1 /* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef ANDROID_SERVERS_CAMERA_CAMERASERVICE_H 18 #define ANDROID_SERVERS_CAMERA_CAMERASERVICE_H 19 20 #include <android/hardware/BnCameraService.h> 21 #include <android/hardware/BnSensorPrivacyListener.h> 22 #include <android/hardware/ICameraServiceListener.h> 23 #include <android/hardware/ICameraServiceProxy.h> 24 25 #include <cutils/multiuser.h> 26 #include <utils/Vector.h> 27 #include <utils/KeyedVector.h> 28 #include <binder/ActivityManager.h> 29 #include <binder/AppOpsManager.h> 30 #include <binder/BinderService.h> 31 #include <binder/IAppOpsCallback.h> 32 #include <binder/IUidObserver.h> 33 #include <hardware/camera.h> 34 #include <sensorprivacy/SensorPrivacyManager.h> 35 36 #include <android/hardware/camera/common/1.0/types.h> 37 38 #include <camera/VendorTagDescriptor.h> 39 #include <camera/CaptureResult.h> 40 #include <camera/CameraParameters.h> 41 #include <camera/camera2/ConcurrentCamera.h> 42 43 #include "CameraFlashlight.h" 44 45 #include "common/CameraProviderManager.h" 46 #include "media/RingBuffer.h" 47 #include "utils/AutoConditionLock.h" 48 #include "utils/ClientManager.h" 49 50 #include <set> 51 #include <string> 52 #include <list> 53 #include <map> 54 #include <memory> 55 #include <utility> 56 #include <unordered_map> 57 #include <unordered_set> 58 59 namespace android { 60 61 extern volatile int32_t gLogLevel; 62 63 class MemoryHeapBase; 64 class MediaPlayer; 65 66 class CameraService : 67 public BinderService<CameraService>, 68 public virtual ::android::hardware::BnCameraService, 69 public virtual IBinder::DeathRecipient, 70 public virtual CameraProviderManager::StatusListener 71 { 72 friend class BinderService<CameraService>; 73 friend class CameraClient; 74 friend class CameraOfflineSessionClient; 75 public: 76 class Client; 77 class BasicClient; 78 class OfflineClient; 79 80 // The effective API level. The Camera2 API running in LEGACY mode counts as API_1. 81 enum apiLevel { 82 API_1 = 1, 83 API_2 = 2 84 }; 85 86 // 3 second busy timeout when other clients are connecting 87 static const nsecs_t DEFAULT_CONNECT_TIMEOUT_NS = 3000000000; 88 89 // 1 second busy timeout when other clients are disconnecting 90 static const nsecs_t DEFAULT_DISCONNECT_TIMEOUT_NS = 1000000000; 91 92 // Default number of messages to store in eviction log 93 static const size_t DEFAULT_EVENT_LOG_LENGTH = 100; 94 95 // Event log ID 96 static const int SN_EVENT_LOG_ID = 0x534e4554; 97 98 // Implementation of BinderService<T> getServiceName()99 static char const* getServiceName() { return "media.camera"; } 100 101 CameraService(); 102 virtual ~CameraService(); 103 104 ///////////////////////////////////////////////////////////////////// 105 // HAL Callbacks - implements CameraProviderManager::StatusListener 106 107 virtual void onDeviceStatusChanged(const String8 &cameraId, 108 hardware::camera::common::V1_0::CameraDeviceStatus newHalStatus) override; 109 virtual void onDeviceStatusChanged(const String8 &cameraId, 110 const String8 &physicalCameraId, 111 hardware::camera::common::V1_0::CameraDeviceStatus newHalStatus) override; 112 virtual void onTorchStatusChanged(const String8& cameraId, 113 hardware::camera::common::V1_0::TorchModeStatus newStatus) override; 114 virtual void onNewProviderRegistered() override; 115 116 ///////////////////////////////////////////////////////////////////// 117 // ICameraService 118 virtual binder::Status getNumberOfCameras(int32_t type, int32_t* numCameras); 119 120 virtual binder::Status getCameraInfo(int cameraId, 121 hardware::CameraInfo* cameraInfo); 122 virtual binder::Status getCameraCharacteristics(const String16& cameraId, 123 CameraMetadata* cameraInfo); 124 virtual binder::Status getCameraVendorTagDescriptor( 125 /*out*/ 126 hardware::camera2::params::VendorTagDescriptor* desc); 127 virtual binder::Status getCameraVendorTagCache( 128 /*out*/ 129 hardware::camera2::params::VendorTagDescriptorCache* cache); 130 131 virtual binder::Status connect(const sp<hardware::ICameraClient>& cameraClient, 132 int32_t cameraId, const String16& clientPackageName, 133 int32_t clientUid, int clientPid, 134 /*out*/ 135 sp<hardware::ICamera>* device); 136 137 virtual binder::Status connectLegacy(const sp<hardware::ICameraClient>& cameraClient, 138 int32_t cameraId, int32_t halVersion, 139 const String16& clientPackageName, int32_t clientUid, 140 /*out*/ 141 sp<hardware::ICamera>* device); 142 143 virtual binder::Status connectDevice( 144 const sp<hardware::camera2::ICameraDeviceCallbacks>& cameraCb, const String16& cameraId, 145 const String16& clientPackageName, const std::unique_ptr<String16>& clientFeatureId, 146 int32_t clientUid, 147 /*out*/ 148 sp<hardware::camera2::ICameraDeviceUser>* device); 149 150 virtual binder::Status addListener(const sp<hardware::ICameraServiceListener>& listener, 151 /*out*/ 152 std::vector<hardware::CameraStatus>* cameraStatuses); 153 virtual binder::Status removeListener( 154 const sp<hardware::ICameraServiceListener>& listener); 155 156 virtual binder::Status getConcurrentCameraIds( 157 /*out*/ 158 std::vector<hardware::camera2::utils::ConcurrentCameraIdCombination>* concurrentCameraIds); 