CameraService.cpp revision aee727dd2f16bf299f738542b5e72fc72671f770
1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#define LOG_TAG "CameraService" 18#define ATRACE_TAG ATRACE_TAG_CAMERA 19//#define LOG_NDEBUG 0 20 21#include <algorithm> 22#include <climits> 23#include <stdio.h> 24#include <cstring> 25#include <ctime> 26#include <string> 27#include <sys/types.h> 28#include <inttypes.h> 29#include <pthread.h> 30 31#include <android/hardware/ICamera.h> 32#include <android/hardware/ICameraClient.h> 33 34#include <android-base/macros.h> 35#include <android-base/parseint.h> 36#include <binder/AppOpsManager.h> 37#include <binder/IPCThreadState.h> 38#include <binder/IServiceManager.h> 39#include <binder/MemoryBase.h> 40#include <binder/MemoryHeapBase.h> 41#include <binder/ProcessInfoService.h> 42#include <cutils/atomic.h> 43#include <cutils/properties.h> 44#include <gui/Surface.h> 45#include <hardware/hardware.h> 46#include <memunreachable/memunreachable.h> 47#include <media/AudioSystem.h> 48#include <media/IMediaHTTPService.h> 49#include <media/mediaplayer.h> 50#include <mediautils/BatteryNotifier.h> 51#include <utils/Errors.h> 52#include <utils/Log.h> 53#include <utils/String16.h> 54#include <utils/Trace.h> 55#include <private/android_filesystem_config.h> 56#include <system/camera_vendor_tags.h> 57#include <system/camera_metadata.h> 58 59#include <system/camera.h> 60 61#include "CameraService.h" 62#include "api1/CameraClient.h" 63#include "api1/Camera2Client.h" 64#include "api2/CameraDeviceClient.h" 65#include "utils/CameraTraces.h" 66 67namespace { 68 const char* kPermissionServiceName = "permission"; 69}; // namespace anonymous 70 71namespace android { 72 73using binder::Status; 74using hardware::ICamera; 75using hardware::ICameraClient; 76using hardware::ICameraServiceListener; 77using hardware::camera::common::V1_0::CameraDeviceStatus; 78using hardware::camera::common::V1_0::TorchModeStatus; 79 80// ---------------------------------------------------------------------------- 81// Logging support -- this is for debugging only 82// Use "adb shell dumpsys media.camera -v 1" to change it. 83volatile int32_t gLogLevel = 0; 84 85#define LOG1(...) ALOGD_IF(gLogLevel >= 1, __VA_ARGS__); 86#define LOG2(...) ALOGD_IF(gLogLevel >= 2, __VA_ARGS__); 87 88static void setLogLevel(int level) { 89 android_atomic_write(level, &gLogLevel); 90} 91 92// Convenience methods for constructing binder::Status objects for error returns 93 94#define STATUS_ERROR(errorCode, errorString) \ 95 binder::Status::fromServiceSpecificError(errorCode, \ 96 String8::format("%s:%d: %s", __FUNCTION__, __LINE__, errorString)) 97 98#define STATUS_ERROR_FMT(errorCode, errorString, ...) \ 99 binder::Status::fromServiceSpecificError(errorCode, \ 100 String8::format("%s:%d: " errorString, __FUNCTION__, __LINE__, \ 101 __VA_ARGS__)) 102 103// ---------------------------------------------------------------------------- 104 105extern "C" { 106static void camera_device_status_change( 107 const struct camera_module_callbacks* callbacks, 108 int camera_id, 109 int new_status) { 110 sp<CameraService> cs = const_cast<CameraService*>( 111 static_cast<const CameraService*>(callbacks)); 112 String8 id = String8::format("%d", camera_id); 113 114 CameraDeviceStatus newStatus{CameraDeviceStatus::NOT_PRESENT}; 115 switch (new_status) { 116 case CAMERA_DEVICE_STATUS_NOT_PRESENT: 117 newStatus = CameraDeviceStatus::NOT_PRESENT; 118 break; 119 case CAMERA_DEVICE_STATUS_PRESENT: 120 newStatus = CameraDeviceStatus::PRESENT; 121 break; 122 case CAMERA_DEVICE_STATUS_ENUMERATING: 123 newStatus = CameraDeviceStatus::ENUMERATING; 124 break; 125 default: 126 ALOGW("Unknown device status change to %d", new_status); 127 break; 128 } 129 cs->onDeviceStatusChanged(id, newStatus); 130} 131 132static void torch_mode_status_change( 133 const struct camera_module_callbacks* callbacks, 134 const char* camera_id, 135 int new_status) { 136 if (!callbacks || !camera_id) { 137 ALOGE("%s invalid parameters. callbacks %p, camera_id %p", __FUNCTION__, 138 callbacks, camera_id); 139 } 140 sp<CameraService> cs = const_cast<CameraService*>( 141 static_cast<const CameraService*>(callbacks)); 142 143 TorchModeStatus status; 144 switch (new_status) { 145 case TORCH_MODE_STATUS_NOT_AVAILABLE: 146 status = TorchModeStatus::NOT_AVAILABLE; 147 break; 148 case TORCH_MODE_STATUS_AVAILABLE_OFF: 149 status = TorchModeStatus::AVAILABLE_OFF; 150 break; 151 case TORCH_MODE_STATUS_AVAILABLE_ON: 152 status = TorchModeStatus::AVAILABLE_ON; 153 break; 154 default: 155 ALOGE("Unknown torch status %d", new_status); 156 return; 157 } 158 159 cs->onTorchStatusChanged( 160 String8(camera_id), 161 status); 162} 163} // extern "C" 164 165// ---------------------------------------------------------------------------- 166 167CameraService::CameraService() : 168 mEventLog(DEFAULT_EVENT_LOG_LENGTH), 169 mNumberOfCameras(0), mNumberOfNormalCameras(0), 170 mSoundRef(0), mInitialized(false) { 171 ALOGI("CameraService started (pid=%d)", getpid()); 172 173 this->camera_device_status_change = android::camera_device_status_change; 174 this->torch_mode_status_change = android::torch_mode_status_change; 175 176 mServiceLockWrapper = std::make_shared<WaitableMutexWrapper>(&mServiceLock); 177} 178 179void CameraService::onFirstRef() 180{ 181 ALOGI("CameraService process starting"); 182 183 BnCameraService::onFirstRef(); 184 185 // Update battery life tracking if service is restarting 186 BatteryNotifier& notifier(BatteryNotifier::getInstance()); 187 notifier.noteResetCamera(); 188 notifier.noteResetFlashlight(); 189 190 status_t res = INVALID_OPERATION; 191 192 res = enumerateProviders(); 193 if (res == OK) { 194 mInitialized = true; 195 } 196 197 CameraService::pingCameraServiceProxy(); 198} 199 200status_t CameraService::enumerateProviders() { 201 status_t res; 202 Mutex::Autolock l(mServiceLock); 203 204 if (nullptr == mCameraProviderManager.get()) { 205 mCameraProviderManager = new CameraProviderManager(); 206 res = mCameraProviderManager->initialize(this); 207 if (res != OK) { 208 ALOGE("%s: Unable to initialize camera provider manager: %s (%d)", 209 __FUNCTION__, strerror(-res), res); 210 return res; 211 } 212 } 213 214 mNumberOfCameras = mCameraProviderManager->getCameraCount(); 215 mNumberOfNormalCameras = 216 mCameraProviderManager->getAPI1CompatibleCameraCount(); 217 218 // Setup vendor tags before we call get_camera_info the first time 219 // because HAL might need to setup static vendor keys in get_camera_info 220 // TODO: maybe put this into CameraProviderManager::initialize()? 221 mCameraProviderManager->setUpVendorTags(); 222 223 if (nullptr == mFlashlight.get()) { 224 mFlashlight = new CameraFlashlight(mCameraProviderManager, this); 225 } 226 227 res = mFlashlight->findFlashUnits(); 228 if (res != OK) { 229 ALOGE("Failed to enumerate flash units: %s (%d)", strerror(-res), res); 230 } 231 232 for (auto& cameraId : mCameraProviderManager->getCameraDeviceIds()) { 233 String8 id8 = String8(cameraId.c_str()); 234 { 235 Mutex::Autolock lock(mCameraStatesLock); 236 auto iter = mCameraStates.find(id8); 237 if (iter != mCameraStates.end()) { 238 continue; 239 } 240 } 241 242 hardware::camera::common::V1_0::CameraResourceCost cost; 243 res = mCameraProviderManager->getResourceCost(cameraId, &cost); 244 if (res != OK) { 245 ALOGE("Failed to query device resource cost: %s (%d)", strerror(-res), res); 246 continue; 247 } 248 std::set<String8> conflicting; 249 for (size_t i = 0; i < cost.conflictingDevices.size(); i++) { 250 conflicting.emplace(String8(cost.conflictingDevices[i].c_str())); 251 } 252 253 Mutex::Autolock lock(mCameraStatesLock); 254 mCameraStates.emplace(id8, 255 std::make_shared<CameraState>(id8, cost.resourceCost, conflicting)); 256 257 if (mFlashlight->hasFlashUnit(id8)) { 258 mTorchStatusMap.add(id8, TorchModeStatus::AVAILABLE_OFF); 259 } 260 } 261 262 return OK; 263} 264 265sp<ICameraServiceProxy> CameraService::getCameraServiceProxy() { 266 sp<ICameraServiceProxy> proxyBinder = nullptr; 267#ifndef __BRILLO__ 268 sp<IServiceManager> sm = defaultServiceManager(); 269 // Use checkService because cameraserver normally starts before the 270 // system server and the proxy service. So the long timeout that getService 271 // has before giving up is inappropriate. 272 sp<IBinder> binder = sm->checkService(String16("media.camera.proxy")); 273 if (binder != nullptr) { 274 proxyBinder = interface_cast<ICameraServiceProxy>(binder); 275 } 276#endif 277 return proxyBinder; 278} 279 280void CameraService::pingCameraServiceProxy() { 281 sp<ICameraServiceProxy> proxyBinder = getCameraServiceProxy(); 282 if (proxyBinder == nullptr) return; 283 proxyBinder->pingForUserUpdate(); 284} 285 286CameraService::~CameraService() { 287 VendorTagDescriptor::clearGlobalVendorTagDescriptor(); 288} 289 290void CameraService::onNewProviderRegistered() { 291 enumerateProviders(); 292} 293 294void CameraService::onDeviceStatusChanged(const String8& id, 295 CameraDeviceStatus newHalStatus) { 296 ALOGI("%s: Status changed for cameraId=%s, newStatus=%d", __FUNCTION__, 297 id.string(), newHalStatus); 298 299 StatusInternal newStatus = mapToInternal(newHalStatus); 300 301 std::shared_ptr<CameraState> state = getCameraState(id); 302 303 if (state == nullptr) { 304 ALOGE("%s: Bad camera ID %s", __FUNCTION__, id.string()); 305 return; 306 } 307 308 StatusInternal oldStatus = state->getStatus(); 309 310 if (oldStatus == newStatus) { 311 ALOGE("%s: State transition to the same status %#x not allowed", __FUNCTION__, newStatus); 312 return; 313 } 314 315 if (newStatus == StatusInternal::NOT_PRESENT) { 316 logDeviceRemoved(id, String8::format("Device status changed from %d to %d", oldStatus, 317 newStatus)); 318 sp<BasicClient> clientToDisconnect; 319 { 320 // Don't do this in updateStatus to avoid deadlock over mServiceLock 321 Mutex::Autolock lock(mServiceLock); 322 323 // Set the device status to NOT_PRESENT, clients will no longer be able to connect 324 // to this device until the status changes 325 updateStatus(StatusInternal::NOT_PRESENT, id); 326 327 // Remove cached shim parameters 328 state->setShimParams(CameraParameters()); 329 330 // Remove the client from the list of active clients, if there is one 331 clientToDisconnect = removeClientLocked(id); 332 } 333 334 // Disconnect client 335 if (clientToDisconnect.get() != nullptr) { 336 ALOGI("%s: Client for camera ID %s evicted due to device status change from HAL", 337 __FUNCTION__, id.string()); 338 // Notify the client of disconnection 339 clientToDisconnect->notifyError( 340 hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISCONNECTED, 341 CaptureResultExtras{}); 342 // Ensure not in binder RPC so client disconnect PID checks work correctly 343 LOG_ALWAYS_FATAL_IF(getCallingPid() != getpid(), 344 "onDeviceStatusChanged must be called from the camera service process!"); 345 clientToDisconnect->disconnect(); 346 } 347 348 } else { 349 if (oldStatus == StatusInternal::NOT_PRESENT) { 350 logDeviceAdded(id, String8::format("Device status changed from %d to %d", oldStatus, 351 newStatus)); 352 } 353 updateStatus(newStatus, id); 354 } 355 356} 357 358void CameraService::onTorchStatusChanged(const String8& cameraId, 359 TorchModeStatus newStatus) { 360 Mutex::Autolock al(mTorchStatusMutex); 361 onTorchStatusChangedLocked(cameraId, newStatus); 362} 363 364void CameraService::onTorchStatusChangedLocked(const String8& cameraId, 365 TorchModeStatus newStatus) { 366 ALOGI("%s: Torch status changed for cameraId=%s, newStatus=%d", 367 __FUNCTION__, cameraId.string(), newStatus); 368 369 TorchModeStatus status; 370 status_t res = getTorchStatusLocked(cameraId, &status); 371 if (res) { 372 ALOGE("%s: cannot get torch status of camera %s: %s (%d)", 373 __FUNCTION__, cameraId.string(), strerror(-res), res); 374 return; 375 } 376 if (status == newStatus) { 377 return; 378 } 379 380 res = setTorchStatusLocked(cameraId, newStatus); 381 if (res) { 382 ALOGE("%s: