptor->getValue();
2772 res = checkIfInjectionCameraIsPresent(mInjectionExternalCamId, clientSp);
2773 if(res != OK) {
2774 return STATUS_ERROR_FMT(ERROR_DISCONNECTED,
2775 "No camera device with ID \"%s\" currently available",
2776 mInjectionExternalCamId.c_str());
2777 }
2778 res = clientSp->injectCamera(mInjectionExternalCamId, mCameraProviderManager);
2779 if (res != OK) {
2780 mInjectionStatusListener->notifyInjectionError(mInjectionExternalCamId, res);
2781 }
2782 } else {
2783 ALOGE("%s: Internal camera ID = %s 's client does not exist!",
2784 __FUNCTION__, mInjectionInternalCamId.c_str());
2785 res = NO_INIT;
2786 mInjectionStatusListener->notifyInjectionError(mInjectionExternalCamId, res);
2787 }
2788 }
2789 }
2790
2791 return ret;
2792 }
2793
addOfflineClient(const std::string & cameraId,sp<BasicClient> offlineClient)2794 status_t CameraService::addOfflineClient(const std::string &cameraId,
2795 sp<BasicClient> offlineClient) {
2796 if (offlineClient.get() == nullptr) {
2797 return BAD_VALUE;
2798 }
2799
2800 {
2801 // Acquire mServiceLock and prevent other clients from connecting
2802 std::unique_ptr<AutoConditionLock> lock =
2803 AutoConditionLock::waitAndAcquire(mServiceLockWrapper, DEFAULT_CONNECT_TIMEOUT_NS);
2804
2805 if (lock == nullptr) {
2806 ALOGE("%s: (PID %d) rejected (too many other clients connecting)."
2807 , __FUNCTION__, offlineClient->getClientCallingPid());
2808 return TIMED_OUT;
2809 }
2810
2811 auto onlineClientDesc = mActiveClientManager.get(cameraId);
2812 if (onlineClientDesc.get() == nullptr) {
2813 ALOGE("%s: No active online client using camera id: %s", __FUNCTION__,
2814 cameraId.c_str());
2815 return BAD_VALUE;
2816 }
2817
2818 // Offline clients do not evict or conflict with other online devices. Resource sharing
2819 // conflicts are handled by the camera provider which will either succeed or fail before
2820 // reaching this method.
2821 const auto& onlinePriority = onlineClientDesc->getPriority();
2822 auto offlineClientDesc = CameraClientManager::makeClientDescriptor(
2823 kOfflineDevice + onlineClientDesc->getKey(), offlineClient, /*cost*/ 0,
2824 /*conflictingKeys*/ std::set<std::string>(), onlinePriority.getScore(),
2825 onlineClientDesc->getOwnerId(), onlinePriority.getState(),
2826 // native clients don't have offline processing support.
2827 /*ommScoreOffset*/ 0, /*systemNativeClient*/false, /*sharedMode*/false);
2828 if (offlineClientDesc == nullptr) {
2829 ALOGE("%s: Offline client descriptor was NULL", __FUNCTION__);
2830 return BAD_VALUE;
2831 }
2832
2833 // Allow only one offline device per camera
2834 auto incompatibleClients = mActiveClientManager.getIncompatibleClients(offlineClientDesc);
2835 if (!incompatibleClients.empty()) {
2836 ALOGE("%s: Incompatible offline clients present!", __FUNCTION__);
2837 return BAD_VALUE;
2838 }
2839
2840 std::string monitorTags = isClientWatched(offlineClient.get())
2841 ? mMonitorTags : std::string();
2842 auto err = offlineClient->initialize(mCameraProviderManager, monitorTags);
2843 if (err != OK) {
2844 ALOGE("%s: Could not initialize offline client.", __FUNCTION__);
2845 return err;
2846 }
2847
2848 auto evicted = mActiveClientManager.addAndEvict(offlineClientDesc);
2849 if (evicted.size() > 0) {
2850 for (auto& i : evicted) {
2851 ALOGE("%s: Invalid state: Offline client for camera %s was not removed ",
2852 __FUNCTION__, i->getKey().c_str());
2853 }
2854
2855 LOG_ALWAYS_FATAL("%s: Invalid state for CameraService, offline clients not evicted "
2856 "properly", __FUNCTION__);
2857
2858 return BAD_VALUE;
2859 }
2860
2861 logConnectedOffline(offlineClientDesc->getKey(),
2862 static_cast<int>(offlineClientDesc->getOwnerId()),
2863 offlineClient->getPackageName());
2864
2865 sp<IBinder> remoteCallback = offlineClient->getRemote();
2866 if (remoteCallback != nullptr) {
2867 remoteCallback->linkToDeath(this);
2868 }
2869 } // lock is destroyed, allow further connect calls
2870
2871 return OK;
2872 }
2873
turnOnTorchWithStrengthLevel(const std::string & unresolvedCameraId,int32_t torchStrength,const sp<IBinder> & clientBinder,const AttributionSourceState & clientAttribution,int32_t devicePolicy)2874 Status CameraService::turnOnTorchWithStrengthLevel(const std::string& unresolvedCameraId,
2875 int32_t torchStrength, const sp<IBinder>& clientBinder,
2876 const AttributionSourceState& clientAttribution, int32_t devicePolicy) {
2877 Mutex::Autolock lock(mServiceLock);
2878
2879 ATRACE_CALL();
2880 if (clientBinder == nullptr) {
2881 ALOGE("%s: torch client binder is NULL", __FUNCTION__);
2882 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT,
2883 "Torch client binder in null.");
2884 }
2885
2886 int uid = getCallingUid();
2887 std::optional<std::string> cameraIdOptional = resolveCameraId(unresolvedCameraId,
2888 clientAttribution.deviceId, devicePolicy);
2889 if (!cameraIdOptional.has_value()) {
2890 std::string msg = fmt::sprintf("Camera %s: Invalid camera id for device id %d",
2891 unresolvedCameraId.c_str(), clientAttribution.deviceId);
2892 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
2893 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
2894 }
2895 std::string cameraId = cameraIdOptional.value();
2896
2897 if (shouldRejectSystemCameraConnection(cameraId)) {
2898 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, "Unable to change the strength level"
2899 "for system only device %s: ", cameraId.c_str());
2900 }
2901
2902 // verify id is valid
2903 auto state = getCameraState(cameraId);
2904 if (state == nullptr) {
2905 ALOGE("%s: camera id is invalid %s", __FUNCTION__, cameraId.c_str());
2906 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT,
2907 "Camera ID \"%s\" is a not valid camera ID", cameraId.c_str());
2908 }
2909
2910 StatusInternal cameraStatus = state->getStatus();
2911 if (cameraStatus != StatusInternal::NOT_AVAILABLE &&
2912 cameraStatus != StatusInternal::PRESENT) {
2913 ALOGE("%s: camera id is invalid %s, status %d", __FUNCTION__, cameraId.c_str(),
2914 (int)cameraStatus);
2915 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT,
2916 "Camera ID \"%s\" is a not valid camera ID", cameraId.c_str());
2917 }
2918
2919 {
2920 Mutex::Autolock al(mTorchStatusMutex);
2921 TorchModeStatus status;
2922 status_t err = getTorchStatusLocked(cameraId, &status);
2923 if (err != OK) {
2924 if (err == NAME_NOT_FOUND) {
2925 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT,
2926 "Camera \"%s\" does not have a flash unit", cameraId.c_str());
2927 }
2928 ALOGE("%s: getting current torch status failed for camera %s",
2929 __FUNCTION__, cameraId.c_str());
2930 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
2931 "Error changing torch strength level for camera \"%s\": %s (%d)",
2932 cameraId.c_str(), strerror(-err), err);
2933 }
2934
2935 if (status == TorchModeStatus::NOT_AVAILABLE) {
2936 if (cameraStatus == StatusInternal::NOT_AVAILABLE) {
2937 ALOGE("%s: torch mode of camera %s is not available because "
2938 "camera is in use.", __FUNCTION__, cameraId.c_str());
2939 return STATUS_ERROR_FMT(ERROR_CAMERA_IN_USE,
2940 "Torch for camera \"%s\" is not available due to an existing camera user",
2941 cameraId.c_str());
2942 } else {
2943 ALOGE("%s: torch mode of camera %s is not available due to "
2944 "insufficient resources", __FUNCTION__, cameraId.c_str());
2945 return STATUS_ERROR_FMT(ERROR_MAX_CAMERAS_IN_USE,
2946 "Torch for camera \"%s\" is not available due to insufficient resources",
2947 cameraId.c_str());
2948 }
2949 }
2950 }
2951
2952 {
2953 Mutex::Autolock al(mTorchUidMapMutex);
2954 updateTorchUidMapLocked(cameraId, uid);
2955 }
2956 // Check if the current torch strength level is same as the new one.
2957 bool shouldSkipTorchStrengthUpdates = mCameraProviderManager->shouldSkipTorchStrengthUpdate(
2958 cameraId, torchStrength);
2959
2960 status_t err = mFlashlight->turnOnTorchWithStrengthLevel(cameraId, torchStrength);
2961
2962 if (err != OK) {
2963 int32_t errorCode;
2964 std::string msg;
2965 switch (err) {
2966 case -ENOSYS:
2967 msg = fmt::sprintf("Camera \"%s\" has no flashlight.",
2968 cameraId.c_str());
2969 errorCode = ERROR_ILLEGAL_ARGUMENT;
2970 break;
2971 case -EBUSY:
2972 msg = fmt::sprintf("Camera \"%s\" is in use",
2973 cameraId.c_str());
2974 errorCode = ERROR_CAMERA_IN_USE;
2975 break;
2976 case -EINVAL:
2977 msg = fmt::sprintf("Torch strength level %d is not within the "
2978 "valid range.", torchStrength);
2979 errorCode = ERROR_ILLEGAL_ARGUMENT;
2980 break;
2981 default:
2982 msg = "Changing torch strength level failed.";
2983 errorCode = ERROR_INVALID_OPERATION;
2984 }
2985 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
2986 return STATUS_ERROR(errorCode, msg.c_str());
2987 }
2988
2989 {
2990 // update the link to client's death
2991 // Store the last client that turns on each camera's torch mode.
2992 Mutex::Autolock al(mTorchClientMapMutex);
2993 ssize_t index = mTorchClientMap.indexOfKey(cameraId);
2994 if (index == NAME_NOT_FOUND) {
2995 mTorchClientMap.add(cameraId, clientBinder);
2996 } else {
2997 mTorchClientMap.valueAt(index)->unlinkToDeath(this);
2998 mTorchClientMap.replaceValueAt(index, clientBinder);
2999 }
3000 clientBinder->linkToDeath(this);
3001 }
3002
3003 int clientPid = getCallingPid();
3004 ALOGI("%s: Torch strength for camera id %s changed to %d for client PID %d",
3005 __FUNCTION__, cameraId.c_str(), torchStrength, clientPid);
3006 if (!shouldSkipTorchStrengthUpdates) {
3007 broadcastTorchStrengthLevel(cameraId, torchStrength);
3008 }
3009 return Status::ok();
3010 }
3011
setTorchMode(const std::string & unresolvedCameraId,bool enabled,const sp<IBinder> & clientBinder,const AttributionSourceState & clientAttribution,int32_t devicePolicy)3012 Status CameraService::setTorchMode(const std::string& unresolvedCameraId, bool enabled,
3013 const sp<IBinder>& clientBinder, const AttributionSourceState& clientAttribution,
3014 int32_t devicePolicy) {
3015 Mutex::Autolock lock(mServiceLock);
3016
3017 ATRACE_CALL();
3018 if (enabled && clientBinder == nullptr) {
3019 ALOGE("%s: torch client binder is NULL", __FUNCTION__);
3020 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT,
3021 "Torch client Binder is null");
3022 }
3023
3024 int uid = getCallingUid();
3025 std::optional<std::string> cameraIdOptional = resolveCameraId(unresolvedCameraId,
3026 clientAttribution.deviceId, devicePolicy);
3027 if (!cameraIdOptional.has_value()) {
3028 std::string msg = fmt::sprintf("Camera %s: Invalid camera id for device id %d",
3029 unresolvedCameraId.c_str(), clientAttribution.deviceId);
3030 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
3031 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
3032 }
3033 std::string cameraId = cameraIdOptional.value();
3034
3035 if (shouldRejectSystemCameraConnection(cameraId)) {
3036 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, "Unable to set torch mode"
3037 " for system only device %s: ", cameraId.c_str());
3038 }
3039 // verify id is valid.
3040 auto state = getCameraState(cameraId);
3041 if (state == nullptr) {
3042 ALOGE("%s: camera id is invalid %s", __FUNCTION__, cameraId.c_str());
3043 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT,
3044 "Camera ID \"%s\" is a not valid camera ID", cameraId.c_str());
3045 }
3046
3047 StatusInternal cameraStatus = state->getStatus();
3048 if (cameraStatus != StatusInternal::PRESENT &&
3049 cameraStatus != StatusInternal::NOT_AVAILABLE) {
3050 ALOGE("%s: camera id is invalid %s, status %d", __FUNCTION__, cameraId.c_str(),
3051 (int)cameraStatus);
3052 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT,
3053 "Camera ID \"%s\" is a not valid camera ID", cameraId.c_str());
3054 }
3055
3056 {
3057 Mutex::Autolock al(mTorchStatusMutex);
3058 TorchModeStatus status;
3059 status_t err = getTorchStatusLocked(cameraId, &status);
3060 if (err != OK) {
3061 if (err == NAME_NOT_FOUND) {
3062 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT,
3063 "Camera \"%s\" does not have a flash unit", cameraId.c_str());
3064 }
3065 ALOGE("%s: getting current torch status failed for camera %s",
3066 __FUNCTION__, cameraId.c_str());
3067 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION,
3068 "Error updating torch status for camera \"%s\": %s (%d)", cameraId.c_str(),
3069 strerror(-err), err);
3070 }
3071
3072 if (status == TorchModeStatus::NOT_AVAILABLE) {
3073 if (cameraStatus == StatusInternal::NOT_AVAILABLE) {
3074 ALOGE("%s: torch mode of camera %s is not available because "
3075 "camera is in use", __FUNCTION__, cameraId.c_str());
3076 return STATUS_ERROR_FMT(ERROR_CAMERA_IN_USE,
3077 "Torch for camera \"%s\" is not available due to an existing camera user",
3078 cameraId.c_str());
3079 } else {
3080 ALOGE("%s: torch mode of camera %s is not available due to "
3081 "insufficient resources", __FUNCTION__, cameraId.c_str());
3082 return STATUS_ERROR_FMT(ERROR_MAX_CAMERAS_IN_USE,
3083 "Torch for camera \"%s\" is not available due to insufficient resources",
3084 cameraId.c_str());
3085 }
3086 }
3087 }
3088
3089 {
3090 // Update UID map - this is used in the torch status changed callbacks, so must be done
3091 // before setTorchMode
3092 Mutex::Autolock al(mTorchUidMapMutex);
3093 updateTorchUidMapLocked(cameraId, uid);
3094 }
3095
3096 status_t err = mFlashlight->setTorchMode(cameraId, enabled);
3097
3098 if (err != OK) {
3099 int32_t errorCode;
3100 std::string msg;
3101 switch (err) {
3102 case -ENOSYS:
3103 msg = fmt::sprintf("Camera \"%s\" has no flashlight",
3104 cameraId.c_str());
3105 errorCode = ERROR_ILLEGAL_ARGUMENT;
3106 break;
3107 case -EBUSY:
3108 msg = fmt::sprintf("Camera \"%s\" is in use",
3109 cameraId.c_str());
3110 errorCode = ERROR_CAMERA_IN_USE;
3111 break;
3112 default:
3113 msg = fmt::sprintf(
3114 "Setting torch mode of camera \"%s\" to %d failed: %s (%d)",
3115 cameraId.c_str(), enabled, strerror(-err), err);
3116 errorCode = ERROR_INVALID_OPERATION;
3117 }
3118 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
3119 logServiceError(msg, errorCode);
3120 return STATUS_ERROR(errorCode, msg.c_str());
3121 }
3122
3123 {
3124 // update the link to client's death
3125 Mutex::Autolock al(mTorchClientMapMutex);
3126 ssize_t index = mTorchClientMap.indexOfKey(cameraId);
3127 if (enabled) {
3128 if (index == NAME_NOT_FOUND) {
3129 mTorchClientMap.add(cameraId, clientBinder);
3130 } else {
3131 mTorchClientMap.valueAt(index)->unlinkToDeath(this);
3132 mTorchClientMap.replaceValueAt(index, clientBinder);
3133 }
3134 clientBinder->linkToDeath(this);
3135 } else if (index != NAME_NOT_FOUND) {
3136 mTorchClientMap.valueAt(index)->unlinkToDeath(this);
3137 }
3138 }
3139
3140 int clientPid = getCallingPid();
3141 std::string torchState = enabled ? "on" : "off";
3142 ALOGI("Torch for camera id %s turned %s for client PID %d", cameraId.c_str(),
3143 torchState.c_str(), clientPid);
3144 logTorchEvent(cameraId, torchState, clientPid);
3145 return Status::ok();
3146 }
3147
updateTorchUidMapLocked(const std::string & cameraId,int uid)3148 void CameraService::updateTorchUidMapLocked(const std::string& cameraId, int uid) {
3149 if (mTorchUidMap.find(cameraId) == mTorchUidMap.end()) {
3150 mTorchUidMap[cameraId].first = uid;
3151 mTorchUidMap[cameraId].second = uid;
3152 } else {
3153 // Set the pending UID
3154 mTorchUidMap[cameraId].first = uid;
3155 }
3156 }
3157
notifySystemEvent(int32_t eventId,const std::vector<int32_t> & args)3158 Status CameraService::notifySystemEvent(int32_t eventId,
3159 const std::vector<int32_t>& args) {
3160 const int pid = getCallingPid();
3161 const int selfPid = getpid();
3162
3163 // Permission checks
3164 if (pid != selfPid) {
3165 // Ensure we're being called by system_server, or similar process with
3166 // permissions to notify the camera service about system events
3167 if (!checkCallingPermission(toString16(sCameraSendSystemEventsPermission))) {
3168 const int uid = getCallingUid();
3169 ALOGE("Permission Denial: cannot send updates to camera service about system"
3170 " events from pid=%d, uid=%d", pid, uid);
3171 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
3172 "No permission to send updates to camera service about system events"
3173 " from pid=%d, uid=%d", pid, uid);
3174 }
3175 }
3176
3177 ATRACE_CALL();
3178
3179 switch(eventId) {
3180 case ICameraService::EVENT_USER_SWITCHED: {
3181 // Try to register for UID and sensor privacy policy updates, in case we're recovering
3182 // from a system server crash
3183 mUidPolicy->registerSelf();
3184 mSensorPrivacyPolicy->registerSelf();
3185 doUserSwitch(/*newUserIds*/ args);
3186 break;
3187 }
3188 case ICameraService::EVENT_USB_DEVICE_ATTACHED:
3189 case ICameraService::EVENT_USB_DEVICE_DETACHED: {
3190 if (args.size() != 1) {
3191 return Status::fromExceptionCode(Status::EX_ILLEGAL_ARGUMENT,
3192 "USB Device Event requires 1 argument");
3193 }
3194
3195 // Notify CameraProviderManager for lazy HALs
3196 mCameraProviderManager->notifyUsbDeviceEvent(eventId,
3197 std::to_string(args[0]));
3198 break;
3199 }
3200 case ICameraService::EVENT_NONE:
3201 default: {
3202 ALOGW("%s: Received invalid system event from system_server: %d", __FUNCTION__,
3203 eventId);
3204 break;
3205 }
3206 }
3207 return Status::ok();
3208 }
3209
notifyMonitoredUids()3210 void CameraService::notifyMonitoredUids() {
3211 Mutex::Autolock lock(mStatusListenerLock);
3212
3213 for (const auto& it : mListenerList) {
3214 auto ret = it->getListener()->onCameraAccessPrioritiesChanged();
3215 it->handleBinderStatus(ret, "%s: Failed to trigger permission callback for %d:%d: %d",
3216 __FUNCTION__, it->getListenerUid(), it->getListenerPid(), ret.exceptionCode());
3217 }
3218 }
3219
notifyMonitoredUids(const std::unordered_set<uid_t> & notifyUidSet)3220 void CameraService::notifyMonitoredUids(const std::unordered_set<uid_t> ¬ifyUidSet) {
3221 Mutex::Autolock lock(mStatusListenerLock);
3222
3223 for (const auto& it : mListenerList) {
3224 if (notifyUidSet.find(it->getListenerUid()) != notifyUidSet.end()) {
3225 ALOGV("%s: notifying uid %d", __FUNCTION__, it->getListenerUid());
3226 auto ret = it->getListener()->onCameraAccessPrioritiesChanged();
3227 it->handleBinderStatus(ret, "%s: Failed to trigger permission callback for %d:%d: %d",
3228 __FUNCTION__, it->getListenerUid(), it->getListenerPid(), ret.exceptionCode());
3229 }
3230 }
3231 }
3232
notifyDeviceStateChange(int64_t newState)3233 Status CameraService::notifyDeviceStateChange(int64_t newState) {
3234 const int pid = getCallingPid();
3235 const int selfPid = getpid();
3236
3237 // Permission checks
3238 if (pid != selfPid) {
3239 // Ensure we're being called by system_server, or similar process with
3240 // permissions to notify the camera service about system events
3241 if (!checkCallingPermission(toString16(sCameraSendSystemEventsPermission))) {
3242 const int uid = getCallingUid();
3243 ALOGE("Permission Denial: cannot send updates to camera service about device"
3244 " state changes from pid=%d, uid=%d", pid, uid);
3245 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
3246 "No permission to send updates to camera service about device state"
3247 " changes from pid=%d, uid=%d", pid, uid);
3248 }
3249 }
3250
3251 ATRACE_CALL();
3252
3253 {
3254 Mutex::Autolock lock(mServiceLock);
3255 mDeviceState = newState;
3256 }
3257
3258 mCameraProviderManager->notifyDeviceStateChange(newState);
3259
3260 return Status::ok();
3261 }
3262
notifyDisplayConfigurationChange()3263 Status CameraService::notifyDisplayConfigurationChange() {
3264 ATRACE_CALL();
3265 const int callingPid = getCallingPid();
3266 const int selfPid = getpid();
3267
3268 // Permission checks
3269 if (callingPid != selfPid) {
3270 // Ensure we're being called by system_server, or similar process with
3271 // permissions to notify the camera service about system events
3272 if (!checkCallingPermission(toString16(sCameraSendSystemEventsPermission))) {
3273 const int uid = getCallingUid();
3274 ALOGE("Permission Denial: cannot send updates to camera service about orientation"
3275 " changes from pid=%d, uid=%d", callingPid, uid);
3276 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
3277 "No permission to send updates to camera service about orientation"
3278 " changes from pid=%d, uid=%d", callingPid, uid);
3279 }
3280 }
3281
3282 Mutex::Autolock lock(mServiceLock);
3283
3284 // Don't do anything if rotate-and-crop override via cmd is active
3285 if (mOverrideRotateAndCropMode != ANDROID_SCALER_ROTATE_AND_CROP_AUTO) return Status::ok();
3286
3287 const auto clients = mActiveClientManager.getAll();
3288 for (auto& current : clients) {
3289 if (current != nullptr) {
3290 const auto basicClient = current->getValue();
3291 if (basicClient.get() != nullptr && !basicClient->getOverrideToPortrait()) {
3292 basicClient->setRotateAndCropOverride(
3293 mCameraServiceProxyWrapper->getRotateAndCropOverride(
3294 basicClient->getPackageName(),
3295 basicClient->getCameraFacing(),
3296 multiuser_get_user_id(basicClient->getClientUid())));
3297 }
3298 }
3299 }
3300
3301 return Status::ok();
3302 }
3303
getConcurrentCameraIds(std::vector<ConcurrentCameraIdCombination> * concurrentCameraIds)3304 Status CameraService::getConcurrentCameraIds(
3305 std::vector<ConcurrentCameraIdCombination>* concurrentCameraIds) {
3306 ATRACE_CALL();
3307 if (!concurrentCameraIds) {
3308 ALOGE("%s: concurrentCameraIds is NULL", __FUNCTION__);
3309 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "concurrentCameraIds is NULL");
3310 }
3311
3312 if (!mInitialized) {
3313 ALOGE("%s: Camera HAL couldn't be initialized", __FUNCTION__);
3314 logServiceError("Camera subsystem is not available", ERROR_DISCONNECTED);
3315 return STATUS_ERROR(ERROR_DISCONNECTED,
3316 "Camera subsystem is not available");
3317 }
3318 // First call into the provider and get the set of concurrent camera
3319 // combinations
3320 std::vector<std::unordered_set<std::string>> concurrentCameraCombinations =
3321 mCameraProviderManager->getConcurrentCameraIds();
3322 for (auto &combination : concurrentCameraCombinations) {
3323 std::vector<std::pair<std::string, int32_t>> validCombination;
3324 int32_t firstDeviceId = kInvalidDeviceId;
3325 for (auto &cameraId : combination) {
3326 // if the camera state is not present, skip
3327 auto state = getCameraState(cameraId);
3328 if (state == nullptr) {
3329 ALOGW("%s: camera id %s does not exist", __FUNCTION__, cameraId.c_str());
3330 continue;
3331 }
3332 StatusInternal status = state->getStatus();
3333 if (status == StatusInternal::NOT_PRESENT || status == StatusInternal::ENUMERATING) {
3334 continue;
3335 }
3336 if (shouldRejectSystemCameraConnection(cameraId)) {
3337 continue;
3338 }
3339 auto [cameraOwnerDeviceId, mappedCameraId] =
3340 mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(cameraId);
3341 if (firstDeviceId == kInvalidDeviceId) {
3342 firstDeviceId = cameraOwnerDeviceId;
3343 } else if (firstDeviceId != cameraOwnerDeviceId) {
3344 // Found an invalid combination which contains cameras with different device id's,
3345 // hence discard it.
