diff options
author | Wei Jia <wjia@google.com> | 2015-10-06 02:55:19 +0000 |
---|---|---|
committer | Android Git Automerger <android-git-automerger@android.com> | 2015-10-06 02:55:19 +0000 |
commit | b90b8291e36ae079ac0ccd029bb6e6a987036f7c (patch) | |
tree | 973ea7078c95ed0d8d029fd1dffa3ddbe6fd2528 | |
parent | ee481c9b172f90f507d505c9b32620cc1d062c83 (diff) | |
parent | cb70fdbe9be14002a4303a93f07a13c508c00d89 (diff) | |
download | frameworks_av-b90b8291e36ae079ac0ccd029bb6e6a987036f7c.zip frameworks_av-b90b8291e36ae079ac0ccd029bb6e6a987036f7c.tar.gz frameworks_av-b90b8291e36ae079ac0ccd029bb6e6a987036f7c.tar.bz2 |
am cb70fdbe: Merge "OMX: allow only secure codec to remotely call allocateBuffer." into mnc-dev
* commit 'cb70fdbe9be14002a4303a93f07a13c508c00d89':
OMX: allow only secure codec to remotely call allocateBuffer.
-rw-r--r-- | include/media/IOMX.h | 6 | ||||
-rw-r--r-- | media/libmedia/IOMX.cpp | 6 | ||||
-rw-r--r-- | media/libstagefright/include/OMX.h | 2 | ||||
-rw-r--r-- | media/libstagefright/include/OMXNodeInstance.h | 5 | ||||
-rw-r--r-- | media/libstagefright/omx/OMX.cpp | 5 | ||||
-rw-r--r-- | media/libstagefright/omx/OMXNodeInstance.cpp | 1 |
6 files changed, 25 insertions, 0 deletions
diff --git a/include/media/IOMX.h b/include/media/IOMX.h index 3d29e4a..27ad694 100644 --- a/include/media/IOMX.h +++ b/include/media/IOMX.h @@ -249,6 +249,12 @@ public: virtual status_t onTransact( uint32_t code, const Parcel &data, Parcel *reply, uint32_t flags = 0); + +protected: + // check if the codec is secure. + virtual bool isSecure(IOMX::node_id node) { + return false; + } }; class BnOMXObserver : public BnInterface<IOMXObserver> { diff --git a/media/libmedia/IOMX.cpp b/media/libmedia/IOMX.cpp index 16da65e..5423c2a 100644 --- a/media/libmedia/IOMX.cpp +++ b/media/libmedia/IOMX.cpp @@ -963,6 +963,12 @@ status_t BnOMX::onTransact( node_id node = (node_id)data.readInt32(); OMX_U32 port_index = data.readInt32(); + if (!isSecure(node) || port_index != 0 /* kPortIndexInput */) { + ALOGE("b/24310423"); + reply->writeInt32(INVALID_OPERATION); + return NO_ERROR; + } + size_t size = data.readInt64(); buffer_id buffer; diff --git a/media/libstagefright/include/OMX.h b/media/libstagefright/include/OMX.h index d468dfc..e7c4f6d 100644 --- a/media/libstagefright/include/OMX.h +++ b/media/libstagefright/include/OMX.h @@ -140,6 +140,8 @@ public: virtual void binderDied(const wp<IBinder> &the_late_who); + virtual bool isSecure(IOMX::node_id node); + OMX_ERRORTYPE OnEvent( node_id node, OMX_IN OMX_EVENTTYPE eEvent, diff --git a/media/libstagefright/include/OMXNodeInstance.h b/media/libstagefright/include/OMXNodeInstance.h index f68e0a9..e5fb45b 100644 --- a/media/libstagefright/include/OMXNodeInstance.h +++ b/media/libstagefright/include/OMXNodeInstance.h @@ -125,6 +125,10 @@ struct OMXNodeInstance { const void *data, size_t size); + bool isSecure() const { + return mIsSecure; + } + // handles messages and removes them from the list void onMessages(std::list<omx_message> &messages); void onMessage(const omx_message &msg); @@ -142,6 +146,7 @@ private: OMX_HANDLETYPE mHandle; sp<IOMXObserver> mObserver; bool mDying; + bool mIsSecure; // Lock only covers mGraphicBufferSource. We can't always use mLock // because of rare instances where we'd end up locking it recursively. diff --git a/media/libstagefright/omx/OMX.cpp b/media/libstagefright/omx/OMX.cpp index cb7ab5e..7f357c9 100644 --- a/media/libstagefright/omx/OMX.cpp +++ b/media/libstagefright/omx/OMX.cpp @@ -194,6 +194,11 @@ void OMX::binderDied(const wp<IBinder> &the_late_who) { instance->onObserverDied(mMaster); } +bool OMX::isSecure(node_id node) { + OMXNodeInstance *instance = findInstance(node); + return (instance == NULL ? false : instance->isSecure()); +} + bool OMX::livesLocally(node_id /* node */, pid_t pid) { return pid == getpid(); } diff --git a/media/libstagefright/omx/OMXNodeInstance.cpp b/media/libstagefright/omx/OMXNodeInstance.cpp index 9f1c5d8..94a213a 100644 --- a/media/libstagefright/omx/OMXNodeInstance.cpp +++ b/media/libstagefright/omx/OMXNodeInstance.cpp @@ -203,6 +203,7 @@ OMXNodeInstance::OMXNodeInstance( mDebugLevelBumpPendingBuffers[1] = 0; mMetadataType[0] = kMetadataBufferTypeInvalid; mMetadataType[1] = kMetadataBufferTypeInvalid; + mIsSecure = AString(name).endsWith(".secure"); } OMXNodeInstance::~OMXNodeInstance() { |