Failed to set the torch status to %d: %s (%d)", __FUNCTION__, 383 (uint32_t)newStatus, strerror(-res), res); 384 return; 385 } 386 387 { 388 // Update battery life logging for flashlight 389 Mutex::Autolock al(mTorchUidMapMutex); 390 auto iter = mTorchUidMap.find(cameraId); 391 if (iter != mTorchUidMap.end()) { 392 int oldUid = iter->second.second; 393 int newUid = iter->second.first; 394 BatteryNotifier& notifier(BatteryNotifier::getInstance()); 395 if (oldUid != newUid) { 396 // If the UID has changed, log the status and update current UID in mTorchUidMap 397 if (status == TorchModeStatus::AVAILABLE_ON) { 398 notifier.noteFlashlightOff(cameraId, oldUid); 399 } 400 if (newStatus == TorchModeStatus::AVAILABLE_ON) { 401 notifier.noteFlashlightOn(cameraId, newUid); 402 } 403 iter->second.second = newUid; 404 } else { 405 // If the UID has not changed, log the status 406 if (newStatus == TorchModeStatus::AVAILABLE_ON) { 407 notifier.noteFlashlightOn(cameraId, oldUid); 408 } else { 409 notifier.noteFlashlightOff(cameraId, oldUid); 410 } 411 } 412 } 413 } 414 415 { 416 Mutex::Autolock lock(mStatusListenerLock); 417 for (auto& i : mListenerList) { 418 i->onTorchStatusChanged(mapToInterface(newStatus), String16{cameraId}); 419 } 420 } 421} 422 423Status CameraService::getNumberOfCameras(int32_t type, int32_t* numCameras) { 424 ATRACE_CALL(); 425 Mutex::Autolock l(mServiceLock); 426 switch (type) { 427 case CAMERA_TYPE_BACKWARD_COMPATIBLE: 428 *numCameras = mNumberOfNormalCameras; 429 break; 430 case CAMERA_TYPE_ALL: 431 *numCameras = mNumberOfCameras; 432 break; 433 default: 434 ALOGW("%s: Unknown camera type %d", 435 __FUNCTION__, type); 436 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 437 "Unknown camera type %d", type); 438 } 439 return Status::ok(); 440} 441 442Status CameraService::getCameraInfo(int cameraId, 443 CameraInfo* cameraInfo) { 444 ATRACE_CALL(); 445 Mutex::Autolock l(mServiceLock); 446 447 if (!mInitialized) { 448 return STATUS_ERROR(ERROR_DISCONNECTED, 449 "Camera subsystem is not available"); 450 } 451 452 if (cameraId < 0 || cameraId >= mNumberOfCameras) { 453 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, 454 "CameraId is not valid"); 455 } 456 457 Status ret = Status::ok(); 458 status_t err = mCameraProviderManager->getCameraInfo(std::to_string(cameraId), cameraInfo); 459 if (err != OK) { 460 ret = STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 461 "Error retrieving camera info from device %d: %s (%d)", cameraId, 462 strerror(-err), err); 463 } 464 465 return ret; 466} 467 468int CameraService::cameraIdToInt(const String8& cameraId) { 469 int id; 470 bool success = base::ParseInt(cameraId.string(), &id, 0); 471 if (!success) { 472 return -1; 473 } 474 return id; 475} 476 477Status CameraService::getCameraCharacteristics(const String16& cameraId, 478 CameraMetadata* cameraInfo) { 479 ATRACE_CALL(); 480 if (!cameraInfo) { 481 ALOGE("%s: cameraInfo is NULL", __FUNCTION__); 482 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "cameraInfo is NULL"); 483 } 484 485 if (!mInitialized) { 486 ALOGE("%s: Camera HAL couldn't be initialized", __FUNCTION__); 487 return STATUS_ERROR(ERROR_DISCONNECTED, 488 "Camera subsystem is not available");; 489 } 490 491 Status ret{}; 492 493 status_t res = mCameraProviderManager->getCameraCharacteristics( 494 String8(cameraId).string(), cameraInfo); 495 if (res != OK) { 496 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, "Unable to retrieve camera " 497 "characteristics for device %s: %s (%d)", String8(cameraId).string(), 498 strerror(-res), res); 499 } 500 501 return ret; 502} 503 504int CameraService::getCallingPid() { 505 return IPCThreadState::self()->getCallingPid(); 506} 507 508int CameraService::getCallingUid() { 509 return IPCThreadState::self()->getCallingUid(); 510} 511 512String8 CameraService::getFormattedCurrentTime() { 513 time_t now = time(nullptr); 514 char formattedTime[64]; 515 strftime(formattedTime, sizeof(formattedTime), "%m-%d %H:%M:%S", localtime(&now)); 516 return String8(formattedTime); 517} 518 519Status CameraService::getCameraVendorTagDescriptor( 520 /*out*/ 521 hardware::camera2::params::VendorTagDescriptor* desc) { 522 ATRACE_CALL(); 523 if (!mInitialized) { 524 ALOGE("%s: Camera HAL couldn't be initialized", __FUNCTION__); 525 return STATUS_ERROR(ERROR_DISCONNECTED, "Camera subsystem not available"); 526 } 527 sp<VendorTagDescriptor> globalDescriptor = VendorTagDescriptor::getGlobalVendorTagDescriptor(); 528 if (globalDescriptor != nullptr) { 529 *desc = *(globalDescriptor.get()); 530 } 531 return Status::ok(); 532} 533 534Status CameraService::getCameraVendorTagCache( 535 /*out*/ hardware::camera2::params::VendorTagDescriptorCache* cache) { 536 ATRACE_CALL(); 537 if (!mInitialized) { 538 ALOGE("%s: Camera HAL couldn't be initialized", __FUNCTION__); 539 return STATUS_ERROR(ERROR_DISCONNECTED, 540 "Camera subsystem not available"); 541 } 542 sp<VendorTagDescriptorCache> globalCache = 543 VendorTagDescriptorCache::getGlobalVendorTagCache(); 544 if (globalCache != nullptr) { 545 *cache = *(globalCache.get()); 546 } 547 return Status::ok(); 548} 549 550int CameraService::getDeviceVersion(const String8& cameraId, int* facing) { 551 ATRACE_CALL(); 552 553 int deviceVersion = 0; 554 555 status_t res; 556 hardware::hidl_version maxVersion{0,0}; 557 res = mCameraProviderManager->getHighestSupportedVersion(cameraId.string(), 558 &maxVersion); 559 if (res != OK) return -1; 560 deviceVersion = HARDWARE_DEVICE_API_VERSION(maxVersion.get_major(), maxVersion.get_minor()); 561 562 hardware::CameraInfo info; 563 if (facing) { 564 res = mCameraProviderManager->getCameraInfo(cameraId.string(), &info); 565 if (res != OK) return -1; 566 *facing = info.facing; 567 } 568 569 return deviceVersion; 570} 571 572Status CameraService::filterGetInfoErrorCode(status_t err) { 573 switch(err) { 574 case NO_ERROR: 575 return Status::ok(); 576 case BAD_VALUE: 577 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, 578 "CameraId is not valid for HAL module"); 579 case NO_INIT: 580 return STATUS_ERROR(ERROR_DISCONNECTED, 581 "Camera device not available"); 582 default: 583 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 584 "Camera HAL encountered error %d: %s", 585 err, strerror(-err)); 586 } 587} 588 589Status CameraService::makeClient(const sp<CameraService>& cameraService, 590 const sp<IInterface>& cameraCb, const String16& packageName, const String8& cameraId, 591 int facing, int clientPid, uid_t clientUid, int servicePid, bool legacyMode, 592 int halVersion, int deviceVersion, apiLevel effectiveApiLevel, 593 /*out*/sp<BasicClient>* client) { 594 595 if (halVersion < 0 || halVersion == deviceVersion) { 596 // Default path: HAL version is unspecified by caller, create CameraClient 597 // based on device version reported by the HAL. 598 switch(deviceVersion) { 599 case CAMERA_DEVICE_API_VERSION_1_0: 600 if (effectiveApiLevel == API_1) { // Camera1 API route 601 sp<ICameraClient> tmp = static_cast<ICameraClient*>(cameraCb.get()); 602 *client = new CameraClient(cameraService, tmp, packageName, cameraIdToInt(cameraId), 603 facing, clientPid, clientUid, getpid(), legacyMode); 604 } else { // Camera2 API route 605 ALOGW("Camera using old HAL version: %d", deviceVersion); 606 return STATUS_ERROR_FMT(ERROR_DEPRECATED_HAL, 607 "Camera device \"%s\" HAL version %d does not support camera2 API", 608 cameraId.string(), deviceVersion); 609 } 610 break; 611 case CAMERA_DEVICE_API_VERSION_3_0: 612 case CAMERA_DEVICE_API_VERSION_3_1: 613 case CAMERA_DEVICE_API_VERSION_3_2: 614 case CAMERA_DEVICE_API_VERSION_3_3: 615 case CAMERA_DEVICE_API_VERSION_3_4: 616 if (effectiveApiLevel == API_1) { // Camera1 API route 617 sp<ICameraClient> tmp = static_cast<ICameraClient*>(cameraCb.get()); 618 *client = new Camera2Client(cameraService, tmp, packageName, cameraIdToInt(cameraId), 619 facing, clientPid, clientUid, servicePid, legacyMode); 620 } else { // Camera2 API route 621 sp<hardware::camera2::ICameraDeviceCallbacks> tmp = 622 static_cast<hardware::camera2::ICameraDeviceCallbacks*>(cameraCb.get()); 623 *client = new CameraDeviceClient(cameraService, tmp, packageName, cameraId, 624 facing, clientPid, clientUid, servicePid); 625 } 626 break; 627 default: 628 // Should not be reachable 629 ALOGE("Unknown camera device HAL version: %d", deviceVersion); 630 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 631 "Camera device \"%s\" has unknown HAL version %d", 632 cameraId.string(), deviceVersion); 633 } 634 } else { 635 // A particular HAL version is requested by caller. Create CameraClient 636 // based on the requested HAL version. 637 if (deviceVersion > CAMERA_DEVICE_API_VERSION_1_0 && 638 halVersion == CAMERA_DEVICE_API_VERSION_1_0) { 639 // Only support higher HAL version device opened as HAL1.0 device. 640 sp<ICameraClient> tmp = static_cast<ICameraClient*>(cameraCb.get()); 641 *client = new CameraClient(cameraService, tmp, packageName, cameraIdToInt(cameraId), 642 facing, clientPid, clientUid, servicePid, legacyMode); 643 } else { 644 // Other combinations (e.g. HAL3.x open as HAL2.x) are not supported yet. 645 ALOGE("Invalid camera HAL version %x: HAL %x device can only be" 646 " opened as HAL %x device", halVersion, deviceVersion, 647 CAMERA_DEVICE_API_VERSION_1_0); 648 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 649 "Camera device \"%s\" (HAL version %d) cannot be opened as HAL version %d", 650 cameraId.string(), deviceVersion, halVersion); 651 } 652 } 653 return Status::ok(); 654} 655 656String8 CameraService::toString(std::set<userid_t> intSet) { 657 String8 s(""); 658 bool first = true; 659 for (userid_t i : intSet) { 660 if (first) { 661 s.appendFormat("%d", i); 662 first = false; 663 } else { 664 s.appendFormat(", %d", i); 665 } 666 } 667 return s; 668} 669 670int32_t CameraService::mapToInterface(TorchModeStatus status) { 671 int32_t serviceStatus = ICameraServiceListener::TORCH_STATUS_NOT_AVAILABLE; 672 switch (status) { 673 case TorchModeStatus::NOT_AVAILABLE: 674 serviceStatus = ICameraServiceListener::TORCH_STATUS_NOT_AVAILABLE; 675 break; 676 case TorchModeStatus::AVAILABLE_OFF: 677 serviceStatus = ICameraServiceListener::TORCH_STATUS_AVAILABLE_OFF; 678 break; 679 case TorchModeStatus::AVAILABLE_ON: 680 serviceStatus = ICameraServiceListener::TORCH_STATUS_AVAILABLE_ON; 681 break; 682 default: 683 ALOGW("Unknown new flash status: %d", status); 684 } 685 return serviceStatus; 686} 687 688CameraService::StatusInternal CameraService::mapToInternal(CameraDeviceStatus status) { 689 StatusInternal serviceStatus = StatusInternal::NOT_PRESENT; 690 switch (status) { 691 case CameraDeviceStatus::NOT_PRESENT: 692 serviceStatus = StatusInternal::NOT_PRESENT; 693 break; 694 case CameraDeviceStatus::PRESENT: 695 serviceStatus = StatusInternal::PRESENT; 696 break; 697 case CameraDeviceStatus::ENUMERATING: 698 serviceStatus = StatusInternal::ENUMERATING; 699 break; 700 default: 701 ALOGW("Unknown new HAL device status: %d", status); 702 } 703 return serviceStatus; 704} 705 706int32_t CameraService::mapToInterface(StatusInternal status) { 707 int32_t serviceStatus = ICameraServiceListener::STATUS_NOT_PRESENT; 708 switch (status) { 709 case StatusInternal::NOT_PRESENT: 710 serviceStatus = ICameraServiceListener::STATUS_NOT_PRESENT; 711 break; 712 case StatusInternal::PRESENT: 713 serviceStatus = ICameraServiceListener::STATUS_PRESENT; 714 break; 715 case StatusInternal::ENUMERATING: 716 serviceStatus = ICameraServiceListener::STATUS_ENUMERATING; 717 break; 718 case StatusInternal::NOT_AVAILABLE: 719 serviceStatus = ICameraServiceListener::STATUS_NOT_AVAILABLE; 720 break; 721 case StatusInternal::UNKNOWN: 722 serviceStatus = ICameraServiceListener::STATUS_UNKNOWN; 723 break; 724 default: 725 ALOGW("Unknown new internal device status: %d", status); 726 } 727 return serviceStatus; 728} 729 730Status CameraService::initializeShimMetadata(int cameraId) { 731 int uid = getCallingUid(); 732 733 String16 internalPackageName("cameraserver"); 734 String8 id = String8::format("%d", cameraId); 735 Status ret = Status::ok(); 736 sp<Client> tmp = nullptr; 737 if (!