544fdbb7dbafbe83a1313564074f0af689aae752 |
|
07-Sep-2017 |
Lajos Molnar <lajos@google.com> |
mm-video-v4l2: venc: Advertise constrained profiles for AVC encoder Enumerate and advertise constrained profiles for AVC encoder. Inorder to have backward compatability advertise exisisting as well as newly added constants. Keep legacy constants for getters as Android media framework does not use them. Bug: 65043406 Change-Id: I6fe88a505005731c4891aa1a7c1f627c65f01861
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
81323f63e3ead7c47b2383da1e7b9db784b9b637 |
|
27-Jul-2017 |
Santhosh Behara <santhoshbehara@codeaurora.org> |
mm-video-v4l2: venc: Protect buffer from being freed while accessing am: 0008e21211 am: c0f642a22f am: 979b0e6864 Change-Id: I2faf25ea66357a2444cf2f26b195e811c1d28c03
|
0008e212118f9172e0e6cbafd679ce0a42cbf019 |
|
22-Jul-2017 |
Santhosh Behara <santhoshbehara@codeaurora.org> |
mm-video-v4l2: venc: Protect buffer from being freed while accessing Output buffer(in use-buffer mode) has an internal backup ion buffer. The contents of this buffer are deep-copied in client's buffer in the context of VideoEncCallBackThread; while this buffer can be freed in the client thread's context. Check the allocation bitmask before attempting to copy and synchronize these operations by holding a lock Fixes bug 36130225 Security Vulnerability - Heap use after free in libOmxVenc CRs-Fixed: 2053101 Bug: 36130225 Change-Id: If5e89703b2dec0aee8acb7e897e9df94227af3f3 Author: Praveen Chavan<pchavan@codeaurora.org>
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
82b39a890dbb9ffd6cf1c3af6a6743f7d24d37d9 |
|
27-Jan-2017 |
Emilian Peev <epeev@google.com> |
mm-video-v4l2: vidc: Handle native_handle meta mode - Meta mode for sending native handles from camera should be supported along with rest of the modes. BUG: 34516149 Test: Camera CTS API1 and API2 using legacy Hal1 module Change-Id: Ia9dc5936b0b5a2792b1286b979030f0f5b6104a1
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
9ff997e158806d5968b7badfabac1eab3a2a0f07 |
|
14-Oct-2016 |
Praveen Chavan <pchavan@codeaurora.org> |
mm-video-v4l2: venc: Disallow changing buffer count/size on allocated port am: b7b6466da4 am: 3a1263e033 Change-Id: I4c45d329bf3c803f59fae3fc2578188b018db1ca
|
f0496bf92c60d4d0b9bea4c07f4783e496c14f91 |
|
14-Oct-2016 |
Praveen Chavan <pchavan@codeaurora.org> |
mm-video-v4l2: venc: Disallow changing buffer count/size on allocated port am: b7b6466da4 am: faed315fc0 Change-Id: I658e13ca2ceba5ec23528b9e3b98ce125ec4c479
|
b7b6466da41081776b21ab4d4955a706d7f6b7ca |
|
17-Aug-2016 |
Praveen Chavan <pchavan@codeaurora.org> |
mm-video-v4l2: venc: Disallow changing buffer count/size on allocated port Count and size negotiation of port-buffers should only be allowed when the port hasn't been allocated yet. Letting the client change count/size on a pre-allocated port will cause inconsistencies in the count/size of memory allocated for headers and internal lists. Fix resetting of buffer-base (m_inp_mem_ptr) when all buffers are freed, for all the buffer-modes. Bug: 29421682 Fixes: Local Privilege Escalation in MediaServer (libOmxVenc problem #10) Change-Id: I9abead969bc3c908e6db9beb6316fd572dac25f7
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
03783f82008b7447073e0da4550da02bdc2286cf |
|
30-Mar-2016 |
Praveen Chavan <pchavan@codeaurora.org> |
mm-video-v4l2: venc: add support for encoding with temporal layers Implement OMX_IndexParamAndroidVideoTemporalLayers to expose configuration of temporal-layered encoding to client. Layer-wise bitrate support and changing layer-count dynamically is not supported. Bug: 27596987 Change-Id: Ib32e7aea22e2cbaf78a903561b67de7d14ed57e5
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
f89f2c65e17c4f6df0845ac099e9197af317283e |
|
22-Jun-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "mm-video-v4l2: venc: add checks before accessing heap pointers" into nyc-dev
|
d99a08f99689df977dfc585a436ada5acf4f2a25 |
|
16-Jun-2016 |
Praveen Chavan <pchavan@codeaurora.org> |
mm-video-v4l2: venc: add checks before accessing heap pointers Heap pointers do not point to user virtual addresses in case of secure session. Set them to NULL and add checks to avoid accesing them Bug: 28815329 Bug: 28920116 Change-Id: I94fd5808e753b58654d65e175d3857ef46ffba26