3346 validCombination.clear();
3347 break;
3348 }
3349 validCombination.push_back({mappedCameraId, cameraOwnerDeviceId});
3350 }
3351 if (validCombination.size() != 0) {
3352 concurrentCameraIds->push_back(std::move(validCombination));
3353 }
3354 }
3355 return Status::ok();
3356 }
3357
isConcurrentSessionConfigurationSupported(const std::vector<CameraIdAndSessionConfiguration> & cameraIdsAndSessionConfigurations,int targetSdkVersion,const AttributionSourceState & clientAttribution,int32_t devicePolicy,bool * isSupported)3358 Status CameraService::isConcurrentSessionConfigurationSupported(
3359 const std::vector<CameraIdAndSessionConfiguration>& cameraIdsAndSessionConfigurations,
3360 int targetSdkVersion, const AttributionSourceState& clientAttribution, int32_t devicePolicy,
3361 /*out*/bool* isSupported) {
3362 if (!isSupported) {
3363 ALOGE("%s: isSupported is NULL", __FUNCTION__);
3364 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "isSupported is NULL");
3365 }
3366
3367 if (!mInitialized) {
3368 ALOGE("%s: Camera HAL couldn't be initialized", __FUNCTION__);
3369 return STATUS_ERROR(ERROR_DISCONNECTED,
3370 "Camera subsystem is not available");
3371 }
3372
3373 for (auto cameraIdAndSessionConfiguration : cameraIdsAndSessionConfigurations) {
3374 std::optional<std::string> cameraIdOptional =
3375 resolveCameraId(cameraIdAndSessionConfiguration.mCameraId,
3376 clientAttribution.deviceId, devicePolicy);
3377 if (!cameraIdOptional.has_value()) {
3378 std::string msg = fmt::sprintf("Camera %s: Invalid camera id for device id %d",
3379 cameraIdAndSessionConfiguration.mCameraId.c_str(), clientAttribution.deviceId);
3380 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
3381 return STATUS_ERROR(CameraService::ERROR_ILLEGAL_ARGUMENT, msg.c_str());
3382 }
3383 cameraIdAndSessionConfiguration.mCameraId = cameraIdOptional.value();
3384 }
3385
3386 // Check for camera permissions
3387 int callingPid = getCallingPid();
3388 int callingUid = getCallingUid();
3389 bool hasCameraPermission = ((callingPid == getpid()) ||
3390 hasPermissionsForCamera(callingPid, callingUid,
3391 devicePolicy == IVirtualDeviceManagerNative::DEVICE_POLICY_DEFAULT
3392 ? kDefaultDeviceId : clientAttribution.deviceId));
3393 if (!hasCameraPermission) {
3394 return STATUS_ERROR(ERROR_PERMISSION_DENIED,
3395 "android.permission.CAMERA needed to call"
3396 "isConcurrentSessionConfigurationSupported");
3397 }
3398
3399 status_t res =
3400 mCameraProviderManager->isConcurrentSessionConfigurationSupported(
3401 cameraIdsAndSessionConfigurations, mPerfClassPrimaryCameraIds,
3402 targetSdkVersion, isSupported);
3403 if (res != OK) {
3404 logServiceError("Unable to query session configuration support",
3405 ERROR_INVALID_OPERATION);
3406 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, "Unable to query session configuration "
3407 "support %s (%d)", strerror(-res), res);
3408 }
3409 return Status::ok();
3410 }
3411
addListener(const sp<ICameraServiceListener> & listener,std::vector<hardware::CameraStatus> * cameraStatuses)3412 Status CameraService::addListener(const sp<ICameraServiceListener>& listener,
3413 /*out*/
3414 std::vector<hardware::CameraStatus> *cameraStatuses) {
3415 return addListenerHelper(listener, cameraStatuses);
3416 }
3417
addListenerTest(const sp<hardware::ICameraServiceListener> & listener,std::vector<hardware::CameraStatus> * cameraStatuses)3418 binder::Status CameraService::addListenerTest(const sp<hardware::ICameraServiceListener>& listener,
3419 std::vector<hardware::CameraStatus>* cameraStatuses) {
3420 return addListenerHelper(listener, cameraStatuses, false, true);
3421 }
3422
addListenerHelper(const sp<ICameraServiceListener> & listener,std::vector<hardware::CameraStatus> * cameraStatuses,bool isVendorListener,bool isProcessLocalTest)3423 Status CameraService::addListenerHelper(const sp<ICameraServiceListener>& listener,
3424 /*out*/
3425 std::vector<hardware::CameraStatus> *cameraStatuses,
3426 bool isVendorListener, bool isProcessLocalTest) {
3427 ATRACE_CALL();
3428
3429 ALOGV("%s: Add listener %p", __FUNCTION__, listener.get());
3430
3431 if (listener == nullptr) {
3432 ALOGE("%s: Listener must not be null", __FUNCTION__);
3433 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Null listener given to addListener");
3434 }
3435
3436 auto clientPid = getCallingPid();
3437 auto clientUid = getCallingUid();
3438 bool openCloseCallbackAllowed = hasPermissionsForOpenCloseListener(clientPid, clientUid);
3439
3440 Mutex::Autolock lock(mServiceLock);
3441
3442 {
3443 Mutex::Autolock lock(mStatusListenerLock);
3444 for (const auto &it : mListenerList) {
3445 if (IInterface::asBinder(it->getListener()) == IInterface::asBinder(listener)) {
3446 ALOGW("%s: Tried to add listener %p which was already subscribed",
3447 __FUNCTION__, listener.get());
3448 return STATUS_ERROR(ERROR_ALREADY_EXISTS, "Listener already registered");
3449 }
3450 }
3451
3452 sp<ServiceListener> serviceListener =
3453 new ServiceListener(this, listener, clientUid, clientPid, isVendorListener,
3454 openCloseCallbackAllowed);
3455 auto ret = serviceListener->initialize(isProcessLocalTest);
3456 if (ret != NO_ERROR) {
3457 std::string msg = fmt::sprintf("Failed to initialize service listener: %s (%d)",
3458 strerror(-ret), ret);
3459 logServiceError(msg, ERROR_ILLEGAL_ARGUMENT);
3460 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
3461 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, msg.c_str());
3462 }
3463 // The listener still needs to be added to the list of listeners, regardless of what
3464 // permissions the listener process has / whether it is a vendor listener. Since it might be
3465 // eligible to listen to other camera ids.
3466 mListenerList.emplace_back(serviceListener);
3467 mUidPolicy->registerMonitorUid(clientUid, /*openCamera*/false);
3468 }
3469
3470 /* Collect current devices and status */
3471 {
3472 Mutex::Autolock lock(mCameraStatesLock);
3473 for (auto& i : mCameraStates) {
3474 // Get the device id and app-visible camera id for the given HAL-visible camera id.
3475 auto [deviceId, mappedCameraId] =
3476 mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(i.first);
3477
3478 cameraStatuses->emplace_back(mappedCameraId,
3479 mapToInterface(i.second->getStatus()), i.second->getUnavailablePhysicalIds(),
3480 openCloseCallbackAllowed ? i.second->getClientPackage() : std::string(),
3481 deviceId);
3482 }
3483 }
3484 // Remove the camera statuses that should be hidden from the client, we do
3485 // this after collecting the states in order to avoid holding
3486 // mCameraStatesLock and mInterfaceLock (held in getSystemCameraKind()) at
3487 // the same time.
3488 cameraStatuses->erase(std::remove_if(cameraStatuses->begin(), cameraStatuses->end(),
3489 [this, &isVendorListener, &clientPid, &clientUid](const hardware::CameraStatus& s) {
3490 std::string cameraId = s.cameraId;
3491 std::optional<std::string> cameraIdOptional = resolveCameraId(s.cameraId,
3492 s.deviceId, IVirtualDeviceManagerNative::DEVICE_POLICY_CUSTOM);
3493 if (!cameraIdOptional.has_value()) {
3494 std::string msg =
3495 fmt::sprintf(
3496 "Camera %s: Invalid camera id for device id %d",
3497 s.cameraId.c_str(), s.deviceId);
3498 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
3499 return true;
3500 }
3501 cameraId = cameraIdOptional.value();
3502 SystemCameraKind deviceKind = SystemCameraKind::PUBLIC;
3503 if (getSystemCameraKind(cameraId, &deviceKind) != OK) {
3504 ALOGE("%s: Invalid camera id %s, skipping status update",
3505 __FUNCTION__, s.cameraId.c_str());
3506 return true;
3507 }
3508 return shouldSkipStatusUpdates(deviceKind, isVendorListener, clientPid,
3509 clientUid);
3510 }), cameraStatuses->end());
3511
3512 // cameraStatuses will have non-eligible camera ids removed.
3513 std::set<std::string> idsChosenForCallback;
3514 for (const auto &s : *cameraStatuses) {
3515 // Add only default device cameras here, as virtual cameras currently don't support torch
3516 // anyway. Note that this is a simplification of the implementation here, and we should
3517 // change this when virtual cameras support torch.
3518 if (s.deviceId == kDefaultDeviceId) {
3519 idsChosenForCallback.insert(s.cameraId);
3520 }
3521 }
3522
3523 /*
3524 * Immediately signal current torch status to this listener only
3525 * This may be a subset of all the devices, so don't include it in the response directly
3526 */
3527 {
3528 Mutex::Autolock al(mTorchStatusMutex);
3529 for (size_t i = 0; i < mTorchStatusMap.size(); i++ ) {
3530 const std::string &id = mTorchStatusMap.keyAt(i);
3531 // The camera id is visible to the client. Fine to send torch
3532 // callback.
3533 if (idsChosenForCallback.find(id) != idsChosenForCallback.end()) {
3534 listener->onTorchStatusChanged(mapToInterface(mTorchStatusMap.valueAt(i)), id,
3535 kDefaultDeviceId);
3536 }
3537 }
3538 }
3539
3540 return Status::ok();
3541 }
3542
removeListener(const sp<ICameraServiceListener> & listener)3543 Status CameraService::removeListener(const sp<ICameraServiceListener>& listener) {
3544 ATRACE_CALL();
3545
3546 ALOGV("%s: Remove listener %p", __FUNCTION__, listener.get());
3547
3548 if (listener == 0) {
3549 ALOGE("%s: Listener must not be null", __FUNCTION__);
3550 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Null listener given to removeListener");
3551 }
3552
3553 Mutex::Autolock lock(mServiceLock);
3554
3555 {
3556 Mutex::Autolock lock(mStatusListenerLock);
3557 for (auto it = mListenerList.begin(); it != mListenerList.end(); it++) {
3558 if (IInterface::asBinder((*it)->getListener()) == IInterface::asBinder(listener)) {
3559 mUidPolicy->unregisterMonitorUid((*it)->getListenerUid(), /*closeCamera*/false);
3560 IInterface::asBinder(listener)->unlinkToDeath(*it);
3561 mListenerList.erase(it);
3562 return Status::ok();
3563 }
3564 }
3565 }
3566
3567 ALOGW("%s: Tried to remove a listener %p which was not subscribed",
3568 __FUNCTION__, listener.get());
3569
3570 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Unregistered listener given to removeListener");
3571 }
3572
getLegacyParameters(int cameraId,std::string * parameters)3573 Status CameraService::getLegacyParameters(int cameraId, /*out*/std::string* parameters) {
3574
3575 ATRACE_CALL();
3576 ALOGV("%s: for camera ID = %d", __FUNCTION__, cameraId);
3577
3578 if (parameters == NULL) {
3579 ALOGE("%s: parameters must not be null", __FUNCTION__);
3580 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Parameters must not be null");
3581 }
3582
3583 Status ret = Status::ok();
3584
3585 CameraParameters shimParams;
3586 if (!(ret = getLegacyParametersLazy(cameraId, /*out*/&shimParams)).isOk()) {
3587 // Error logged by caller
3588 return ret;
3589 }
3590
3591 String8 shimParamsString8 = shimParams.flatten();
3592
3593 *parameters = toStdString(shimParamsString8);
3594
3595 return ret;
3596 }
3597
supportsCameraApi(const std::string & cameraId,int apiVersion,bool * isSupported)3598 Status CameraService::supportsCameraApi(const std::string& cameraId, int apiVersion,
3599 /*out*/ bool *isSupported) {
3600 ATRACE_CALL();
3601
3602 ALOGV("%s: for camera ID = %s", __FUNCTION__, cameraId.c_str());
3603
3604 switch (apiVersion) {
3605 case API_VERSION_1:
3606 case API_VERSION_2:
3607 break;
3608 default:
3609 std::string msg = fmt::sprintf("Unknown API version %d", apiVersion);
3610 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
3611 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, msg.c_str());
3612 }
3613
3614 int portraitRotation;
3615 auto deviceVersionAndTransport =
3616 getDeviceVersion(cameraId,
3617 /*rotationOverride*/hardware::ICameraService::ROTATION_OVERRIDE_NONE,
3618 &portraitRotation);
3619 if (deviceVersionAndTransport.first == -1) {
3620 std::string msg = fmt::sprintf("Unknown camera ID %s", cameraId.c_str());
3621 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
3622 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, msg.c_str());
3623 }
3624 if (deviceVersionAndTransport.second == IPCTransport::HIDL) {
3625 int deviceVersion = deviceVersionAndTransport.first;
3626 switch (deviceVersion) {
3627 case CAMERA_DEVICE_API_VERSION_1_0:
3628 case CAMERA_DEVICE_API_VERSION_3_0:
3629 case CAMERA_DEVICE_API_VERSION_3_1:
3630 if (apiVersion == API_VERSION_2) {
3631 ALOGV("%s: Camera id %s uses HAL version %d <3.2, doesn't support api2 without "
3632 "shim", __FUNCTION__, cameraId.c_str(), deviceVersion);
3633 *isSupported = false;
3634 } else { // if (apiVersion == API_VERSION_1) {
3635 ALOGV("%s: Camera id %s uses older HAL before 3.2, but api1 is always "
3636 "supported", __FUNCTION__, cameraId.c_str());
3637 *isSupported = true;
3638 }
3639 break;
3640 case CAMERA_DEVICE_API_VERSION_3_2:
3641 case CAMERA_DEVICE_API_VERSION_3_3:
3642 case CAMERA_DEVICE_API_VERSION_3_4:
3643 case CAMERA_DEVICE_API_VERSION_3_5:
3644 case CAMERA_DEVICE_API_VERSION_3_6:
3645 case CAMERA_DEVICE_API_VERSION_3_7:
3646 ALOGV("%s: Camera id %s uses HAL3.2 or newer, supports api1/api2 directly",
3647 __FUNCTION__, cameraId.c_str());
3648 *isSupported = true;
3649 break;
3650 default: {
3651 std::string msg = fmt::sprintf("Unknown device version %x for device %s",
3652 deviceVersion, cameraId.c_str());
3653 ALOGE("%s: %s", __FUNCTION__, msg.c_str());
3654 return STATUS_ERROR(ERROR_INVALID_OPERATION, msg.c_str());
3655 }
3656 }
3657 } else {
3658 *isSupported = true;
3659 }
3660 return Status::ok();
3661 }
3662
isHiddenPhysicalCamera(const std::string & cameraId,bool * isSupported)3663 Status CameraService::isHiddenPhysicalCamera(const std::string& cameraId,
3664 /*out*/ bool *isSupported) {
3665 ATRACE_CALL();
3666
3667 ALOGV("%s: for camera ID = %s", __FUNCTION__, cameraId.c_str());
3668 *isSupported = mCameraProviderManager->isHiddenPhysicalCamera(cameraId);
3669
3670 return Status::ok();
3671 }
3672
injectCamera(const std::string & packageName,const std::string & internalCamId,const std::string & externalCamId,const sp<ICameraInjectionCallback> & callback,sp<ICameraInjectionSession> * cameraInjectionSession)3673 Status CameraService::injectCamera(
3674 const std::string& packageName, const std::string& internalCamId,
3675 const std::string& externalCamId,
3676 const sp<ICameraInjectionCallback>& callback,
3677 /*out*/
3678 sp<ICameraInjectionSession>* cameraInjectionSession) {
3679 ATRACE_CALL();
3680
3681 if (!checkCallingPermission(toString16(sCameraInjectExternalCameraPermission))) {
3682 const int pid = getCallingPid();
3683 const int uid = getCallingUid();
3684 ALOGE("Permission Denial: can't inject camera pid=%d, uid=%d", pid, uid);
3685 return STATUS_ERROR(ERROR_PERMISSION_DENIED,
3686 "Permission Denial: no permission to inject camera");
3687 }
3688
3689 // Do not allow any camera injection that injects or replaces a virtual camera.
3690 auto [deviceIdForInternalCamera, _] =
3691 mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(internalCamId);
3692 if (deviceIdForInternalCamera != kDefaultDeviceId) {
3693 return STATUS_ERROR(ICameraInjectionCallback::ERROR_INJECTION_UNSUPPORTED,
3694 "Cannot replace a virtual camera");
3695 }
3696 [[maybe_unused]] auto [deviceIdForExternalCamera, unusedMappedCameraId] =
3697 mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(externalCamId);
3698 if (deviceIdForExternalCamera != kDefaultDeviceId) {
3699 return STATUS_ERROR(ICameraInjectionCallback::ERROR_INJECTION_UNSUPPORTED,
3700 "Cannot inject a virtual camera to replace an internal camera");
3701 }
3702
3703 ALOGV(
3704 "%s: Package name = %s, Internal camera ID = %s, External camera ID = "
3705 "%s",
3706 __FUNCTION__, packageName.c_str(),
3707 internalCamId.c_str(), externalCamId.c_str());
3708
3709 {
3710 Mutex::Autolock lock(mInjectionParametersLock);
3711 mInjectionInternalCamId = internalCamId;
3712 mInjectionExternalCamId = externalCamId;
3713 mInjectionStatusListener->addListener(callback);
3714 *cameraInjectionSession = new CameraInjectionSession(this);
3715 status_t res = NO_ERROR;
3716 auto clientDescriptor = mActiveClientManager.get(mInjectionInternalCamId);
3717 // If the client already exists, we can directly connect to the camera device through the
3718 // client's injectCamera(), otherwise we need to wait until the client is established
3719 // (execute connectHelper()) before injecting the camera to the camera device.
3720 if (clientDescriptor != nullptr) {
3721 mInjectionInitPending = false;
3722 sp<BasicClient> clientSp = clientDescriptor->getValue();
3723 res = checkIfInjectionCameraIsPresent(mInjectionExternalCamId, clientSp);
3724 if(res != OK) {
3725 return STATUS_ERROR_FMT(ERROR_DISCONNECTED,
3726 "No camera device with ID \"%s\" currently available",
3727 mInjectionExternalCamId.c_str());
3728 }
3729 res = clientSp->injectCamera(mInjectionExternalCamId, mCameraProviderManager);
3730 if (res != OK) {
3731 mInjectionStatusListener->notifyInjectionError(mInjectionExternalCamId, res);
3732 }
3733 } else {
3734 mInjectionInitPending = true;
3735 }
3736 }
3737
3738 return binder::Status::ok();
3739 }
3740
reportExtensionSessionStats(const hardware::CameraExtensionSessionStats & stats,std::string * sessionKey)3741 Status CameraService::reportExtensionSessionStats(
3742 const hardware::CameraExtensionSessionStats& stats, std::string* sessionKey /*out*/) {
3743 ALOGV("%s: reported %s", __FUNCTION__, stats.toString().c_str());
3744 *sessionKey = mCameraServiceProxyWrapper->updateExtensionStats(stats);
3745 return Status::ok();
3746 }
3747
removeByClient(const BasicClient * client)3748 void CameraService::removeByClient(const BasicClient* client) {
3749 Mutex::Autolock lock(mServiceLock);
3750 for (auto& i : mActiveClientManager.getAll()) {
3751 auto clientSp = i->getValue();
3752 if (clientSp.get() == client) {
3753 cacheClientTagDumpIfNeeded(client->mCameraIdStr, clientSp.get());
3754 mActiveClientManager.remove(i);
3755 }
3756 }
3757 updateAudioRestrictionLocked();
3758 }
3759
isOnlyClient(const BasicClient * client)3760 bool CameraService::isOnlyClient(const BasicClient* client) {
3761 Mutex::Autolock lock(mServiceLock);
3762 bool ret = true;
3763 if (!flags::camera_multi_client()) {
3764 return ret;
3765 }
3766 if (client != nullptr) {
3767 std::string camId = client->mCameraIdStr;
3768 for (const auto& i : mActiveClientManager.getAll()) {
3769 auto clientSp = i->getValue();
3770 auto curCamId = i->getKey();
3771 if (!curCamId.compare(camId) && clientSp.get() != client) {
3772 return false;
3773 }
3774 }
3775 }
3776 return ret;
3777 }
3778
evictClientIdByRemote(const wp<IBinder> & remote)3779 bool CameraService::evictClientIdByRemote(const wp<IBinder>& remote) {
3780 bool ret = false;
3781 {
3782 // Acquire mServiceLock and prevent other clients from connecting
3783 std::unique_ptr<AutoConditionLock> lock =
3784 AutoConditionLock::waitAndAcquire(mServiceLockWrapper);
3785
3786 std::vector<sp<BasicClient>> evicted;
3787 for (auto& i : mActiveClientManager.getAll()) {
3788 auto clientSp = i->getValue();
3789 if (clientSp.get() == nullptr) {
3790 ALOGE("%s: Dead client still in mActiveClientManager.", __FUNCTION__);
3791 mActiveClientManager.remove(i);
3792 continue;
3793 }
3794 if (remote == clientSp->getRemote()) {
3795 mActiveClientManager.remove(i);
3796 evicted.push_back(clientSp);
3797
3798 // Notify the client of disconnection
3799 clientSp->notifyError(
3800 hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISCONNECTED,
3801 CaptureResultExtras());
3802 }
3803 }
3804
3805 // Do not hold mServiceLock while disconnecting clients, but retain the condition blocking
3806 // other clients from connecting in mServiceLockWrapper if held
3807 mServiceLock.unlock();
3808
3809 // Do not clear caller identity, remote caller should be client proccess
3810
3811 for (auto& i : evicted) {
3812 if (i.get() != nullptr) {
3813 i->disconnect();
3814 ret = true;
3815 }
3816 }
3817
3818 // Reacquire mServiceLock
3819 mServiceLock.lock();
3820
3821 } // lock is destroyed, allow further connect calls
3822
3823 return ret;
3824 }
3825
getCameraState(const std::string & cameraId) const3826 std::shared_ptr<CameraService::CameraState> CameraService::getCameraState(
3827 const std::string& cameraId) const {
3828 std::shared_ptr<CameraState> state;
3829 {
3830 Mutex::Autolock lock(mCameraStatesLock);
3831 auto iter = mCameraStates.find(cameraId);
3832 if (iter != mCameraStates.end()) {
3833 state = iter->second;
3834 }
3835 }
3836 return state;
3837 }
3838
removeClientsLocked(const std::string & cameraId)3839 std::vector<sp<CameraService::BasicClient>> CameraService::removeClientsLocked(
3840 const std::string& cameraId) {
3841 // Remove from active clients list
3842 std::vector<sp<CameraService::BasicClient>> clients;
3843 if (flags::camera_multi_client()) {
3844 std::vector<CameraService::DescriptorPtr> clientDescriptors;
3845 clientDescriptors = mActiveClientManager.removeAll(cameraId);
3846 for (const auto& clientDescriptorPtr : clientDescriptors) {
3847 if (clientDescriptorPtr != nullptr) {
3848 sp<BasicClient> client = clientDescriptorPtr->getValue();
3849 if (client.get() != nullptr) {
3850 cacheClientTagDumpIfNeeded(clientDescriptorPtr->getKey(), client.get());
3851 clients.push_back(client);
3852 }
3853 }
3854 }
3855 } else {
3856 auto clientDescriptorPtr = mActiveClientManager.remove(cameraId);
3857 if (clientDescriptorPtr == nullptr) {
3858 ALOGW("%s: Could not evict client, no client for camera ID %s", __FUNCTION__,
3859 cameraId.c_str());
3860 return clients;
3861 }
3862
3863 sp<BasicClient> client = clientDescriptorPtr->getValue();
3864 if (client.get() != nullptr) {
3865 cacheClientTagDumpIfNeeded(clientDescriptorPtr->getKey(), client.get());
3866 clients.push_back(client);
3867 }
3868 }
3869 return clients;
3870 }
3871
doUserSwitch(const std::vector<int32_t> & newUserIds)3872 void CameraService::doUserSwitch(const std::vector<int32_t>& newUserIds) {
3873 // Acquire mServiceLock and prevent other clients from connecting
3874 std::unique_ptr<AutoConditionLock> lock =
3875 AutoConditionLock::waitAndAcquire(mServiceLockWrapper);
3876
3877 std::set<userid_t> newAllowedUsers;
3878 for (size_t i = 0; i < newUserIds.size(); i++) {
3879 if (newUserIds[i] < 0) {
3880 ALOGE("%s: Bad user ID %d given during user switch, ignoring.",
3881 __FUNCTION__, newUserIds[i]);
3882 return;
3883 }
3884 newAllowedUsers.insert(static_cast<userid_t>(newUserIds[i]));
3885 }
3886
3887
3888 if (newAllowedUsers == mAllowedUsers) {
3889 ALOGW("%s: Received notification of user switch with no updated user IDs.", __FUNCTION__);
3890 return;
3891 }
3892
3893 logUserSwitch(mAllowedUsers, newAllowedUsers);
3894
3895 mAllowedUsers = std::move(newAllowedUsers);
3896
3897 // Current user has switched, evict all current clients.