(ret = connectHelper<ICameraClient,Client>( 738 sp<ICameraClient>{nullptr}, id, static_cast<int>(CAMERA_HAL_API_VERSION_UNSPECIFIED), 739 internalPackageName, uid, USE_CALLING_PID, 740 API_1, /*legacyMode*/ false, /*shimUpdateOnly*/ true, 741 /*out*/ tmp) 742 ).isOk()) { 743 ALOGE("%s: Error initializing shim metadata: %s", __FUNCTION__, ret.toString8().string()); 744 } 745 return ret; 746} 747 748Status CameraService::getLegacyParametersLazy(int cameraId, 749 /*out*/ 750 CameraParameters* parameters) { 751 752 ALOGV("%s: for cameraId: %d", __FUNCTION__, cameraId); 753 754 Status ret = Status::ok(); 755 756 if (parameters == NULL) { 757 ALOGE("%s: parameters must not be null", __FUNCTION__); 758 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Parameters must not be null"); 759 } 760 761 String8 id = String8::format("%d", cameraId); 762 763 // Check if we already have parameters 764 { 765 // Scope for service lock 766 Mutex::Autolock lock(mServiceLock); 767 auto cameraState = getCameraState(id); 768 if (cameraState == nullptr) { 769 ALOGE("%s: Invalid camera ID: %s", __FUNCTION__, id.string()); 770 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 771 "Invalid camera ID: %s", id.string()); 772 } 773 CameraParameters p = cameraState->getShimParams(); 774 if (!p.isEmpty()) { 775 *parameters = p; 776 return ret; 777 } 778 } 779 780 int64_t token = IPCThreadState::self()->clearCallingIdentity(); 781 ret = initializeShimMetadata(cameraId); 782 IPCThreadState::self()->restoreCallingIdentity(token); 783 if (!ret.isOk()) { 784 // Error already logged by callee 785 return ret; 786 } 787 788 // Check for parameters again 789 { 790 // Scope for service lock 791 Mutex::Autolock lock(mServiceLock); 792 auto cameraState = getCameraState(id); 793 if (cameraState == nullptr) { 794 ALOGE("%s: Invalid camera ID: %s", __FUNCTION__, id.string()); 795 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 796 "Invalid camera ID: %s", id.string()); 797 } 798 CameraParameters p = cameraState->getShimParams(); 799 if (!p.isEmpty()) { 800 *parameters = p; 801 return ret; 802 } 803 } 804 805 ALOGE("%s: Parameters were not initialized, or were empty. Device may not be present.", 806 __FUNCTION__); 807 return STATUS_ERROR(ERROR_INVALID_OPERATION, "Unable to initialize legacy parameters"); 808} 809 810// Can camera service trust the caller based on the calling UID? 811static bool isTrustedCallingUid(uid_t uid) { 812 switch (uid) { 813 case AID_MEDIA: // mediaserver 814 case AID_CAMERASERVER: // cameraserver 815 case AID_RADIO: // telephony 816 return true; 817 default: 818 return false; 819 } 820} 821 822Status CameraService::validateConnectLocked(const String8& cameraId, 823 const String8& clientName8, /*inout*/int& clientUid, /*inout*/int& clientPid, 824 /*out*/int& originalClientPid) const { 825 826#ifdef __BRILLO__ 827 UNUSED(clientName8); 828 UNUSED(clientUid); 829 UNUSED(clientPid); 830 UNUSED(originalClientPid); 831#else 832 Status allowed = validateClientPermissionsLocked(cameraId, clientName8, clientUid, clientPid, 833 originalClientPid); 834 if (!allowed.isOk()) { 835 return allowed; 836 } 837#endif // __BRILLO__ 838 839 int callingPid = getCallingPid(); 840 841 if (!mInitialized) { 842 ALOGE("CameraService::connect X (PID %d) rejected (camera HAL module not loaded)", 843 callingPid); 844 return STATUS_ERROR_FMT(ERROR_DISCONNECTED, 845 "No camera HAL module available to open camera device \"%s\"", cameraId.string()); 846 } 847 848 if (getCameraState(cameraId) == nullptr) { 849 ALOGE("CameraService::connect X (PID %d) rejected (invalid camera ID %s)", callingPid, 850 cameraId.string()); 851 return STATUS_ERROR_FMT(ERROR_DISCONNECTED, 852 "No camera device with ID \"%s\" available", cameraId.string()); 853 } 854 855 status_t err = checkIfDeviceIsUsable(cameraId); 856 if (err != NO_ERROR) { 857 switch(err) { 858 case -ENODEV: 859 case -EBUSY: 860 return STATUS_ERROR_FMT(ERROR_DISCONNECTED, 861 "No camera device with ID \"%s\" currently available", cameraId.string()); 862 default: 863 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 864 "Unknown error connecting to ID \"%s\"", cameraId.string()); 865 } 866 } 867 return Status::ok(); 868} 869 870Status CameraService::validateClientPermissionsLocked(const String8& cameraId, 871 const String8& clientName8, int& clientUid, int& clientPid, 872 /*out*/int& originalClientPid) const { 873 int callingPid = getCallingPid(); 874 int callingUid = getCallingUid(); 875 876 // Check if we can trust clientUid 877 if (clientUid == USE_CALLING_UID) { 878 clientUid = callingUid; 879 } else if (!isTrustedCallingUid(callingUid)) { 880 ALOGE("CameraService::connect X (calling PID %d, calling UID %d) rejected " 881 "(don't trust clientUid %d)", callingPid, callingUid, clientUid); 882 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, 883 "Untrusted caller (calling PID %d, UID %d) trying to " 884 "forward camera access to camera %s for client %s (PID %d, UID %d)", 885 callingPid, callingUid, cameraId.string(), 886 clientName8.string(), clientUid, clientPid); 887 } 888 889 // Check if we can trust clientPid 890 if (clientPid == USE_CALLING_PID) { 891 clientPid = callingPid; 892 } else if (!isTrustedCallingUid(callingUid)) { 893 ALOGE("CameraService::connect X (calling PID %d, calling UID %d) rejected " 894 "(don't trust clientPid %d)", callingPid, callingUid, clientPid); 895 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, 896 "Untrusted caller (calling PID %d, UID %d) trying to " 897 "forward camera access to camera %s for client %s (PID %d, UID %d)", 898 callingPid, callingUid, cameraId.string(), 899 clientName8.string(), clientUid, clientPid); 900 } 901 902 // If it's not calling from cameraserver, check the permission. 903 if (callingPid != getpid() && 904 !checkPermission(String16("android.permission.CAMERA"), clientPid, clientUid)) { 905 ALOGE("Permission Denial: can't use the camera pid=%d, uid=%d", clientPid, clientUid); 906 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, 907 "Caller \"%s\" (PID %d, UID %d) cannot open camera \"%s\" without camera permission", 908 clientName8.string(), clientUid, clientPid, cameraId.string()); 909 } 910 911 // Only use passed in clientPid to check permission. Use calling PID as the client PID that's 912 // connected to camera service directly. 913 originalClientPid = clientPid; 914 clientPid = callingPid; 915 916 userid_t clientUserId = multiuser_get_user_id(clientUid); 917 918 // Only allow clients who are being used by the current foreground device user, unless calling 919 // from our own process. 920 if (callingPid != getpid() && (mAllowedUsers.find(clientUserId) == mAllowedUsers.end())) { 921 ALOGE("CameraService::connect X (PID %d) rejected (cannot connect from " 922 "device user %d, currently allowed device users: %s)", callingPid, clientUserId, 923 toString(mAllowedUsers).string()); 924 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, 925 "Callers from device user %d are not currently allowed to connect to camera \"%s\"", 926 clientUserId, cameraId.string()); 927 } 928 929 return Status::ok(); 930} 931 932status_t CameraService::checkIfDeviceIsUsable(const String8& cameraId) const { 933 auto cameraState = getCameraState(cameraId); 934 int callingPid = getCallingPid(); 935 if (cameraState == nullptr) { 936 ALOGE("CameraService::connect X (PID %d) rejected (invalid camera ID %s)", callingPid, 937 cameraId.string()); 938 return -ENODEV; 939 } 940 941 StatusInternal currentStatus = cameraState->getStatus(); 942 if (currentStatus == StatusInternal::NOT_PRESENT) { 943 ALOGE("CameraService::connect X (PID %d) rejected (camera %s is not connected)", 944 callingPid, cameraId.string()); 945 return -ENODEV; 946 } else if (currentStatus == StatusInternal::ENUMERATING) { 947 ALOGE("CameraService::connect X (PID %d) rejected, (camera %s is initializing)", 948 callingPid, cameraId.string()); 949 return -EBUSY; 950 } 951 952 return NO_ERROR; 953} 954 955void CameraService::finishConnectLocked(const sp<BasicClient>& client, 956 const CameraService::DescriptorPtr& desc) { 957 958 // Make a descriptor for the incoming client 959 auto clientDescriptor = CameraService::CameraClientManager::makeClientDescriptor(client, desc); 960 auto evicted = mActiveClientManager.addAndEvict(clientDescriptor); 961 962 logConnected(desc->getKey(), static_cast<int>(desc->getOwnerId()), 963 String8(client->getPackageName())); 964 965 if (evicted.size() > 0) { 966 // This should never happen - clients should already have been removed in disconnect 967 for (auto& i : evicted) { 968 ALOGE("%s: Invalid state: Client for camera %s was not removed in disconnect", 969 __FUNCTION__, i->getKey().string()); 970 } 971 972 LOG_ALWAYS_FATAL("%s: Invalid state for CameraService, clients not evicted properly", 973 __FUNCTION__); 974 } 975 976 // And register a death notification for the client callback. Do 977 // this last to avoid Binder policy where a nested Binder 978 // transaction might be pre-empted to service the client death 979 // notification if the client process dies before linkToDeath is 980 // invoked. 981 sp<IBinder> remoteCallback = client->getRemote(); 982 if (remoteCallback != nullptr) { 983 remoteCallback->linkToDeath(this); 984 } 985} 986 987status_t CameraService::handleEvictionsLocked(const String8& cameraId, int clientPid, 988 apiLevel effectiveApiLevel, const sp<IBinder>& remoteCallback, const String8& packageName, 989 /*out*/ 990 sp<BasicClient>* client, 991 std::shared_ptr<resource_policy::ClientDescriptor<String8, sp<BasicClient>>>* partial) { 992 ATRACE_CALL(); 993 status_t ret = NO_ERROR; 994 std::vector<DescriptorPtr> evictedClients; 995 DescriptorPtr clientDescriptor; 996 { 997 if (effectiveApiLevel == API_1) { 998 // If we are using API1, any existing client for this camera ID with the same remote 999 // should be returned rather than evicted to allow MediaRecorder to work properly. 1000 1001 auto current = mActiveClientManager.get(cameraId); 1002 if (current != nullptr) { 1003 auto clientSp = current->getValue(); 1004 if (clientSp.get() != nullptr) { // should never be needed 1005 if (!clientSp->canCastToApiClient(effectiveApiLevel)) { 1006 ALOGW("CameraService connect called from same client, but with a different" 1007 " API level, evicting prior client..."); 1008 } else if (clientSp->getRemote() == remoteCallback) { 1009 ALOGI("CameraService::connect X (PID %d) (second call from same" 1010 " app binder, returning the same client)", clientPid); 1011 *client = clientSp; 1012 return NO_ERROR; 1013 } 1014 } 1015 } 1016 } 1017 1018 // Get current active client PIDs 1019 std::vector<int> ownerPids(mActiveClientManager.getAllOwners()); 1020 ownerPids.push_back(clientPid); 1021 1022 std::vector<int> priorityScores(ownerPids.size()); 1023 std::vector<int> states(ownerPids.size()); 1024 1025 // Get priority scores of all active PIDs 1026 status_t err = ProcessInfoService::getProcessStatesScoresFromPids( 1027 ownerPids.size(), &ownerPids[0], /*out*/&states[0], 1028 /*out*/&priorityScores[0]); 1029 if (err != OK) { 1030 ALOGE("%s: Priority score query failed: %d", 1031 __FUNCTION__, err); 1032 return err; 1033 } 1034 1035 // Update all active clients' priorities 1036 std::map<int,resource_policy::ClientPriority> pidToPriorityMap; 1037 for (size_t i = 0; i < ownerPids.size() - 1; i++) { 1038 pidToPriorityMap.emplace(ownerPids[i], 1039 resource_policy::ClientPriority(priorityScores[i], states[i])); 1040 } 1041 mActiveClientManager.updatePriorities(pidToPriorityMap); 1042 1043 // Get state for the given cameraId 1044 auto state = getCameraState(cameraId); 1045 if (state == nullptr) { 1046 ALOGE("CameraService::connect X (PID %d) rejected (no camera device with ID %s)", 1047 clientPid, cameraId.string()); 1048 // Should never get here because