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
3957953f027b784f2d55d96d388c8107371eb9db |
|
26-May-2016 |
Wonsik Kim <wonsik@google.com> |
Fix wrong nAllocLen Set nAllocLen to the size of the opaque handle itself. Bug: 28816964 Bug: 28816827 Change-Id: Id410e324bee291d4a0018dddb97eda9bbcded099
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
14a9920aa26f6b237957001090b127c9d79ac12e |
|
25-Apr-2016 |
Praveen Chavan <pchavan@codeaurora.org> |
mm-video-v4l2: venc: Avoid processing ETBs/FTBs in invalid states (per the spec) ETB/FTB should not be handled in states other than Executing, Paused and Idle. This avoids accessing invalid buffers. Also add a lock to protect the private-buffers from being deleted while accessing from another thread. Bug: 27903498 Security Vulnerability - Heap Use-After-Free and Possible LPE in MediaServer (libOmxVenc problem #3) Change-Id: I898b42034c0add621d4f9d8e02ca0ed4403d4fd3
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
0db330f0ede890a2c99a73b5c5e53c41a2c87aa3 |
|
30-Apr-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "mm-video-v4l2: vidc: fix matching of extension strings" into nyc-dev
|
f1b15e15b61a610b6d0a78797e9a5a3f2cfdd56c |
|
30-Mar-2016 |
Arun Menon <avmenon@codeaurora.org> |
mm-video-v4l2: vidc: Add support for OMX_IndexConfigAndroidIntraRefresh OMX Component will support OMX_IndexConfigAndroidIntraRefresh only in loaded state. Bug: 27108817 Change-Id: I213fed57842b94c333843871d6c555e1fb8784e5
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
c9770704a9bb7c26205cf0e5bca05d4397aab1c3 |
|
17-Mar-2016 |
Praveen Chavan <pchavan@codeaurora.org> |
mm-video-v4l2: vidc: fix matching of extension strings Using strncmp with the strlen of source string can result in false positives when it is a substring of the passed string. Eg: strncmp("OMX.extn.x", "OMX.extn.xyz", strlen(OMX.extn.x)) will result in a match. Use strcmp instead. Bug: 27344524 Change-Id: I68839f2bea8b97a31f43885538e9dce51aa8c1b4
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
417bd6d3d293ef616a5a33741cfd6ac8c50f685f |
|
21-Mar-2016 |
Praveen Chavan <pchavan@codeaurora.org> |
mm-video-v4l2: venc: add safety checks for freeing buffers Allow only up to 64 buffers on input/output port (since the allocation bitmap is only 64-wide). Add safety checks to free only as many buffers were allocated. Fixes: Heap Overflow and Possible Local Privilege Escalation in MediaServer (libOmxVenc problem) Bug: 27532497 Change-Id: I31e576ef9dc542df73aa6b0ea113d72724b50fc6
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
16ee85d1d456a4b694fd32baa5f52341e638b5d8 |
|
30-Mar-2016 |
Praveen Chavan <pchavan@codeaurora.org> |
mm-video-v4l2: vidc: validate omx param/config data Check the sanity of config/param strcuture objects passed to get/set _ config()/parameter() methods. Bug: 27533317 Security Vulnerability in MediaServer omx_vdec::get_config() Can lead to arbitrary write Change-Id: I6c3243afe12055ab94f1a1ecf758c10e88231809
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|
e4010605f233a213cf0d972397bb33c34c364227 |
|
07-Mar-2016 |
Patrick Tjin <pattjin@google.com> |
Initial import of msm8996 media HAL 1) Move existing HAL to msm8974/ 2) Import msm8996 HAL from LA.HB.1.1.2_rb1.12 3) Modify Makefiles to remove kernel dependencies and fix for new directory structure 4) Modify top level makefile for new directory structure Top commits from LA.HB.1.1.2_rb1.12 included in this commit: db7937a mm-video: vidc: memset struct v4l2_format prior to S_FMT d77ab10 Merge "mm-video-v4l2: vidc: Do not queue output buffer if flush is in progress" 8895985 mm-video-v4l2: vidc: vdec: Add property to disable UBWC for OPB 675af75 Merge "mm-video: vidc: Communicate the right colorformat to the driver" dd79df2 Merge "mm-video: vidc: Reliably stop the message thread" c3e8618 Merge "mm-video-v4l2: vidc: venc: Fix B-Frame handling" 755ec08 mm-video-v4l2: vidc: Do not queue output buffer if flush is in progress 3ac8410 mm-video: vidc: Reliably stop the message thread b73dcba Merge "mm-video-v4l2: vidc: venc: Bug fixes for VZIP" 8358109 Merge "mm-video-v4l2: vdec: fix picture type decode mode return status" BUG=27420204 Signed-off-by: Patrick Tjin <pattjin@google.com> Change-Id: I71aa0190e48b332268334677894b0ad7c606296b
/hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
|