3898 std::vector<sp<BasicClient>> evicted;
3899 for (auto& i : mActiveClientManager.getAll()) {
3900 auto clientSp = i->getValue();
3901
3902 if (clientSp.get() == nullptr) {
3903 ALOGE("%s: Dead client still in mActiveClientManager.", __FUNCTION__);
3904 continue;
3905 }
3906
3907 // Don't evict clients that are still allowed.
3908 uid_t clientUid = clientSp->getClientUid();
3909 userid_t clientUserId = multiuser_get_user_id(clientUid);
3910 if (mAllowedUsers.find(clientUserId) != mAllowedUsers.end()) {
3911 continue;
3912 }
3913
3914 evicted.push_back(clientSp);
3915
3916 ALOGE("Evicting conflicting client for camera ID %s due to user change",
3917 i->getKey().c_str());
3918
3919 // Log the clients evicted
3920 logEvent(fmt::sprintf("EVICT device %s client held by package %s (PID %"
3921 PRId32 ", score %" PRId32 ", state %" PRId32 ")\n - Evicted due"
3922 " to user switch.", i->getKey().c_str(),
3923 clientSp->getPackageName().c_str(),
3924 i->getOwnerId(), i->getPriority().getScore(),
3925 i->getPriority().getState()));
3926
3927 }
3928
3929 // Do not hold mServiceLock while disconnecting clients, but retain the condition
3930 // blocking other clients from connecting in mServiceLockWrapper if held.
3931 mServiceLock.unlock();
3932
3933 // Clear caller identity temporarily so client disconnect PID checks work correctly
3934 int64_t token = clearCallingIdentity();
3935
3936 for (auto& i : evicted) {
3937 i->disconnect();
3938 }
3939
3940 restoreCallingIdentity(token);
3941
3942 // Reacquire mServiceLock
3943 mServiceLock.lock();
3944 }
3945
logEvent(const std::string & event)3946 void CameraService::logEvent(const std::string &event) {
3947 std::string curTime = getFormattedCurrentTime();
3948 Mutex::Autolock l(mLogLock);
3949 std::string msg = curTime + " : " + event;
3950 // For service error events, print the msg only once.
3951 if (msg.find("SERVICE ERROR") != std::string::npos) {
3952 mEventLog.add(msg);
3953 } else if(sServiceErrorEventSet.find(msg) == sServiceErrorEventSet.end()) {
3954 // Error event not added to the dumpsys log before
3955 mEventLog.add(msg);
3956 sServiceErrorEventSet.insert(msg);
3957 }
3958 }
3959
logDisconnected(const std::string & cameraId,int clientPid,const std::string & clientPackage)3960 void CameraService::logDisconnected(const std::string &cameraId, int clientPid,
3961 const std::string &clientPackage) {
3962 // Log the clients evicted
3963 logEvent(fmt::sprintf("DISCONNECT device %s client for package %s (PID %d)", cameraId.c_str(),
3964 clientPackage.c_str(), clientPid));
3965 }
3966
logDisconnectedOffline(const std::string & cameraId,int clientPid,const std::string & clientPackage)3967 void CameraService::logDisconnectedOffline(const std::string &cameraId, int clientPid,
3968 const std::string &clientPackage) {
3969 // Log the clients evicted
3970 logEvent(fmt::sprintf("DISCONNECT offline device %s client for package %s (PID %d)",
3971 cameraId.c_str(), clientPackage.c_str(), clientPid));
3972 }
3973
logConnected(const std::string & cameraId,int clientPid,const std::string & clientPackage)3974 void CameraService::logConnected(const std::string &cameraId, int clientPid,
3975 const std::string &clientPackage) {
3976 // Log the clients evicted
3977 logEvent(fmt::sprintf("CONNECT device %s client for package %s (PID %d)", cameraId.c_str(),
3978 clientPackage.c_str(), clientPid));
3979 }
3980
logConnectedOffline(const std::string & cameraId,int clientPid,const std::string & clientPackage)3981 void CameraService::logConnectedOffline(const std::string &cameraId, int clientPid,
3982 const std::string &clientPackage) {
3983 // Log the clients evicted
3984 logEvent(fmt::sprintf("CONNECT offline device %s client for package %s (PID %d)",
3985 cameraId.c_str(), clientPackage.c_str(), clientPid));
3986 }
3987
logRejected(const std::string & cameraId,int clientPid,const std::string & clientPackage,const std::string & reason)3988 void CameraService::logRejected(const std::string &cameraId, int clientPid,
3989 const std::string &clientPackage, const std::string &reason) {
3990 // Log the client rejected
3991 logEvent(fmt::sprintf("REJECT device %s client for package %s (PID %d), reason: (%s)",
3992 cameraId.c_str(), clientPackage.c_str(), clientPid, reason.c_str()));
3993 }
3994
logTorchEvent(const std::string & cameraId,const std::string & torchState,int clientPid)3995 void CameraService::logTorchEvent(const std::string &cameraId, const std::string &torchState,
3996 int clientPid) {
3997 // Log torch event
3998 logEvent(fmt::sprintf("Torch for camera id %s turned %s for client PID %d", cameraId.c_str(),
3999 torchState.c_str(), clientPid));
4000 }
4001
logUserSwitch(const std::set<userid_t> & oldUserIds,const std::set<userid_t> & newUserIds)4002 void CameraService::logUserSwitch(const std::set<userid_t>& oldUserIds,
4003 const std::set<userid_t>& newUserIds) {
4004 std::string newUsers = toString(newUserIds);
4005 std::string oldUsers = toString(oldUserIds);
4006 if (oldUsers.size() == 0) {
4007 oldUsers = "<None>";
4008 }
4009 // Log the new and old users
4010 logEvent(fmt::sprintf("USER_SWITCH previous allowed user IDs: %s, current allowed user IDs: %s",
4011 oldUsers.c_str(), newUsers.c_str()));
4012 }
4013
logDeviceRemoved(const std::string & cameraId,const std::string & reason)4014 void CameraService::logDeviceRemoved(const std::string &cameraId, const std::string &reason) {
4015 // Log the device removal
4016 logEvent(fmt::sprintf("REMOVE device %s, reason: (%s)", cameraId.c_str(), reason.c_str()));
4017 }
4018
logDeviceAdded(const std::string & cameraId,const std::string & reason)4019 void CameraService::logDeviceAdded(const std::string &cameraId, const std::string &reason) {
4020 // Log the device removal
4021 logEvent(fmt::sprintf("ADD device %s, reason: (%s)", cameraId.c_str(), reason.c_str()));
4022 }
4023
logClientDied(int clientPid,const std::string & reason)4024 void CameraService::logClientDied(int clientPid, const std::string &reason) {
4025 // Log the device removal
4026 logEvent(fmt::sprintf("DIED client(s) with PID %d, reason: (%s)", clientPid, reason.c_str()));
4027 }
4028
logServiceError(const std::string & msg,int errorCode)4029 void CameraService::logServiceError(const std::string &msg, int errorCode) {
4030 logEvent(fmt::sprintf("SERVICE ERROR: %s : %d (%s)", msg.c_str(), errorCode,
4031 strerror(-errorCode)));
4032 }
4033
onTransact(uint32_t code,const Parcel & data,Parcel * reply,uint32_t flags)4034 status_t CameraService::onTransact(uint32_t code, const Parcel& data, Parcel* reply,
4035 uint32_t flags) {
4036
4037 // Permission checks
4038 switch (code) {
4039 case SHELL_COMMAND_TRANSACTION: {
4040 int in = data.readFileDescriptor();
4041 int out = data.readFileDescriptor();
4042 int err = data.readFileDescriptor();
4043 int argc = data.readInt32();
4044 Vector<String16> args;
4045 for (int i = 0; i < argc && data.dataAvail() > 0; i++) {
4046 args.add(data.readString16());
4047 }
4048 sp<IBinder> unusedCallback;
4049 sp<IResultReceiver> resultReceiver;
4050 status_t status;
4051 if ((status = data.readNullableStrongBinder(&unusedCallback)) != NO_ERROR) {
4052 return status;
4053 }
4054 if ((status = data.readNullableStrongBinder(&resultReceiver)) != NO_ERROR) {
4055 return status;
4056 }
4057 status = shellCommand(in, out, err, args);
4058 if (resultReceiver != nullptr) {
4059 resultReceiver->send(status);
4060 }
4061 return NO_ERROR;
4062 }
4063 }
4064
4065 return BnCameraService::onTransact(code, data, reply, flags);
4066 }
4067
4068 // We share the media players for shutter and recording sound for all clients.
4069 // A reference count is kept to determine when we will actually release the
4070 // media players.
newMediaPlayer(const char * file)4071 sp<MediaPlayer> CameraService::newMediaPlayer(const char *file) {
4072 sp<MediaPlayer> mp = new MediaPlayer();
4073 status_t error;
4074 if ((error = mp->setDataSource(NULL /* httpService */, file, NULL)) == NO_ERROR) {
4075 mp->setAudioStreamType(AUDIO_STREAM_ENFORCED_AUDIBLE);
4076 error = mp->prepare();
4077 }
4078 if (error != NO_ERROR) {
4079 ALOGE("Failed to load CameraService sounds: %s", file);
4080 mp->disconnect();
4081 mp.clear();
4082 return nullptr;
4083 }
4084 return mp;
4085 }
4086
increaseSoundRef()4087 void CameraService::increaseSoundRef() {
4088 Mutex::Autolock lock(mSoundLock);
4089 mSoundRef++;
4090 }
4091
loadSoundLocked(sound_kind kind)4092 void CameraService::loadSoundLocked(sound_kind kind) {
4093 ATRACE_CALL();
4094
4095 LOG1("CameraService::loadSoundLocked ref=%d", mSoundRef);
4096 if (SOUND_SHUTTER == kind && mSoundPlayer[SOUND_SHUTTER] == NULL) {
4097 mSoundPlayer[SOUND_SHUTTER] = newMediaPlayer("/product/media/audio/ui/camera_click.ogg");
4098 if (mSoundPlayer[SOUND_SHUTTER] == nullptr) {
4099 mSoundPlayer[SOUND_SHUTTER] = newMediaPlayer("/system/media/audio/ui/camera_click.ogg");
4100 }
4101 } else if (SOUND_RECORDING_START == kind && mSoundPlayer[SOUND_RECORDING_START] == NULL) {
4102 mSoundPlayer[SOUND_RECORDING_START] = newMediaPlayer("/product/media/audio/ui/VideoRecord.ogg");
4103 if (mSoundPlayer[SOUND_RECORDING_START] == nullptr) {
4104 mSoundPlayer[SOUND_RECORDING_START] =
4105 newMediaPlayer("/system/media/audio/ui/VideoRecord.ogg");
4106 }
4107 } else if (SOUND_RECORDING_STOP == kind && mSoundPlayer[SOUND_RECORDING_STOP] == NULL) {
4108 mSoundPlayer[SOUND_RECORDING_STOP] = newMediaPlayer("/product/media/audio/ui/VideoStop.ogg");
4109 if (mSoundPlayer[SOUND_RECORDING_STOP] == nullptr) {
4110 mSoundPlayer[SOUND_RECORDING_STOP] = newMediaPlayer("/system/media/audio/ui/VideoStop.ogg");
4111 }
4112 }
4113 }
4114
decreaseSoundRef()4115 void CameraService::decreaseSoundRef() {
4116 Mutex::Autolock lock(mSoundLock);
4117 LOG1("CameraService::decreaseSoundRef ref=%d", mSoundRef);
4118 if (--mSoundRef) return;
4119
4120 for (int i = 0; i < NUM_SOUNDS; i++) {
4121 if (mSoundPlayer[i] != 0) {
4122 mSoundPlayer[i]->disconnect();
4123 mSoundPlayer[i].clear();
4124 }
4125 }
4126 }
4127
playSound(sound_kind kind)4128 void CameraService::playSound(sound_kind kind) {
4129 ATRACE_CALL();
4130
4131 LOG1("playSound(%d)", kind);
4132 if (kind < 0 || kind >= NUM_SOUNDS) {
4133 ALOGE("%s: Invalid sound id requested: %d", __FUNCTION__, kind);
4134 return;
4135 }
4136
4137 Mutex::Autolock lock(mSoundLock);
4138 loadSoundLocked(kind);
4139 sp<MediaPlayer> player = mSoundPlayer[kind];
4140 if (player != 0) {
4141 player->seekTo(0);
4142 player->start();
4143 }
4144 }
4145
4146 // ----------------------------------------------------------------------------
4147
Client(const sp<CameraService> & cameraService,const sp<ICameraClient> & cameraClient,std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils,const AttributionSourceState & clientAttribution,int callingPid,bool systemNativeClient,const std::string & cameraIdStr,int api1CameraId,int cameraFacing,int sensorOrientation,int servicePid,int rotationOverride,bool sharedMode)4148 CameraService::Client::Client(
4149 const sp<CameraService>& cameraService, const sp<ICameraClient>& cameraClient,
4150 std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils,
4151 const AttributionSourceState& clientAttribution, int callingPid, bool systemNativeClient,
4152 const std::string& cameraIdStr, int api1CameraId, int cameraFacing, int sensorOrientation,
4153 int servicePid, int rotationOverride, bool sharedMode)
4154 : CameraService::BasicClient(cameraService, IInterface::asBinder(cameraClient),
4155 attributionAndPermissionUtils, clientAttribution, callingPid,
4156 systemNativeClient, cameraIdStr, cameraFacing, sensorOrientation,
4157 servicePid, rotationOverride, sharedMode),
4158 mCameraId(api1CameraId) {
4159 LOG1("Client::Client E (pid %d, id %d)", callingPid, mCameraId);
4160
4161 mRemoteCallback = cameraClient;
4162
4163 cameraService->increaseSoundRef();
4164
4165 LOG1("Client::Client X (pid %d, id %d)", callingPid, mCameraId);
4166 }
4167
4168 // tear down the client
~Client()4169 CameraService::Client::~Client() {
4170 ALOGV("~Client");
4171 mDestructionStarted = true;
4172
4173 sCameraService->decreaseSoundRef();
4174 // unconditionally disconnect. function is idempotent
4175 Client::disconnect();
4176 }
4177
4178 sp<CameraService> CameraService::BasicClient::BasicClient::sCameraService;
4179
BasicClient(const sp<CameraService> & cameraService,const sp<IBinder> & remoteCallback,std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils,const AttributionSourceState & clientAttribution,int callingPid,bool nativeClient,const std::string & cameraIdStr,int cameraFacing,int sensorOrientation,int servicePid,int rotationOverride,bool sharedMode)4180 CameraService::BasicClient::BasicClient(
4181 const sp<CameraService>& cameraService, const sp<IBinder>& remoteCallback,
4182 std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils,
4183 const AttributionSourceState& clientAttribution, int callingPid, bool nativeClient,
4184 const std::string& cameraIdStr, int cameraFacing, int sensorOrientation, int servicePid,
4185 int rotationOverride, bool sharedMode)
4186 : AttributionAndPermissionUtilsEncapsulator(attributionAndPermissionUtils),
4187 mDestructionStarted(false),
4188 mCameraIdStr(cameraIdStr),
4189 mCameraFacing(cameraFacing),
4190 mOrientation(sensorOrientation),
4191 mClientAttribution(clientAttribution),
4192 mCallingPid(callingPid),
4193 mSystemNativeClient(nativeClient),
4194 mServicePid(servicePid),
4195 mDisconnected(false),
4196 mUidIsTrusted(false),
4197 mRotationOverride(rotationOverride), mSharedMode(sharedMode),
4198 mAudioRestriction(hardware::camera2::ICameraDeviceUser::AUDIO_RESTRICTION_NONE),
4199 mRemoteBinder(remoteCallback),
4200 mCameraOpen(false),
4201 mCameraStreaming(false) {
4202 if (sCameraService == nullptr) {
4203 sCameraService = cameraService;
4204 }
4205
4206 // There are 2 scenarios in which a client won't have AppOps operations
4207 // (both scenarios : native clients)
4208 // 1) It's an system native client*, the package name will be empty
4209 // and it will return from this function in the previous if condition
4210 // (This is the same as the previously existing behavior).
4211 // 2) It is a system native client, but its package name has been
4212 // modified for debugging, however it still must not use AppOps since
4213 // the package name is not a real one.
4214 //
4215 // * system native client - native client with UID < AID_APP_START. It
4216 // doesn't exclude clients not on the system partition.
4217 if (!mSystemNativeClient) {
4218 mAppOpsManager = std::make_unique<AppOpsManager>();
4219 }
4220
4221 mUidIsTrusted = isTrustedCallingUid(mClientAttribution.uid);
4222 }
4223
~BasicClient()4224 CameraService::BasicClient::~BasicClient() {
4225 ALOGV("~BasicClient");
4226 mDestructionStarted = true;
4227 }
4228
disconnect()4229 binder::Status CameraService::BasicClient::disconnect() {
4230 binder::Status res = Status::ok();
4231 if (mDisconnected) {
4232 return res;
4233 }
4234 mDisconnected = true;
4235
4236 sCameraService->removeByClient(this);
4237 sCameraService->logDisconnected(mCameraIdStr, mCallingPid, getPackageName());
4238 if (!flags::camera_multi_client() || !mSharedMode || (mSharedMode &&
4239 sCameraService->isOnlyClient(this))) {
4240 // Remove the HAL reference for the camera in either of the following scenarios :
4241 // 1) Camera was opened in non-shared mode.
4242 // 2) Camera was opened in shared mode and this is the last client using
4243 // the camera which is being disconnected
4244 sCameraService->mCameraProviderManager->removeRef(CameraProviderManager::DeviceMode::CAMERA,
4245 mCameraIdStr);
4246 }
4247
4248 sp<IBinder> remote = getRemote();
4249 if (remote != nullptr) {
4250 remote->unlinkToDeath(sCameraService);
4251 }
4252
4253 notifyCameraClosing();
4254 if (!flags::camera_multi_client() || !mSharedMode || (mSharedMode &&
4255 sCameraService->isOnlyClient(this))) {
4256 // Notify flashlight that a camera device is closed.
4257 sCameraService->mFlashlight->deviceClosed(mCameraIdStr);
4258 }
4259 ALOGI("%s: Disconnected client for camera %s for PID %d", __FUNCTION__, mCameraIdStr.c_str(),
4260 mCallingPid);
4261
4262 // client shouldn't be able to call into us anymore
4263 mCallingPid = 0;
4264
4265 const auto& mActivityManager = getActivityManager();
4266 if (mActivityManager) {
4267 mActivityManager->logFgsApiEnd(LOG_FGS_CAMERA_API,
4268 getCallingUid(),
4269 getCallingPid());
4270 }
4271
4272 return res;
4273 }
4274
dump(int,const Vector<String16> &)4275 status_t CameraService::BasicClient::dump(int, const Vector<String16>&) {
4276 // No dumping of clients directly over Binder,
4277 // must go through CameraService::dump
4278 android_errorWriteWithInfoLog(SN_EVENT_LOG_ID, "26265403",
4279 getCallingUid(), NULL, 0);
4280 return OK;
4281 }
4282
startWatchingTags(const std::string &,int)4283 status_t CameraService::BasicClient::startWatchingTags(const std::string&, int) {
4284 // Can't watch tags directly, must go through CameraService::startWatchingTags
4285 return OK;
4286 }
4287
stopWatchingTags(int)4288 status_t CameraService::BasicClient::stopWatchingTags(int) {
4289 // Can't watch tags directly, must go through CameraService::stopWatchingTags
4290 return OK;
4291 }
4292
dumpWatchedEventsToVector(std::vector<std::string> &)4293 status_t CameraService::BasicClient::dumpWatchedEventsToVector(std::vector<std::string> &) {
4294 // Can't watch tags directly, must go through CameraService::dumpWatchedEventsToVector
4295 return OK;
4296 }
4297
getPackageName() const4298 std::string CameraService::BasicClient::getPackageName() const {
4299 return mClientAttribution.packageName.value_or(kUnknownPackageName);
4300 }
4301
getCameraFacing() const4302 int CameraService::BasicClient::getCameraFacing() const {
4303 return mCameraFacing;
4304 }
4305
getCameraOrientation() const4306 int CameraService::BasicClient::getCameraOrientation() const {
4307 return mOrientation;
4308 }
4309
getClientCallingPid() const4310 int CameraService::BasicClient::getClientCallingPid() const {
4311 return mCallingPid;
4312 }
4313
getClientUid() const4314 uid_t CameraService::BasicClient::getClientUid() const {
4315 return mClientAttribution.uid;
4316 }
4317
getClientAttributionTag() const4318 const std::optional<std::string>& CameraService::BasicClient::getClientAttributionTag() const {
4319 return mClientAttribution.attributionTag;
4320 }
4321
canCastToApiClient(apiLevel level) const4322 bool CameraService::BasicClient::canCastToApiClient(apiLevel level) const {
4323 // Defaults to API2.