validateConnectLocked should have errored out 1049 return BAD_VALUE; 1050 } 1051 1052 // Make descriptor for incoming client 1053 clientDescriptor = CameraClientManager::makeClientDescriptor(cameraId, 1054 sp<BasicClient>{nullptr}, static_cast<int32_t>(state->getCost()), 1055 state->getConflicting(), 1056 priorityScores[priorityScores.size() - 1], 1057 clientPid, 1058 states[states.size() - 1]); 1059 1060 // Find clients that would be evicted 1061 auto evicted = mActiveClientManager.wouldEvict(clientDescriptor); 1062 1063 // If the incoming client was 'evicted,' higher priority clients have the camera in the 1064 // background, so we cannot do evictions 1065 if (std::find(evicted.begin(), evicted.end(), clientDescriptor) != evicted.end()) { 1066 ALOGE("CameraService::connect X (PID %d) rejected (existing client(s) with higher" 1067 " priority).", clientPid); 1068 1069 sp<BasicClient> clientSp = clientDescriptor->getValue(); 1070 String8 curTime = getFormattedCurrentTime(); 1071 auto incompatibleClients = 1072 mActiveClientManager.getIncompatibleClients(clientDescriptor); 1073 1074 String8 msg = String8::format("%s : DENIED connect device %s client for package %s " 1075 "(PID %d, score %d state %d) due to eviction policy", curTime.string(), 1076 cameraId.string(), packageName.string(), clientPid, 1077 priorityScores[priorityScores.size() - 1], 1078 states[states.size() - 1]); 1079 1080 for (auto& i : incompatibleClients) { 1081 msg.appendFormat("\n - Blocked by existing device %s client for package %s" 1082 "(PID %" PRId32 ", score %" PRId32 ", state %" PRId32 ")", 1083 i->getKey().string(), 1084 String8{i->getValue()->getPackageName()}.string(), 1085 i->getOwnerId(), i->getPriority().getScore(), 1086 i->getPriority().getState()); 1087 ALOGE(" Conflicts with: Device %s, client package %s (PID %" 1088 PRId32 ", score %" PRId32 ", state %" PRId32 ")", i->getKey().string(), 1089 String8{i->getValue()->getPackageName()}.string(), i->getOwnerId(), 1090 i->getPriority().getScore(), i->getPriority().getState()); 1091 } 1092 1093 // Log the client's attempt 1094 Mutex::Autolock l(mLogLock); 1095 mEventLog.add(msg); 1096 1097 return -EBUSY; 1098 } 1099 1100 for (auto& i : evicted) { 1101 sp<BasicClient> clientSp = i->getValue(); 1102 if (clientSp.get() == nullptr) { 1103 ALOGE("%s: Invalid state: Null client in active client list.", __FUNCTION__); 1104 1105 // TODO: Remove this 1106 LOG_ALWAYS_FATAL("%s: Invalid state for CameraService, null client in active list", 1107 __FUNCTION__); 1108 mActiveClientManager.remove(i); 1109 continue; 1110 } 1111 1112 ALOGE("CameraService::connect evicting conflicting client for camera ID %s", 1113 i->getKey().string()); 1114 evictedClients.push_back(i); 1115 1116 // Log the clients evicted 1117 logEvent(String8::format("EVICT device %s client held by package %s (PID" 1118 " %" PRId32 ", score %" PRId32 ", state %" PRId32 ")\n - Evicted by device %s client for" 1119 " package %s (PID %d, score %" PRId32 ", state %" PRId32 ")", 1120 i->getKey().string(), String8{clientSp->getPackageName()}.string(), 1121 i->getOwnerId(), i->getPriority().getScore(), 1122 i->getPriority().getState(), cameraId.string(), 1123 packageName.string(), clientPid, 1124 priorityScores[priorityScores.size() - 1], 1125 states[states.size() - 1])); 1126 1127 // Notify the client of disconnection 1128 clientSp->notifyError(hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISCONNECTED, 1129 CaptureResultExtras()); 1130 } 1131 } 1132 1133 // Do not hold mServiceLock while disconnecting clients, but retain the condition blocking 1134 // other clients from connecting in mServiceLockWrapper if held 1135 mServiceLock.unlock(); 1136 1137 // Clear caller identity temporarily so client disconnect PID checks work correctly 1138 int64_t token = IPCThreadState::self()->clearCallingIdentity(); 1139 1140 // Destroy evicted clients 1141 for (auto& i : evictedClients) { 1142 // Disconnect is blocking, and should only have returned when HAL has cleaned up 1143 i->getValue()->disconnect(); // Clients will remove themselves from the active client list 1144 } 1145 1146 IPCThreadState::self()->restoreCallingIdentity(token); 1147 1148 for (const auto& i : evictedClients) { 1149 ALOGV("%s: Waiting for disconnect to complete for client for device %s (PID %" PRId32 ")", 1150 __FUNCTION__, i->getKey().string(), i->getOwnerId()); 1151 ret = mActiveClientManager.waitUntilRemoved(i, DEFAULT_DISCONNECT_TIMEOUT_NS); 1152 if (ret == TIMED_OUT) { 1153 ALOGE("%s: Timed out waiting for client for device %s to disconnect, " 1154 "current clients:\n%s", __FUNCTION__, i->getKey().string(), 1155 mActiveClientManager.toString().string()); 1156 return -EBUSY; 1157 } 1158 if (ret != NO_ERROR) { 1159 ALOGE("%s: Received error waiting for client for device %s to disconnect: %s (%d), " 1160 "current clients:\n%s", __FUNCTION__, i->getKey().string(), strerror(-ret), 1161 ret, mActiveClientManager.toString().string()); 1162 return ret; 1163 } 1164 } 1165 1166 evictedClients.clear(); 1167 1168 // Once clients have been disconnected, relock 1169 mServiceLock.lock(); 1170 1171 // Check again if the device was unplugged or something while we weren't holding mServiceLock 1172 if ((ret = checkIfDeviceIsUsable(cameraId)) != NO_ERROR) { 1173 return ret; 1174 } 1175 1176 *partial = clientDescriptor; 1177 return NO_ERROR; 1178} 1179 1180Status CameraService::connect( 1181 const sp<ICameraClient>& cameraClient, 1182 int cameraId, 1183 const String16& clientPackageName, 1184 int clientUid, 1185 int clientPid, 1186 /*out*/ 1187 sp<ICamera>* device) { 1188 1189 ATRACE_CALL(); 1190 Status ret = Status::ok(); 1191 String8 id = String8::format("%d", cameraId); 1192 sp<Client> client = nullptr; 1193 ret = connectHelper<ICameraClient,Client>(cameraClient, id, 1194 CAMERA_HAL_API_VERSION_UNSPECIFIED, clientPackageName, clientUid, clientPid, API_1, 1195 /*legacyMode*/ false, /*shimUpdateOnly*/ false, 1196 /*out*/client); 1197 1198 if(!ret.isOk()) { 1199 logRejected(id, getCallingPid(), String8(clientPackageName), 1200 ret.toString8()); 1201 return ret; 1202 } 1203 1204 *device = client; 1205 return ret; 1206} 1207 1208Status CameraService::connectLegacy( 1209 const sp<ICameraClient>& cameraClient, 1210 int cameraId, int halVersion, 1211 const String16& clientPackageName, 1212 int clientUid, 1213 /*out*/ 1214 sp<ICamera>* device) { 1215 1216 ATRACE_CALL(); 1217 String8 id = String8::format("%d", cameraId); 1218 1219 Status ret = Status::ok(); 1220 sp<Client> client = nullptr; 1221 ret = connectHelper<ICameraClient,Client>(cameraClient, id, halVersion, 1222 clientPackageName, clientUid, USE_CALLING_PID, API_1, 1223 /*legacyMode*/ true, /*shimUpdateOnly*/ false, 1224 /*out*/client); 1225 1226 if(!ret.isOk()) { 1227 logRejected(id, getCallingPid(), String8(clientPackageName), 1228 ret.toString8()); 1229 return ret; 1230 } 1231 1232 *device = client; 1233 return ret; 1234} 1235 1236Status CameraService::connectDevice( 1237 const sp<hardware::camera2::ICameraDeviceCallbacks>& cameraCb, 1238 const String16& cameraId, 1239 const String16& clientPackageName, 1240 int clientUid, 1241 /*out*/ 1242 sp<hardware::camera2::ICameraDeviceUser>* device) { 1243 1244 ATRACE_CALL(); 1245 Status ret = Status::ok(); 1246 String8 id = String8(cameraId); 1247 sp<CameraDeviceClient> client = nullptr; 1248 ret = connectHelper<hardware::camera2::ICameraDeviceCallbacks,CameraDeviceClient>(cameraCb, id, 1249 CAMERA_HAL_API_VERSION_UNSPECIFIED, clientPackageName, 1250 clientUid, USE_CALLING_PID, API_2, 1251 /*legacyMode*/ false, /*shimUpdateOnly*/ false, 1252 /*out*/client); 1253 1254 if(!ret.isOk()) { 1255 logRejected(id, getCallingPid(), String8(clientPackageName), 1256 ret.toString8()); 1257 return ret; 1258 } 1259 1260 *device = client; 1261 return ret; 1262} 1263 1264template<class CALLBACK, class CLIENT> 1265Status CameraService::connectHelper(const sp<CALLBACK>& cameraCb, const String8& cameraId, 1266 int halVersion, const String16& clientPackageName, int clientUid, int clientPid, 1267 apiLevel effectiveApiLevel, bool legacyMode, bool shimUpdateOnly, 1268 /*out*/sp<CLIENT>& device) { 1269 binder::Status ret = binder::Status::ok(); 1270 1271 String8 clientName8(clientPackageName); 1272 1273 int originalClientPid = 0; 1274 1275 ALOGI("CameraService::connect call (PID %d \"%s\", camera ID %s) for HAL version %s and " 1276 "Camera API version %d", clientPid, clientName8.string(), cameraId.string(), 1277 (halVersion == -1) ? "default" : std::to_string(halVersion).c_str(), 1278 static_cast<int>(effectiveApiLevel)); 1279 1280 sp<CLIENT> client = nullptr; 1281 { 1282 // Acquire mServiceLock and prevent other clients from connecting 1283 std::unique_ptr<AutoConditionLock> lock = 1284 AutoConditionLock::waitAndAcquire(mServiceLockWrapper, DEFAULT_CONNECT_TIMEOUT_NS); 1285 1286 if (lock == nullptr) { 1287 ALOGE("CameraService::connect (PID %d) rejected (too many other clients connecting)." 1288 , clientPid); 1289 return STATUS_ERROR_FMT(ERROR_MAX_CAMERAS_IN_USE, 1290 "Cannot open camera %s for \"%s\" (PID %d): Too many other clients connecting", 1291 cameraId.string(), clientName8.string(), clientPid); 1292 } 1293 1294 // Enforce client permissions and do basic sanity checks 1295 if(!(ret = validateConnectLocked(cameraId, clientName8, 1296 /*inout*/clientUid, /*inout*/clientPid, /*out*/originalClientPid)).isOk()) { 1297 return ret; 1298 } 1299 1300 // Check the shim parameters after acquiring lock, if they have already been updated and 1301 // we were doing a shim update, return immediately 1302 if (shimUpdateOnly) { 1303 auto cameraState = getCameraState(cameraId); 1304 if (cameraState != nullptr) { 1305 if (!cameraState->getShimParams().isEmpty()) return ret; 1306 } 1307 } 1308 1309 status_t err; 1310 1311 sp<BasicClient> clientTmp = nullptr; 1312 std::shared_ptr<resource_policy::ClientDescriptor<String8, sp<BasicClient>>> partial; 1313 if ((err = handleEvictionsLocked(cameraId, originalClientPid, effectiveApiLevel, 1314 IInterface::asBinder(cameraCb), clientName8, /*out*/&clientTmp, 1315 /*out*/&partial)) != NO_ERROR) { 1316 switch (err) { 1317 case -ENODEV: 1318 return STATUS_ERROR_FMT(ERROR_DISCONNECTED, 1319 "No camera device with ID \"%s\" currently available", 1320 cameraId.string()); 1321 case -EBUSY: 1322 return STATUS_ERROR_FMT(ERROR_CAMERA_IN_USE, 1323 "Higher-priority client using camera, ID \"%s\" currently unavailable", 1324 cameraId.string()); 1325 default: 1326 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 1327 "Unexpected error %s (%d) opening camera \"%s\"", 1328 strerror(-err), err, cameraId.string()); 1329 } 1330 } 1331 1332 if (clientTmp.get() != nullptr) { 1333 // Handle special case for API1 MediaRecorder where the existing client is returned 1334 device = static_cast<CLIENT*>(clientTmp.get()); 1335 return ret; 1336 } 1337 1338 // give flashlight a chance to close devices if necessary. 1339 mFlashlight->prepareDeviceOpen(cameraId); 1340 1341 int facing = -1; 1342 int deviceVersion = getDeviceVersion(cameraId, /*out*/&facing); 1343 if (facing == -1) { 1344 ALOGE("%s: Unable to get camera device \"%s\" facing", __FUNCTION__, cameraId.string()); 1345 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 1346 "Unable to get camera device \"%s\" facing", cameraId.string()); 1347 } 1348 1349 sp<BasicClient> tmp = nullptr; 1350 if(!