159 160 virtual binder::Status isConcurrentSessionConfigurationSupported( 161 const std::vector<hardware::camera2::utils::CameraIdAndSessionConfiguration>& sessions, 162 /*out*/bool* supported); 163 164 virtual binder::Status getLegacyParameters( 165 int32_t cameraId, 166 /*out*/ 167 String16* parameters); 168 169 virtual binder::Status setTorchMode(const String16& cameraId, bool enabled, 170 const sp<IBinder>& clientBinder); 171 172 virtual binder::Status notifySystemEvent(int32_t eventId, 173 const std::vector<int32_t>& args); 174 175 virtual binder::Status notifyDeviceStateChange(int64_t newState); 176 177 // OK = supports api of that version, -EOPNOTSUPP = does not support 178 virtual binder::Status supportsCameraApi( 179 const String16& cameraId, int32_t apiVersion, 180 /*out*/ 181 bool *isSupported); 182 183 virtual binder::Status isHiddenPhysicalCamera( 184 const String16& cameraId, 185 /*out*/ 186 bool *isSupported); 187 188 // Extra permissions checks 189 virtual status_t onTransact(uint32_t code, const Parcel& data, 190 Parcel* reply, uint32_t flags); 191 192 virtual status_t dump(int fd, const Vector<String16>& args); 193 194 virtual status_t shellCommand(int in, int out, int err, const Vector<String16>& args); 195 196 binder::Status addListenerHelper(const sp<hardware::ICameraServiceListener>& listener, 197 /*out*/ 198 std::vector<hardware::CameraStatus>* cameraStatuses, bool isVendor = false); 199 200 // Monitored UIDs availability notification 201 void notifyMonitoredUids(); 202 203 // Register an offline client for a given active camera id 204 status_t addOfflineClient(String8 cameraId, sp<BasicClient> offlineClient); 205 206 ///////////////////////////////////////////////////////////////////// 207 // Client functionality 208 209 enum sound_kind { 210 SOUND_SHUTTER = 0, 211 SOUND_RECORDING_START = 1, 212 SOUND_RECORDING_STOP = 2, 213 NUM_SOUNDS 214 }; 215 216 void playSound(sound_kind kind); 217 void loadSoundLocked(sound_kind kind); 218 void decreaseSoundRef(); 219 void increaseSoundRef(); 220 /** 221 * Update the state of a given camera device (open/close/active/idle) with 222 * the camera proxy service in the system service 223 */ 224 static void updateProxyDeviceState( 225 int newState, 226 const String8& cameraId, 227 int facing, 228 const String16& clientName, 229 int apiLevel); 230 231 ///////////////////////////////////////////////////////////////////// 232 // CameraDeviceFactory functionality 233 int getDeviceVersion(const String8& cameraId, int* facing = NULL); 234 235 ///////////////////////////////////////////////////////////////////// 236 // Shared utilities 237 static binder::Status filterGetInfoErrorCode(status_t err); 238 239 ///////////////////////////////////////////////////////////////////// 240 // CameraClient functionality 241 242 class BasicClient : public virtual RefBase { 243 public: 244 virtual status_t initialize(sp<CameraProviderManager> manager, 245 const String8& monitorTags) = 0; 246 virtual binder::Status disconnect(); 247 248 // because we can't virtually inherit IInterface, which breaks 249 // virtual inheritance 250 virtual sp<IBinder> asBinderWrapper() = 0; 251 252 // Return the remote callback binder object (e.g. ICameraDeviceCallbacks) getRemote()253 sp<IBinder> getRemote() { 254 return mRemoteBinder; 255 } 256 257 // Disallows dumping over binder interface 258 virtual status_t dump(int fd, const Vector<String16>& args); 259 // Internal dump method to be called by CameraService 260 virtual status_t dumpClient(int fd, const Vector<String16>& args) = 0; 261 262 // Return the package name for this client 263 virtual String16 getPackageName() const; 264 265 // Notify client about a fatal error 266 virtual void notifyError(int32_t errorCode, 267 const CaptureResultExtras& resultExtras) = 0; 268 269 // Get the UID of the application client using this 270 virtual uid_t getClientUid() const; 271 272 // Get the PID of the application client using this 273 virtual int getClientPid() const; 274 275 // Check what API level is used for this client. This is used to determine which 276 // superclass this can be cast to. 277 virtual bool canCastToApiClient(apiLevel level) const; 278 279 // Block the client form using the camera 280 virtual void block(); 281 282 // set audio restriction from client 283 // Will call into camera service and hold mServiceLock 284 virtual status_t setAudioRestriction(int32_t mode); 285 286 // Get current global audio restriction setting 287 // Will call into camera service and hold mServiceLock 288 virtual int32_t getServiceAudioRestriction() const; 289 290 // Get current audio restriction setting for this client 291 virtual int32_t getAudioRestriction() const; 292 293 static bool isValidAudioRestriction(int32_t mode); 294 295 // Override rotate-and-crop AUTO behavior 296 virtual status_t setRotateAndCropOverride(uint8_t rotateAndCrop) = 0; 297 298 protected: 299 BasicClient(const sp<CameraService>& cameraService, 300 const sp<IBinder>& remoteCallback, 301 const String16& clientPackageName, 302 const std::unique_ptr<String16>& clientFeatureId, 303 const String8& cameraIdStr, 304 int cameraFacing, 305 int clientPid, 306 uid_t clientUid, 307 int servicePid); 308 309 virtual ~BasicClient(); 310 311 // the instance is in the middle of destruction. When this is set, 312 // the instance should not be accessed from callback. 