4324 return level == API_2;
4325 }
4326
setAudioRestriction(int32_t mode)4327 status_t CameraService::BasicClient::setAudioRestriction(int32_t mode) {
4328 {
4329 Mutex::Autolock l(mAudioRestrictionLock);
4330 mAudioRestriction = mode;
4331 }
4332 sCameraService->updateAudioRestriction();
4333 return OK;
4334 }
4335
getServiceAudioRestriction() const4336 int32_t CameraService::BasicClient::getServiceAudioRestriction() const {
4337 return sCameraService->updateAudioRestriction();
4338 }
4339
getAudioRestriction() const4340 int32_t CameraService::BasicClient::getAudioRestriction() const {
4341 Mutex::Autolock l(mAudioRestrictionLock);
4342 return mAudioRestriction;
4343 }
4344
isValidAudioRestriction(int32_t mode)4345 bool CameraService::BasicClient::isValidAudioRestriction(int32_t mode) {
4346 switch (mode) {
4347 case hardware::camera2::ICameraDeviceUser::AUDIO_RESTRICTION_NONE:
4348 case hardware::camera2::ICameraDeviceUser::AUDIO_RESTRICTION_VIBRATION:
4349 case hardware::camera2::ICameraDeviceUser::AUDIO_RESTRICTION_VIBRATION_SOUND:
4350 return true;
4351 default:
4352 return false;
4353 }
4354 }
4355
handlePermissionResult(PermissionChecker::PermissionResult result)4356 status_t CameraService::BasicClient::handlePermissionResult(
4357 PermissionChecker::PermissionResult result) {
4358 if (result == PermissionChecker::PERMISSION_HARD_DENIED) {
4359 ALOGI("Camera %s: Access for \"%s\" has been revoked", mCameraIdStr.c_str(),
4360 getPackageName().c_str());
4361 return PERMISSION_DENIED;
4362 } else if (!mUidIsTrusted && result == PermissionChecker::PERMISSION_SOFT_DENIED) {
4363 // If the calling Uid is trusted (a native service), the AppOpsManager/PermissionChecker
4364 // could return MODE_IGNORED/PERMISSION_SOFT_DENIED. Do not treat such case as error.
4365 bool isUidActive =
4366 sCameraService->mUidPolicy->isUidActive(getClientUid(), getPackageName());
4367
4368 bool isCameraPrivacyEnabled;
4369 if (flags::camera_privacy_allowlist()) {
4370 isCameraPrivacyEnabled = sCameraService->isCameraPrivacyEnabled(
4371 toString16(getPackageName()), std::string(), mCallingPid, getClientUid());
4372 } else {
4373 isCameraPrivacyEnabled =
4374 sCameraService->mSensorPrivacyPolicy->isCameraPrivacyEnabled();
4375 }
4376 // We don't want to return EACCESS if the CameraPrivacy is enabled.
4377 // We prefer to successfully open the camera and perform camera muting
4378 // or blocking in connectHelper as handleAppOpMode can be called before the
4379 // connection has been fully established and at that time camera muting
4380 // capabilities are unknown.
4381 if (!isUidActive || !isCameraPrivacyEnabled) {
4382 ALOGI("Camera %s: Access for \"%s\" has been restricted."
4383 "uid active: %s, privacy enabled: %s",
4384 mCameraIdStr.c_str(), getPackageName().c_str(), isUidActive ? "true" : "false",
4385 isCameraPrivacyEnabled ? "true" : "false");
4386 // Return the same error as for device policy manager rejection
4387 return -EACCES;
4388 }
4389 }
4390 return OK;
4391 }
4392
handleAppOpMode(int32_t mode)4393 status_t CameraService::BasicClient::handleAppOpMode(int32_t mode) {
4394 return handlePermissionResult(appOpModeToPermissionResult(mode));
4395 }
4396
notifyCameraOpening()4397 status_t CameraService::BasicClient::notifyCameraOpening() {
4398 ATRACE_CALL();
4399
4400 // Don't start watching until we're streaming when using permissionChecker for data delivery
4401 if (!flags::data_delivery_permission_checks()) {
4402 ALOGD("%s: Start camera ops, package name = %s, client UID = %d", __FUNCTION__,
4403 getPackageName().c_str(), getClientUid());
4404
4405 if (mAppOpsManager != nullptr) {
4406 // Notify app ops that the camera is not available
4407 mOpsCallback = new OpsCallback(this);
4408
4409 mAppOpsManager->startWatchingMode(
4410 AppOpsManager::OP_CAMERA, toString16(getPackageName()),
4411 AppOpsManager::WATCH_FOREGROUND_CHANGES, mOpsCallback);
4412
4413 // Just check for camera access here on open - delay startOp until
4414 // camera frames start streaming in startCameraStreamingOps
4415 int32_t mode = mAppOpsManager->checkOp(AppOpsManager::OP_CAMERA, getClientUid(),
4416 toString16(getPackageName()));
4417 status_t res = handleAppOpMode(mode);
4418 if (res != OK) {
4419 return res;
4420 }
4421 }
4422 } else {
4423 // TODO: Remove when removing the data_delivery_permission_checks flag
4424 ALOGD("%s: Bypassing checkOp for uid %d", __FUNCTION__, getClientUid());
4425 }
4426
4427 mCameraOpen = true;
4428
4429 // Transition device availability listeners from PRESENT -> NOT_AVAILABLE
4430 sCameraService->updateStatus(StatusInternal::NOT_AVAILABLE, mCameraIdStr);
4431
4432 sCameraService->mUidPolicy->registerMonitorUid(getClientUid(), /*openCamera*/ true);
4433
4434 // Notify listeners of camera open/close status
4435 sCameraService->updateOpenCloseStatus(mCameraIdStr, true /*open*/, getPackageName(),
4436 mSharedMode);
4437
4438 return OK;
4439 }
4440
startCameraStreamingOps()4441 status_t CameraService::BasicClient::startCameraStreamingOps() {
4442 ATRACE_CALL();
4443
4444 if (!mCameraOpen) {
4445 ALOGE("%s: Calling streaming start when not yet active", __FUNCTION__);
4446 return INVALID_OPERATION;
4447 }
4448
4449 if (mCameraStreaming) {
4450 ALOGV("%s: Streaming already active!", __FUNCTION__);
4451 return OK;
4452 }
4453
4454 ALOGV("%s: Start camera streaming ops, package name = %s, client UID = %d", __FUNCTION__,
4455 getPackageName().c_str(), getClientUid());
4456
4457 if (mAppOpsManager != nullptr) {
4458 if (flags::data_delivery_permission_checks()) {
4459 ALOGD("%s: Start data delivery for uid %d", __FUNCTION__, getClientUid());
4460
4461 const PermissionChecker::PermissionResult result =
4462 checkPermissionsForCameraForStartDataDelivery(mCameraIdStr, mClientAttribution);
4463 status_t res = handlePermissionResult(result);
4464 if (res != OK) {
4465 return res;
4466 }
4467
4468 mOpsCallback = new OpsCallback(this);
4469 std::for_each(AttrSourceItr{mClientAttribution}, AttrSourceItr::end(),
4470 [&](const auto& attr) {
4471 mAppOpsManager->startWatchingMode(
4472 AppOpsManager::OP_CAMERA,
4473 toString16(attr.packageName.value_or("")),
4474 AppOpsManager::WATCH_FOREGROUND_CHANGES, mOpsCallback);
4475 });
4476 } else {
4477 ALOGD("%s: startOp for uid %d", __FUNCTION__, getClientUid());
4478 int32_t mode = mAppOpsManager->startOpNoThrow(
4479 AppOpsManager::OP_CAMERA, getClientUid(), toString16(getPackageName()),
4480 /*startIfModeDefault*/ false, toString16(getClientAttributionTag()),
4481 toString16("start camera ") + toString16(mCameraIdStr));
4482 status_t res = handleAppOpMode(mode);
4483 if (res != OK) {
4484 return res;
4485 }
4486 }
4487 }
4488
4489 mCameraStreaming = true;
4490
4491 return OK;
4492 }
4493
noteAppOp()4494 status_t CameraService::BasicClient::noteAppOp() {
4495 ATRACE_CALL();
4496
4497 ALOGV("%s: Start camera noteAppOp, package name = %s, client UID = %d", __FUNCTION__,
4498 getPackageName().c_str(), getClientUid());
4499
4500 // noteAppOp is only used for when camera mute is not supported, in order
4501 // to trigger the sensor privacy "Unblock" dialog
4502 if (flags::data_delivery_permission_checks()) {
4503 // Ignore the result, since we're only triggering the dialog
4504 ALOGD("%s: Check data delivery permissions for uid %d", __FUNCTION__, getClientUid());
4505 hasPermissionsForCameraForDataDelivery(std::string(), mClientAttribution);
4506 } else if (mAppOpsManager != nullptr) {
4507 ALOGD("%s: noteOp for uid %d", __FUNCTION__, getClientUid());
4508 int32_t mode = mAppOpsManager->noteOp(
4509 AppOpsManager::OP_CAMERA, getClientUid(), toString16(getPackageName()),
4510 toString16(getClientAttributionTag()),
4511 toString16("start camera ") + toString16(mCameraIdStr));
4512 status_t res = handleAppOpMode(mode);
4513 if (res != OK) {
4514 return res;
4515 }
4516 }
4517
4518 return OK;
4519 }
4520
finishCameraStreamingOps()4521 status_t CameraService::BasicClient::finishCameraStreamingOps() {
4522 ATRACE_CALL();
4523
4524 if (!mCameraOpen) {
4525 ALOGE("%s: Calling streaming start when not yet active", __FUNCTION__);
4526 return INVALID_OPERATION;
4527 }
4528 if (!mCameraStreaming) {
4529 ALOGV("%s: Streaming not active!", __FUNCTION__);
4530 return OK;
4531 }
4532
4533 if (mAppOpsManager != nullptr) {
4534 if (flags::data_delivery_permission_checks()) {
4535 ALOGD("%s: finishDataDelivery for uid %d", __FUNCTION__, getClientUid());
4536 finishDataDelivery(mClientAttribution);
4537
4538 // Stop watching app op changes after stop streaming
4539 if (mOpsCallback != nullptr) {
4540 mAppOpsManager->stopWatchingMode(mOpsCallback);
4541 mOpsCallback.clear();
4542 }
4543 } else {
4544 ALOGD("%s: finishOp for uid %d", __FUNCTION__, getClientUid());
4545 mAppOpsManager->finishOp(AppOpsManager::OP_CAMERA, getClientUid(),
4546 toString16(getPackageName()),
4547 toString16(getClientAttributionTag()));
4548 }
4549 mCameraStreaming = false;
4550 }
4551
4552 return OK;
4553 }
4554
notifyCameraClosing()4555 status_t CameraService::BasicClient::notifyCameraClosing() {
4556 ATRACE_CALL();
4557
4558 if (mCameraStreaming) {
4559 // Make sure we've notified everyone about camera stopping
4560 finishCameraStreamingOps();
4561 }
4562
4563 // Check if notifyCameraOpening succeeded, and if so, finish the camera op if necessary
4564 if (mCameraOpen) {
4565 mCameraOpen = false;
4566
4567 // This function is called when a client disconnects. This should
4568 // release the camera, but actually only if it was in a proper
4569 // functional state, i.e. with status NOT_AVAILABLE
4570 std::initializer_list<StatusInternal> rejected = {StatusInternal::PRESENT,
4571 StatusInternal::ENUMERATING, StatusInternal::NOT_PRESENT};
4572
4573 // Transition to PRESENT if the camera is not in either of the rejected states
4574 if (!flags::camera_multi_client() || !mSharedMode || (mSharedMode
4575 && sCameraService->isOnlyClient(this))) {
4576 sCameraService->updateStatus(StatusInternal::PRESENT,
4577 mCameraIdStr, rejected);
4578 }
4579 }
4580
4581 // When using the data delivery permission checks, the open state does not involve AppOps
4582 if (!flags::data_delivery_permission_checks()) {
4583 // Always stop watching, even if no camera op is active
4584 if (mOpsCallback != nullptr && mAppOpsManager != nullptr) {
4585 mAppOpsManager->stopWatchingMode(mOpsCallback);
4586 }
4587 mOpsCallback.clear();
4588 }
4589
4590 sCameraService->mUidPolicy->unregisterMonitorUid(getClientUid(), /*closeCamera*/ true);
4591
4592 // Notify listeners of camera open/close status
4593 sCameraService->updateOpenCloseStatus(mCameraIdStr, false /*open*/, getPackageName(),
4594 mSharedMode);
4595
4596 return OK;
4597 }
4598
getUidProcessState(int32_t uid)4599 int32_t CameraService::getUidProcessState(int32_t uid) {
4600 const auto& activityManager = getActivityManager();
4601 int32_t procState = ActivityManager::PROCESS_STATE_NONEXISTENT;
4602 if (activityManager != nullptr) {
4603 procState = activityManager->getUidProcessState(uid, toString16(kServiceName));
4604 } else {
4605 ALOGE("%s: getActivityManager returned nullptr.", __FUNCTION__);
4606 }
4607 return procState;
4608 }
4609
opChanged(int32_t op,const String16 &)4610 void CameraService::BasicClient::opChanged(int32_t op, const String16&) {
4611 ATRACE_CALL();
4612 if (mAppOpsManager == nullptr) {
4613 return;
4614 }
4615 // TODO : add offline camera session case
4616 if (op != AppOpsManager::OP_CAMERA) {
4617 ALOGW("Unexpected app ops notification received: %d", op);
4618 return;
4619 }
4620
4621 PermissionChecker::PermissionResult res;
4622 if (flags::data_delivery_permission_checks()) {
4623 int32_t appOpMode = AppOpsManager::MODE_ALLOWED;
4624 std::for_each(AttrSourceItr{mClientAttribution}, AttrSourceItr::end(),
4625 [&](const auto& attr) {
4626 appOpMode = std::max(appOpMode, mAppOpsManager->checkOp(
4627 AppOpsManager::OP_CAMERA, attr.uid,
4628 toString16(attr.packageName.value_or(""))));
4629 });
4630 ALOGV("checkOp returns: %d, %s ", res,
4631 appOpMode == AppOpsManager::MODE_ALLOWED ? "ALLOWED"
4632 : appOpMode == AppOpsManager::MODE_IGNORED ? "IGNORED"
4633 : appOpMode == AppOpsManager::MODE_ERRORED ? "ERRORED"
4634 : "UNKNOWN");
4635 res = appOpModeToPermissionResult(appOpMode);
4636 } else {
4637 int32_t appOpMode = mAppOpsManager->checkOp(AppOpsManager::OP_CAMERA, getClientUid(),
4638 toString16(getPackageName()));
4639 ALOGV("checkOp returns: %d, %s ", res,
4640 appOpMode == AppOpsManager::MODE_ALLOWED ? "ALLOWED"
4641 : appOpMode == AppOpsManager::MODE_IGNORED ? "IGNORED"
4642 : appOpMode == AppOpsManager::MODE_ERRORED ? "ERRORED"
4643 : "UNKNOWN");
4644 res = appOpModeToPermissionResult(appOpMode);
4645 }
4646
4647 if (res == PermissionChecker::PERMISSION_HARD_DENIED) {
4648 ALOGI("Camera %s: Access for \"%s\" revoked", mCameraIdStr.c_str(),
4649 getPackageName().c_str());
4650 block();
4651 } else if (res == PermissionChecker::PERMISSION_SOFT_DENIED) {
4652 bool isUidActive =
4653 sCameraService->mUidPolicy->isUidActive(getClientUid(), getPackageName());
4654
4655 // Uid may be active, but not visible to the user (e.g. PROCESS_STATE_FOREGROUND_SERVICE).
4656 // If not visible, but still active, then we want to block instead of muting the camera.
4657 int32_t procState = ActivityManager::PROCESS_STATE_NONEXISTENT;
4658 if (flags::data_delivery_permission_checks()) {
4659 // Use the proc state of the last uid in the chain (ultimately receiving the data)
4660 // when determining whether to mute or block
4661 int32_t uid = -1;
4662 std::for_each(AttrSourceItr{mClientAttribution}, AttrSourceItr::end(),
4663 [&](const auto& attr) {
4664 uid = static_cast<uid_t>(attr.uid);
4665 });
4666 procState = getUidProcessState(uid);
4667 } else if (flags::query_process_state()) {
4668 procState = getUidProcessState(getClientUid());
4669 } else {
4670 procState = sCameraService->mUidPolicy->getProcState(getClientUid());
4671 }
4672 bool isUidVisible = (procState <= ActivityManager::PROCESS_STATE_BOUND_TOP);
4673
4674 bool isCameraPrivacyEnabled;
4675 if (flags::camera_privacy_allowlist()) {
4676 isCameraPrivacyEnabled = sCameraService->isCameraPrivacyEnabled(
4677 toString16(getPackageName()), std::string(), mCallingPid, getClientUid());
4678 } else {
4679 isCameraPrivacyEnabled =
4680 sCameraService->mSensorPrivacyPolicy->isCameraPrivacyEnabled();
4681 }
4682
4683 ALOGI("Camera %s: Access for \"%s\" has been restricted, isUidTrusted %d, isUidActive %d"
4684 " isUidVisible %d, isCameraPrivacyEnabled %d procState %d",
4685 mCameraIdStr.c_str(), getPackageName().c_str(), mUidIsTrusted, isUidActive,
4686 isUidVisible, isCameraPrivacyEnabled, procState);
4687 // If the calling Uid is trusted (a native service), or the client Uid is active / visible
4688 // (WAR for b/175320666)the AppOpsManager could return MODE_IGNORED. Do not treat such
4689 // cases as error.
4690 if (!mUidIsTrusted) {
4691 if (isUidVisible && isCameraPrivacyEnabled && supportsCameraMute()) {
4692 setCameraMute(true);
4693 } else {
4694 block();
4695 }
4696 }
4697 } else if (res == PermissionChecker::PERMISSION_GRANTED) {
4698 setCameraMute(sCameraService->mOverrideCameraMuteMode);
4699 }
4700 }
4701
block()4702 void CameraService::BasicClient::block() {
4703 ATRACE_CALL();
4704
4705 // Reset the client PID to allow server-initiated disconnect,
4706 // and to prevent further calls by client.
4707 mCallingPid = getCallingPid();
4708 CaptureResultExtras resultExtras; // a dummy result (invalid)
4709 notifyError(hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISABLED, resultExtras);
4710 disconnect();
4711 }
4712
isPrimaryClient(bool * isPrimary)4713 status_t CameraService::BasicClient::isPrimaryClient(bool* isPrimary) {
4714 ATRACE_CALL();
4715 if (!flags::camera_multi_client()) {
4716 return INVALID_OPERATION;
4717 }
4718
4719 if (!mSharedMode) {
4720 ALOGW("%s: Invalid operation when camera is not opened in shared mode", __FUNCTION__);
4721 return INVALID_OPERATION;
4722 }
4723 *isPrimary = mIsPrimaryClient;
4724 return OK;
4725 }
4726
setPrimaryClient(bool isPrimary)4727 status_t CameraService::BasicClient::setPrimaryClient(bool isPrimary) {
4728 ATRACE_CALL();
4729
4730 if (!flags::camera_multi_client()) {
4731 return INVALID_OPERATION;
4732 }
4733
4734 if (!mSharedMode) {
4735 ALOGW("%s:Invalid operation when camera is not opened in shared mode", __FUNCTION__);
4736 return INVALID_OPERATION;
4737 }
4738 mIsPrimaryClient = isPrimary;
4739 return OK;
4740 }
4741
4742 // ----------------------------------------------------------------------------
4743
notifyError(int32_t errorCode,const CaptureResultExtras & resultExtras)4744 void CameraService::Client::notifyError(int32_t errorCode,
4745 [[maybe_unused]] const CaptureResultExtras& resultExtras) {
4746 if (mRemoteCallback != NULL) {
4747 int32_t api1ErrorCode = CAMERA_ERROR_RELEASED;
4748 if (errorCode == hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISABLED) {
4749 api1ErrorCode = CAMERA_ERROR_DISABLED;
4750 }
4751 mRemoteCallback->notifyCallback(CAMERA_MSG_ERROR, api1ErrorCode, 0);
4752 } else {
4753 ALOGE("mRemoteCallback is NULL!!");
4754 }
4755 }
4756
4757 // NOTE: function is idempotent
disconnect()4758 binder::Status CameraService::Client::disconnect() {
4759 ALOGV("Client::disconnect");
4760 return BasicClient::disconnect();
4761 }
4762
canCastToApiClient(apiLevel level) const4763 bool CameraService::Client::canCastToApiClient(apiLevel level) const {
4764 return level == API_1;
4765 }
4766
OpsCallback(wp<BasicClient> client)4767 CameraService::Client::OpsCallback::OpsCallback(wp<BasicClient> client):
4768 mClient(client) {
4769 }
4770
opChanged(int32_t op,const String16 & packageName)4771 void CameraService::Client::OpsCallback::opChanged(int32_t op,
4772 const String16& packageName) {
4773 sp<BasicClient> client = mClient.promote();
4774 if (client != NULL) {
4775 client->opChanged(op, packageName);
4776 }
4777 }
4778
4779 // ----------------------------------------------------------------------------
4780 // UidPolicy
4781 // ----------------------------------------------------------------------------
4782
registerWithActivityManager()4783 void CameraService::UidPolicy::registerWithActivityManager() {
4784 Mutex::Autolock _l(mUidLock);
4785 int32_t emptyUidArray[] = { };
4786
4787 if (mRegistered) return;
4788 status_t res = mAm.linkToDeath(this);
4789 mAm.registerUidObserverForUids(this, ActivityManager::UID_OBSERVER_GONE
4790 | ActivityManager::UID_OBSERVER_IDLE
4791 | ActivityManager::UID_OBSERVER_ACTIVE | ActivityManager::UID_OBSERVER_PROCSTATE
4792 | ActivityManager::UID_OBSERVER_PROC_OOM_ADJ,
4793 ActivityManager::PROCESS_STATE_UNKNOWN,
4794 toString16(kServiceName), emptyUidArray, 0, mObserverToken);
4795 if (res == OK) {
4796 mRegistered = true;
4797 ALOGV("UidPolicy: Registered with ActivityManager");
4798 } else {
4799 ALOGE("UidPolicy: Failed to register with ActivityManager: 0x%08x", res);
4800 }
4801 }
4802
onServiceRegistration(const String16 & name,const sp<IBinder> &)4803 void CameraService::UidPolicy::onServiceRegistration(const String16& name, const sp<IBinder>&) {
4804 if (name != toString16(kActivityServiceName)) {
4805 return;
4806 }
4807
4808 registerWithActivityManager();
4809 }
4810
registerSelf()4811 void CameraService::UidPolicy::registerSelf() {
4812 // Use check service to see if the activity service is available
4813 // If not available then register for notifications, instead of blocking
4814 // till the service is ready
4815 sp<IServiceManager> sm = defaultServiceManager();
4816 sp<IBinder> binder = sm->checkService(toString16(kActivityServiceName));
4817 if (!binder) {
4818 sm->registerForNotifications(toString16(kActivityServiceName), this);
4819 } else {
4820 registerWithActivityManager();
4821 }
4822 }
4823
unregisterSelf()4824 void CameraService::UidPolicy::unregisterSelf() {
4825 Mutex::Autolock _l(mUidLock);
4826
4827 mAm.unregisterUidObserver(this);
4828 mAm.unlinkToDeath(this);
4829 mRegistered = false;
4830 mActiveUids.clear();
4831 ALOGV("UidPolicy: Unregistered with ActivityManager");
4832 }
4833
onUidGone(uid_t uid,bool disabled)4834 void CameraService::UidPolicy::onUidGone(uid_t uid, bool disabled) {
4835 onUidIdle(uid, disabled);
4836 }
4837
onUidActive(uid_t uid)4838 void CameraService::UidPolicy::onUidActive(uid_t uid) {
4839 Mutex::Autolock _l(mUidLock);
4840 mActiveUids.insert(uid);
4841 }
4842
onUidIdle(uid_t uid,bool)4843 void CameraService::UidPolicy::onUidIdle(uid_t uid, bool /* disabled */) {
4844 bool deleted = false;
4845 {
4846 Mutex::Autolock _l(mUidLock);
4847 if (mActiveUids.erase(uid) > 0) {
4848 deleted = true;
4849 }
4850 }
4851 if (deleted) {
4852 sp<CameraService> service = mService.promote();
4853 if (service != nullptr) {
4854 service->blockClientsForUid(uid);
4855 }
4856 }
4857 }
4858
onUidStateChanged(uid_t uid,int32_t procState,int64_t procStateSeq __unused,int32_t capability __unused)4859 void CameraService::UidPolicy::onUidStateChanged(uid_t uid, int32_t procState,
4860 int64_t procStateSeq __unused, int32_t capability __unused) {
4861 bool procStateChange = false;
4862 {
4863 Mutex::Autolock _l(mUidLock);
4864 if (mMonitoredUids.find(uid) != mMonitoredUids.end() &&
4865 mMonitoredUids[uid].procState != procState) {
4866 mMonitoredUids[uid].procState = procState;
4867 procStateChange = true;
4868 }
4869 }
4870
4871 if (procStateChange) {
4872 sp<CameraService> service = mService.promote();
4873 if (service != nullptr) {
4874 service->notifyMonitoredUids();
4875 }
4876 }
4877 }
4878
4879 /**
4880 * When the OOM adj of the uid owning the camera changes, a different uid waiting on camera
4881 * privileges may take precedence if the owner's new OOM adj is greater than the waiting package.