(ret = makeClient(this, cameraCb, clientPackageName, cameraId, facing, clientPid, 1351 clientUid, getpid(), legacyMode, halVersion, deviceVersion, effectiveApiLevel, 1352 /*out*/&tmp)).isOk()) { 1353 return ret; 1354 } 1355 client = static_cast<CLIENT*>(tmp.get()); 1356 1357 LOG_ALWAYS_FATAL_IF(client.get() == nullptr, "%s: CameraService in invalid state", 1358 __FUNCTION__); 1359 1360 err = client->initialize(mCameraProviderManager); 1361 if (err != OK) { 1362 ALOGE("%s: Could not initialize client from HAL.", __FUNCTION__); 1363 // Errors could be from the HAL module open call or from AppOpsManager 1364 switch(err) { 1365 case BAD_VALUE: 1366 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 1367 "Illegal argument to HAL module for camera \"%s\"", cameraId.string()); 1368 case -EBUSY: 1369 return STATUS_ERROR_FMT(ERROR_CAMERA_IN_USE, 1370 "Camera \"%s\" is already open", cameraId.string()); 1371 case -EUSERS: 1372 return STATUS_ERROR_FMT(ERROR_MAX_CAMERAS_IN_USE, 1373 "Too many cameras already open, cannot open camera \"%s\"", 1374 cameraId.string()); 1375 case PERMISSION_DENIED: 1376 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, 1377 "No permission to open camera \"%s\"", cameraId.string()); 1378 case -EACCES: 1379 return STATUS_ERROR_FMT(ERROR_DISABLED, 1380 "Camera \"%s\" disabled by policy", cameraId.string()); 1381 case -ENODEV: 1382 default: 1383 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 1384 "Failed to initialize camera \"%s\": %s (%d)", cameraId.string(), 1385 strerror(-err), err); 1386 } 1387 } 1388 1389 // Update shim paremeters for legacy clients 1390 if (effectiveApiLevel == API_1) { 1391 // Assume we have always received a Client subclass for API1 1392 sp<Client> shimClient = reinterpret_cast<Client*>(client.get()); 1393 String8 rawParams = shimClient->getParameters(); 1394 CameraParameters params(rawParams); 1395 1396 auto cameraState = getCameraState(cameraId); 1397 if (cameraState != nullptr) { 1398 cameraState->setShimParams(params); 1399 } else { 1400 ALOGE("%s: Cannot update shim parameters for camera %s, no such device exists.", 1401 __FUNCTION__, cameraId.string()); 1402 } 1403 } 1404 1405 if (shimUpdateOnly) { 1406 // If only updating legacy shim parameters, immediately disconnect client 1407 mServiceLock.unlock(); 1408 client->disconnect(); 1409 mServiceLock.lock(); 1410 } else { 1411 // Otherwise, add client to active clients list 1412 finishConnectLocked(client, partial); 1413 } 1414 } // lock is destroyed, allow further connect calls 1415 1416 // Important: release the mutex here so the client can call back into the service from its 1417 // destructor (can be at the end of the call) 1418 device = client; 1419 return ret; 1420} 1421 1422Status CameraService::setTorchMode(const String16& cameraId, bool enabled, 1423 const sp<IBinder>& clientBinder) { 1424 Mutex::Autolock lock(mServiceLock); 1425 1426 ATRACE_CALL(); 1427 if (enabled && clientBinder == nullptr) { 1428 ALOGE("%s: torch client binder is NULL", __FUNCTION__); 1429 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, 1430 "Torch client Binder is null"); 1431 } 1432 1433 String8 id = String8(cameraId.string()); 1434 int uid = getCallingUid(); 1435 1436 // verify id is valid. 1437 auto state = getCameraState(id); 1438 if (state == nullptr) { 1439 ALOGE("%s: camera id is invalid %s", __FUNCTION__, id.string()); 1440 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 1441 "Camera ID \"%s\" is a not valid camera ID", id.string()); 1442 } 1443 1444 StatusInternal cameraStatus = state->getStatus(); 1445 if (cameraStatus != StatusInternal::PRESENT && 1446 cameraStatus != StatusInternal::NOT_AVAILABLE) { 1447 ALOGE("%s: camera id is invalid %s, status %d", __FUNCTION__, id.string(), (int)cameraStatus); 1448 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 1449 "Camera ID \"%s\" is a not valid camera ID", id.string()); 1450 } 1451 1452 { 1453 Mutex::Autolock al(mTorchStatusMutex); 1454 TorchModeStatus status; 1455 status_t err = getTorchStatusLocked(id, &status); 1456 if (err != OK) { 1457 if (err == NAME_NOT_FOUND) { 1458 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 1459 "Camera \"%s\" does not have a flash unit", id.string()); 1460 } 1461 ALOGE("%s: getting current torch status failed for camera %s", 1462 __FUNCTION__, id.string()); 1463 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 1464 "Error updating torch status for camera \"%s\": %s (%d)", id.string(), 1465 strerror(-err), err); 1466 } 1467 1468 if (status == TorchModeStatus::NOT_AVAILABLE) { 1469 if (cameraStatus == StatusInternal::NOT_AVAILABLE) { 1470 ALOGE("%s: torch mode of camera %s is not available because " 1471 "camera is in use", __FUNCTION__, id.string()); 1472 return STATUS_ERROR_FMT(ERROR_CAMERA_IN_USE, 1473 "Torch for camera \"%s\" is not available due to an existing camera user", 1474 id.string()); 1475 } else { 1476 ALOGE("%s: torch mode of camera %s is not available due to " 1477 "insufficient resources", __FUNCTION__, id.string()); 1478 return STATUS_ERROR_FMT(ERROR_MAX_CAMERAS_IN_USE, 1479 "Torch for camera \"%s\" is not available due to insufficient resources", 1480 id.string()); 1481 } 1482 } 1483 } 1484 1485 { 1486 // Update UID map - this is used in the torch status changed callbacks, so must be done 1487 // before setTorchMode 1488 Mutex::Autolock al(mTorchUidMapMutex); 1489 if (mTorchUidMap.find(id) == mTorchUidMap.end()) { 1490 mTorchUidMap[id].first = uid; 1491 mTorchUidMap[id].second = uid; 1492 } else { 1493 // Set the pending UID 1494 mTorchUidMap[id].first = uid; 1495 } 1496 } 1497 1498 status_t err = mFlashlight->setTorchMode(id, enabled); 1499 1500 if (err != OK) { 1501 int32_t errorCode; 1502 String8 msg; 1503 switch (err) { 1504 case -ENOSYS: 1505 msg = String8::format("Camera \"%s\" has no flashlight", 1506 id.string()); 1507 errorCode = ERROR_ILLEGAL_ARGUMENT; 1508 break; 1509 default: 1510 msg = String8::format( 1511 "Setting torch mode of camera \"%s\" to %d failed: %s (%d)", 1512 id.string(), enabled, strerror(-err), err); 1513 errorCode = ERROR_INVALID_OPERATION; 1514 } 1515 ALOGE("%s: %s", __FUNCTION__, msg.string()); 1516 return STATUS_ERROR(errorCode, msg.string()); 1517 } 1518 1519 { 1520 // update the link to client's death 1521 Mutex::Autolock al(mTorchClientMapMutex); 1522 ssize_t index = mTorchClientMap.indexOfKey(id); 1523 if (enabled) { 1524 if (index == NAME_NOT_FOUND) { 1525 mTorchClientMap.add(id, clientBinder); 1526 } else { 1527 mTorchClientMap.valueAt(index)->unlinkToDeath(this); 1528 mTorchClientMap.replaceValueAt(index, clientBinder); 1529 } 1530 clientBinder->linkToDeath(this); 1531 } else if (index != NAME_NOT_FOUND) { 1532 mTorchClientMap.valueAt(index)->unlinkToDeath(this); 1533 } 1534 } 1535 1536 return Status::ok(); 1537} 1538 1539Status CameraService::notifySystemEvent(int32_t eventId, 1540 const std::vector<int32_t>& args) { 1541 ATRACE_CALL(); 1542 1543 switch(eventId) { 1544 case ICameraService::EVENT_USER_SWITCHED: { 1545 doUserSwitch(/*newUserIds*/ args); 1546 break; 1547 } 1548 case ICameraService::EVENT_NONE: 1549 default: { 1550 ALOGW("%s: Received invalid system event from system_server: %d", __FUNCTION__, 1551 eventId); 1552 break; 1553 } 1554 } 1555 return Status::ok(); 1556} 1557 1558Status CameraService::addListener(const sp<ICameraServiceListener>& listener, 1559 /*out*/ 1560 std::vector<hardware::CameraStatus> *cameraStatuses) { 1561 ATRACE_CALL(); 1562 1563 ALOGV("%s: Add listener %p", __FUNCTION__, listener.get()); 1564 1565 if (listener == nullptr) { 1566 ALOGE("%s: Listener must not be null", __FUNCTION__); 1567 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Null listener given to addListener"); 1568 } 1569 1570 Mutex::Autolock lock(mServiceLock); 1571 1572 { 1573 Mutex::Autolock lock(mStatusListenerLock); 1574 for (auto& it : mListenerList) { 1575 if (IInterface::asBinder(it) == IInterface::asBinder(listener)) { 1576 ALOGW("%s: Tried to add listener %p which was already subscribed", 1577 __FUNCTION__, listener.get()); 1578 return STATUS_ERROR(ERROR_ALREADY_EXISTS, "Listener already registered"); 1579 } 1580 } 1581 1582 mListenerList.push_back(listener); 1583 } 1584 1585 /* Collect current devices and status */ 1586 { 1587 Mutex::Autolock lock(mCameraStatesLock); 1588 for (auto& i : mCameraStates) { 1589 cameraStatuses->emplace_back(i.first, mapToInterface(i.second->getStatus())); 1590 } 1591 } 1592 1593 /* 1594 * Immediately signal current torch status to this listener only 1595 * This may be a subset of all the devices, so don't include it in the response directly 1596 */ 1597 { 1598 Mutex::Autolock al(mTorchStatusMutex); 1599 for (size_t i = 0; i < mTorchStatusMap.size(); i++ ) { 1600 String16 id = String16(mTorchStatusMap.keyAt(i).string()); 1601 listener->onTorchStatusChanged(mapToInterface(mTorchStatusMap.valueAt(i)), id); 1602 } 1603 } 1604 1605 return Status::ok(); 1606} 1607 1608Status CameraService::removeListener(const sp<ICameraServiceListener>& listener) { 1609 ATRACE_CALL(); 1610 1611 ALOGV("%s: Remove listener %p", __FUNCTION__, listener.get()); 1612 1613 if (listener == 0) { 1614 ALOGE("%s: Listener must not be null", __FUNCTION__); 1615 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Null listener given to removeListener"); 1616 } 1617 1618 Mutex::Autolock lock(mServiceLock); 1619 1620 { 1621 Mutex::Autolock lock(mStatusListenerLock); 1622 for (auto it = mListenerList.begin(); it != mListenerList.end(); it++) { 1623 if (IInterface::asBinder(*it) == IInterface::asBinder(listener)) { 1624 mListenerList.erase(it); 1625 return Status::ok(); 1626 } 1627 } 1628 } 1629 1630 ALOGW("%s: Tried to remove a listener %p which was not subscribed", 1631 __FUNCTION__, listener.get()); 1632 1633 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Unregistered listener given to removeListener"); 1634} 1635 1636Status CameraService::getLegacyParameters(int cameraId, /*out*/String16* parameters) { 1637 1638 ATRACE_CALL(); 1639 ALOGV("%s: for camera ID = %d", __FUNCTION__, cameraId); 1640 1641 if (parameters == NULL) { 1642 ALOGE("%s: parameters must not be null", __FUNCTION__); 1643 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Parameters must not be null"); 1644 } 1645 1646 Status ret = Status::ok(); 1647 1648 CameraParameters shimParams; 1649 if (!(ret = getLegacyParametersLazy(cameraId, /*out*/&shimParams)).isOk()) { 1650 // Error logged by caller 1651 return ret; 1652 } 1653 1654 String8 shimParamsString8 = shimParams.flatten(); 1655 String16 shimParamsString16 = String16(shimParamsString8); 1656 1657 *parameters = shimParamsString16; 1658 1659 return ret; 1660} 1661 1662Status CameraService::supportsCameraApi(const String16& cameraId, int apiVersion, 1663 /*out*/ bool *isSupported) { 1664 ATRACE_CALL(); 1665 1666 const String8 id = String8(cameraId); 1667 1668 ALOGV("%s: for camera ID = %s", __FUNCTION__, id.string()); 1669 1670 switch (apiVersion) { 1671 case API_VERSION_1: 1672 case API_VERSION_2: 1673 break; 1674 default: 1675 String8 msg = String8::format("Unknown API version %d", apiVersion); 1676 ALOGE("%s: %s", __FUNCTION__, msg.string()); 1677 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, msg.string()); 1678 } 1679 1680 int deviceVersion = getDeviceVersion(id); 1681 switch(deviceVersion) { 1682 case CAMERA_DEVICE_API_VERSION_1_0: 1683 case CAMERA_DEVICE_API_VERSION_3_0: 1684 case CAMERA_DEVICE_API_VERSION_3_1: 1685 if (apiVersion == API_VERSION_2) { 1686 ALOGV("%s: Camera id %s uses HAL version %d <3.2, doesn't support api2 without shim", 1687 __FUNCTION__, id.string(), deviceVersion); 1688 *isSupported = false; 1689 } else { // if (apiVersion == API_VERSION_1) { 1690 ALOGV("%s: Camera id %s uses older HAL before 3.2, but api1 is always supported", 1691 __FUNCTION__, id.string()); 1692 *isSupported = true; 1693 } 1694 break; 1695 case CAMERA_DEVICE_API_VERSION_3_2: 1696 case CAMERA_DEVICE_API_VERSION_3_3: 1697 case CAMERA_DEVICE_API_VERSION_3_4: 1698 ALOGV("%s: Camera id %s uses HAL3.2 or newer, supports api1/api2 directly", 1699 __FUNCTION__, id.string()); 1700 *isSupported = true; 1701 break; 1702 case -1: { 1703 String8 msg = String8::format("Unknown camera ID %s", id.string()); 1704 ALOGE("%s: %s", __FUNCTION__, msg.string()); 1705 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, msg.string()); 1706 } 1707 default: { 1708 String8 msg = String8::format("Unknown device version %x for device %s", 1709 deviceVersion, id.string()); 1710 ALOGE("%s: %s", __FUNCTION__, msg.string()); 1711 return STATUS_ERROR(ERROR_INVALID_OPERATION, msg.string()); 