313 // CameraService's mClientLock should be acquired to access this. 314 // - subclasses should set this to true in their destructors. 315 bool mDestructionStarted; 316 317 // these are initialized in the constructor. 318 static sp<CameraService> sCameraService; 319 const String8 mCameraIdStr; 320 const int mCameraFacing; 321 String16 mClientPackageName; 322 std::unique_ptr<String16> mClientFeatureId; 323 pid_t mClientPid; 324 const uid_t mClientUid; 325 const pid_t mServicePid; 326 bool mDisconnected; 327 bool mUidIsTrusted; 328 329 mutable Mutex mAudioRestrictionLock; 330 int32_t mAudioRestriction; 331 332 // - The app-side Binder interface to receive callbacks from us 333 sp<IBinder> mRemoteBinder; // immutable after constructor 334 335 // permissions management 336 virtual status_t startCameraOps(); 337 virtual status_t finishCameraOps(); 338 339 std::unique_ptr<AppOpsManager> mAppOpsManager = nullptr; 340 341 class OpsCallback : public BnAppOpsCallback { 342 public: 343 explicit OpsCallback(wp<BasicClient> client); 344 virtual void opChanged(int32_t op, const String16& packageName); 345 346 private: 347 wp<BasicClient> mClient; 348 349 }; // class OpsCallback 350 351 sp<OpsCallback> mOpsCallback; 352 // Track whether startCameraOps was called successfully, to avoid 353 // finishing what we didn't start. 354 bool mOpsActive; 355 356 // IAppOpsCallback interface, indirected through opListener 357 virtual void opChanged(int32_t op, const String16& packageName); 358 }; // class BasicClient 359 360 class Client : public hardware::BnCamera, public BasicClient 361 { 362 public: 363 typedef hardware::ICameraClient TCamCallbacks; 364 365 // ICamera interface (see ICamera for details) 366 virtual binder::Status disconnect(); 367 virtual status_t connect(const sp<hardware::ICameraClient>& client) = 0; 368 virtual status_t lock() = 0; 369 virtual status_t unlock() = 0; 370 virtual status_t setPreviewTarget(const sp<IGraphicBufferProducer>& bufferProducer)=0; 371 virtual void setPreviewCallbackFlag(int flag) = 0; 372 virtual status_t setPreviewCallbackTarget( 373 const sp<IGraphicBufferProducer>& callbackProducer) = 0; 374 virtual status_t startPreview() = 0; 375 virtual void stopPreview() = 0; 376 virtual bool previewEnabled() = 0; 377 virtual status_t setVideoBufferMode(int32_t videoBufferMode) = 0; 378 virtual status_t startRecording() = 0; 379 virtual void stopRecording() = 0; 380 virtual bool recordingEnabled() = 0; 381 virtual void releaseRecordingFrame(const sp<IMemory>& mem) = 0; 382 virtual status_t autoFocus() = 0; 383 virtual status_t cancelAutoFocus() = 0; 384 virtual status_t takePicture(int msgType) = 0; 385 virtual status_t setParameters(const String8& params) = 0; 386 virtual String8 getParameters() const = 0; 387 virtual status_t sendCommand(int32_t cmd, int32_t arg1, int32_t arg2) = 0; 388 virtual status_t setVideoTarget(const sp<IGraphicBufferProducer>& bufferProducer) = 0; 389 390 // Interface used by CameraService 391 Client(const sp<CameraService>& cameraService, 392 const sp<hardware::ICameraClient>& cameraClient, 393 const String16& clientPackageName, 394 const std::unique_ptr<String16>& clientFeatureId, 395 const String8& cameraIdStr, 396 int api1CameraId, 397 int cameraFacing, 398 int clientPid, 399 uid_t clientUid, 400 int servicePid); 401 ~Client(); 402 403 // return our camera client getRemoteCallback()404 const sp<hardware::ICameraClient>& getRemoteCallback() { 405 return mRemoteCallback; 406 } 407 asBinderWrapper()408 virtual sp<IBinder> asBinderWrapper() { 409 return asBinder(this); 410 } 411 412 virtual void notifyError(int32_t errorCode, 413 const CaptureResultExtras& resultExtras); 414 415 // Check what API level is used for this client. This is used to determine which 416 // superclass this can be cast to. 417 virtual bool canCastToApiClient(apiLevel level) const; 418 protected: 419 // Initialized in constructor 420 421 // - The app-side Binder interface to receive callbacks from us 422 sp<hardware::ICameraClient> mRemoteCallback; 423 424 int mCameraId; // All API1 clients use integer camera IDs 425 }; // class Client 426 427 /** 428 * A listener class that implements the LISTENER interface for use with a ClientManager, and 429 * implements the following methods: 430 * void onClientRemoved(const ClientDescriptor<KEY, VALUE>& descriptor); 431 * void onClientAdded(const ClientDescriptor<KEY, VALUE>& descriptor); 432 */ 433 class ClientEventListener { 434 public: 435 void onClientAdded(const resource_policy::ClientDescriptor<String8, 436 sp<CameraService::BasicClient>>& descriptor); 437 void onClientRemoved(const resource_policy::ClientDescriptor<String8, 438 sp<CameraService::BasicClient>>& descriptor); 439 }; // class ClientEventListener 440 441 typedef std::shared_ptr<resource_policy::ClientDescriptor<String8, 442 sp<CameraService::BasicClient>>> DescriptorPtr; 443 444 /** 445 * A container class for managing active camera clients that are using HAL devices. Active 446 * clients are represented by ClientDescriptor objects that contain strong pointers to the 447 * actual BasicClient subclass binder interface implementation. 