4882 * Here, we track which monitoredUid has the camera, and track its adj relative to other
4883 * monitoredUids. If it is revised above some other monitoredUid, signal
4884 * onCameraAccessPrioritiesChanged. This only needs to capture the case where there are two
4885 * foreground apps in split screen - state changes will capture all other cases.
4886 */
onUidProcAdjChanged(uid_t uid,int32_t adj)4887 void CameraService::UidPolicy::onUidProcAdjChanged(uid_t uid, int32_t adj) {
4888 std::unordered_set<uid_t> notifyUidSet;
4889 {
4890 Mutex::Autolock _l(mUidLock);
4891 auto it = mMonitoredUids.find(uid);
4892
4893 if (it != mMonitoredUids.end()) {
4894 if (it->second.hasCamera) {
4895 for (auto &monitoredUid : mMonitoredUids) {
4896 if (monitoredUid.first != uid && adj > monitoredUid.second.procAdj) {
4897 ALOGV("%s: notify uid %d", __FUNCTION__, monitoredUid.first);
4898 notifyUidSet.emplace(monitoredUid.first);
4899 }
4900 }
4901 ALOGV("%s: notify uid %d", __FUNCTION__, uid);
4902 notifyUidSet.emplace(uid);
4903 } else {
4904 for (auto &monitoredUid : mMonitoredUids) {
4905 if (monitoredUid.second.hasCamera && adj < monitoredUid.second.procAdj) {
4906 ALOGV("%s: notify uid %d", __FUNCTION__, uid);
4907 notifyUidSet.emplace(uid);
4908 }
4909 }
4910 }
4911 it->second.procAdj = adj;
4912 }
4913 }
4914
4915 if (notifyUidSet.size() > 0) {
4916 sp<CameraService> service = mService.promote();
4917 if (service != nullptr) {
4918 service->notifyMonitoredUids(notifyUidSet);
4919 }
4920 }
4921 }
4922
4923 /**
4924 * Register a uid for monitoring, and note whether it owns a camera.
4925 */
registerMonitorUid(uid_t uid,bool openCamera)4926 void CameraService::UidPolicy::registerMonitorUid(uid_t uid, bool openCamera) {
4927 Mutex::Autolock _l(mUidLock);
4928 auto it = mMonitoredUids.find(uid);
4929 if (it != mMonitoredUids.end()) {
4930 it->second.refCount++;
4931 } else {
4932 MonitoredUid monitoredUid;
4933 monitoredUid.procState = ActivityManager::PROCESS_STATE_NONEXISTENT;
4934 monitoredUid.procAdj = resource_policy::UNKNOWN_ADJ;
4935 monitoredUid.refCount = 1;
4936 it = mMonitoredUids.emplace(std::pair<uid_t, MonitoredUid>(uid, monitoredUid)).first;
4937 status_t res = mAm.addUidToObserver(mObserverToken, toString16(kServiceName), uid);
4938 if (res != OK) {
4939 ALOGE("UidPolicy: Failed to add uid to observer: 0x%08x", res);
4940 }
4941 }
4942
4943 if (openCamera) {
4944 it->second.hasCamera = true;
4945 }
4946 }
4947
4948 /**
4949 * Unregister a uid for monitoring, and note whether it lost ownership of a camera.
4950 */
unregisterMonitorUid(uid_t uid,bool closeCamera)4951 void CameraService::UidPolicy::unregisterMonitorUid(uid_t uid, bool closeCamera) {
4952 Mutex::Autolock _l(mUidLock);
4953 auto it = mMonitoredUids.find(uid);
4954 if (it != mMonitoredUids.end()) {
4955 it->second.refCount--;
4956 if (it->second.refCount == 0) {
4957 mMonitoredUids.erase(it);
4958 status_t res = mAm.removeUidFromObserver(mObserverToken, toString16(kServiceName), uid);
4959 if (res != OK) {
4960 ALOGE("UidPolicy: Failed to remove uid from observer: 0x%08x", res);
4961 }
4962 } else if (closeCamera) {
4963 it->second.hasCamera = false;
4964 }
4965 } else {
4966 ALOGE("%s: Trying to unregister uid: %d which is not monitored!", __FUNCTION__, uid);
4967 }
4968 }
4969
isUidActive(uid_t uid,const std::string & callingPackage)4970 bool CameraService::UidPolicy::isUidActive(uid_t uid, const std::string &callingPackage) {
4971 Mutex::Autolock _l(mUidLock);
4972 return isUidActiveLocked(uid, callingPackage);
4973 }
4974
4975 static const int64_t kPollUidActiveTimeoutTotalMillis = 300;
4976 static const int64_t kPollUidActiveTimeoutMillis = 50;
4977
isUidActiveLocked(uid_t uid,const std::string & callingPackage)4978 bool CameraService::UidPolicy::isUidActiveLocked(uid_t uid, const std::string &callingPackage) {
4979 // Non-app UIDs are considered always active
4980 // If activity manager is unreachable, assume everything is active
4981 if (uid < FIRST_APPLICATION_UID || !mRegistered) {
4982 return true;
4983 }
4984 auto it = mOverrideUids.find(uid);
4985 if (it != mOverrideUids.end()) {
4986 return it->second;
4987 }
4988 bool active = mActiveUids.find(uid) != mActiveUids.end();
4989 if (!active) {
4990 // We want active UIDs to always access camera with their first attempt since
4991 // there is no guarantee the app is robustly written and would retry getting
4992 // the camera on failure. The inverse case is not a problem as we would take
4993 // camera away soon once we get the callback that the uid is no longer active.
4994 ActivityManager am;
4995 // Okay to access with a lock held as UID changes are dispatched without
4996 // a lock and we are a higher level component.
4997 int64_t startTimeMillis = 0;
4998 do {
4999 // TODO: Fix this b/109950150!
5000 // Okay this is a hack. There is a race between the UID turning active and
5001 // activity being resumed. The proper fix is very risky, so we temporary add
5002 // some polling which should happen pretty rarely anyway as the race is hard
5003 // to hit.
5004 active = mActiveUids.find(uid) != mActiveUids.end();
5005 if (!active) active = am.isUidActive(uid, toString16(callingPackage));
5006 if (active) {
5007 break;
5008 }
5009 if (startTimeMillis <= 0) {
5010 startTimeMillis = uptimeMillis();
5011 }
5012 int64_t ellapsedTimeMillis = uptimeMillis() - startTimeMillis;
5013 int64_t remainingTimeMillis = kPollUidActiveTimeoutTotalMillis - ellapsedTimeMillis;
5014 if (remainingTimeMillis <= 0) {
5015 break;
5016 }
5017 remainingTimeMillis = std::min(kPollUidActiveTimeoutMillis, remainingTimeMillis);
5018
5019 mUidLock.unlock();
5020 usleep(remainingTimeMillis * 1000);
5021 mUidLock.lock();
5022 } while (true);
5023
5024 if (active) {
5025 // Now that we found out the UID is actually active, cache that
5026 mActiveUids.insert(uid);
5027 }
5028 }
5029 return active;
5030 }
5031
getProcState(uid_t uid)5032 int32_t CameraService::UidPolicy::getProcState(uid_t uid) {
5033 Mutex::Autolock _l(mUidLock);
5034 return getProcStateLocked(uid);
5035 }
5036
getProcStateLocked(uid_t uid)5037 int32_t CameraService::UidPolicy::getProcStateLocked(uid_t uid) {
5038 int32_t procState = ActivityManager::PROCESS_STATE_UNKNOWN;
5039 if (mMonitoredUids.find(uid) != mMonitoredUids.end()) {
5040 procState = mMonitoredUids[uid].procState;
5041 }
5042 return procState;
5043 }
5044
addOverrideUid(uid_t uid,const std::string & callingPackage,bool active)5045 void CameraService::UidPolicy::addOverrideUid(uid_t uid,
5046 const std::string &callingPackage, bool active) {
5047 updateOverrideUid(uid, callingPackage, active, true);
5048 }
5049
removeOverrideUid(uid_t uid,const std::string & callingPackage)5050 void CameraService::UidPolicy::removeOverrideUid(uid_t uid, const std::string &callingPackage) {
5051 updateOverrideUid(uid, callingPackage, false, false);
5052 }
5053
binderDied(const wp<IBinder> &)5054 void CameraService::UidPolicy::binderDied(const wp<IBinder>& /*who*/) {
5055 Mutex::Autolock _l(mUidLock);
5056 ALOGV("UidPolicy: ActivityManager has died");
5057 mRegistered = false;
5058 mActiveUids.clear();
5059 }
5060
updateOverrideUid(uid_t uid,const std::string & callingPackage,bool active,bool insert)5061 void CameraService::UidPolicy::updateOverrideUid(uid_t uid, const std::string &callingPackage,
5062 bool active, bool insert) {
5063 bool wasActive = false;
5064 bool isActive = false;
5065 {
5066 Mutex::Autolock _l(mUidLock);
5067 wasActive = isUidActiveLocked(uid, callingPackage);
5068 mOverrideUids.erase(uid);
5069 if (insert) {
5070 mOverrideUids.insert(std::pair<uid_t, bool>(uid, active));
5071 }
5072 isActive = isUidActiveLocked(uid, callingPackage);
5073 }
5074 if (wasActive != isActive && !isActive) {
5075 sp<CameraService> service = mService.promote();
5076 if (service != nullptr) {
5077 service->blockClientsForUid(uid);
5078 }
5079 }
5080 }
5081
5082 // ----------------------------------------------------------------------------
5083 // SensorPrivacyPolicy
5084 // ----------------------------------------------------------------------------
5085
registerWithSensorPrivacyManager()5086 void CameraService::SensorPrivacyPolicy::registerWithSensorPrivacyManager()
5087 {
5088 Mutex::Autolock _l(mSensorPrivacyLock);
5089 if (mRegistered) {
5090 return;
5091 }
5092 hasCameraPrivacyFeature(); // Called so the result is cached
5093 mSpm.addSensorPrivacyListener(this);
5094 if (isAutomotiveDevice()) {
5095 mSpm.addToggleSensorPrivacyListener(this);
5096 }
5097 mSensorPrivacyEnabled = mSpm.isSensorPrivacyEnabled();
5098 if (flags::camera_privacy_allowlist()) {
5099 mCameraPrivacyState = mSpm.getToggleSensorPrivacyState(
5100 SensorPrivacyManager::TOGGLE_TYPE_SOFTWARE,
5101 SensorPrivacyManager::TOGGLE_SENSOR_CAMERA);
5102 }
5103 status_t res = mSpm.linkToDeath(this);
5104 if (res == OK) {
5105 mRegistered = true;
5106 ALOGV("SensorPrivacyPolicy: Registered with SensorPrivacyManager");
5107 }
5108 }
5109
onServiceRegistration(const String16 & name,const sp<IBinder> &)5110 void CameraService::SensorPrivacyPolicy::onServiceRegistration(const String16& name,
5111 const sp<IBinder>&) {
5112 if (name != toString16(kSensorPrivacyServiceName)) {
5113 return;
5114 }
5115
5116 registerWithSensorPrivacyManager();
5117 }
5118
registerSelf()5119 void CameraService::SensorPrivacyPolicy::registerSelf() {
5120 // Use checkservice to see if the sensor_privacy service is available
5121 // If service is not available then register for notification
5122 sp<IServiceManager> sm = defaultServiceManager();
5123 sp<IBinder> binder = sm->checkService(toString16(kSensorPrivacyServiceName));
5124 if (!binder) {
5125 sm->registerForNotifications(toString16(kSensorPrivacyServiceName),this);
5126 } else {
5127 registerWithSensorPrivacyManager();
5128 }
5129 }
5130
unregisterSelf()5131 void CameraService::SensorPrivacyPolicy::unregisterSelf() {
5132 Mutex::Autolock _l(mSensorPrivacyLock);
5133 mSpm.removeSensorPrivacyListener(this);
5134 if (isAutomotiveDevice()) {
5135 mSpm.removeToggleSensorPrivacyListener(this);
5136 }
5137 mSpm.unlinkToDeath(this);
5138 mRegistered = false;
5139 ALOGV("SensorPrivacyPolicy: Unregistered with SensorPrivacyManager");
5140 }
5141
isSensorPrivacyEnabled()5142 bool CameraService::SensorPrivacyPolicy::isSensorPrivacyEnabled() {
5143 if (!mRegistered) {
5144 registerWithSensorPrivacyManager();
5145 }
5146
5147 Mutex::Autolock _l(mSensorPrivacyLock);
5148 return mSensorPrivacyEnabled;
5149 }
5150
getCameraPrivacyState()5151 int CameraService::SensorPrivacyPolicy::getCameraPrivacyState() {
5152 if (!mRegistered) {
5153 registerWithSensorPrivacyManager();
5154 }
5155
5156 Mutex::Autolock _l(mSensorPrivacyLock);
5157 return mCameraPrivacyState;
5158 }
5159
isCameraPrivacyEnabled()5160 bool CameraService::SensorPrivacyPolicy::isCameraPrivacyEnabled() {
5161 if (!hasCameraPrivacyFeature()) {
5162 return false;
5163 }
5164 return mSpm.isToggleSensorPrivacyEnabled(SensorPrivacyManager::TOGGLE_SENSOR_CAMERA);
5165 }
5166
isCameraPrivacyEnabled(const String16 & packageName)5167 bool CameraService::SensorPrivacyPolicy::isCameraPrivacyEnabled(const String16& packageName) {
5168 if (!hasCameraPrivacyFeature()) {
5169 return false;
5170 }
5171 return mSpm.isCameraPrivacyEnabled(packageName);
5172 }
5173
onSensorPrivacyChanged(int toggleType,int sensor,bool enabled)5174 binder::Status CameraService::SensorPrivacyPolicy::onSensorPrivacyChanged(
5175 int toggleType, int sensor, bool enabled) {
5176 if ((toggleType == SensorPrivacyManager::TOGGLE_TYPE_UNKNOWN)
5177 && (sensor == SensorPrivacyManager::TOGGLE_SENSOR_UNKNOWN)) {
5178 {
5179 Mutex::Autolock _l(mSensorPrivacyLock);
5180 mSensorPrivacyEnabled = enabled;
5181 }
5182 // if sensor privacy is enabled then block all clients from accessing the camera
5183 if (enabled) {
5184 sp<CameraService> service = mService.promote();
5185 if (service != nullptr) {
5186 service->blockAllClients();
5187 }
5188 }
5189 }
5190 return binder::Status::ok();
5191 }
5192
onSensorPrivacyStateChanged(int,int sensor,int state)5193 binder::Status CameraService::SensorPrivacyPolicy::onSensorPrivacyStateChanged(
5194 int, int sensor, int state) {
5195 if (!flags::camera_privacy_allowlist()
5196 || (sensor != SensorPrivacyManager::TOGGLE_SENSOR_CAMERA)) {
5197 return binder::Status::ok();
5198 }
5199 {
5200 Mutex::Autolock _l(mSensorPrivacyLock);
5201 mCameraPrivacyState = state;
5202 }
5203 sp<CameraService> service = mService.promote();
5204 if (!service) {
5205 return binder::Status::ok();
5206 }
5207 // if sensor privacy is enabled then block all clients from accessing the camera
5208 if (state == SensorPrivacyManager::ENABLED) {
5209 service->blockAllClients();
5210 } else if (state == SensorPrivacyManager::ENABLED_EXCEPT_ALLOWLISTED_APPS) {
5211 service->blockPrivacyEnabledClients();
5212 }
5213 return binder::Status::ok();
5214 }
5215
binderDied(const wp<IBinder> &)5216 void CameraService::SensorPrivacyPolicy::binderDied(const wp<IBinder>& /*who*/) {
5217 Mutex::Autolock _l(mSensorPrivacyLock);
5218 ALOGV("SensorPrivacyPolicy: SensorPrivacyManager has died");
5219 mRegistered = false;
5220 }
5221
hasCameraPrivacyFeature()5222 bool CameraService::SensorPrivacyPolicy::hasCameraPrivacyFeature() {
5223 bool supportsSoftwareToggle = mSpm.supportsSensorToggle(
5224 SensorPrivacyManager::TOGGLE_TYPE_SOFTWARE, SensorPrivacyManager::TOGGLE_SENSOR_CAMERA);
5225 bool supportsHardwareToggle = mSpm.supportsSensorToggle(
5226 SensorPrivacyManager::TOGGLE_TYPE_HARDWARE, SensorPrivacyManager::TOGGLE_SENSOR_CAMERA);
5227 return supportsSoftwareToggle || supportsHardwareToggle;
5228 }
5229
5230 // ----------------------------------------------------------------------------
5231 // CameraState
5232 // ----------------------------------------------------------------------------
5233
CameraState(const std::string & id,int cost,const std::set<std::string> & conflicting,SystemCameraKind systemCameraKind,const std::vector<std::string> & physicalCameras)5234 CameraService::CameraState::CameraState(const std::string& id, int cost,
5235 const std::set<std::string>& conflicting, SystemCameraKind systemCameraKind,
5236 const std::vector<std::string>& physicalCameras) : mId(id),
5237 mStatus(StatusInternal::NOT_PRESENT), mCost(cost), mConflicting(conflicting),
5238 mSystemCameraKind(systemCameraKind), mPhysicalCameras(physicalCameras) {}
5239
~CameraState()5240 CameraService::CameraState::~CameraState() {}
5241
getStatus() const5242 CameraService::StatusInternal CameraService::CameraState::getStatus() const {
5243 Mutex::Autolock lock(mStatusLock);
5244 return mStatus;
5245 }
5246
getUnavailablePhysicalIds() const5247 std::vector<std::string> CameraService::CameraState::getUnavailablePhysicalIds() const {
5248 Mutex::Autolock lock(mStatusLock);
5249 std::vector<std::string> res(mUnavailablePhysicalIds.begin(), mUnavailablePhysicalIds.end());
5250 return res;
5251 }
5252
getShimParams() const5253 CameraParameters CameraService::CameraState::getShimParams() const {
5254 return mShimParams;
5255 }
5256
setShimParams(const CameraParameters & params)5257 void CameraService::CameraState::setShimParams(const CameraParameters& params) {
5258 mShimParams = params;
5259 }
5260
getCost() const5261 int CameraService::CameraState::getCost() const {
5262 return mCost;
5263 }
5264
getConflicting() const5265 std::set<std::string> CameraService::CameraState::getConflicting() const {
5266 return mConflicting;
5267 }
5268
getSystemCameraKind() const5269 SystemCameraKind CameraService::CameraState::getSystemCameraKind() const {
5270 return mSystemCameraKind;
5271 }
5272
containsPhysicalCamera(const std::string & physicalCameraId) const5273 bool CameraService::CameraState::containsPhysicalCamera(const std::string& physicalCameraId) const {
5274 return std::find(mPhysicalCameras.begin(), mPhysicalCameras.end(), physicalCameraId)
5275 != mPhysicalCameras.end();
5276 }
5277
addUnavailablePhysicalId(const std::string & physicalId)5278 bool CameraService::CameraState::addUnavailablePhysicalId(const std::string& physicalId) {
5279 Mutex::Autolock lock(mStatusLock);
5280 auto result = mUnavailablePhysicalIds.insert(physicalId);
5281 return result.second;
5282 }
5283
removeUnavailablePhysicalId(const std::string & physicalId)5284 bool CameraService::CameraState::removeUnavailablePhysicalId(const std::string& physicalId) {
5285 Mutex::Autolock lock(mStatusLock);
5286 auto count = mUnavailablePhysicalIds.erase(physicalId);
5287 return count > 0;
5288 }
5289
setClientPackage(const std::string & clientPackage)5290 void CameraService::CameraState::setClientPackage(const std::string& clientPackage) {
5291 Mutex::Autolock lock(mStatusLock);
5292 mClientPackages.clear();
5293 mClientPackages.insert(clientPackage);
5294 }
5295
getClientPackage() const5296 std::string CameraService::CameraState::getClientPackage() const {
5297 Mutex::Autolock lock(mStatusLock);
5298 if (!mClientPackages.empty()) {
5299 std::set<std::string>::iterator it = mClientPackages.begin();
5300 return *it;
5301 }
5302 return std::string();
5303 }
5304
addClientPackage(const std::string & clientPackage)5305 void CameraService::CameraState::addClientPackage(const std::string& clientPackage) {
5306 Mutex::Autolock lock(mStatusLock);
5307 mClientPackages.insert(clientPackage);
5308 }
5309
removeClientPackage(const std::string & clientPackage)5310 void CameraService::CameraState::removeClientPackage(const std::string& clientPackage) {
5311 Mutex::Autolock lock(mStatusLock);
5312 mClientPackages.erase(clientPackage);
5313 }
5314
5315 // ----------------------------------------------------------------------------
5316 // ClientEventListener
5317 // ----------------------------------------------------------------------------
5318
onClientAdded(const resource_policy::ClientDescriptor<std::string,sp<CameraService::BasicClient>> & descriptor)5319 void CameraService::ClientEventListener::onClientAdded(
5320 const resource_policy::ClientDescriptor<std::string,
5321 sp<CameraService::BasicClient>>& descriptor) {
5322 const auto& basicClient = descriptor.getValue();
5323 if (basicClient.get() != nullptr) {
5324 BatteryNotifier& notifier(BatteryNotifier::getInstance());
5325 notifier.noteStartCamera(toString8(descriptor.getKey()),
5326 static_cast<int>(basicClient->getClientUid()));
5327 }
5328 }
5329
onClientRemoved(const resource_policy::ClientDescriptor<std::string,sp<CameraService::BasicClient>> & descriptor)5330 void CameraService::ClientEventListener::onClientRemoved(
5331 const resource_policy::ClientDescriptor<std::string,
5332 sp<CameraService::BasicClient>>& descriptor) {
5333 const auto& basicClient = descriptor.getValue();
5334 if (basicClient.get() != nullptr) {
5335 BatteryNotifier& notifier(BatteryNotifier::getInstance());
5336 notifier.noteStopCamera(toString8(descriptor.getKey()),
5337 static_cast<int>(basicClient->getClientUid()));
5338 }
5339 }
5340
5341 // ----------------------------------------------------------------------------
5342 // CameraClientManager
5343 // ----------------------------------------------------------------------------
5344
CameraClientManager()5345 CameraService::CameraClientManager::CameraClientManager() {
5346 setListener(std::make_shared<ClientEventListener>());
5347 }
5348
~CameraClientManager()5349 CameraService::CameraClientManager::~CameraClientManager() {}
5350
getCameraClient(const std::string & id) const5351 sp<CameraService::BasicClient> CameraService::CameraClientManager::getCameraClient(
5352 const std::string& id) const {
5353 auto descriptor = get(id);
5354 if (descriptor == nullptr) {
5355 return sp<BasicClient>{nullptr};
5356 }
5357 return descriptor->getValue();
5358 }
5359
remove(const CameraService::DescriptorPtr & value)5360 void CameraService::CameraClientManager::remove(const CameraService::DescriptorPtr& value) {
5361 ClientManager::remove(value);
5362 if (!flags::camera_multi_client()) {
5363 return;
5364 }
5365 auto clientToRemove = value->getValue();
5366 if ((clientToRemove.get() != nullptr) && clientToRemove->mSharedMode) {
5367 bool primaryClient = false;
5368 status_t ret = clientToRemove->isPrimaryClient(&primaryClient);
5369 if ((ret == OK) && primaryClient) {
5370 // Primary client is being removed. Find the next higher priority
5371 // client to become primary client.