1712 } 1713 } 1714 1715 return Status::ok(); 1716} 1717 1718void CameraService::removeByClient(const BasicClient* client) { 1719 Mutex::Autolock lock(mServiceLock); 1720 for (auto& i : mActiveClientManager.getAll()) { 1721 auto clientSp = i->getValue(); 1722 if (clientSp.get() == client) { 1723 mActiveClientManager.remove(i); 1724 } 1725 } 1726} 1727 1728bool CameraService::evictClientIdByRemote(const wp<IBinder>& remote) { 1729 const int callingPid = getCallingPid(); 1730 const int servicePid = getpid(); 1731 bool ret = false; 1732 { 1733 // Acquire mServiceLock and prevent other clients from connecting 1734 std::unique_ptr<AutoConditionLock> lock = 1735 AutoConditionLock::waitAndAcquire(mServiceLockWrapper); 1736 1737 1738 std::vector<sp<BasicClient>> evicted; 1739 for (auto& i : mActiveClientManager.getAll()) { 1740 auto clientSp = i->getValue(); 1741 if (clientSp.get() == nullptr) { 1742 ALOGE("%s: Dead client still in mActiveClientManager.", __FUNCTION__); 1743 mActiveClientManager.remove(i); 1744 continue; 1745 } 1746 if (remote == clientSp->getRemote() && (callingPid == servicePid || 1747 callingPid == clientSp->getClientPid())) { 1748 mActiveClientManager.remove(i); 1749 evicted.push_back(clientSp); 1750 1751 // Notify the client of disconnection 1752 clientSp->notifyError( 1753 hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISCONNECTED, 1754 CaptureResultExtras()); 1755 } 1756 } 1757 1758 // Do not hold mServiceLock while disconnecting clients, but retain the condition blocking 1759 // other clients from connecting in mServiceLockWrapper if held 1760 mServiceLock.unlock(); 1761 1762 // Do not clear caller identity, remote caller should be client proccess 1763 1764 for (auto& i : evicted) { 1765 if (i.get() != nullptr) { 1766 i->disconnect(); 1767 ret = true; 1768 } 1769 } 1770 1771 // Reacquire mServiceLock 1772 mServiceLock.lock(); 1773 1774 } // lock is destroyed, allow further connect calls 1775 1776 return ret; 1777} 1778 1779std::shared_ptr<CameraService::CameraState> CameraService::getCameraState( 1780 const String8& cameraId) const { 1781 std::shared_ptr<CameraState> state; 1782 { 1783 Mutex::Autolock lock(mCameraStatesLock); 1784 auto iter = mCameraStates.find(cameraId); 1785 if (iter != mCameraStates.end()) { 1786 state = iter->second; 1787 } 1788 } 1789 return state; 1790} 1791 1792sp<CameraService::BasicClient> CameraService::removeClientLocked(const String8& cameraId) { 1793 // Remove from active clients list 1794 auto clientDescriptorPtr = mActiveClientManager.remove(cameraId); 1795 if (clientDescriptorPtr == nullptr) { 1796 ALOGW("%s: Could not evict client, no client for camera ID %s", __FUNCTION__, 1797 cameraId.string()); 1798 return sp<BasicClient>{nullptr}; 1799 } 1800 1801 return clientDescriptorPtr->getValue(); 1802} 1803 1804void CameraService::doUserSwitch(const std::vector<int32_t>& newUserIds) { 1805 // Acquire mServiceLock and prevent other clients from connecting 1806 std::unique_ptr<AutoConditionLock> lock = 1807 AutoConditionLock::waitAndAcquire(mServiceLockWrapper); 1808 1809 std::set<userid_t> newAllowedUsers; 1810 for (size_t i = 0; i < newUserIds.size(); i++) { 1811 if (newUserIds[i] < 0) { 1812 ALOGE("%s: Bad user ID %d given during user switch, ignoring.", 1813 __FUNCTION__, newUserIds[i]); 1814 return; 1815 } 1816 newAllowedUsers.insert(static_cast<userid_t>(newUserIds[i])); 1817 } 1818 1819 1820 if (newAllowedUsers == mAllowedUsers) { 1821 ALOGW("%s: Received notification of user switch with no updated user IDs.", __FUNCTION__); 1822 return; 1823 } 1824 1825 logUserSwitch(mAllowedUsers, newAllowedUsers); 1826 1827 mAllowedUsers = std::move(newAllowedUsers); 1828 1829 // Current user has switched, evict all current clients. 1830 std::vector<sp<BasicClient>> evicted; 1831 for (auto& i : mActiveClientManager.getAll()) { 1832 auto clientSp = i->getValue(); 1833 1834 if (clientSp.get() == nullptr) { 1835 ALOGE("%s: Dead client still in mActiveClientManager.", __FUNCTION__); 1836 continue; 1837 } 1838 1839 // Don't evict clients that are still allowed. 1840 uid_t clientUid = clientSp->getClientUid(); 1841 userid_t clientUserId = multiuser_get_user_id(clientUid); 1842 if (mAllowedUsers.find(clientUserId) != mAllowedUsers.end()) { 1843 continue; 1844 } 1845 1846 evicted.push_back(clientSp); 1847 1848 String8 curTime = getFormattedCurrentTime(); 1849 1850 ALOGE("Evicting conflicting client for camera ID %s due to user change", 1851 i->getKey().string()); 1852 1853 // Log the clients evicted 1854 logEvent(String8::format("EVICT device %s client held by package %s (PID %" 1855 PRId32 ", score %" PRId32 ", state %" PRId32 ")\n - Evicted due" 1856 " to user switch.", i->getKey().string(), 1857 String8{clientSp->getPackageName()}.string(), 1858 i->getOwnerId(), i->getPriority().getScore(), 1859 i->getPriority().getState())); 1860 1861 } 1862 1863 // Do not hold mServiceLock while disconnecting clients, but retain the condition 1864 // blocking other clients from connecting in mServiceLockWrapper if held. 1865 mServiceLock.unlock(); 1866 1867 // Clear caller identity temporarily so client disconnect PID checks work correctly 1868 int64_t token = IPCThreadState::self()->clearCallingIdentity(); 1869 1870 for (auto& i : evicted) { 1871 i->disconnect(); 1872 } 1873 1874 IPCThreadState::self()->restoreCallingIdentity(token); 1875 1876 // Reacquire mServiceLock 1877 mServiceLock.lock(); 1878} 1879 1880void CameraService::logEvent(const char* event) { 1881 String8 curTime = getFormattedCurrentTime(); 1882 Mutex::Autolock l(mLogLock); 1883 mEventLog.add(String8::format("%s : %s", curTime.string(), event)); 1884} 1885 1886void CameraService::logDisconnected(const char* cameraId, int clientPid, 1887 const char* clientPackage) { 1888 // Log the clients evicted 1889 logEvent(String8::format("DISCONNECT device %s client for package %s (PID %d)", cameraId, 1890 clientPackage, clientPid)); 1891} 1892 1893void CameraService::logConnected(const char* cameraId, int clientPid, 1894 const char* clientPackage) { 1895 // Log the clients evicted 1896 logEvent(String8::format("CONNECT device %s client for package %s (PID %d)", cameraId, 1897 clientPackage, clientPid)); 1898} 1899 1900void CameraService::logRejected(const char* cameraId, int clientPid, 1901 const char* clientPackage, const char* reason) { 1902 // Log the client rejected 1903 logEvent(String8::format("REJECT device %s client for package %s (PID %d), reason: (%s)", 1904 cameraId, clientPackage, clientPid, reason)); 1905} 1906 1907void CameraService::logUserSwitch(const std::set<userid_t>& oldUserIds, 1908 const std::set<userid_t>& newUserIds) { 1909 String8 newUsers = toString(newUserIds); 1910 String8 oldUsers = toString(oldUserIds); 1911 if (oldUsers.size() == 0) { 1912 oldUsers = "<None>"; 1913 } 1914 // Log the new and old users 1915 logEvent(String8::format("USER_SWITCH previous allowed user IDs: %s, current allowed user IDs: %s", 1916 oldUsers.string(), newUsers.string())); 1917} 1918 1919void CameraService::logDeviceRemoved(const char* cameraId, const char* reason) { 1920 // Log the device removal 1921 logEvent(String8::format("REMOVE device %s, reason: (%s)", cameraId, reason)); 1922} 1923 1924void CameraService::logDeviceAdded(const char* cameraId, const char* reason) { 1925 // Log the device removal 1926 logEvent(String8::format("ADD device %s, reason: (%s)", cameraId, reason)); 1927} 1928 1929void CameraService::logClientDied(int clientPid, const char* reason) { 1930 // Log the device removal 1931 logEvent(String8::format("DIED client(s) with PID %d, reason: (%s)", clientPid, reason)); 1932} 1933 1934void CameraService::logServiceError(const char* msg, int errorCode) { 1935 String8 curTime = getFormattedCurrentTime(); 1936 logEvent(String8::format("SERVICE ERROR: %s : %d (%s)", msg, errorCode, strerror(-errorCode))); 1937} 1938 1939status_t CameraService::onTransact(uint32_t code, const Parcel& data, Parcel* reply, 1940 uint32_t flags) { 1941 1942 const int pid = getCallingPid(); 1943 const int selfPid = getpid(); 1944 1945 // Permission checks 1946 switch (code) { 1947 case BnCameraService::NOTIFYSYSTEMEVENT: { 1948 if (pid != selfPid) { 1949 // Ensure we're being called by system_server, or similar process with 1950 // permissions to notify the camera service about system events 1951 if (!checkCallingPermission( 1952 String16("android.permission.CAMERA_SEND_SYSTEM_EVENTS"))) { 1953 const int uid = getCallingUid(); 1954 ALOGE("Permission Denial: cannot send updates to camera service about system" 1955 " events from pid=%d, uid=%d", pid, uid); 1956 return PERMISSION_DENIED; 1957 } 1958 } 1959 break; 1960 } 1961 } 1962 1963 return BnCameraService::onTransact(code, data, reply, flags); 1964} 1965 1966// We share the media players for shutter and recording sound for all clients. 1967// A reference count is kept to determine when we will actually release the 1968// media players. 1969 1970MediaPlayer* CameraService::newMediaPlayer(const char *file) { 1971 MediaPlayer* mp = new MediaPlayer(); 1972 if (mp->setDataSource(NULL /* httpService */, file, NULL) == NO_ERROR) { 1973 mp->setAudioStreamType(AUDIO_STREAM_ENFORCED_AUDIBLE); 1974 mp->prepare(); 1975 } else { 1976 ALOGE("Failed to load CameraService sounds: %s", file); 1977 return NULL; 1978 } 1979 return mp; 1980} 1981 1982void CameraService::loadSound() { 1983 ATRACE_CALL(); 1984 1985 Mutex::Autolock lock(mSoundLock); 1986 LOG1("CameraService::loadSound ref=%d", mSoundRef); 1987 if (mSoundRef++) return; 1988 1989 mSoundPlayer[SOUND_SHUTTER] = newMediaPlayer("/system/media/audio/ui/camera_click.ogg"); 1990 mSoundPlayer[SOUND_RECORDING_START] = newMediaPlayer("/system/media/audio/ui/VideoRecord.ogg"); 1991 mSoundPlayer[SOUND_RECORDING_STOP] = newMediaPlayer("/system/media/audio/ui/VideoStop.ogg"); 1992} 1993 1994void CameraService::releaseSound() { 1995 Mutex::Autolock lock(mSoundLock); 1996 LOG1("CameraService::releaseSound ref=%d", mSoundRef); 1997 if (--mSoundRef) return; 1998 1999 for (int i = 0; i < NUM_SOUNDS; i++) { 2000 if (mSoundPlayer[i] != 0) { 2001 mSoundPlayer[i]->disconnect(); 2002 mSoundPlayer[i].clear(); 2003 } 2004 } 2005} 2006 2007void CameraService::playSound(sound_kind kind) { 2008 ATRACE_CALL(); 2009 2010 LOG1("playSound(%d)", kind); 2011 Mutex::Autolock lock(mSoundLock); 2012 sp<MediaPlayer> player = mSoundPlayer[kind]; 2013 if (player != 0) { 2014 player->seekTo(0); 2015 player->start(); 2016 } 2017} 2018 2019// ---------------------------------------------------------------------------- 2020 2021CameraService::Client::Client(const sp<CameraService>& cameraService, 2022 const sp<ICameraClient>& cameraClient, 2023 const String16& clientPackageName, 2024 const String8& cameraIdStr, int cameraFacing, 2025 int clientPid, uid_t clientUid, 2026 int servicePid) : 2027 CameraService::BasicClient(cameraService, 2028 IInterface::asBinder(cameraClient), 2029 clientPackageName, 2030 cameraIdStr, cameraFacing, 2031 clientPid, clientUid, 2032 servicePid), 2033 mCameraId(CameraService::cameraIdToInt(cameraIdStr)) 2034{ 2035 int callingPid = getCallingPid(); 2036 LOG1("Client::Client E (pid %d, id %d)", callingPid, mCameraId); 2037 2038 mRemoteCallback = cameraClient; 2039 2040 cameraService->loadSound(); 2041 2042 LOG1("Client::Client X (pid %d, id %d)", callingPid, mCameraId); 2043} 2044 2045// tear down the client 2046CameraService::Client::~Client() { 2047 ALOGV("~Client"); 2048 mDestructionStarted = true; 2049 2050 sCameraService->releaseSound(); 2051 // unconditionally disconnect. function is idempotent 2052 Client::disconnect(); 2053} 2054 2055sp<CameraService> CameraService::BasicClient::BasicClient::sCameraService; 2056 2057CameraService::BasicClient::BasicClient(const sp<CameraService>& cameraService, 2058 const sp<IBinder>& remoteCallback, 2059 const String16& clientPackageName, 2060 const String8& cameraIdStr, int cameraFacing, 2061 int clientPid, uid_t clientUid, 2062 int servicePid): 2063 mCameraIdStr(cameraIdStr), mCameraFacing(cameraFacing), 2064 mClientPackageName(clientPackageName), mClientPid(clientPid), mClientUid(clientUid), 2065 mServicePid(servicePid), 2066 mDisconnected(false), 2067 mRemoteBinder(remoteCallback) 2068{ 2069 if (sCameraService == nullptr) { 2070 sCameraService = cameraService; 2071 } 2072 mOpsActive = false; 2073 mDestructionStarted = false; 2074 2075 // In some cases the calling code has no access to the package it runs under. 