448 * 449 * This class manages the eviction behavior for the camera clients. See the parent class 450 * implementation in utils/ClientManager for the specifics of this behavior. 451 */ 452 class CameraClientManager : public resource_policy::ClientManager<String8, 453 sp<CameraService::BasicClient>, ClientEventListener> { 454 public: 455 CameraClientManager(); 456 virtual ~CameraClientManager(); 457 458 /** 459 * Return a strong pointer to the active BasicClient for this camera ID, or an empty 460 * if none exists. 461 */ 462 sp<CameraService::BasicClient> getCameraClient(const String8& id) const; 463 464 /** 465 * Return a string describing the current state. 466 */ 467 String8 toString() const; 468 469 /** 470 * Make a ClientDescriptor object wrapping the given BasicClient strong pointer. 471 */ 472 static DescriptorPtr makeClientDescriptor(const String8& key, const sp<BasicClient>& value, 473 int32_t cost, const std::set<String8>& conflictingKeys, int32_t score, 474 int32_t ownerId, int32_t state); 475 476 /** 477 * Make a ClientDescriptor object wrapping the given BasicClient strong pointer with 478 * values intialized from a prior ClientDescriptor. 479 */ 480 static DescriptorPtr makeClientDescriptor(const sp<BasicClient>& value, 481 const CameraService::DescriptorPtr& partial); 482 483 }; // class CameraClientManager 484 485 int32_t updateAudioRestriction(); 486 int32_t updateAudioRestrictionLocked(); 487 488 private: 489 490 typedef hardware::camera::common::V1_0::CameraDeviceStatus CameraDeviceStatus; 491 492 /** 493 * Typesafe version of device status, containing both the HAL-layer and the service interface- 494 * layer values. 495 */ 496 enum class StatusInternal : int32_t { 497 NOT_PRESENT = static_cast<int32_t>(CameraDeviceStatus::NOT_PRESENT), 498 PRESENT = static_cast<int32_t>(CameraDeviceStatus::PRESENT), 499 ENUMERATING = static_cast<int32_t>(CameraDeviceStatus::ENUMERATING), 500 NOT_AVAILABLE = static_cast<int32_t>(hardware::ICameraServiceListener::STATUS_NOT_AVAILABLE), 501 UNKNOWN = static_cast<int32_t>(hardware::ICameraServiceListener::STATUS_UNKNOWN) 502 }; 503 504 /** 505 * Container class for the state of each logical camera device, including: ID, status, and 506 * dependencies on other devices. The mapping of camera ID -> state saved in mCameraStates 507 * represents the camera devices advertised by the HAL (and any USB devices, when we add 508 * those). 509 * 510 * This container does NOT represent an active camera client. These are represented using 511 * the ClientDescriptors stored in mActiveClientManager. 512 */ 513 class CameraState { 514 public: 515 516 /** 517 * Make a new CameraState and set the ID, cost, and conflicting devices using the values 518 * returned in the HAL's camera_info struct for each device. 519 */ 520 CameraState(const String8& id, int cost, const std::set<String8>& conflicting, 521 SystemCameraKind deviceKind); 522 virtual ~CameraState(); 523 524 /** 525 * Return the status for this device. 526 * 527 * This method acquires mStatusLock. 528 */ 529 StatusInternal getStatus() const; 530 531 /** 532 * This function updates the status for this camera device, unless the given status 533 * is in the given list of rejected status states, and execute the function passed in 534 * with a signature onStatusUpdateLocked(const String8&, int32_t) 535 * if the status has changed. 536 * 537 * This method is idempotent, and will not result in the function passed to 538 * onStatusUpdateLocked being called more than once for the same arguments. 539 * This method aquires mStatusLock. 540 */ 541 template<class Func> 542 void updateStatus(StatusInternal status, 543 const String8& cameraId, 544 std::initializer_list<StatusInternal> rejectSourceStates, 545 Func onStatusUpdatedLocked); 546 547 /** 548 * Return the last set CameraParameters object generated from the information returned by 549 * the HAL for this device (or an empty CameraParameters object if none has been set). 550 */ 551 CameraParameters getShimParams() const; 552 553 /** 554 * Set the CameraParameters for this device. 555 */ 556 void setShimParams(const CameraParameters& params); 557 558 /** 559 * Return the resource_cost advertised by the HAL for this device. 560 */ 561 int getCost() const; 562 563 /** 564 * Return a set of the IDs of conflicting devices advertised by the HAL for this device. 565 */ 566 std::set<String8> getConflicting() const; 567 568 /** 569 * Return the ID of this camera device. 570 */ 571 String8 getId() const; 572 573 /** 574 * Return the kind (SystemCameraKind) of this camera device. 575 */ 576 SystemCameraKind getSystemCameraKind() const; 577 578 /** 579 * Add/Remove the unavailable physical camera ID. 580 */ 581 bool addUnavailablePhysicalId(const String8& physicalId); 582 bool removeUnavailablePhysicalId(const String8& physicalId); 583 584 /** 585 * Return the unavailable physical ids for this device. 586 * 587 * This method acquires mStatusLock. 