5372 auto clientDescriptor = get(value->getKey());
5373 if (clientDescriptor == nullptr) {
5374 ALOGV("CameraService::CameraClientManager::no other clients are using same camera");
5375 return;
5376 }
5377 resource_policy::ClientPriority highestPriority = clientDescriptor->getPriority();
5378 sp<BasicClient> highestPriorityClient = clientDescriptor->getValue();
5379 if (highestPriorityClient.get() != nullptr) {
5380 for (auto& i : getAll()) {
5381 if ((i->getKey() == value->getKey()) && (i->getPriority() < highestPriority)) {
5382 highestPriority = i->getPriority();
5383 highestPriorityClient = i->getValue();
5384 }
5385 }
5386 highestPriorityClient->setPrimaryClient(true);
5387 highestPriorityClient->notifyClientSharedAccessPriorityChanged(true);
5388 }
5389 }
5390 }
5391 }
5392
toString() const5393 std::string CameraService::CameraClientManager::toString() const {
5394 auto all = getAll();
5395 std::ostringstream ret;
5396 ret << "[";
5397 bool hasAny = false;
5398 for (auto& i : all) {
5399 hasAny = true;
5400 std::string key = i->getKey();
5401 int32_t cost = i->getCost();
5402 int32_t pid = i->getOwnerId();
5403 int32_t score = i->getPriority().getScore();
5404 int32_t state = i->getPriority().getState();
5405 auto conflicting = i->getConflicting();
5406 auto clientSp = i->getValue();
5407 std::string packageName;
5408 userid_t clientUserId = 0;
5409 if (clientSp.get() != nullptr) {
5410 packageName = clientSp->getPackageName();
5411 uid_t clientUid = clientSp->getClientUid();
5412 clientUserId = multiuser_get_user_id(clientUid);
5413 }
5414 ret << fmt::sprintf("\n(Camera ID: %s, Cost: %" PRId32 ", PID: %" PRId32 ", Score: %"
5415 PRId32 ", State: %" PRId32, key.c_str(), cost, pid, score, state);
5416
5417 if (clientSp.get() != nullptr) {
5418 ret << fmt::sprintf("User Id: %d, ", clientUserId);
5419 }
5420 if (packageName.size() != 0) {
5421 ret << fmt::sprintf("Client Package Name: %s", packageName.c_str());
5422 }
5423
5424 ret << ", Conflicting Client Devices: {";
5425 for (auto& j : conflicting) {
5426 ret << fmt::sprintf("%s, ", j.c_str());
5427 }
5428 ret << "})";
5429 }
5430 if (hasAny) ret << "\n";
5431 ret << "]\n";
5432 return ret.str();
5433 }
5434
makeClientDescriptor(const std::string & key,const sp<BasicClient> & value,int32_t cost,const std::set<std::string> & conflictingKeys,int32_t score,int32_t ownerId,int32_t state,int32_t oomScoreOffset,bool systemNativeClient,bool sharedMode)5435 CameraService::DescriptorPtr CameraService::CameraClientManager::makeClientDescriptor(
5436 const std::string& key, const sp<BasicClient>& value, int32_t cost,
5437 const std::set<std::string>& conflictingKeys, int32_t score, int32_t ownerId,
5438 int32_t state, int32_t oomScoreOffset, bool systemNativeClient, bool sharedMode) {
5439
5440 int32_t score_adj = systemNativeClient ? kSystemNativeClientScore : score;
5441 int32_t state_adj = systemNativeClient ? kSystemNativeClientState : state;
5442
5443 return std::make_shared<resource_policy::ClientDescriptor<std::string, sp<BasicClient>>>(
5444 key, value, cost, conflictingKeys, score_adj, ownerId, state_adj,
5445 systemNativeClient, oomScoreOffset, sharedMode);
5446 }
5447
makeClientDescriptor(const sp<BasicClient> & value,const CameraService::DescriptorPtr & partial,int32_t oomScoreOffset,bool systemNativeClient)5448 CameraService::DescriptorPtr CameraService::CameraClientManager::makeClientDescriptor(
5449 const sp<BasicClient>& value, const CameraService::DescriptorPtr& partial,
5450 int32_t oomScoreOffset, bool systemNativeClient) {
5451 return makeClientDescriptor(partial->getKey(), value, partial->getCost(),
5452 partial->getConflicting(), partial->getPriority().getScore(),
5453 partial->getOwnerId(), partial->getPriority().getState(), oomScoreOffset,
5454 systemNativeClient, partial->getSharedMode());
5455 }
5456
5457 // ----------------------------------------------------------------------------
5458 // InjectionStatusListener
5459 // ----------------------------------------------------------------------------
5460
addListener(const sp<ICameraInjectionCallback> & callback)5461 void CameraService::InjectionStatusListener::addListener(
5462 const sp<ICameraInjectionCallback>& callback) {
5463 Mutex::Autolock lock(mListenerLock);
5464 if (mCameraInjectionCallback) return;
5465 status_t res = IInterface::asBinder(callback)->linkToDeath(this);
5466 if (res == OK) {
5467 mCameraInjectionCallback = callback;
5468 }
5469 }
5470
removeListener()5471 void CameraService::InjectionStatusListener::removeListener() {
5472 Mutex::Autolock lock(mListenerLock);
5473 if (mCameraInjectionCallback == nullptr) {
5474 ALOGW("InjectionStatusListener: mCameraInjectionCallback == nullptr");
5475 return;
5476 }
5477 IInterface::asBinder(mCameraInjectionCallback)->unlinkToDeath(this);
5478 mCameraInjectionCallback = nullptr;
5479 }
5480
notifyInjectionError(const std::string & injectedCamId,status_t err)5481 void CameraService::InjectionStatusListener::notifyInjectionError(
5482 const std::string &injectedCamId, status_t err) {
5483 if (mCameraInjectionCallback == nullptr) {
5484 ALOGW("InjectionStatusListener: mCameraInjectionCallback == nullptr");
5485 return;
5486 }
5487
5488 switch (err) {
5489 case -ENODEV:
5490 mCameraInjectionCallback->onInjectionError(
5491 ICameraInjectionCallback::ERROR_INJECTION_SESSION);
5492 ALOGE("No camera device with ID \"%s\" currently available!",
5493 injectedCamId.c_str());
5494 break;
5495 case -EBUSY:
5496 mCameraInjectionCallback->onInjectionError(
5497 ICameraInjectionCallback::ERROR_INJECTION_SESSION);
5498 ALOGE("Higher-priority client using camera, ID \"%s\" currently unavailable!",
5499 injectedCamId.c_str());
5500 break;
5501 case DEAD_OBJECT:
5502 mCameraInjectionCallback->onInjectionError(
5503 ICameraInjectionCallback::ERROR_INJECTION_SESSION);
5504 ALOGE("Camera ID \"%s\" object is dead!",
5505 injectedCamId.c_str());
5506 break;
5507 case INVALID_OPERATION:
5508 mCameraInjectionCallback->onInjectionError(
5509 ICameraInjectionCallback::ERROR_INJECTION_SESSION);
5510 ALOGE("Camera ID \"%s\" encountered an operating or internal error!",
5511 injectedCamId.c_str());
5512 break;
5513 case UNKNOWN_TRANSACTION:
5514 mCameraInjectionCallback->onInjectionError(
5515 ICameraInjectionCallback::ERROR_INJECTION_UNSUPPORTED);
5516 ALOGE("Camera ID \"%s\" method doesn't support!",
5517 injectedCamId.c_str());
5518 break;
5519 default:
5520 mCameraInjectionCallback->onInjectionError(
5521 ICameraInjectionCallback::ERROR_INJECTION_INVALID_ERROR);
5522 ALOGE("Unexpected error %s (%d) opening camera \"%s\"!",
5523 strerror(-err), err, injectedCamId.c_str());
5524 }
5525 }
5526
binderDied(const wp<IBinder> &)5527 void CameraService::InjectionStatusListener::binderDied(
5528 const wp<IBinder>& /*who*/) {
5529 ALOGV("InjectionStatusListener: ICameraInjectionCallback has died");
5530 auto parent = mParent.promote();
5531 if (parent != nullptr) {
5532 auto clientDescriptor = parent->mActiveClientManager.get(parent->mInjectionInternalCamId);
5533 if (clientDescriptor != nullptr) {
5534 BasicClient* baseClientPtr = clientDescriptor->getValue().get();
5535 baseClientPtr->stopInjection();
5536 }
5537 parent->clearInjectionParameters();
5538 }
5539 }
5540
5541 // ----------------------------------------------------------------------------
5542 // CameraInjectionSession
5543 // ----------------------------------------------------------------------------
5544
stopInjection()5545 binder::Status CameraService::CameraInjectionSession::stopInjection() {
5546 Mutex::Autolock lock(mInjectionSessionLock);
5547 auto parent = mParent.promote();
5548 if (parent == nullptr) {
5549 ALOGE("CameraInjectionSession: Parent is gone");
5550 return STATUS_ERROR(ICameraInjectionCallback::ERROR_INJECTION_SERVICE,
5551 "Camera service encountered error");
5552 }
5553
5554 status_t res = NO_ERROR;
5555 auto clientDescriptor = parent->mActiveClientManager.get(parent->mInjectionInternalCamId);
5556 if (clientDescriptor != nullptr) {
5557 BasicClient* baseClientPtr = clientDescriptor->getValue().get();
5558 res = baseClientPtr->stopInjection();
5559 if (res != OK) {
5560 ALOGE("CameraInjectionSession: Failed to stop the injection camera!"
5561 " ret != NO_ERROR: %d", res);
5562 return STATUS_ERROR(ICameraInjectionCallback::ERROR_INJECTION_SESSION,
5563 "Camera session encountered error");
5564 }
5565 }
5566 parent->clearInjectionParameters();
5567 return binder::Status::ok();
5568 }
5569
5570 // ----------------------------------------------------------------------------
5571
5572 static const int kDumpLockRetries = 50;
5573 static const int kDumpLockSleep = 60000;
5574
tryLock(Mutex & mutex)5575 static bool tryLock(Mutex& mutex)
5576 {
5577 bool locked = false;
5578 for (int i = 0; i < kDumpLockRetries; ++i) {
5579 if (mutex.tryLock() == NO_ERROR) {
5580 locked = true;
5581 break;
5582 }
5583 usleep(kDumpLockSleep);
5584 }
5585 return locked;
5586 }
5587
cacheDump()5588 void CameraService::cacheDump() {
5589 if (mMemFd != -1) {
5590 const Vector<String16> args;
5591 ATRACE_CALL();
5592 // Acquiring service lock here will avoid the deadlock since
5593 // cacheDump will not be called during the second disconnect.
5594 Mutex::Autolock lock(mServiceLock);
5595
5596 Mutex::Autolock l(mCameraStatesLock);
5597 // Start collecting the info for open sessions and store it in temp file.
5598 for (const auto& state : mCameraStates) {
5599 std::string cameraId = state.first;
5600 auto clientDescriptor = mActiveClientManager.get(cameraId);
5601 if (clientDescriptor != nullptr) {
5602 dprintf(mMemFd, "== Camera device %s dynamic info: ==\n", cameraId.c_str());
5603 // Log the current open session info before device is disconnected.
5604 dumpOpenSessionClientLogs(mMemFd, args, cameraId);
5605 }
5606 }
5607 }
5608 }
5609
dump(int fd,const Vector<String16> & args)5610 status_t CameraService::dump(int fd, const Vector<String16>& args) {
5611 ATRACE_CALL();
5612
5613 if (checkCallingPermission(toString16(sDumpPermission)) == false) {
5614 dprintf(fd, "Permission Denial: can't dump CameraService from pid=%d, uid=%d\n",
5615 getCallingPid(),
5616 getCallingUid());
5617 return NO_ERROR;
5618 }
5619 bool locked = tryLock(mServiceLock);
5620 // failed to lock - CameraService is probably deadlocked
5621 if (!locked) {
5622 dprintf(fd, "!! CameraService may be deadlocked !!\n");
5623 }
5624
5625 if (!mInitialized) {
5626 dprintf(fd, "!! No camera HAL available !!\n");
5627
5628 // Dump event log for error information
5629 dumpEventLog(fd);
5630
5631 if (locked) mServiceLock.unlock();
5632 return NO_ERROR;
5633 }
5634 dprintf(fd, "\n== Service global info: ==\n\n");
5635 dprintf(fd, "Number of camera devices: %d\n", mNumberOfCameras);
5636 dprintf(fd, "Number of normal camera devices: %zu\n", mNormalDeviceIds.size());
5637 dprintf(fd, "Number of public camera devices visible to API1: %zu\n",
5638 mNormalDeviceIdsWithoutSystemCamera.size());
5639 for (size_t i = 0; i < mNormalDeviceIds.size(); i++) {
5640 dprintf(fd, " Device %zu maps to \"%s\"\n", i, mNormalDeviceIds[i].c_str());
5641 }
5642 std::string activeClientString = mActiveClientManager.toString();
5643 dprintf(fd, "Active Camera Clients:\n%s", activeClientString.c_str());
5644 dprintf(fd, "Allowed user IDs: %s\n", toString(mAllowedUsers).c_str());
5645 if (mStreamUseCaseOverrides.size() > 0) {
5646 dprintf(fd, "Active stream use case overrides:");
5647 for (int64_t useCaseOverride : mStreamUseCaseOverrides) {
5648 dprintf(fd, " %" PRId64, useCaseOverride);
5649 }
5650 dprintf(fd, "\n");
5651 }
5652
5653 dumpEventLog(fd);
5654
5655 bool stateLocked = tryLock(mCameraStatesLock);
5656 if (!stateLocked) {
5657 dprintf(fd, "CameraStates in use, may be deadlocked\n");
5658 }
5659
5660 int argSize = args.size();
5661 for (int i = 0; i < argSize; i++) {
5662 if (args[i] == toString16(TagMonitor::kMonitorOption)) {
5663 if (i + 1 < argSize) {
5664 mMonitorTags = toStdString(args[i + 1]);
5665 }
5666 break;
5667 }
5668 }
5669
5670 for (auto& state : mCameraStates) {
5671 const std::string &cameraId = state.first;
5672
5673 dprintf(fd, "== Camera device %s dynamic info: ==\n", cameraId.c_str());
5674
5675 CameraParameters p = state.second->getShimParams();
5676 if (!p.isEmpty()) {
5677 dprintf(fd, " Camera1 API shim is using parameters:\n ");
5678 p.dump(fd, args);
5679 }
5680
5681 auto clientDescriptor = mActiveClientManager.get(cameraId);
5682 if (clientDescriptor != nullptr) {
5683 // log the current open session info
5684 dumpOpenSessionClientLogs(fd, args, cameraId);
5685 } else {
5686 dumpClosedSessionClientLogs(fd, cameraId);
5687 }
5688
5689 }
5690
5691 if (stateLocked) mCameraStatesLock.unlock();
5692
5693 if (locked) mServiceLock.unlock();
5694
5695 mCameraProviderManager->dump(fd, args);
5696
5697 dprintf(fd, "\n== Vendor tags: ==\n\n");
5698
5699 sp<VendorTagDescriptor> desc = VendorTagDescriptor::getGlobalVendorTagDescriptor();
5700 if (desc == NULL) {
5701 sp<VendorTagDescriptorCache> cache =
5702 VendorTagDescriptorCache::getGlobalVendorTagCache();
5703 if (cache == NULL) {
5704 dprintf(fd, "No vendor tags.\n");
5705 } else {
5706 cache->dump(fd, /*verbosity*/2, /*indentation*/2);
5707 }
5708 } else {
5709 desc->dump(fd, /*verbosity*/2, /*indentation*/2);
5710 }
5711
5712 // Dump camera traces if there were any
5713 dprintf(fd, "\n");
5714 camera3::CameraTraces::dump(fd);
5715
5716 // Process dump arguments, if any
5717 int n = args.size();
5718 String16 verboseOption("-v");
5719 String16 unreachableOption("--unreachable");
5720 for (int i = 0; i < n; i++) {
5721 if (args[i] == verboseOption) {
5722 // change logging level
5723 if (i + 1 >= n) continue;
5724 std::string levelStr = toStdString(args[i+1]);
5725 int level = atoi(levelStr.c_str());
5726 dprintf(fd, "\nSetting log level to %d.\n", level);
5727 setLogLevel(level);
5728 } else if (args[i] == unreachableOption) {
5729 // Dump memory analysis
5730 // TODO - should limit be an argument parameter?
5731 UnreachableMemoryInfo info;
5732 bool success = GetUnreachableMemory(info, /*limit*/ 10000);
5733 if (!success) {
5734 dprintf(fd, "\n== Unable to dump unreachable memory. "
5735 "Try disabling SELinux enforcement. ==\n");
5736 } else {
5737 dprintf(fd, "\n== Dumping unreachable memory: ==\n");
5738 std::string s = info.ToString(/*log_contents*/ true);
5739 write(fd, s.c_str(), s.size());
5740 }
5741 }
5742 }
5743
5744 bool serviceLocked = tryLock(mServiceLock);
5745
5746 // Dump info from previous open sessions.
5747 // Reposition the offset to beginning of the file before reading
5748
5749 if ((mMemFd >= 0) && (lseek(mMemFd, 0, SEEK_SET) != -1)) {
5750 dprintf(fd, "\n**********Dumpsys from previous open session**********\n");
5751 ssize_t size_read;
5752 char buf[4096];
5753 while ((size_read = read(mMemFd, buf, (sizeof(buf) - 1))) > 0) {
5754 // Read data from file to a small buffer and write it to fd.
5755 write(fd, buf, size_read);
5756 if (size_read == -1) {
5757 ALOGE("%s: Error during reading the file: %s", __FUNCTION__, sFileName);
5758 break;
5759 }
5760 }
5761 dprintf(fd, "\n**********End of Dumpsys from previous open session**********\n");
5762 } else {
5763 ALOGE("%s: Error during reading the file: %s", __FUNCTION__, sFileName);
5764 }
5765
5766 if (serviceLocked) mServiceLock.unlock();
5767 return NO_ERROR;
5768 }
5769
dumpOpenSessionClientLogs(int fd,const Vector<String16> & args,const std::string & cameraId)5770 void CameraService::dumpOpenSessionClientLogs(int fd,
5771 const Vector<String16>& args, const std::string& cameraId) {
5772 auto clientDescriptor = mActiveClientManager.get(cameraId);
5773 dprintf(fd, " %s : Device %s is open. Client instance dump:\n",
5774 getFormattedCurrentTime().c_str(),
5775 cameraId.c_str());
5776 dprintf(fd, " Client priority score: %d state: %d\n",
5777 clientDescriptor->getPriority().getScore(),
5778 clientDescriptor->getPriority().getState());
5779 dprintf(fd, " Client PID: %d\n", clientDescriptor->getOwnerId());
5780
5781 auto client = clientDescriptor->getValue();
5782 dprintf(fd, " Client package: %s\n",
5783 client->getPackageName().c_str());
5784
5785 client->dumpClient(fd, args);
5786 }
5787
dumpClosedSessionClientLogs(int fd,const std::string & cameraId)5788 void CameraService::dumpClosedSessionClientLogs(int fd, const std::string& cameraId) {
5789 dprintf(fd, " Device %s is closed, no client instance\n",
5790 cameraId.c_str());
5791 }
5792
dumpEventLog(int fd)5793 void CameraService::dumpEventLog(int fd) {
5794 dprintf(fd, "\n== Camera service events log (most recent at top): ==\n");
5795
5796 Mutex::Autolock l(mLogLock);
5797 for (const auto& msg : mEventLog) {
5798 dprintf(fd, " %s\n", msg.c_str());
5799 }
5800
5801 if (mEventLog.size() == DEFAULT_EVENT_LOG_LENGTH) {
5802 dprintf(fd, " ...\n");
5803 } else if (mEventLog.size() == 0) {
5804 dprintf(fd, " [no events yet]\n");
5805 }
5806 dprintf(fd, "\n");
5807 }
5808
cacheClientTagDumpIfNeeded(const std::string & cameraId,BasicClient * client)5809 void CameraService::cacheClientTagDumpIfNeeded(const std::string &cameraId, BasicClient* client) {
5810 Mutex::Autolock lock(mLogLock);
5811 if (!isClientWatchedLocked(client)) { return; }
5812
5813 std::vector<std::string> dumpVector;
5814 client->dumpWatchedEventsToVector(dumpVector);
5815
5816 if (dumpVector.empty()) { return; }
5817
5818 std::ostringstream dumpString;
5819
5820 std::string currentTime = getFormattedCurrentTime();
5821 dumpString << "Cached @ ";
5822 dumpString << currentTime;
5823 dumpString << "\n"; // First line is the timestamp of when client is cached.
5824
5825 size_t i = dumpVector.size();
5826
5827 // Store the string in reverse order (latest last)
5828 while (i > 0) {
5829 i--;
5830 dumpString << cameraId;
5831 dumpString << ":";
5832 dumpString << client->getPackageName();
5833 dumpString << " ";
5834 dumpString << dumpVector[i]; // implicitly ends with '\n'
5835 }
5836
5837 mWatchedClientsDumpCache[client->getPackageName()] = dumpString.str();
5838 }
5839
handleTorchClientBinderDied(const wp<IBinder> & who)5840 void CameraService::handleTorchClientBinderDied(const wp<IBinder> &who) {
5841 Mutex::Autolock al(mTorchClientMapMutex);
5842 for (size_t i = 0; i < mTorchClientMap.size(); i++) {
5843 if (mTorchClientMap[i] == who) {
5844 // turn off the torch mode that was turned on by dead client
5845 std::string cameraId = mTorchClientMap.keyAt(i);
5846 status_t res = mFlashlight->setTorchMode(cameraId, false);
5847 if (res) {
5848 ALOGE("%s: torch client died but couldn't turn off torch: "
5849 "%s (%d)", __FUNCTION__, strerror(-res), res);
5850 return;
5851 }
5852 mTorchClientMap.removeItemsAt(i);
5853 break;
5854 }
5855 }
5856 }
5857
binderDied(const wp<IBinder> & who)5858 /*virtual*/void CameraService::binderDied(const wp<IBinder> &who) {
5859
5860 /**
5861 * While tempting to promote the wp<IBinder> into a sp, it's actually not supported by the
5862 * binder driver
5863 */
5864 // PID here is approximate and can be wrong.
