don't allow screenshots without the READ_FRAMEBUFFER permission

author Mathias Agopian <mathias@google.com>

Sat, 16 Mar 2013 01:31:56 +0000 (18:31 -0700)

committer Mathias Agopian <mathias@google.com>

Sat, 16 Mar 2013 01:39:16 +0000 (18:39 -0700)
author Mathias Agopian <mathias@google.com>
Sat, 16 Mar 2013 01:31:56 +0000 (18:31 -0700)
committer Mathias Agopian <mathias@google.com>
Sat, 16 Mar 2013 01:39:16 +0000 (18:39 -0700)
diff --git a/include/gui/ISurfaceComposer.h b/include/gui/ISurfaceComposer.h

index 08eddcb..47f9552 100644 (file)
--- a/include/gui/ISurfaceComposer.h
+++ b/include/gui/ISurfaceComposer.h
@@ -103,16 +103,23 @@ public:
              uint32_t reqWidth, uint32_t reqHeight,
              uint32_t minLayerZ, uint32_t maxLayerZ) = 0;
  
-    /* triggers screen off and waits for it to complete */
+    /* triggers screen off and waits for it to complete
+     * requires ACCESS_SURFACE_FLINGER permission.
+     */
      virtual void blank(const sp<IBinder>& display) = 0;
  
-    /* triggers screen on and waits for it to complete */
+    /* triggers screen on and waits for it to complete
+     * requires ACCESS_SURFACE_FLINGER permission.
+     */
      virtual void unblank(const sp<IBinder>& display) = 0;
  
      /* returns information about a display
       * intended to be used to get information about built-in displays */
      virtual status_t getDisplayInfo(const sp<IBinder>& display, DisplayInfo* info) = 0;
  
+    /* Capture the specified screen. requires READ_FRAME_BUFFER permission
+     * This function will fail if there is a secure window on screen.
+     */
      virtual status_t captureScreen(const sp<IBinder>& display,
              const sp<IGraphicBufferProducer>& producer,
              uint32_t reqWidth, uint32_t reqHeight,
diff --git a/services/surfaceflinger/SurfaceFlinger.cpp b/services/surfaceflinger/SurfaceFlinger.cpp

index 1daadcc..edf01f7 100644 (file)
--- a/services/surfaceflinger/SurfaceFlinger.cpp
+++ b/services/surfaceflinger/SurfaceFlinger.cpp
@@ -2399,6 +2399,7 @@ status_t SurfaceFlinger::onTransact(
  {
      switch (code) {
          case CREATE_CONNECTION:
+        case CREATE_DISPLAY:
          case SET_TRANSACTION_STATE:
          case BOOT_FINISHED:
          case BLANK:
@@ -2417,6 +2418,7 @@ status_t SurfaceFlinger::onTransact(
              break;
          }
          case CAPTURE_SCREEN:
+        case CAPTURE_SCREEN_DEPRECATED:
          {
              // codes that require permission check
              IPCThreadState* ipc = IPCThreadState::self();
author	Mathias Agopian <mathias@google.com>
	Sat, 16 Mar 2013 01:31:56 +0000 (18:31 -0700)
committer	Mathias Agopian <mathias@google.com>
	Sat, 16 Mar 2013 01:39:16 +0000 (18:39 -0700)
include/gui/ISurfaceComposer.h		patch \| blob \| history
services/surfaceflinger/SurfaceFlinger.cpp		patch \| blob \| history