588 */ 589 std::vector<String8> getUnavailablePhysicalIds() const; 590 private: 591 const String8 mId; 592 StatusInternal mStatus; // protected by mStatusLock 593 const int mCost; 594 std::set<String8> mConflicting; 595 std::set<String8> mUnavailablePhysicalIds; 596 mutable Mutex mStatusLock; 597 CameraParameters mShimParams; 598 const SystemCameraKind mSystemCameraKind; 599 }; // class CameraState 600 601 // Observer for UID lifecycle enforcing that UIDs in idle 602 // state cannot use the camera to protect user privacy. 603 class UidPolicy : public BnUidObserver, public virtual IBinder::DeathRecipient { 604 public: UidPolicy(sp<CameraService> service)605 explicit UidPolicy(sp<CameraService> service) 606 : mRegistered(false), mService(service) {} 607 608 void registerSelf(); 609 void unregisterSelf(); 610 611 bool isUidActive(uid_t uid, String16 callingPackage); 612 int32_t getProcState(uid_t uid); 613 614 void onUidGone(uid_t uid, bool disabled); 615 void onUidActive(uid_t uid); 616 void onUidIdle(uid_t uid, bool disabled); 617 void onUidStateChanged(uid_t uid, int32_t procState, int64_t procStateSeq, 618 int32_t capability); 619 620 void addOverrideUid(uid_t uid, String16 callingPackage, bool active); 621 void removeOverrideUid(uid_t uid, String16 callingPackage); 622 623 void registerMonitorUid(uid_t uid); 624 void unregisterMonitorUid(uid_t uid); 625 626 // IBinder::DeathRecipient implementation 627 virtual void binderDied(const wp<IBinder> &who); 628 private: 629 bool isUidActiveLocked(uid_t uid, String16 callingPackage); 630 int32_t getProcStateLocked(uid_t uid); 631 void updateOverrideUid(uid_t uid, String16 callingPackage, bool active, bool insert); 632 633 Mutex mUidLock; 634 bool mRegistered; 635 ActivityManager mAm; 636 wp<CameraService> mService; 637 std::unordered_set<uid_t> mActiveUids; 638 // Monitored uid map to cached procState and refCount pair 639 std::unordered_map<uid_t, std::pair<int32_t, size_t>> mMonitoredUids; 640 std::unordered_map<uid_t, bool> mOverrideUids; 641 }; // class UidPolicy 642 643 // If sensor privacy is enabled then all apps, including those that are active, should be 644 // prevented from accessing the camera. 645 class SensorPrivacyPolicy : public hardware::BnSensorPrivacyListener, 646 public virtual IBinder::DeathRecipient { 647 public: SensorPrivacyPolicy(wp<CameraService> service)648 explicit SensorPrivacyPolicy(wp<CameraService> service) 649 : mService(service), mSensorPrivacyEnabled(false), mRegistered(false) {} 650 651 void registerSelf(); 652 void unregisterSelf(); 653 654 bool isSensorPrivacyEnabled(); 655 656 binder::Status onSensorPrivacyChanged(bool enabled); 657 658 // IBinder::DeathRecipient implementation 659 virtual void binderDied(const wp<IBinder> &who); 660 661 private: 662 SensorPrivacyManager mSpm; 663 wp<CameraService> mService; 664 Mutex mSensorPrivacyLock; 665 bool mSensorPrivacyEnabled; 666 bool mRegistered; 667 }; 668 669 sp<UidPolicy> mUidPolicy; 670 671 sp<SensorPrivacyPolicy> mSensorPrivacyPolicy; 672 673 // Delay-load the Camera HAL module 674 virtual void onFirstRef(); 675 676 // Eumerate all camera providers in the system 677 status_t enumerateProviders(); 678 679 // Add/remove a new camera to camera and torch state lists or remove an unplugged one 680 // Caller must not hold mServiceLock 681 void addStates(const String8 id); 682 void removeStates(const String8 id); 683 684 // Check if we can connect, before we acquire the service lock. 685 // The returned originalClientPid is the PID of the original process that wants to connect to 686 // camera. 687 // The returned clientPid is the PID of the client that directly connects to camera. 688 // originalClientPid and clientPid are usually the same except when the application uses 689 // mediaserver to connect to camera (using MediaRecorder to connect to camera). In that case, 690 // clientPid is the PID of mediaserver and originalClientPid is the PID of the application. 691 binder::Status validateConnectLocked(const String8& cameraId, const String8& clientName8, 692 /*inout*/int& clientUid, /*inout*/int& clientPid, /*out*/int& originalClientPid) const; 693 binder::Status validateClientPermissionsLocked(const String8& cameraId, const String8& clientName8, 694 /*inout*/int& clientUid, /*inout*/int& clientPid, /*out*/int& originalClientPid) const; 695 696 // Handle active client evictions, and update service state. 697 // Only call with with mServiceLock held. 698 status_t handleEvictionsLocked(const String8& cameraId, int clientPid, 699 apiLevel effectiveApiLevel, const sp<IBinder>& remoteCallback, const String8& packageName, 700 /*out*/ 701 sp<BasicClient>* client, 702 std::shared_ptr<resource_policy::ClientDescriptor<String8, sp<BasicClient>>>* partial); 703 704 // Should an operation attempt on a cameraId be rejected ? (this can happen 705 // under various conditions. For example if a camera device is advertised as 706 // system only or hidden secure camera, amongst possible others. 707 bool shouldRejectSystemCameraConnection(const String8 & cameraId) const; 708 709 // Should a device status update be skipped for a particular camera device ? (this can happen 710 // under various conditions. For example if a camera device is advertised as 711 // system only or hidden secure camera, amongst possible others. 