5865 logClientDied(getCallingPid(), "Binder died unexpectedly");
5866
5867 // check torch client
5868 handleTorchClientBinderDied(who);
5869
5870 // check camera device client
5871 if(!evictClientIdByRemote(who)) {
5872 ALOGV("%s: Java client's binder death already cleaned up (normal case)", __FUNCTION__);
5873 return;
5874 }
5875
5876 ALOGE("%s: Java client's binder died, removing it from the list of active clients",
5877 __FUNCTION__);
5878 }
5879
updateStatus(StatusInternal status,const std::string & cameraId)5880 void CameraService::updateStatus(StatusInternal status, const std::string& cameraId) {
5881 updateStatus(status, cameraId, {});
5882 }
5883
updateStatus(StatusInternal status,const std::string & cameraId,std::initializer_list<StatusInternal> rejectSourceStates)5884 void CameraService::updateStatus(StatusInternal status, const std::string& cameraId,
5885 std::initializer_list<StatusInternal> rejectSourceStates) {
5886 // Do not lock mServiceLock here or can get into a deadlock from
5887 // connect() -> disconnect -> updateStatus
5888
5889 auto state = getCameraState(cameraId);
5890
5891 if (state == nullptr) {
5892 ALOGW("%s: Could not update the status for %s, no such device exists", __FUNCTION__,
5893 cameraId.c_str());
5894 return;
5895 }
5896
5897 // Avoid calling getSystemCameraKind() with mStatusListenerLock held (b/141756275)
5898 SystemCameraKind deviceKind = SystemCameraKind::PUBLIC;
5899 if (getSystemCameraKind(cameraId, &deviceKind) != OK) {
5900 ALOGE("%s: Invalid camera id %s, skipping", __FUNCTION__, cameraId.c_str());
5901 return;
5902 }
5903
5904 if (vd_flags::camera_device_awareness() && status == StatusInternal::PRESENT) {
5905 CameraMetadata cameraInfo;
5906 status_t res = mCameraProviderManager->getCameraCharacteristics(
5907 cameraId, false, &cameraInfo, hardware::ICameraService::ROTATION_OVERRIDE_NONE);
5908 if (res != OK) {
5909 ALOGW("%s: Not able to get camera characteristics for camera id %s",
5910 __FUNCTION__, cameraId.c_str());
5911 } else {
5912 int32_t deviceId = getDeviceId(cameraInfo);
5913 if (deviceId != kDefaultDeviceId) {
5914 const auto &lensFacingEntry = cameraInfo.find(ANDROID_LENS_FACING);
5915 camera_metadata_enum_android_lens_facing_t androidLensFacing =
5916 static_cast<camera_metadata_enum_android_lens_facing_t>(
5917 lensFacingEntry.data.u8[0]);
5918 std::string mappedCameraId;
5919 if (androidLensFacing == ANDROID_LENS_FACING_BACK) {
5920 mappedCameraId = kVirtualDeviceBackCameraId;
5921 } else if (androidLensFacing == ANDROID_LENS_FACING_FRONT) {
5922 mappedCameraId = kVirtualDeviceFrontCameraId;
5923 } else {
5924 ALOGD("%s: Not adding entry for an external camera of a virtual device",
5925 __func__);
5926 }
5927 if (!mappedCameraId.empty()) {
5928 mVirtualDeviceCameraIdMapper.addCamera(cameraId, deviceId, mappedCameraId);
5929 }
5930 }
5931 }
5932 }
5933
5934 // Collect the logical cameras without holding mStatusLock in updateStatus
5935 // as that can lead to a deadlock(b/162192331).
5936 auto logicalCameraIds = getLogicalCameras(cameraId);
5937 // Update the status for this camera state, then send the onStatusChangedCallbacks to each
5938 // of the listeners with both the mStatusLock and mStatusListenerLock held
5939 state->updateStatus(status, cameraId, rejectSourceStates, [this, &deviceKind,
5940 &logicalCameraIds]
5941 (const std::string& cameraId, StatusInternal status) {
5942 // Get the device id and app-visible camera id for the given HAL-visible camera id.
5943 auto [deviceId, mappedCameraId] =
5944 mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(cameraId);
5945
5946 if (status != StatusInternal::ENUMERATING) {
5947 // Update torch status if it has a flash unit.
5948 Mutex::Autolock al(mTorchStatusMutex);
5949 TorchModeStatus torchStatus;
5950 if (getTorchStatusLocked(cameraId, &torchStatus) !=
5951 NAME_NOT_FOUND) {
5952 TorchModeStatus newTorchStatus =
5953 status == StatusInternal::PRESENT ?
5954 TorchModeStatus::AVAILABLE_OFF :
5955 TorchModeStatus::NOT_AVAILABLE;
5956 if (torchStatus != newTorchStatus) {
5957 onTorchStatusChangedLocked(cameraId, newTorchStatus, deviceKind);
5958 }
5959 }
5960 }
5961
5962 Mutex::Autolock lock(mStatusListenerLock);
5963 notifyPhysicalCameraStatusLocked(mapToInterface(status), mappedCameraId,
5964 logicalCameraIds, deviceKind, deviceId);
5965
5966 for (auto& listener : mListenerList) {
5967 bool isVendorListener = listener->isVendorListener();
5968 if (shouldSkipStatusUpdates(deviceKind, isVendorListener,
5969 listener->getListenerPid(), listener->getListenerUid())) {
5970 ALOGV("Skipping discovery callback for system-only camera device %s",
5971 cameraId.c_str());
5972 continue;
5973 }
5974
5975 auto ret = listener->getListener()->onStatusChanged(mapToInterface(status),
5976 mappedCameraId, deviceId);
5977 listener->handleBinderStatus(ret,
5978 "%s: Failed to trigger onStatusChanged callback for %d:%d: %d",
5979 __FUNCTION__, listener->getListenerUid(), listener->getListenerPid(),
5980 ret.exceptionCode());
5981 }
5982 });
5983 }
5984
updateOpenCloseStatus(const std::string & cameraId,bool open,const std::string & clientPackageName,bool sharedMode)5985 void CameraService::updateOpenCloseStatus(const std::string& cameraId, bool open,
5986 const std::string& clientPackageName, bool sharedMode) {
5987 auto state = getCameraState(cameraId);
5988 if (state == nullptr) {
5989 ALOGW("%s: Could not update the status for %s, no such device exists", __FUNCTION__,
5990 cameraId.c_str());
5991 return;
5992 }
5993 if (open) {
5994 if (flags::camera_multi_client() && sharedMode) {
5995 state->addClientPackage(clientPackageName);
5996 } else {
5997 state->setClientPackage(clientPackageName);
5998 }
5999 } else {
6000 if (flags::camera_multi_client() && sharedMode) {
6001 state->removeClientPackage(clientPackageName);
6002 } else {
6003 state->setClientPackage(std::string());
6004 }
6005 }
6006
6007 // Get the device id and app-visible camera id for the given HAL-visible camera id.
6008 auto [deviceId, mappedCameraId] =
6009 mVirtualDeviceCameraIdMapper.getDeviceIdAndMappedCameraIdPair(cameraId);
6010
6011 Mutex::Autolock lock(mStatusListenerLock);
6012
6013 for (const auto& it : mListenerList) {
6014 if (!it->isOpenCloseCallbackAllowed()) {
6015 continue;
6016 }
6017
6018 binder::Status ret;
6019 if (open) {
6020 ret = it->getListener()->onCameraOpened(mappedCameraId, clientPackageName,
6021 deviceId);
6022 } else {
6023 if (!flags::camera_multi_client() || !sharedMode || (sharedMode &&
6024 mActiveClientManager.getCameraClient(cameraId) == nullptr)) {
6025 ret = it->getListener()->onCameraClosed(mappedCameraId, deviceId);
6026 }
6027 }
6028
6029 it->handleBinderStatus(ret,
6030 "%s: Failed to trigger onCameraOpened/onCameraClosed callback for %d:%d: %d",
6031 __FUNCTION__, it->getListenerUid(), it->getListenerPid(), ret.exceptionCode());
6032 }
6033 }
6034
6035 template<class Func>
updateStatus(StatusInternal status,const std::string & cameraId,std::initializer_list<StatusInternal> rejectSourceStates,Func onStatusUpdatedLocked)6036 void CameraService::CameraState::updateStatus(StatusInternal status,
6037 const std::string& cameraId,
6038 std::initializer_list<StatusInternal> rejectSourceStates,
6039 Func onStatusUpdatedLocked) {
6040 Mutex::Autolock lock(mStatusLock);
6041 StatusInternal oldStatus = mStatus;
6042 mStatus = status;
6043
6044 if (oldStatus == status) {
6045 return;
6046 }
6047
6048 ALOGV("%s: Status has changed for camera ID %s from %#x to %#x", __FUNCTION__,
6049 cameraId.c_str(), eToI(oldStatus), eToI(status));
6050
6051 if (oldStatus == StatusInternal::NOT_PRESENT &&
6052 (status != StatusInternal::PRESENT &&
6053 status != StatusInternal::ENUMERATING)) {
6054
6055 ALOGW("%s: From NOT_PRESENT can only transition into PRESENT or ENUMERATING",
6056 __FUNCTION__);
6057 mStatus = oldStatus;
6058 return;
6059 }
6060
6061 /**
6062 * Sometimes we want to conditionally do a transition.
6063 * For example if a client disconnects, we want to go to PRESENT
6064 * only if we weren't already in NOT_PRESENT or ENUMERATING.
6065 */
6066 for (auto& rejectStatus : rejectSourceStates) {
6067 if (oldStatus == rejectStatus) {
6068 ALOGV("%s: Rejecting status transition for Camera ID %s, since the source "
6069 "state was was in one of the bad states.", __FUNCTION__, cameraId.c_str());
6070 mStatus = oldStatus;
6071 return;
6072 }
6073 }
6074
6075 onStatusUpdatedLocked(cameraId, status);
6076 }
6077
getTorchStatusLocked(const std::string & cameraId,TorchModeStatus * status) const6078 status_t CameraService::getTorchStatusLocked(
6079 const std::string& cameraId,
6080 TorchModeStatus *status) const {
6081 if (!status) {
6082 return BAD_VALUE;
6083 }
6084 ssize_t index = mTorchStatusMap.indexOfKey(cameraId);
6085 if (index == NAME_NOT_FOUND) {
6086 // invalid camera ID or the camera doesn't have a flash unit
6087 return NAME_NOT_FOUND;
6088 }
6089
6090 *status = mTorchStatusMap.valueAt(index);
6091 return OK;
6092 }
6093
setTorchStatusLocked(const std::string & cameraId,TorchModeStatus status)6094 status_t CameraService::setTorchStatusLocked(const std::string& cameraId,
6095 TorchModeStatus status) {
6096 ssize_t index = mTorchStatusMap.indexOfKey(cameraId);
6097 if (index == NAME_NOT_FOUND) {
6098 return BAD_VALUE;
6099 }
6100 mTorchStatusMap.editValueAt(index) = status;
6101
6102 return OK;
6103 }
6104
getLogicalCameras(const std::string & physicalCameraId)6105 std::list<std::string> CameraService::getLogicalCameras(
6106 const std::string& physicalCameraId) {
6107 std::list<std::string> retList;
6108 Mutex::Autolock lock(mCameraStatesLock);
6109 for (const auto& state : mCameraStates) {
6110 if (state.second->containsPhysicalCamera(physicalCameraId)) {
6111 retList.emplace_back(state.first);
6112 }
6113 }
6114 return retList;
6115 }
6116
notifyPhysicalCameraStatusLocked(int32_t status,const std::string & physicalCameraId,const std::list<std::string> & logicalCameraIds,SystemCameraKind deviceKind,int32_t deviceId)6117 void CameraService::notifyPhysicalCameraStatusLocked(int32_t status,
6118 const std::string& physicalCameraId, const std::list<std::string>& logicalCameraIds,
6119 SystemCameraKind deviceKind, int32_t deviceId) {
6120 // mStatusListenerLock is expected to be locked
6121 for (const auto& logicalCameraId : logicalCameraIds) {
6122 for (auto& listener : mListenerList) {
6123 // Note: we check only the deviceKind of the physical camera id
6124 // since, logical camera ids and their physical camera ids are
6125 // guaranteed to have the same system camera kind.
6126 if (shouldSkipStatusUpdates(deviceKind, listener->isVendorListener(),
6127 listener->getListenerPid(), listener->getListenerUid())) {
6128 ALOGV("Skipping discovery callback for system-only camera device %s",
6129 physicalCameraId.c_str());
6130 continue;
6131 }
6132 auto ret = listener->getListener()->onPhysicalCameraStatusChanged(status,
6133 logicalCameraId, physicalCameraId, deviceId);
6134 listener->handleBinderStatus(ret,
6135 "%s: Failed to trigger onPhysicalCameraStatusChanged for %d:%d: %d",
6136 __FUNCTION__, listener->getListenerUid(), listener->getListenerPid(),
6137 ret.exceptionCode());
6138 }
6139 }
6140 }
6141
blockClientsForUid(uid_t uid)6142 void CameraService::blockClientsForUid(uid_t uid) {
6143 const auto clients = mActiveClientManager.getAll();
6144 for (auto& current : clients) {
6145 if (current != nullptr) {
6146 const auto basicClient = current->getValue();
6147 if (basicClient.get() != nullptr && basicClient->getClientUid() == uid) {
6148 basicClient->block();
6149 }
6150 }
6151 }
6152 }
6153
blockAllClients()6154 void CameraService::blockAllClients() {
6155 const auto clients = mActiveClientManager.getAll();
6156 for (auto& current : clients) {
6157 if (current != nullptr) {
6158 const auto basicClient = current->getValue();
6159 if (basicClient.get() != nullptr) {
6160 basicClient->block();
6161 }
6162 }
6163 }
6164 }
6165
blockPrivacyEnabledClients()6166 void CameraService::blockPrivacyEnabledClients() {
6167 const auto clients = mActiveClientManager.getAll();
6168 for (auto& current : clients) {
6169 if (current != nullptr) {
6170 const auto basicClient = current->getValue();
6171 if (basicClient.get() != nullptr) {
6172 std::string pkgName = basicClient->getPackageName();
6173 bool cameraPrivacyEnabled =
6174 mSensorPrivacyPolicy->isCameraPrivacyEnabled(toString16(pkgName));
6175 if (cameraPrivacyEnabled) {
6176 basicClient->block();
6177 }
6178 }
6179 }
6180 }
6181 }
6182
6183 // NOTE: This is a remote API - make sure all args are validated
shellCommand(int in,int out,int err,const Vector<String16> & args)6184 status_t CameraService::shellCommand(int in, int out, int err, const Vector<String16>& args) {
6185 if (!checkCallingPermission(toString16(sManageCameraPermission), nullptr, nullptr)) {
6186 return PERMISSION_DENIED;
6187 }
6188 if (in == BAD_TYPE || out == BAD_TYPE || err == BAD_TYPE) {
6189 return BAD_VALUE;
6190 }
6191 if (args.size() >= 3 && args[0] == toString16("set-uid-state")) {
6192 return handleSetUidState(args, err);
6193 } else if (args.size() >= 2 && args[0] == toString16("reset-uid-state")) {
6194 return handleResetUidState(args, err);
6195 } else if (args.size() >= 2 && args[0] == toString16("get-uid-state")) {
6196 return handleGetUidState(args, out, err);
6197 } else if (args.size() >= 2 && args[0] == toString16("set-rotate-and-crop")) {
6198 return handleSetRotateAndCrop(args);
6199 } else if (args.size() >= 1 && args[0] == toString16("get-rotate-and-crop")) {
6200 return handleGetRotateAndCrop(out);
6201 } else if (args.size() >= 2 && args[0] == toString16("set-autoframing")) {
6202 return handleSetAutoframing(args);
6203 } else if (args.size() >= 1 && args[0] == toString16("get-autoframing")) {
6204 return handleGetAutoframing(out);
6205 } else if (args.size() >= 2 && args[0] == toString16("set-image-dump-mask")) {
6206 return handleSetImageDumpMask(args);
6207 } else if (args.size() >= 1 && args[0] == toString16("get-image-dump-mask")) {
6208 return handleGetImageDumpMask(out);
6209 } else if (args.size() >= 2 && args[0] == toString16("set-camera-mute")) {
6210 return handleSetCameraMute(args);
6211 } else if (args.size() >= 2 && args[0] == toString16("set-stream-use-case-override")) {
6212 return handleSetStreamUseCaseOverrides(args);
6213 } else if (args.size() >= 1 && args[0] == toString16("clear-stream-use-case-override")) {
6214 handleClearStreamUseCaseOverrides();
6215 return OK;
6216 } else if (args.size() >= 1 && args[0] == toString16("set-zoom-override")) {
6217 return handleSetZoomOverride(args);
6218 } else if (args.size() >= 2 && args[0] == toString16("watch")) {
6219 return handleWatchCommand(args, in, out);
6220 } else if (args.size() >= 2 && args[0] == toString16("set-watchdog")) {
6221 return handleSetCameraServiceWatchdog(args);
6222 } else if (args.size() == 1 && args[0] == toString16("help")) {
6223 printHelp(out);
6224 return OK;
6225 }
6226 printHelp(err);
6227 return BAD_VALUE;
6228 }
6229
handleSetUidState(const Vector<String16> & args,int err)6230 status_t CameraService::handleSetUidState(const Vector<String16>& args, int err) {
6231 std::string packageName = toStdString(args[1]);
6232
6233 bool active = false;
6234 if (args[2] == toString16("active")) {
6235 active = true;
6236 } else if ((args[2] != toString16("idle"))) {
6237 ALOGE("Expected active or idle but got: '%s'", toStdString(args[2]).c_str());
6238 return BAD_VALUE;
6239 }
6240
6241 int userId = 0;
6242 if (args.size() >= 5 && args[3] == toString16("--user")) {
6243 userId = atoi(toStdString(args[4]).c_str());
6244 }
6245
6246 uid_t uid;
6247 if (getUidForPackage(packageName, userId, uid, err) == BAD_VALUE) {
6248 return BAD_VALUE;
6249 }
6250
6251 mUidPolicy->addOverrideUid(uid, packageName, active);
6252 return NO_ERROR;
6253 }
6254
handleResetUidState(const Vector<String16> & args,int err)6255 status_t CameraService::handleResetUidState(const Vector<String16>& args, int err) {
6256 std::string packageName = toStdString(args[1]);
6257
6258 int userId = 0;
6259 if (args.size() >= 4 && args[2] == toString16("--user")) {
6260 userId = atoi(toStdString(args[3]).c_str());
6261 }
6262
6263 uid_t uid;
6264 if (getUidForPackage(packageName, userId, uid, err) == BAD_VALUE) {
6265 return BAD_VALUE;
6266 }
6267
6268 mUidPolicy->removeOverrideUid(uid, packageName);
6269 return NO_ERROR;
6270 }
6271
handleGetUidState(const Vector<String16> & args,int out,int err)6272 status_t CameraService::handleGetUidState(const Vector<String16>& args, int out, int err) {
6273 std::string packageName = toStdString(args[1]);
6274
6275 int userId = 0;
6276 if (args.size() >= 4 && args[2] == toString16("--user")) {
6277 userId = atoi(toStdString(args[3]).c_str());
6278 }
6279
6280 uid_t uid;
6281 if (getUidForPackage(packageName, userId, uid, err) == BAD_VALUE) {
6282 return BAD_VALUE;
6283 }
6284
6285 if (mUidPolicy->isUidActive(uid, packageName)) {
6286 return dprintf(out, "active\n");
6287 } else {
6288 return dprintf(out, "idle\n");
6289 }
6290 }
6291
handleSetRotateAndCrop(const Vector<String16> & args)6292 status_t CameraService::handleSetRotateAndCrop(const Vector<String16>& args) {
6293 int rotateValue = atoi(toStdString(args[1]).c_str());
6294 if (rotateValue < ANDROID_SCALER_ROTATE_AND_CROP_NONE ||
6295 rotateValue > ANDROID_SCALER_ROTATE_AND_CROP_AUTO) return BAD_VALUE;
6296 Mutex::Autolock lock(mServiceLock);
6297
6298 mOverrideRotateAndCropMode = rotateValue;
6299
6300 if (rotateValue == ANDROID_SCALER_ROTATE_AND_CROP_AUTO) return OK;
6301
6302 const auto clients = mActiveClientManager.getAll();
6303 for (auto& current : clients) {
6304 if (current != nullptr) {
6305 const auto basicClient = current->getValue();
6306 if (basicClient.get() != nullptr) {
6307 basicClient->setRotateAndCropOverride(rotateValue);
6308 }
6309 }
6310 }
6311
6312 return OK;
6313 }
6314
handleSetAutoframing(const Vector<String16> & args)6315 status_t CameraService::handleSetAutoframing(const Vector<String16>& args) {
6316 char* end;
6317 int autoframingValue = (int) strtol(toStdString(args[1]).c_str(), &end, /*base=*/10);
6318 if ((*end != '\0') ||
6319 (autoframingValue != ANDROID_CONTROL_AUTOFRAMING_OFF &&
6320 autoframingValue != ANDROID_CONTROL_AUTOFRAMING_ON &&
6321 autoframingValue != ANDROID_CONTROL_AUTOFRAMING_AUTO)) {
6322 return BAD_VALUE;
6323 }
6324
6325 Mutex::Autolock lock(mServiceLock);
6326 mOverrideAutoframingMode = autoframingValue;
6327
6328 if (autoframingValue == ANDROID_CONTROL_AUTOFRAMING_AUTO) return OK;
6329
6330 const auto clients = mActiveClientManager.getAll();
6331 for (auto& current : clients) {
6332 if (current != nullptr) {
6333 const auto basicClient = current->getValue();
6334 if (basicClient.get() != nullptr) {
6335 basicClient->setAutoframingOverride(autoframingValue);
6336 }
6337 }
6338 }
6339
6340 return OK;
6341 }
6342
handleSetCameraServiceWatchdog(const Vector<String16> & args)6343 status_t CameraService::handleSetCameraServiceWatchdog(const Vector<String16>& args) {
6344 int enableWatchdog = atoi(toStdString(args[1]).c_str());
6345
6346 if (enableWatchdog < 0 || enableWatchdog > 1) return BAD_VALUE;
6347
6348 Mutex::Autolock lock(mServiceLock);
6349
6350 mCameraServiceWatchdogEnabled = enableWatchdog;
6351
6352 const auto clients = mActiveClientManager.getAll();
6353 for (auto& current : clients) {
6354 if (current != nullptr) {
6355 const auto basicClient = current->getValue();
6356 if (basicClient.get() != nullptr) {
6357 basicClient->setCameraServiceWatchdog(enableWatchdog);
6358 }
6359 }
6360 }
6361
6362 return OK;
6363 }
6364
handleGetRotateAndCrop(int out)6365 status_t CameraService::handleGetRotateAndCrop(int out) {
6366 Mutex::Autolock lock(mServiceLock);
6367
6368 return dprintf(out, "rotateAndCrop override: %d\n", mOverrideRotateAndCropMode);
6369 }
6370
handleGetAutoframing(int out)6371 status_t CameraService::handleGetAutoframing(int out) {
6372 Mutex::Autolock lock(mServiceLock);
6373
6374 return dprintf(out, "autoframing override: %d\n", mOverrideAutoframingMode);
6375 }
6376
handleSetImageDumpMask(const Vector<String16> & args)6377 status_t CameraService::handleSetImageDumpMask(const Vector<String16>& args) {
6378 char *endPtr;
6379 errno = 0;
6380 std::string maskString = toStdString(args[1]);
6381 long maskValue = strtol(maskString.c_str(), &endPtr, 10);
6382
6383 if (errno != 0) return BAD_VALUE;
6384 if (endPtr != maskString.c_str() + maskString.size()) return BAD_VALUE;
6385 if (maskValue < 0 || maskValue > 1) return BAD_VALUE;
6386
6387 Mutex::Autolock lock(mServiceLock);
6388
6389 mImageDumpMask = maskValue;
6390
6391 return OK;
6392 }
6393
handleGetImageDumpMask(int out)6394 status_t CameraService::handleGetImageDumpMask(int out) {
6395 Mutex::Autolock lock(mServiceLock);
6396
6397 return dprintf(out, "Image dump mask: %d\n", mImageDumpMask);
6398 }
6399
handleSetCameraMute(const Vector<String16> & args)6400 status_t CameraService::handleSetCameraMute(const Vector<String16>& args) {