2076 // For example, NDK camera API. 2077 // In this case we will get the packages for the calling UID and pick the first one 2078 // for attributing the app op. This will work correctly for runtime permissions 2079 // as for legacy apps we will toggle the app op for all packages in the UID. 2080 // The caveat is that the operation may be attributed to the wrong package and 2081 // stats based on app ops may be slightly off. 2082 if (mClientPackageName.size() <= 0) { 2083 sp<IServiceManager> sm = defaultServiceManager(); 2084 sp<IBinder> binder = sm->getService(String16(kPermissionServiceName)); 2085 if (binder == 0) { 2086 ALOGE("Cannot get permission service"); 2087 // Leave mClientPackageName unchanged (empty) and the further interaction 2088 // with camera will fail in BasicClient::startCameraOps 2089 return; 2090 } 2091 2092 sp<IPermissionController> permCtrl = interface_cast<IPermissionController>(binder); 2093 Vector<String16> packages; 2094 2095 permCtrl->getPackagesForUid(mClientUid, packages); 2096 2097 if (packages.isEmpty()) { 2098 ALOGE("No packages for calling UID"); 2099 // Leave mClientPackageName unchanged (empty) and the further interaction 2100 // with camera will fail in BasicClient::startCameraOps 2101 return; 2102 } 2103 mClientPackageName = packages[0]; 2104 } 2105} 2106 2107CameraService::BasicClient::~BasicClient() { 2108 ALOGV("~BasicClient"); 2109 mDestructionStarted = true; 2110} 2111 2112binder::Status CameraService::BasicClient::disconnect() { 2113 binder::Status res = Status::ok(); 2114 if (mDisconnected) { 2115 return res; 2116 } 2117 mDisconnected = true; 2118 2119 sCameraService->removeByClient(this); 2120 sCameraService->logDisconnected(mCameraIdStr, mClientPid, 2121 String8(mClientPackageName)); 2122 2123 sp<IBinder> remote = getRemote(); 2124 if (remote != nullptr) { 2125 remote->unlinkToDeath(sCameraService); 2126 } 2127 2128 finishCameraOps(); 2129 // Notify flashlight that a camera device is closed. 2130 sCameraService->mFlashlight->deviceClosed(mCameraIdStr); 2131 ALOGI("%s: Disconnected client for camera %s for PID %d", __FUNCTION__, mCameraIdStr.string(), 2132 mClientPid); 2133 2134 // client shouldn't be able to call into us anymore 2135 mClientPid = 0; 2136 2137 return res; 2138} 2139 2140status_t CameraService::BasicClient::dump(int, const Vector<String16>&) { 2141 // No dumping of clients directly over Binder, 2142 // must go through CameraService::dump 2143 android_errorWriteWithInfoLog(SN_EVENT_LOG_ID, "26265403", 2144 IPCThreadState::self()->getCallingUid(), NULL, 0); 2145 return OK; 2146} 2147 2148String16 CameraService::BasicClient::getPackageName() const { 2149 return mClientPackageName; 2150} 2151 2152 2153int CameraService::BasicClient::getClientPid() const { 2154 return mClientPid; 2155} 2156 2157uid_t CameraService::BasicClient::getClientUid() const { 2158 return mClientUid; 2159} 2160 2161bool CameraService::BasicClient::canCastToApiClient(apiLevel level) const { 2162 // Defaults to API2. 2163 return level == API_2; 2164} 2165 2166status_t CameraService::BasicClient::startCameraOps() { 2167 ATRACE_CALL(); 2168 2169 int32_t res; 2170 // Notify app ops that the camera is not available 2171 mOpsCallback = new OpsCallback(this); 2172 2173 { 2174 ALOGV("%s: Start camera ops, package name = %s, client UID = %d", 2175 __FUNCTION__, String8(mClientPackageName).string(), mClientUid); 2176 } 2177 2178 mAppOpsManager.startWatchingMode(AppOpsManager::OP_CAMERA, 2179 mClientPackageName, mOpsCallback); 2180 res = mAppOpsManager.startOp(AppOpsManager::OP_CAMERA, 2181 mClientUid, mClientPackageName); 2182 2183 if (res == AppOpsManager::MODE_ERRORED) { 2184 ALOGI("Camera %s: Access for \"%s\" has been revoked", 2185 mCameraIdStr.string(), String8(mClientPackageName).string()); 2186 return PERMISSION_DENIED; 2187 } 2188 2189 if (res == AppOpsManager::MODE_IGNORED) { 2190 ALOGI("Camera %s: Access for \"%s\" has been restricted", 2191 mCameraIdStr.string(), String8(mClientPackageName).string()); 2192 // Return the same error as for device policy manager rejection 2193 return -EACCES; 2194 } 2195 2196 mOpsActive = true; 2197 2198 // Transition device availability listeners from PRESENT -> NOT_AVAILABLE 2199 sCameraService->updateStatus(StatusInternal::NOT_AVAILABLE, mCameraIdStr); 2200 2201 // Transition device state to OPEN 2202 sCameraService->updateProxyDeviceState(ICameraServiceProxy::CAMERA_STATE_OPEN, 2203 mCameraIdStr); 2204 2205 return OK; 2206} 2207 2208status_t CameraService::BasicClient::finishCameraOps() { 2209 ATRACE_CALL(); 2210 2211 // Check if startCameraOps succeeded, and if so, finish the camera op 2212 if (mOpsActive) { 2213 // Notify app ops that the camera is available again 2214 mAppOpsManager.finishOp(AppOpsManager::OP_CAMERA, mClientUid, 2215 mClientPackageName); 2216 mOpsActive = false; 2217 2218 std::initializer_list<StatusInternal> rejected = {StatusInternal::PRESENT, 2219 StatusInternal::ENUMERATING}; 2220 2221 // Transition to PRESENT if the camera is not in either of the rejected states 2222 sCameraService->updateStatus(StatusInternal::PRESENT, 2223 mCameraIdStr, rejected); 2224 2225 // Transition device state to CLOSED 2226 sCameraService->updateProxyDeviceState(ICameraServiceProxy::CAMERA_STATE_CLOSED, 2227 mCameraIdStr); 2228 } 2229 // Always stop watching, even if no camera op is active 2230 if (mOpsCallback != NULL) { 2231 mAppOpsManager.stopWatchingMode(mOpsCallback); 2232 } 2233 mOpsCallback.clear(); 2234 2235 return OK; 2236} 2237 2238void CameraService::BasicClient::opChanged(int32_t op, const String16& packageName) { 2239 ATRACE_CALL(); 2240 2241 String8 name(packageName); 2242 String8 myName(mClientPackageName); 2243 2244 if (op != AppOpsManager::OP_CAMERA) { 2245 ALOGW("Unexpected app ops notification received: %d", op); 2246 return; 2247 } 2248 2249 int32_t res; 2250 res = mAppOpsManager.checkOp(AppOpsManager::OP_CAMERA, 2251 mClientUid, mClientPackageName); 2252 ALOGV("checkOp returns: %d, %s ", res, 2253 res == AppOpsManager::MODE_ALLOWED ? "ALLOWED" : 2254 res == AppOpsManager::MODE_IGNORED ? "IGNORED" : 2255 res == AppOpsManager::MODE_ERRORED ? "ERRORED" : 2256 "UNKNOWN"); 2257 2258 if (res != AppOpsManager::MODE_ALLOWED) { 2259 ALOGI("Camera %s: Access for \"%s\" revoked", mCameraIdStr.string(), 2260 myName.string()); 2261 // Reset the client PID to allow server-initiated disconnect, 2262 // and to prevent further calls by client. 2263 mClientPid = getCallingPid(); 2264 CaptureResultExtras resultExtras; // a dummy result (invalid) 2265 notifyError(hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_SERVICE, resultExtras); 2266 disconnect(); 2267 } 2268} 2269 2270// ---------------------------------------------------------------------------- 2271 2272void CameraService::Client::notifyError(int32_t errorCode, 2273 const CaptureResultExtras& resultExtras) { 2274 (void) errorCode; 2275 (void) resultExtras; 2276 if (mRemoteCallback != NULL) { 2277 mRemoteCallback->notifyCallback(CAMERA_MSG_ERROR, CAMERA_ERROR_RELEASED, 0); 2278 } else { 2279 ALOGE("mRemoteCallback is NULL!!"); 2280 } 2281} 2282 2283// NOTE: function is idempotent 2284binder::Status CameraService::Client::disconnect() { 2285 ALOGV("Client::disconnect"); 2286 return BasicClient::disconnect(); 2287} 2288 2289bool CameraService::Client::canCastToApiClient(apiLevel level) const { 2290 return level == API_1; 2291} 2292 2293CameraService::Client::OpsCallback::OpsCallback(wp<BasicClient> client): 2294 mClient(client) { 2295} 2296 2297void CameraService::Client::OpsCallback::opChanged(int32_t op, 2298 const String16& packageName) { 2299 sp<BasicClient> client = mClient.promote(); 2300 if (client != NULL) { 2301 client->opChanged(op, packageName); 2302 } 2303} 2304 2305// ---------------------------------------------------------------------------- 2306// CameraState 2307// ---------------------------------------------------------------------------- 2308 2309CameraService::CameraState::CameraState(const String8& id, int cost, 2310 const std::set<String8>& conflicting) : mId(id), 2311 mStatus(StatusInternal::PRESENT), mCost(cost), mConflicting(conflicting) {} 2312 2313CameraService::CameraState::~CameraState() {} 2314 2315CameraService::StatusInternal CameraService::CameraState::getStatus() const { 2316 Mutex::Autolock lock(mStatusLock); 2317 return mStatus; 2318} 2319 2320CameraParameters CameraService::CameraState::getShimParams() const { 2321 return mShimParams; 2322} 2323 2324void CameraService::CameraState::setShimParams(const CameraParameters& params) { 2325 mShimParams = params; 2326} 2327 2328int CameraService::CameraState::getCost() const { 2329 return mCost; 2330} 2331 2332std::set<String8> CameraService::CameraState::getConflicting() const { 2333 return mConflicting; 2334} 2335 2336String8 CameraService::CameraState::getId() const { 2337 return mId; 2338} 2339 2340// ---------------------------------------------------------------------------- 2341// ClientEventListener 2342// ---------------------------------------------------------------------------- 2343 2344void CameraService::ClientEventListener::onClientAdded( 2345 const resource_policy::ClientDescriptor<String8, 2346 sp<CameraService::BasicClient>>& descriptor) { 2347 const auto& basicClient = descriptor.getValue(); 2348 if (basicClient.get() != nullptr) { 2349 BatteryNotifier& notifier(BatteryNotifier::getInstance()); 2350 notifier.noteStartCamera(descriptor.getKey(), 2351 static_cast<int>(basicClient->getClientUid())); 2352 } 2353} 2354 2355void CameraService::ClientEventListener::onClientRemoved( 2356 const resource_policy::ClientDescriptor<String8, 2357 sp<CameraService::BasicClient>>& descriptor) { 2358 const auto& basicClient = descriptor.getValue(); 2359 if (basicClient.get() != nullptr) { 2360 BatteryNotifier& notifier(BatteryNotifier::getInstance()); 2361 notifier.noteStopCamera(descriptor.getKey(), 2362 static_cast<int>(basicClient->getClientUid())); 2363 } 2364} 2365 2366 2367// ---------------------------------------------------------------------------- 2368// CameraClientManager 2369// ---------------------------------------------------------------------------- 2370 2371CameraService::CameraClientManager::CameraClientManager() { 2372 setListener(std::make_shared<ClientEventListener>()); 2373} 2374 2375CameraService::CameraClientManager::~CameraClientManager() {} 2376 2377sp<CameraService::BasicClient> CameraService::CameraClientManager::getCameraClient( 2378 const String8& id) const { 2379 auto descriptor = get(id); 2380 if (descriptor == nullptr) { 2381 return sp<BasicClient>{nullptr}; 2382 } 2383 return descriptor->getValue(); 2384} 2385 2386String8 CameraService::CameraClientManager::toString() const { 2387 auto all = getAll(); 2388 String8 ret("["); 2389 bool hasAny = false; 2390 for (auto& i : all) { 2391 hasAny = true; 2392 String8 key = i->getKey(); 2393 int32_t cost = i->getCost(); 2394 int32_t pid = i->getOwnerId(); 2395 int32_t score = i->getPriority().getScore(); 2396 int32_t state = i->getPriority().getState(); 2397 auto conflicting = i->getConflicting(); 2398 auto clientSp = i->getValue(); 2399 String8 packageName; 2400 userid_t clientUserId = 0; 2401 if (clientSp.get() != nullptr) { 2402 packageName = String8{clientSp->getPackageName()}; 2403 uid_t clientUid = clientSp->getClientUid(); 2404 clientUserId = multiuser_get_user_id(clientUid); 2405 } 2406 ret.appendFormat("\n(Camera ID: %s, Cost: %" PRId32 ", PID: %" PRId32 ", Score: %" 2407 PRId32 ", State: %" PRId32, key.string(), cost, pid, score, state); 2408 2409 if (clientSp.get() != nullptr) { 2410 ret.appendFormat("User Id: %d, ", clientUserId); 2411 } 2412 if (packageName.size() != 0) { 2413 ret.appendFormat("Client Package Name: %s", packageName.string()); 2414 } 2415 2416 ret.append(", Conflicting Client Devices: {"); 2417 for (auto& j : conflicting) { 2418 ret.appendFormat("%s, ", j.string()); 2419 } 2420 ret.append("})"); 2421 } 2422 if (hasAny) ret.append("\n"); 2423 ret.append("]\n"); 2424 return ret; 2425} 2426 2427CameraService::DescriptorPtr CameraService::CameraClientManager::makeClientDescriptor( 2428 const String8& key, const sp<BasicClient>& value, int32_t cost, 2429 const std::set<String8>& conflictingKeys, int32_t score, int32_t ownerId, 2430 int32_t state) { 2431 2432 return std::make_shared<resource_policy::ClientDescriptor<String8, sp<BasicClient>>>( 2433 key, value, cost, conflictingKeys, score, ownerId, state); 2434} 2435 2436CameraService::DescriptorPtr CameraService::CameraClientManager::makeClientDescriptor( 2437 const sp<BasicClient>& value, const CameraService::DescriptorPtr& partial) { 2438 return makeClientDescriptor(partial->getKey(), value, partial->getCost(), 2439 partial->getConflicting(), partial->getPriority().getScore(), 2440 partial->getOwnerId(), partial->getPriority().getState()); 2441} 2442 2443// ---------------------------------------------------------------------------- 2444 2445static const int kDumpLockRetries = 50; 2446static const int kDumpLockSleep = 60000; 2447 2448static bool tryLock(Mutex& mutex) 2449{ 2450 bool locked = false; 2451 for (int i = 0; i < kDumpLockRetries; ++i) { 2452 if (mutex.tryLock() == NO_ERROR) { 2453 locked = true; 2454 break; 2455 } 2456 usleep(kDumpLockSleep); 2457 } 2458 return locked; 2459} 2460 2461status_t CameraService::dump(int fd, const Vector<String16>& args) { 2462 ATRACE_CALL(); 2463 2464 if (checkCallingPermission(String16("android.permission.DUMP")) == false) { 2465 dprintf(fd, "Permission Denial: can't dump CameraService from pid=%d, uid=%d\n", 2466 getCallingPid(), 2467 getCallingUid()); 2468 return NO_ERROR; 2469 } 2470 bool locked = tryLock(mServiceLock); 2471 // failed to lock - CameraService is probably deadlocked 2472 if (!locked) { 2473 dprintf(fd, "!! CameraService may be deadlocked !!\n"); 2474 } 2475 2476 if (!mInitialized) { 2477 dprintf(fd, "!! No camera HAL available !!\n"); 2478 2479 // Dump event log for error information 2480 dumpEventLog(fd); 2481 2482 if (locked) mServiceLock.unlock(); 2483 return NO_ERROR; 2484 } 2485 dprintf(fd, "\n== Service global info: ==\n\n"); 2486 dprintf(fd, "Number of camera devices: %d\n", mNumberOfCameras); 2487 dprintf(fd, "Number of normal camera devices: %d\n", mNumberOfNormalCameras); 2488 String8 activeClientString = mActiveClientManager.toString(); 2489 dprintf(fd, "Active Camera Clients:\n%s", activeClientString.string()); 2490 dprintf(fd, "Allowed user IDs: %s\n", toString(mAllowedUsers).string()); 2491 2492 dumpEventLog(fd); 2493 2494 bool stateLocked = tryLock(mCameraStatesLock); 2495 if (!stateLocked) { 2496 dprintf(fd, "CameraStates in use, may be deadlocked\n"); 2497 } 2498 2499 for (auto& state : mCameraStates) { 2500 String8 cameraId = state.first; 2501 2502 dprintf(fd, "== Camera device %s dynamic info: ==\n", cameraId.string()); 2503 2504 CameraParameters p = state.second->getShimParams(); 2505 if (!p.isEmpty()) { 2506 dprintf(fd, " Camera1 API shim is using parameters:\n "); 2507 p.dump(fd, args); 2508 } 2509 2510 auto clientDescriptor = mActiveClientManager.get(cameraId); 2511 if (clientDescriptor != nullptr) { 2512 dprintf(fd, " Device %s is open. Client instance dump:\n", 2513 cameraId.string()); 2514 dprintf(fd, " Client priority score: %d state: %d\n", 2515 clientDescriptor->getPriority().getScore(), 2516 clientDescriptor->getPriority().getState()); 2517 dprintf(fd, " Client PID: %d\n", clientDescriptor->getOwnerId()); 2518 2519 auto client = clientDescriptor->getValue(); 2520 dprintf(fd, " Client package: %s\n", 2521 String8(client->getPackageName()).string()); 2522 2523 client->dumpClient(fd, args); 2524 } else { 2525 dprintf(fd, " Device %s is closed, no client instance\n", 2526 cameraId.string()); 2527 } 2528 2529 } 2530 2531 if (stateLocked) mCameraStatesLock.unlock(); 2532 2533 if (locked) mServiceLock.unlock(); 2534 2535 mCameraProviderManager->dump(fd, args); 2536 2537 dprintf(fd, "\n== Vendor tags: ==\n\n"); 2538 2539 sp<VendorTagDescriptor> desc = VendorTagDescriptor::getGlobalVendorTagDescriptor(); 2540 if (desc == NULL) { 2541 sp<VendorTagDescriptorCache> cache = 2542 VendorTagDescriptorCache::getGlobalVendorTagCache(); 2543 if (cache == NULL) { 2544 dprintf(fd, "No vendor tags.\n"); 2545 } else { 2546 cache->dump(fd, /*verbosity*/2, /*indentation*/2); 2547 } 2548 } else { 2549 desc->dump(fd, /*verbosity*/2, /*indentation*/2); 2550 } 2551 2552 // Dump camera traces if there were any 2553 dprintf(fd, "\n"); 2554 camera3::CameraTraces::dump(fd, args); 2555 2556 // Process dump arguments, if any 2557 int n = args.size(); 2558 String16 verboseOption("-v"); 2559 String16 unreachableOption("--unreachable"); 2560 for (int i = 0; i < n; i++) { 2561 if (args[i] == verboseOption) { 2562 // change logging level 2563 if (i + 1 >= n) continue; 2564 String8 levelStr(args[i+1]); 2565 int level = atoi(levelStr.string()); 2566 dprintf(fd, "\nSetting log level to %d.\n", level); 2567 setLogLevel(level); 2568 } else if (args[i] == unreachableOption) { 2569 // Dump memory analysis 2570 // TODO - should limit be an argument parameter? 2571 UnreachableMemoryInfo info; 2572 bool success = GetUnreachableMemory(info, /*limit*/ 10000); 2573 if (!success) { 2574 dprintf(fd, "\n== Unable to dump unreachable memory. " 2575 "Try disabling SELinux enforcement. ==\n"); 2576 } else { 2577 dprintf(fd, "\n== Dumping unreachable memory: ==\n"); 2578 std::string s = info.ToString(/*log_contents*/ true); 2579 write(fd, s.c_str(), s.size()); 2580 } 2581 } 2582 } 2583 return NO_ERROR; 2584} 2585 2586void CameraService::dumpEventLog(int fd) { 2587 dprintf(fd, "\n== Camera service events log (most recent at top): ==\n"); 2588 2589 Mutex::Autolock l(mLogLock); 2590 for (const auto& msg : mEventLog) { 2591 dprintf(fd, " %s\n", msg.string()); 2592 } 2593 2594 if (mEventLog.size() == DEFAULT_EVENT_LOG_LENGTH) { 2595 dprintf(fd, " ...\n"); 2596 } else if (mEventLog.size() == 0) { 2597 dprintf(fd, " [no events yet]\n"); 2598 } 2599 dprintf(fd, "\n"); 2600} 2601 2602void CameraService::handleTorchClientBinderDied(const wp<IBinder> &who) { 2603 Mutex::Autolock al(mTorchClientMapMutex); 2604 for (size_t i = 0; i < mTorchClientMap.size(); i++) { 2605 if (mTorchClientMap[i] == who) { 2606 // turn off the torch mode that was turned on by dead client 2607 String8 cameraId = mTorchClientMap.keyAt(i); 2608 status_t res = mFlashlight->setTorchMode(cameraId, false); 2609 if (res) { 2610 ALOGE("%s: torch client died but couldn't turn off torch: " 2611 "%s (%d)", __FUNCTION__, strerror(-res), res); 2612 return; 2613 } 2614 mTorchClientMap.removeItemsAt(i); 2615 break; 2616 } 2617 } 2618} 2619 2620/*virtual*/void CameraService::binderDied(const wp<IBinder> &who) { 2621 2622 /** 2623 * While tempting to promote the wp<IBinder> into a sp, it's actually not supported by the 2624 * binder driver 2625 */ 2626 2627 logClientDied(getCallingPid(), String8("Binder died unexpectedly")); 2628 2629 // check torch client 2630 handleTorchClientBinderDied(who); 2631 2632 // check camera device client 2633 if(!evictClientIdByRemote(who)) { 2634 ALOGV("%s: Java client's binder death already cleaned up (normal case)", __FUNCTION__); 2635 return; 2636 } 2637 2638 ALOGE("%s: Java client's binder died, removing it from the list of active clients", 2639 __FUNCTION__); 2640} 2641 2642void CameraService::updateStatus(StatusInternal status, const String8& cameraId) { 2643 updateStatus(status, cameraId, {}); 2644} 2645 2646void CameraService::updateStatus(StatusInternal status, const String8& cameraId, 2647 std::initializer_list<StatusInternal> rejectSourceStates) { 2648 // Do not lock mServiceLock here or can get into a deadlock from 2649 // connect() -> disconnect -> updateStatus 2650 2651 auto state = getCameraState(cameraId); 2652 2653 if (state == nullptr) { 2654 ALOGW("%s: Could not update the status for %s, no such device exists", __FUNCTION__, 2655 cameraId.string()); 2656 return; 2657 } 2658 2659 // Update the status for this camera state, then send the onStatusChangedCallbacks to each 2660 // of the listeners with both the mStatusStatus and mStatusListenerLock held 2661 state->updateStatus(status, cameraId, rejectSourceStates, [this] 2662 (const String8& cameraId, StatusInternal status) { 2663 2664 if (status != StatusInternal::ENUMERATING) { 2665 // Update torch status if it has a flash unit. 2666 Mutex::Autolock al(mTorchStatusMutex); 2667 TorchModeStatus torchStatus; 2668 if (getTorchStatusLocked(cameraId, &torchStatus) != 2669 NAME_NOT_FOUND) { 2670 TorchModeStatus newTorchStatus = 2671 status == StatusInternal::PRESENT ? 2672 TorchModeStatus::AVAILABLE_OFF : 2673 TorchModeStatus::NOT_AVAILABLE; 2674 if (torchStatus != newTorchStatus) { 2675 onTorchStatusChangedLocked(cameraId, newTorchStatus); 2676 } 2677 } 2678 } 2679 2680 Mutex::Autolock lock(mStatusListenerLock); 2681 2682 for (auto& listener : mListenerList) { 2683 listener->onStatusChanged(mapToInterface(status), String16(cameraId)); 2684 } 2685 }); 2686} 2687 2688template<class Func> 2689void CameraService::CameraState::updateStatus(StatusInternal status, 2690 const String8& cameraId, 2691 std::initializer_list<StatusInternal> rejectSourceStates, 2692 Func onStatusUpdatedLocked) { 2693 Mutex::Autolock lock(mStatusLock); 2694 StatusInternal oldStatus = mStatus; 2695 mStatus = status; 2696 2697 if (oldStatus == status) { 2698 return; 2699 } 2700 2701 ALOGV("%s: Status has changed for camera ID %s from %#x to %#x", __FUNCTION__, 2702 cameraId.string(), oldStatus, status); 2703 2704 if (oldStatus == StatusInternal::NOT_PRESENT && 2705 (status != StatusInternal::PRESENT && 2706 status != StatusInternal::ENUMERATING)) { 2707 2708 ALOGW("%s: From NOT_PRESENT can only transition into PRESENT or ENUMERATING", 2709 __FUNCTION__); 2710 mStatus = oldStatus; 2711 return; 2712 } 2713 2714 /** 2715 * Sometimes we want to conditionally do a transition. 2716 * For example if a client disconnects, we want to go to PRESENT 2717 * only if we weren't already in NOT_PRESENT or ENUMERATING. 2718 */ 2719 for (auto& rejectStatus : rejectSourceStates) { 2720 if (oldStatus == rejectStatus) { 2721 ALOGV("%s: Rejecting status transition for Camera ID %s, since the source " 2722 "state was was in one of the bad states.", __FUNCTION__, cameraId.string()); 2723 mStatus = oldStatus; 2724 return; 2725 } 2726 } 2727 2728 onStatusUpdatedLocked(cameraId, status); 2729} 2730 2731void CameraService::updateProxyDeviceState(ICameraServiceProxy::CameraState newState, 2732 const String8& cameraId) { 2733 sp<ICameraServiceProxy> proxyBinder = getCameraServiceProxy(); 2734 if (proxyBinder == nullptr) return; 2735 String16 id(cameraId); 2736 proxyBinder->notifyCameraState(id, newState); 2737} 2738 2739status_t CameraService::getTorchStatusLocked( 2740 const String8& cameraId, 2741 TorchModeStatus *status) const { 2742 if (!status) { 2743 return BAD_VALUE; 2744 } 2745 ssize_t index = mTorchStatusMap.indexOfKey(cameraId); 2746 if (index == NAME_NOT_FOUND) { 2747 // invalid camera ID or the camera doesn't have a flash unit 2748 return NAME_NOT_FOUND; 2749 } 2750 2751 *status = mTorchStatusMap.valueAt(index); 2752 return OK; 2753} 2754 2755status_t CameraService::setTorchStatusLocked(const String8& cameraId, 2756 TorchModeStatus status) { 2757 ssize_t index = mTorchStatusMap.indexOfKey(cameraId); 2758 if (index == NAME_NOT_FOUND) { 2759 return BAD_VALUE; 2760 } 2761 mTorchStatusMap.editValueAt(index) = status; 2762 2763 return OK; 2764} 2765 2766}; // namespace android 2767