712 static bool shouldSkipStatusUpdates(SystemCameraKind systemCameraKind, bool isVendorListener, 713 int clientPid, int clientUid); 714 715 // Gets the kind of camera device (i.e public, hidden secure or system only) 716 // getSystemCameraKind() needs mInterfaceMutex which might lead to deadlocks 717 // if held along with mStatusListenerLock (depending on lock ordering, b/141756275), it is 718 // recommended that we don't call this function with mStatusListenerLock held. 719 status_t getSystemCameraKind(const String8& cameraId, SystemCameraKind *kind) const; 720 721 // Update the set of API1Compatible camera devices without including system 722 // cameras and secure cameras. This is used for hiding system only cameras 723 // from clients using camera1 api and not having android.permission.SYSTEM_CAMERA. 724 // This function expects @param normalDeviceIds, to have normalDeviceIds 725 // sorted in alpha-numeric order. 726 void filterAPI1SystemCameraLocked(const std::vector<std::string> &normalDeviceIds); 727 728 // Single implementation shared between the various connect calls 729 template<class CALLBACK, class CLIENT> 730 binder::Status connectHelper(const sp<CALLBACK>& cameraCb, const String8& cameraId, 731 int api1CameraId, int halVersion, const String16& clientPackageName, 732 const std::unique_ptr<String16>& clientFeatureId, int clientUid, int clientPid, 733 apiLevel effectiveApiLevel, bool shimUpdateOnly, /*out*/sp<CLIENT>& device); 734 735 // Lock guarding camera service state 736 Mutex mServiceLock; 737 738 // Condition to use with mServiceLock, used to handle simultaneous connect calls from clients 739 std::shared_ptr<WaitableMutexWrapper> mServiceLockWrapper; 740 741 // Return NO_ERROR if the device with a give ID can be connected to 742 status_t checkIfDeviceIsUsable(const String8& cameraId) const; 743 744 // Container for managing currently active application-layer clients 745 CameraClientManager mActiveClientManager; 746 747 // Mapping from camera ID -> state for each device, map is protected by mCameraStatesLock 748 std::map<String8, std::shared_ptr<CameraState>> mCameraStates; 749 750 // Mutex guarding mCameraStates map 751 mutable Mutex mCameraStatesLock; 752 753 // Circular buffer for storing event logging for dumps 754 RingBuffer<String8> mEventLog; 755 Mutex mLogLock; 756 757 // The last monitored tags set by client 758 String8 mMonitorTags; 759 760 // Currently allowed user IDs 761 std::set<userid_t> mAllowedUsers; 762 763 /** 764 * Get the camera state for a given camera id. 765 * 766 * This acquires mCameraStatesLock. 767 */ 768 std::shared_ptr<CameraService::CameraState> getCameraState(const String8& cameraId) const; 769 770 /** 771 * Evict client who's remote binder has died. Returns true if this client was in the active 772 * list and was disconnected. 773 * 774 * This method acquires mServiceLock. 775 */ 776 bool evictClientIdByRemote(const wp<IBinder>& cameraClient); 777 778 /** 779 * Remove the given client from the active clients list; does not disconnect the client. 780 * 781 * This method acquires mServiceLock. 782 */ 783 void removeByClient(const BasicClient* client); 784 785 /** 786 * Add new client to active clients list after conflicting clients have disconnected using the 787 * values set in the partial descriptor passed in to construct the actual client descriptor. 788 * This is typically called at the end of a connect call. 789 * 790 * This method must be called with mServiceLock held. 791 */ 792 void finishConnectLocked(const sp<BasicClient>& client, const DescriptorPtr& desc); 793 794 /** 795 * Returns the underlying camera Id string mapped to a camera id int 796 * Empty string is returned when the cameraIdInt is invalid. 797 */ 798 String8 cameraIdIntToStr(int cameraIdInt); 799 800 /** 801 * Returns the underlying camera Id string mapped to a camera id int 802 * Empty string is returned when the cameraIdInt is invalid. 803 */ 804 std::string cameraIdIntToStrLocked(int cameraIdInt); 805 806 /** 807 * Remove a single client corresponding to the given camera id from the list of active clients. 808 * If none exists, return an empty strongpointer. 809 * 810 * This method must be called with mServiceLock held. 811 */ 812 sp<CameraService::BasicClient> removeClientLocked(const String8& cameraId); 813 814 /** 815 * Handle a notification that the current device user has changed. 816 */ 817 void doUserSwitch(const std::vector<int32_t>& newUserIds); 818 819 /** 820 * Add an event log message. 821 */ 822 void logEvent(const char* event); 823 824 /** 825 * Add an event log message that a client has been disconnected. 826 */ 827 void logDisconnected(const char* cameraId, int clientPid, const char* clientPackage); 828 829 /** 830 * Add an event log message that a client has been disconnected from offline device. 831 */ 832 void logDisconnectedOffline(const char* cameraId, int clientPid, const char* clientPackage); 833 834 /** 835 * Add an event log message that an offline client has been connected. 836 */ 837 void logConnectedOffline(const char* cameraId, int clientPid, 838 const char* clientPackage); 839 840 /** 841 * Add an event log message that a client has been connected. 