6401 int muteValue = strtol(toStdString(args[1]).c_str(), nullptr, 10);
6402 if (errno != 0) return BAD_VALUE;
6403
6404 if (muteValue < 0 || muteValue > 1) return BAD_VALUE;
6405 Mutex::Autolock lock(mServiceLock);
6406
6407 mOverrideCameraMuteMode = (muteValue == 1);
6408
6409 const auto clients = mActiveClientManager.getAll();
6410 for (auto& current : clients) {
6411 if (current != nullptr) {
6412 const auto basicClient = current->getValue();
6413 if (basicClient.get() != nullptr) {
6414 if (basicClient->supportsCameraMute()) {
6415 basicClient->setCameraMute(mOverrideCameraMuteMode);
6416 }
6417 }
6418 }
6419 }
6420
6421 return OK;
6422 }
6423
handleSetStreamUseCaseOverrides(const Vector<String16> & args)6424 status_t CameraService::handleSetStreamUseCaseOverrides(const Vector<String16>& args) {
6425 std::vector<int64_t> useCasesOverride;
6426 for (size_t i = 1; i < args.size(); i++) {
6427 int64_t useCase = ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT;
6428 std::string arg = toStdString(args[i]);
6429 if (arg == "DEFAULT") {
6430 useCase = ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT;
6431 } else if (arg == "PREVIEW") {
6432 useCase = ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_PREVIEW;
6433 } else if (arg == "STILL_CAPTURE") {
6434 useCase = ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_STILL_CAPTURE;
6435 } else if (arg == "VIDEO_RECORD") {
6436 useCase = ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_VIDEO_RECORD;
6437 } else if (arg == "PREVIEW_VIDEO_STILL") {
6438 useCase = ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_PREVIEW_VIDEO_STILL;
6439 } else if (arg == "VIDEO_CALL") {
6440 useCase = ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_VIDEO_CALL;
6441 } else if (arg == "CROPPED_RAW") {
6442 useCase = ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_CROPPED_RAW;
6443 } else {
6444 ALOGE("%s: Invalid stream use case %s", __FUNCTION__, arg.c_str());
6445 return BAD_VALUE;
6446 }
6447 useCasesOverride.push_back(useCase);
6448 }
6449
6450 Mutex::Autolock lock(mServiceLock);
6451 mStreamUseCaseOverrides = std::move(useCasesOverride);
6452
6453 return OK;
6454 }
6455
handleClearStreamUseCaseOverrides()6456 void CameraService::handleClearStreamUseCaseOverrides() {
6457 Mutex::Autolock lock(mServiceLock);
6458 mStreamUseCaseOverrides.clear();
6459 }
6460
handleSetZoomOverride(const Vector<String16> & args)6461 status_t CameraService::handleSetZoomOverride(const Vector<String16>& args) {
6462 char* end;
6463 int zoomOverrideValue = strtol(toStdString(args[1]).c_str(), &end, /*base=*/10);
6464 if ((*end != '\0') ||
6465 (zoomOverrideValue != -1 &&
6466 zoomOverrideValue != ANDROID_CONTROL_SETTINGS_OVERRIDE_OFF &&
6467 zoomOverrideValue != ANDROID_CONTROL_SETTINGS_OVERRIDE_ZOOM)) {
6468 return BAD_VALUE;
6469 }
6470
6471 Mutex::Autolock lock(mServiceLock);
6472 mZoomOverrideValue = zoomOverrideValue;
6473
6474 const auto clients = mActiveClientManager.getAll();
6475 for (auto& current : clients) {
6476 if (current != nullptr) {
6477 const auto basicClient = current->getValue();
6478 if (basicClient.get() != nullptr) {
6479 if (basicClient->supportsZoomOverride()) {
6480 basicClient->setZoomOverride(mZoomOverrideValue);
6481 }
6482 }
6483 }
6484 }
6485
6486 return OK;
6487 }
6488
handleWatchCommand(const Vector<String16> & args,int inFd,int outFd)6489 status_t CameraService::handleWatchCommand(const Vector<String16>& args, int inFd, int outFd) {
6490 if (args.size() >= 3 && args[1] == toString16("start")) {
6491 return startWatchingTags(args, outFd);
6492 } else if (args.size() == 2 && args[1] == toString16("stop")) {
6493 return stopWatchingTags(outFd);
6494 } else if (args.size() == 2 && args[1] == toString16("dump")) {
6495 return printWatchedTags(outFd);
6496 } else if (args.size() >= 2 && args[1] == toString16("live")) {
6497 return printWatchedTagsUntilInterrupt(args, inFd, outFd);
6498 } else if (args.size() == 2 && args[1] == toString16("clear")) {
6499 return clearCachedMonitoredTagDumps(outFd);
6500 }
6501 dprintf(outFd, "Camera service watch commands:\n"
6502 " start -m <comma_separated_tag_list> [-c <comma_separated_client_list>]\n"
6503 " starts watching the provided tags for clients with provided package\n"
6504 " recognizes tag shorthands like '3a'\n"
6505 " watches all clients if no client is passed, or if 'all' is listed\n"
6506 " dump dumps the monitoring information and exits\n"
6507 " stop stops watching all tags\n"
6508 " live [-n <refresh_interval_ms>]\n"
6509 " prints the monitored information in real time\n"
6510 " Hit return to exit\n"
6511 " clear clears all buffers storing information for watch command");
6512 return BAD_VALUE;
6513 }
6514
startWatchingTags(const Vector<String16> & args,int outFd)6515 status_t CameraService::startWatchingTags(const Vector<String16> &args, int outFd) {
6516 Mutex::Autolock lock(mLogLock);
6517 size_t tagsIdx; // index of '-m'
6518 String16 tags("");
6519 for (tagsIdx = 2; tagsIdx < args.size() && args[tagsIdx] != toString16("-m"); tagsIdx++);
6520 if (tagsIdx < args.size() - 1) {
6521 tags = args[tagsIdx + 1];
6522 } else {
6523 dprintf(outFd, "No tags provided.\n");
6524 return BAD_VALUE;
6525 }
6526
6527 size_t clientsIdx; // index of '-c'
6528 // watch all clients if no clients are provided
6529 String16 clients = toString16(kWatchAllClientsFlag);
6530 for (clientsIdx = 2; clientsIdx < args.size() && args[clientsIdx] != toString16("-c");
6531 clientsIdx++);
6532 if (clientsIdx < args.size() - 1) {
6533 clients = args[clientsIdx + 1];
6534 }
6535 parseClientsToWatchLocked(toStdString(clients));
6536
6537 // track tags to initialize future clients with the monitoring information
6538 mMonitorTags = toStdString(tags);
6539
6540 bool serviceLock = tryLock(mServiceLock);
6541 int numWatchedClients = 0;
6542 auto cameraClients = mActiveClientManager.getAll();
6543 for (const auto &clientDescriptor: cameraClients) {
6544 if (clientDescriptor == nullptr) { continue; }
6545 sp<BasicClient> client = clientDescriptor->getValue();
6546 if (client.get() == nullptr) { continue; }
6547
6548 if (isClientWatchedLocked(client.get())) {
6549 client->startWatchingTags(mMonitorTags, outFd);
6550 numWatchedClients++;
6551 }
6552 }
6553 dprintf(outFd, "Started watching %d active clients\n", numWatchedClients);
6554
6555 if (serviceLock) { mServiceLock.unlock(); }
6556 return OK;
6557 }
6558
stopWatchingTags(int outFd)6559 status_t CameraService::stopWatchingTags(int outFd) {
6560 // clear mMonitorTags to prevent new clients from monitoring tags at initialization
6561 Mutex::Autolock lock(mLogLock);
6562 mMonitorTags = "";
6563
6564 mWatchedClientPackages.clear();
6565 mWatchedClientsDumpCache.clear();
6566
6567 bool serviceLock = tryLock(mServiceLock);
6568 auto cameraClients = mActiveClientManager.getAll();
6569 for (const auto &clientDescriptor : cameraClients) {
6570 if (clientDescriptor == nullptr) { continue; }
6571 sp<BasicClient> client = clientDescriptor->getValue();
6572 if (client.get() == nullptr) { continue; }
6573 client->stopWatchingTags(outFd);
6574 }
6575 dprintf(outFd, "Stopped watching all clients.\n");
6576 if (serviceLock) { mServiceLock.unlock(); }
6577 return OK;
6578 }
6579
clearCachedMonitoredTagDumps(int outFd)6580 status_t CameraService::clearCachedMonitoredTagDumps(int outFd) {
6581 Mutex::Autolock lock(mLogLock);
6582 size_t clearedSize = mWatchedClientsDumpCache.size();
6583 mWatchedClientsDumpCache.clear();
6584 dprintf(outFd, "Cleared tag information of %zu cached clients.\n", clearedSize);
6585 return OK;
6586 }
6587
printWatchedTags(int outFd)6588 status_t CameraService::printWatchedTags(int outFd) {
6589 Mutex::Autolock logLock(mLogLock);
6590 std::set<std::string> connectedMonitoredClients;
6591
6592 bool printedSomething = false; // tracks if any monitoring information was printed
6593 // (from either cached or active clients)
6594
6595 bool serviceLock = tryLock(mServiceLock);
6596 // get all watched clients that are currently connected
6597 for (const auto &clientDescriptor: mActiveClientManager.getAll()) {
6598 if (clientDescriptor == nullptr) { continue; }
6599
6600 sp<BasicClient> client = clientDescriptor->getValue();
6601 if (client.get() == nullptr) { continue; }
6602 if (!isClientWatchedLocked(client.get())) { continue; }
6603
6604 std::vector<std::string> dumpVector;
6605 client->dumpWatchedEventsToVector(dumpVector);
6606
6607 size_t printIdx = dumpVector.size();
6608 if (printIdx == 0) {
6609 continue;
6610 }
6611
6612 // Print tag dumps for active client
6613 const std::string &cameraId = clientDescriptor->getKey();
6614 dprintf(outFd, "Client: %s (active)\n", client->getPackageName().c_str());
6615 while(printIdx > 0) {
6616 printIdx--;
6617 dprintf(outFd, "%s:%s %s", cameraId.c_str(), client->getPackageName().c_str(),
6618 dumpVector[printIdx].c_str());
6619 }
6620 dprintf(outFd, "\n");
6621 printedSomething = true;
6622
6623 connectedMonitoredClients.emplace(client->getPackageName());
6624 }
6625 if (serviceLock) { mServiceLock.unlock(); }
6626
6627 // Print entries in mWatchedClientsDumpCache for clients that are not connected
6628 for (const auto &kv: mWatchedClientsDumpCache) {
6629 const std::string &package = kv.first;
6630 if (connectedMonitoredClients.find(package) != connectedMonitoredClients.end()) {
6631 continue;
6632 }
6633
6634 dprintf(outFd, "Client: %s (cached)\n", package.c_str());
6635 dprintf(outFd, "%s\n", kv.second.c_str());
6636 printedSomething = true;
6637 }
6638
6639 if (!printedSomething) {
6640 dprintf(outFd, "No monitoring information to print.\n");
6641 }
6642
6643 return OK;
6644 }
6645
6646 // Print all events in vector `events' that came after lastPrintedEvent
printNewWatchedEvents(int outFd,const std::string & cameraId,const std::string & packageName,const std::vector<std::string> & events,const std::string & lastPrintedEvent)6647 void printNewWatchedEvents(int outFd,
6648 const std::string &cameraId,
6649 const std::string &packageName,
6650 const std::vector<std::string> &events,
6651 const std::string &lastPrintedEvent) {
6652 if (events.empty()) { return; }
6653
6654 // index of lastPrintedEvent in events.
6655 // lastPrintedIdx = events.size() if lastPrintedEvent is not in events
6656 size_t lastPrintedIdx;
6657 for (lastPrintedIdx = 0;
6658 lastPrintedIdx < events.size() && lastPrintedEvent != events[lastPrintedIdx];
6659 lastPrintedIdx++);
6660
6661 if (lastPrintedIdx == 0) { return; } // early exit if no new event in `events`
6662
6663 // print events in chronological order (latest event last)
6664 size_t idxToPrint = lastPrintedIdx;
6665 do {
6666 idxToPrint--;
6667 dprintf(outFd, "%s:%s %s", cameraId.c_str(), packageName.c_str(),
6668 events[idxToPrint].c_str());
6669 } while (idxToPrint != 0);
6670 }
6671
6672 // Returns true if adb shell cmd watch should be interrupted based on data in inFd. The watch
6673 // command should be interrupted if the user presses the return key, or if user loses any way to
6674 // signal interrupt.
6675 // If timeoutMs == 0, this function will always return false
shouldInterruptWatchCommand(int inFd,int outFd,long timeoutMs)6676 bool shouldInterruptWatchCommand(int inFd, int outFd, long timeoutMs) {
6677 struct timeval startTime;
6678 int startTimeError = gettimeofday(&startTime, nullptr);
6679 if (startTimeError) {
6680 dprintf(outFd, "Failed waiting for interrupt, aborting.\n");
6681 return true;
6682 }
6683
6684 const nfds_t numFds = 1;
6685 struct pollfd pollFd = { .fd = inFd, .events = POLLIN, .revents = 0 };
6686
6687 struct timeval currTime;
6688 char buffer[2];
6689 while(true) {
6690 int currTimeError = gettimeofday(&currTime, nullptr);
6691 if (currTimeError) {
6692 dprintf(outFd, "Failed waiting for interrupt, aborting.\n");
6693 return true;
6694 }
6695
6696 long elapsedTimeMs = ((currTime.tv_sec - startTime.tv_sec) * 1000L)
6697 + ((currTime.tv_usec - startTime.tv_usec) / 1000L);
6698 int remainingTimeMs = (int) (timeoutMs - elapsedTimeMs);
6699
6700 if (remainingTimeMs <= 0) {
6701 // No user interrupt within timeoutMs, don't interrupt watch command
6702 return false;
6703 }
6704
6705 int numFdsUpdated = poll(&pollFd, numFds, remainingTimeMs);
6706 if (numFdsUpdated < 0) {
6707 dprintf(outFd, "Failed while waiting for user input. Exiting.\n");
6708 return true;
6709 }
6710
6711 if (numFdsUpdated == 0) {
6712 // No user input within timeoutMs, don't interrupt watch command
6713 return false;
6714 }
6715
6716 if (!(pollFd.revents & POLLIN)) {
6717 dprintf(outFd, "Failed while waiting for user input. Exiting.\n");
6718 return true;
6719 }
6720
6721 ssize_t sizeRead = read(inFd, buffer, sizeof(buffer) - 1);
6722 if (sizeRead < 0) {
6723 dprintf(outFd, "Error reading user input. Exiting.\n");
6724 return true;
6725 }
6726
6727 if (sizeRead == 0) {
6728 // Reached end of input fd (can happen if input is piped)
6729 // User has no way to signal an interrupt, so interrupt here
6730 return true;
6731 }
6732
6733 if (buffer[0] == '\n') {
6734 // User pressed return, interrupt watch command.
6735 return true;
6736 }
6737 }
6738 }
6739
printWatchedTagsUntilInterrupt(const Vector<String16> & args,int inFd,int outFd)6740 status_t CameraService::printWatchedTagsUntilInterrupt(const Vector<String16> &args,
6741 int inFd, int outFd) {
6742 // Figure out refresh interval, if present in args
6743 long refreshTimeoutMs = 1000L; // refresh every 1s by default
6744 if (args.size() > 2) {
6745 size_t intervalIdx; // index of '-n'
6746 for (intervalIdx = 2; intervalIdx < args.size() && toString16("-n") != args[intervalIdx];
6747 intervalIdx++);
6748
6749 size_t intervalValIdx = intervalIdx + 1;
6750 if (intervalValIdx < args.size()) {
6751 refreshTimeoutMs = strtol(toStdString(args[intervalValIdx]).c_str(), nullptr, 10);
6752 if (errno) { return BAD_VALUE; }
6753 }
6754 }
6755
6756 // Set min timeout of 10ms. This prevents edge cases in polling when timeout of 0 is passed.
6757 refreshTimeoutMs = refreshTimeoutMs < 10 ? 10 : refreshTimeoutMs;
6758
6759 dprintf(outFd, "Press return to exit...\n\n");
6760 std::map<std::string, std::string> packageNameToLastEvent;
6761
6762 while (true) {
6763 bool serviceLock = tryLock(mServiceLock);
6764 auto cameraClients = mActiveClientManager.getAll();
6765 if (serviceLock) { mServiceLock.unlock(); }
6766
6767 for (const auto& clientDescriptor : cameraClients) {
6768 Mutex::Autolock lock(mLogLock);
6769 if (clientDescriptor == nullptr) { continue; }
6770
6771 sp<BasicClient> client = clientDescriptor->getValue();
6772 if (client.get() == nullptr) { continue; }
6773 if (!isClientWatchedLocked(client.get())) { continue; }
6774
6775 const std::string &packageName = client->getPackageName();
6776 // This also initializes the map entries with an empty string
6777 const std::string& lastPrintedEvent = packageNameToLastEvent[packageName];
6778
6779 std::vector<std::string> latestEvents;
6780 client->dumpWatchedEventsToVector(latestEvents);
6781
6782 if (!latestEvents.empty()) {
6783 printNewWatchedEvents(outFd,
6784 clientDescriptor->getKey(),
6785 packageName,
6786 latestEvents,
6787 lastPrintedEvent);
6788 packageNameToLastEvent[packageName] = latestEvents[0];
6789 }
6790 }
6791 if (shouldInterruptWatchCommand(inFd, outFd, refreshTimeoutMs)) {
6792 break;
6793 }
6794 }
6795 return OK;
6796 }
6797
parseClientsToWatchLocked(const std::string & clients)6798 void CameraService::parseClientsToWatchLocked(const std::string &clients) {
6799 mWatchedClientPackages.clear();
6800
6801 std::istringstream iss(clients);
6802 std::string nextClient;
6803
6804 while (std::getline(iss, nextClient, ',')) {
6805 if (nextClient == kWatchAllClientsFlag) {
6806 // Don't need to track any other package if 'all' is present
6807 mWatchedClientPackages.clear();
6808 mWatchedClientPackages.emplace(kWatchAllClientsFlag);
6809 break;
6810 }
6811
6812 // track package names
6813 mWatchedClientPackages.emplace(nextClient);
6814 }
6815 }
6816
printHelp(int out)6817 status_t CameraService::printHelp(int out) {
6818 return dprintf(out, "Camera service commands:\n"
6819 " get-uid-state <PACKAGE> [--user USER_ID] gets the uid state\n"
6820 " set-uid-state <PACKAGE> <active|idle> [--user USER_ID] overrides the uid state\n"
6821 " reset-uid-state <PACKAGE> [--user USER_ID] clears the uid state override\n"
6822 " set-rotate-and-crop <ROTATION> overrides the rotate-and-crop value for AUTO backcompat\n"
6823 " Valid values 0=0 deg, 1=90 deg, 2=180 deg, 3=270 deg, 4=No override\n"
6824 " get-rotate-and-crop returns the current override rotate-and-crop value\n"
6825 " set-autoframing <VALUE> overrides the autoframing value for AUTO\n"
6826 " Valid values 0=false, 1=true, 2=auto\n"
6827 " get-autoframing returns the current override autoframing value\n"
6828 " set-image-dump-mask <MASK> specifies the formats to be saved to disk\n"
6829 " Valid values 0=OFF, 1=ON for JPEG\n"
6830 " get-image-dump-mask returns the current image-dump-mask value\n"
6831 " set-camera-mute <0/1> enable or disable camera muting\n"
6832 " set-stream-use-case-override <usecase1> <usecase2> ... override stream use cases\n"
6833 " Use cases applied in descending resolutions. So usecase1 is assigned to the\n"
6834 " largest resolution, usecase2 is assigned to the 2nd largest resolution, and so\n"
6835 " on. In case the number of usecases is smaller than the number of streams, the\n"
6836 " last use case is assigned to all the remaining streams. In case of multiple\n"
6837 " streams with the same resolution, the tie-breaker is (JPEG, RAW, YUV, and PRIV)\n"
6838 " Valid values are (case sensitive): DEFAULT, PREVIEW, STILL_CAPTURE, VIDEO_RECORD,\n"
6839 " PREVIEW_VIDEO_STILL, VIDEO_CALL, CROPPED_RAW\n"
6840 " clear-stream-use-case-override clear the stream use case override\n"
6841 " set-zoom-override <-1/0/1> enable or disable zoom override\n"
6842 " Valid values -1: do not override, 0: override to OFF, 1: override to ZOOM\n"
6843 " set-watchdog <VALUE> enables or disables the camera service watchdog\n"
6844 " Valid values 0=disable, 1=enable\n"
6845 " watch <start|stop|dump|print|clear> manages tag monitoring in connected clients\n"
6846 " help print this message\n");
6847 }
6848
isClientWatched(const BasicClient * client)6849 bool CameraService::isClientWatched(const BasicClient *client) {
6850 Mutex::Autolock lock(mLogLock);
6851 return isClientWatchedLocked(client);
6852 }
6853
isClientWatchedLocked(const BasicClient * client)6854 bool CameraService::isClientWatchedLocked(const BasicClient *client) {
6855 return mWatchedClientPackages.find(kWatchAllClientsFlag) != mWatchedClientPackages.end() ||
6856 mWatchedClientPackages.find(client->getPackageName()) != mWatchedClientPackages.end();
6857 }
6858
updateAudioRestriction()6859 int32_t CameraService::updateAudioRestriction() {
6860 Mutex::Autolock lock(mServiceLock);
6861 return updateAudioRestrictionLocked();
6862 }
6863
updateAudioRestrictionLocked()6864 int32_t CameraService::updateAudioRestrictionLocked() {
6865 int32_t mode = 0;
6866 // iterate through all active client
6867 for (const auto& i : mActiveClientManager.getAll()) {
6868 const auto clientSp = i->getValue();
6869 mode |= clientSp->getAudioRestriction();
6870 }
6871
6872 bool modeChanged = (mAudioRestriction != mode);
6873 mAudioRestriction = mode;
6874 if (modeChanged) {
6875 mAppOps.setCameraAudioRestriction(mode);
6876 }
6877 return mode;
6878 }
6879
checkIfInjectionCameraIsPresent(const std::string & externalCamId,sp<BasicClient> clientSp)6880 status_t CameraService::checkIfInjectionCameraIsPresent(const std::string& externalCamId,
6881 sp<BasicClient> clientSp) {
6882 std::unique_ptr<AutoConditionLock> lock =
6883 AutoConditionLock::waitAndAcquire(mServiceLockWrapper);
6884 status_t res = NO_ERROR;
6885 if ((res = checkIfDeviceIsUsable(externalCamId)) != NO_ERROR) {
6886 ALOGW("Device %s is not usable!", externalCamId.c_str());
6887 mInjectionStatusListener->notifyInjectionError(
6888 externalCamId, UNKNOWN_TRANSACTION);
6889 clientSp->notifyError(
6890 hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISCONNECTED,
6891 CaptureResultExtras());
6892
6893 // Do not hold mServiceLock while disconnecting clients, but retain the condition blocking
6894 // other clients from connecting in mServiceLockWrapper if held
6895 mServiceLock.unlock();
6896
6897 // Clear caller identity temporarily so client disconnect PID checks work correctly
6898 int64_t token = clearCallingIdentity();
6899 clientSp->disconnect();
6900 restoreCallingIdentity(token);
6901
6902 // Reacquire mServiceLock
6903 mServiceLock.lock();
6904 }
6905
6906 return res;
6907 }
6908
clearInjectionParameters()6909 void CameraService::clearInjectionParameters() {
6910 {
6911 Mutex::Autolock lock(mInjectionParametersLock);
6912 mInjectionInitPending = false;
6913 mInjectionInternalCamId = "";
6914 }
6915 mInjectionExternalCamId = "";
6916 mInjectionStatusListener->removeListener();
6917 }
6918
6919 } // namespace android
6920