diff options
| author | George Zacharia <george.zcharia@gmail.com> | 2024-08-14 22:27:38 +0530 |
|---|---|---|
| committer | George Zacharia <george.zcharia@gmail.com> | 2024-08-14 22:27:38 +0530 |
| commit | 8f8f5ddb4f1a8a12e87a6c76737fb8a3dd1517d8 (patch) | |
| tree | 706a834f9d4154580eed8942d765fe4155def88a | |
| parent | 12bc3da9cc922572c62ed4ef00c20e1557963604 (diff) | |
| parent | 64792e223d982e7032ef17d797484b488bdb887c (diff) | |
Merge tag 'android-14.0.0_r55' of https://android.googlesource.com/platform/frameworks/native into u14.0
Android 14.0.0 Release 55 (AP2A.240805.005)
Change-Id: Ib5db81faf4192ef074619ab0ad65a0962986146d
| -rw-r--r-- | services/surfaceflinger/SurfaceFlinger.cpp | 2 | ||||
| -rw-r--r-- | services/surfaceflinger/tests/Credentials_test.cpp | 18 |
2 files changed, 14 insertions, 6 deletions
diff --git a/services/surfaceflinger/SurfaceFlinger.cpp b/services/surfaceflinger/SurfaceFlinger.cpp index 7d838fbde5..a690595d4d 100644 --- a/services/surfaceflinger/SurfaceFlinger.cpp +++ b/services/surfaceflinger/SurfaceFlinger.cpp @@ -5032,7 +5032,7 @@ status_t SurfaceFlinger::setTransactionState( const int originPid = ipc->getCallingPid(); const int originUid = ipc->getCallingUid(); uint32_t permissions = LayerStatePermissions::getTransactionPermissions(originPid, originUid); - for (auto composerState : states) { + for (auto& composerState : states) { composerState.state.sanitize(permissions); } diff --git a/services/surfaceflinger/tests/Credentials_test.cpp b/services/surfaceflinger/tests/Credentials_test.cpp index 822ac4d99f..51fc868342 100644 --- a/services/surfaceflinger/tests/Credentials_test.cpp +++ b/services/surfaceflinger/tests/Credentials_test.cpp @@ -389,8 +389,13 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { .apply(); } - // Called from non privileged process - Transaction().setTrustedOverlay(surfaceControl, true); + // Attempt to set a trusted overlay from a non-privileged process. This should fail silently. + { + UIDFaker f{AID_BIN}; + Transaction().setTrustedOverlay(surfaceControl, true).apply(/*synchronous=*/true); + } + + // Verify that the layer was not made a trusted overlay. { UIDFaker f(AID_SYSTEM); auto windowIsPresentAndNotTrusted = [&](const std::vector<WindowInfo>& windowInfos) { @@ -401,12 +406,14 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { } return !foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY); }; - windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndNotTrusted); + ASSERT_TRUE( + windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndNotTrusted)); } + // Verify that privileged processes are able to set trusted overlays. { UIDFaker f(AID_SYSTEM); - Transaction().setTrustedOverlay(surfaceControl, true); + Transaction().setTrustedOverlay(surfaceControl, true).apply(/*synchronous=*/true); auto windowIsPresentAndTrusted = [&](const std::vector<WindowInfo>& windowInfos) { auto foundWindowInfo = WindowInfosListenerUtils::findMatchingWindowInfo(windowInfo, windowInfos); @@ -415,7 +422,8 @@ TEST_F(CredentialsTest, TransactionPermissionTest) { } return foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY); }; - windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndTrusted); + ASSERT_TRUE( + windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndTrusted)); } } |