842 */ 843 void logConnected(const char* cameraId, int clientPid, const char* clientPackage); 844 845 /** 846 * Add an event log message that a client's connect attempt has been rejected. 847 */ 848 void logRejected(const char* cameraId, int clientPid, const char* clientPackage, 849 const char* reason); 850 851 /** 852 * Add an event log message when a client calls setTorchMode succesfully. 853 */ 854 void logTorchEvent(const char* cameraId, const char *torchState, int clientPid); 855 856 /** 857 * Add an event log message that the current device user has been switched. 858 */ 859 void logUserSwitch(const std::set<userid_t>& oldUserIds, 860 const std::set<userid_t>& newUserIds); 861 862 /** 863 * Add an event log message that a device has been removed by the HAL 864 */ 865 void logDeviceRemoved(const char* cameraId, const char* reason); 866 867 /** 868 * Add an event log message that a device has been added by the HAL 869 */ 870 void logDeviceAdded(const char* cameraId, const char* reason); 871 872 /** 873 * Add an event log message that a client has unexpectedly died. 874 */ 875 void logClientDied(int clientPid, const char* reason); 876 877 /** 878 * Add a event log message that a serious service-level error has occured 879 * The errorCode should be one of the Android Errors 880 */ 881 void logServiceError(const char* msg, int errorCode); 882 883 /** 884 * Dump the event log to an FD 885 */ 886 void dumpEventLog(int fd); 887 888 /** 889 * This method will acquire mServiceLock 890 */ 891 void updateCameraNumAndIds(); 892 893 // Number of camera devices (excluding hidden secure cameras) 894 int mNumberOfCameras; 895 // Number of camera devices (excluding hidden secure cameras and 896 // system cameras) 897 int mNumberOfCamerasWithoutSystemCamera; 898 899 std::vector<std::string> mNormalDeviceIds; 900 std::vector<std::string> mNormalDeviceIdsWithoutSystemCamera; 901 902 // sounds 903 sp<MediaPlayer> newMediaPlayer(const char *file); 904 905 Mutex mSoundLock; 906 sp<MediaPlayer> mSoundPlayer[NUM_SOUNDS]; 907 int mSoundRef; // reference count (release all MediaPlayer when 0) 908 909 // Basic flag on whether the camera subsystem is in a usable state 910 bool mInitialized; 911 912 sp<CameraProviderManager> mCameraProviderManager; 913 914 class ServiceListener : public virtual IBinder::DeathRecipient { 915 public: ServiceListener(sp<CameraService> parent,sp<hardware::ICameraServiceListener> listener,int uid,int pid,bool isVendorClient,bool openCloseCallbackAllowed)916 ServiceListener(sp<CameraService> parent, sp<hardware::ICameraServiceListener> listener, 917 int uid, int pid, bool isVendorClient, bool openCloseCallbackAllowed) 918 : mParent(parent), mListener(listener), mListenerUid(uid), mListenerPid(pid), 919 mIsVendorListener(isVendorClient), 920 mOpenCloseCallbackAllowed(openCloseCallbackAllowed) { } 921 initialize()922 status_t initialize() { 923 return IInterface::asBinder(mListener)->linkToDeath(this); 924 } 925 binderDied(const wp<IBinder> &)926 virtual void binderDied(const wp<IBinder> &/*who*/) { 927 auto parent = mParent.promote(); 928 if (parent.get() != nullptr) { 929 parent->removeListener(mListener); 930 } 931 } 932 getListenerUid()933 int getListenerUid() { return mListenerUid; } getListenerPid()934 int getListenerPid() { return mListenerPid; } getListener()935 sp<hardware::ICameraServiceListener> getListener() { return mListener; } isVendorListener()936 bool isVendorListener() { return mIsVendorListener; } isOpenCloseCallbackAllowed()937 bool isOpenCloseCallbackAllowed() { return mOpenCloseCallbackAllowed; } 938 939 private: 940 wp<CameraService> mParent; 941 sp<hardware::ICameraServiceListener> mListener; 942 int mListenerUid = -1; 943 int mListenerPid = -1; 944 bool mIsVendorListener = false; 945 bool mOpenCloseCallbackAllowed = false; 946 }; 947 948 // Guarded by mStatusListenerMutex 949 std::vector<sp<ServiceListener>> mListenerList; 950 951 Mutex mStatusListenerLock; 952 953 /** 954 * Update the status for the given camera id (if that device exists), and broadcast the 955 * status update to all current ICameraServiceListeners if the status has changed. Any 956 * statuses in rejectedSourceStates will be ignored. 957 * 958 * This method must be idempotent. 959 * This method acquires mStatusLock and mStatusListenerLock. 960 */ 961 void updateStatus(StatusInternal status, 962 const String8& cameraId, 963 std::initializer_list<StatusInternal> 964 rejectedSourceStates); 965 void updateStatus(StatusInternal status, 966 const String8& cameraId); 967 968 /** 969 * Update the opened/closed status of the given camera id. 970 * 971 * This method acqiures mStatusListenerLock. 972 */ 973 void updateOpenCloseStatus(const String8& cameraId, bool open, const String16& packageName); 974 975 // flashlight control 976 sp<CameraFlashlight> mFlashlight; 977 // guard mTorchStatusMap 978 Mutex mTorchStatusMutex; 979 // guard mTorchClientMap 980 Mutex mTorchClientMapMutex; 981 // guard mTorchUidMap 982 Mutex mTorchUidMapMutex; 983 // camera id -> torch status 984 KeyedVector<String8, hardware::camera::common::V1_0::TorchModeStatus> 985 mTorchStatusMap; 986 // camera id -> torch client binder 987 // only store the last client that turns on each camera's torch mode 988 KeyedVector<String8, sp<IBinder>> mTorchClientMap; 989 // camera id -> [incoming uid, current uid] pair 990 std::map<String8, std::pair<int, int>> mTorchUidMap; 991 992 // check and handle if torch client's process has died 993 void handleTorchClientBinderDied(const wp<IBinder> &who); 994 995 // handle torch mode status change and invoke callbacks. mTorchStatusMutex 996 // should be locked. 997 void onTorchStatusChangedLocked(const String8& cameraId, 998 hardware::camera::common::V1_0::TorchModeStatus newStatus, 999 SystemCameraKind systemCameraKind); 1000 1001 // get a camera's torch status. mTorchStatusMutex should be locked. 1002 status_t getTorchStatusLocked(const String8 &cameraId, 1003 hardware::camera::common::V1_0::TorchModeStatus *status) const; 1004 1005 // set a camera's torch status. mTorchStatusMutex should be locked. 1006 status_t setTorchStatusLocked(const String8 &cameraId, 1007 hardware::camera::common::V1_0::TorchModeStatus status); 1008 1009 // notify physical camera status when the physical camera is public. 1010 // Expects mStatusListenerLock to be locked. 1011 void notifyPhysicalCameraStatusLocked(int32_t status, const String16& physicalCameraId, 1012 const std::list<String16>& logicalCameraIds, SystemCameraKind deviceKind); 1013 1014 // get list of logical cameras which are backed by physicalCameraId 1015 std::list<String16> getLogicalCameras(const String8& physicalCameraId); 1016 1017 1018 // IBinder::DeathRecipient implementation 1019 virtual void binderDied(const wp<IBinder> &who); 1020 1021 /** 1022 * Initialize and cache the metadata used by the HAL1 shim for a given cameraId. 1023 * 1024 * Sets Status to a service-specific error on failure 1025 */ 1026 binder::Status initializeShimMetadata(int cameraId); 1027 1028 /** 1029 * Get the cached CameraParameters for the camera. If they haven't been 1030 * cached yet, then initialize them for the first time. 1031 * 1032 * Sets Status to a service-specific error on failure 1033 */ 1034 binder::Status getLegacyParametersLazy(int cameraId, /*out*/CameraParameters* parameters); 1035 1036 // Blocks all clients from the UID 1037 void blockClientsForUid(uid_t uid); 1038 1039 // Blocks all active clients. 1040 void blockAllClients(); 1041 1042 // Overrides the UID state as if it is idle 1043 status_t handleSetUidState(const Vector<String16>& args, int err); 1044 1045 // Clears the override for the UID state 1046 status_t handleResetUidState(const Vector<String16>& args, int err); 1047 1048 // Gets the UID state 1049 status_t handleGetUidState(const Vector<String16>& args, int out, int err); 1050 1051 // Set the rotate-and-crop AUTO override behavior 1052 status_t handleSetRotateAndCrop(const Vector<String16>& args); 1053 1054 // Get the rotate-and-crop AUTO override behavior 1055 status_t handleGetRotateAndCrop(int out); 1056 1057 // Prints the shell command help 1058 status_t printHelp(int out); 1059 1060 /** 1061 * Get the current system time as a formatted string. 1062 */ 1063 static String8 getFormattedCurrentTime(); 1064 1065 static binder::Status makeClient(const sp<CameraService>& cameraService, 1066 const sp<IInterface>& cameraCb, const String16& packageName, 1067 const std::unique_ptr<String16>& featureId, const String8& cameraId, int api1CameraId, 1068 int facing, int clientPid, uid_t clientUid, int servicePid, int halVersion, 1069 int deviceVersion, apiLevel effectiveApiLevel, 1070 /*out*/sp<BasicClient>* client); 1071 1072 status_t checkCameraAccess(const String16& opPackageName); 1073 1074 static String8 toString(std::set<userid_t> intSet); 1075 static int32_t mapToInterface(hardware::camera::common::V1_0::TorchModeStatus status); 1076 static StatusInternal mapToInternal(hardware::camera::common::V1_0::CameraDeviceStatus status); 1077 static int32_t mapToInterface(StatusInternal status); 1078 1079 // Guard mCameraServiceProxy 1080 static Mutex sProxyMutex; 1081 // Cached interface to the camera service proxy in system service 1082 static sp<hardware::ICameraServiceProxy> sCameraServiceProxy; 1083 1084 static sp<hardware::ICameraServiceProxy> getCameraServiceProxy(); 1085 static void pingCameraServiceProxy(); 1086 1087 void broadcastTorchModeStatus(const String8& cameraId, 1088 hardware::camera::common::V1_0::TorchModeStatus status, 1089 SystemCameraKind systemCameraKind); 1090 1091 void disconnectClient(const String8& id, sp<BasicClient> clientToDisconnect); 1092 1093 // Regular online and offline devices must not be in conflict at camera service layer. 1094 // Use separate keys for offline devices. 1095 static const String8 kOfflineDevice; 1096 1097 // TODO: right now each BasicClient holds one AppOpsManager instance. 1098 // We can refactor the code so all of clients share this instance 1099 AppOpsManager mAppOps; 1100 1101 // Aggreated audio restriction mode for all camera clients 1102 int32_t mAudioRestriction; 1103 1104 // Current override rotate-and-crop mode 1105 uint8_t mOverrideRotateAndCropMode = ANDROID_SCALER_ROTATE_AND_CROP_AUTO; 1106 }; 1107 1108 } // namespace android 1109 1110 #endif 1111