Cross Reference: /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video

History log of /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
544fdbb7dbafbe83a1313564074f0af689aae752	07-Sep-2017	Lajos Molnar <lajos@google.com>	mm-video-v4l2: venc: Advertise constrained profiles for AVC encoder Enumerate and advertise constrained profiles for AVC encoder. Inorder to have backward compatability advertise exisisting as well as newly added constants. Keep legacy constants for getters as Android media framework does not use them. Bug: 65043406 Change-Id: I6fe88a505005731c4891aa1a7c1f627c65f01861 /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
81323f63e3ead7c47b2383da1e7b9db784b9b637	27-Jul-2017	Santhosh Behara <santhoshbehara@codeaurora.org>	mm-video-v4l2: venc: Protect buffer from being freed while accessing am: 0008e21211 am: c0f642a22f am: 979b0e6864 Change-Id: I2faf25ea66357a2444cf2f26b195e811c1d28c03
0008e212118f9172e0e6cbafd679ce0a42cbf019	22-Jul-2017	Santhosh Behara <santhoshbehara@codeaurora.org>	mm-video-v4l2: venc: Protect buffer from being freed while accessing Output buffer(in use-buffer mode) has an internal backup ion buffer. The contents of this buffer are deep-copied in client's buffer in the context of VideoEncCallBackThread; while this buffer can be freed in the client thread's context. Check the allocation bitmask before attempting to copy and synchronize these operations by holding a lock Fixes bug 36130225 Security Vulnerability - Heap use after free in libOmxVenc CRs-Fixed: 2053101 Bug: 36130225 Change-Id: If5e89703b2dec0aee8acb7e897e9df94227af3f3 Author: Praveen Chavan<pchavan@codeaurora.org> /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
82b39a890dbb9ffd6cf1c3af6a6743f7d24d37d9	27-Jan-2017	Emilian Peev <epeev@google.com>	mm-video-v4l2: vidc: Handle native_handle meta mode - Meta mode for sending native handles from camera should be supported along with rest of the modes. BUG: 34516149 Test: Camera CTS API1 and API2 using legacy Hal1 module Change-Id: Ia9dc5936b0b5a2792b1286b979030f0f5b6104a1 /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
9ff997e158806d5968b7badfabac1eab3a2a0f07	14-Oct-2016	Praveen Chavan <pchavan@codeaurora.org>	mm-video-v4l2: venc: Disallow changing buffer count/size on allocated port am: b7b6466da4 am: 3a1263e033 Change-Id: I4c45d329bf3c803f59fae3fc2578188b018db1ca
f0496bf92c60d4d0b9bea4c07f4783e496c14f91	14-Oct-2016	Praveen Chavan <pchavan@codeaurora.org>	mm-video-v4l2: venc: Disallow changing buffer count/size on allocated port am: b7b6466da4 am: faed315fc0 Change-Id: I658e13ca2ceba5ec23528b9e3b98ce125ec4c479
b7b6466da41081776b21ab4d4955a706d7f6b7ca	17-Aug-2016	Praveen Chavan <pchavan@codeaurora.org>	mm-video-v4l2: venc: Disallow changing buffer count/size on allocated port Count and size negotiation of port-buffers should only be allowed when the port hasn't been allocated yet. Letting the client change count/size on a pre-allocated port will cause inconsistencies in the count/size of memory allocated for headers and internal lists. Fix resetting of buffer-base (m_inp_mem_ptr) when all buffers are freed, for all the buffer-modes. Bug: 29421682 Fixes: Local Privilege Escalation in MediaServer (libOmxVenc problem #10) Change-Id: I9abead969bc3c908e6db9beb6316fd572dac25f7 /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
03783f82008b7447073e0da4550da02bdc2286cf	30-Mar-2016	Praveen Chavan <pchavan@codeaurora.org>	mm-video-v4l2: venc: add support for encoding with temporal layers Implement OMX_IndexParamAndroidVideoTemporalLayers to expose configuration of temporal-layered encoding to client. Layer-wise bitrate support and changing layer-count dynamically is not supported. Bug: 27596987 Change-Id: Ib32e7aea22e2cbaf78a903561b67de7d14ed57e5 /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
f89f2c65e17c4f6df0845ac099e9197af317283e	22-Jun-2016	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "mm-video-v4l2: venc: add checks before accessing heap pointers" into nyc-dev
d99a08f99689df977dfc585a436ada5acf4f2a25	16-Jun-2016	Praveen Chavan <pchavan@codeaurora.org>	mm-video-v4l2: venc: add checks before accessing heap pointers Heap pointers do not point to user virtual addresses in case of secure session. Set them to NULL and add checks to avoid accesing them Bug: 28815329 Bug: 28920116 Change-Id: I94fd5808e753b58654d65e175d3857ef46ffba26 /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
3957953f027b784f2d55d96d388c8107371eb9db	26-May-2016	Wonsik Kim <wonsik@google.com>	Fix wrong nAllocLen Set nAllocLen to the size of the opaque handle itself. Bug: 28816964 Bug: 28816827 Change-Id: Id410e324bee291d4a0018dddb97eda9bbcded099 /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
14a9920aa26f6b237957001090b127c9d79ac12e	25-Apr-2016	Praveen Chavan <pchavan@codeaurora.org>	mm-video-v4l2: venc: Avoid processing ETBs/FTBs in invalid states (per the spec) ETB/FTB should not be handled in states other than Executing, Paused and Idle. This avoids accessing invalid buffers. Also add a lock to protect the private-buffers from being deleted while accessing from another thread. Bug: 27903498 Security Vulnerability - Heap Use-After-Free and Possible LPE in MediaServer (libOmxVenc problem #3) Change-Id: I898b42034c0add621d4f9d8e02ca0ed4403d4fd3 /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
0db330f0ede890a2c99a73b5c5e53c41a2c87aa3	30-Apr-2016	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "mm-video-v4l2: vidc: fix matching of extension strings" into nyc-dev
f1b15e15b61a610b6d0a78797e9a5a3f2cfdd56c	30-Mar-2016	Arun Menon <avmenon@codeaurora.org>	mm-video-v4l2: vidc: Add support for OMX_IndexConfigAndroidIntraRefresh OMX Component will support OMX_IndexConfigAndroidIntraRefresh only in loaded state. Bug: 27108817 Change-Id: I213fed57842b94c333843871d6c555e1fb8784e5 /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
c9770704a9bb7c26205cf0e5bca05d4397aab1c3	17-Mar-2016	Praveen Chavan <pchavan@codeaurora.org>	mm-video-v4l2: vidc: fix matching of extension strings Using strncmp with the strlen of source string can result in false positives when it is a substring of the passed string. Eg: strncmp("OMX.extn.x", "OMX.extn.xyz", strlen(OMX.extn.x)) will result in a match. Use strcmp instead. Bug: 27344524 Change-Id: I68839f2bea8b97a31f43885538e9dce51aa8c1b4 /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
417bd6d3d293ef616a5a33741cfd6ac8c50f685f	21-Mar-2016	Praveen Chavan <pchavan@codeaurora.org>	mm-video-v4l2: venc: add safety checks for freeing buffers Allow only up to 64 buffers on input/output port (since the allocation bitmap is only 64-wide). Add safety checks to free only as many buffers were allocated. Fixes: Heap Overflow and Possible Local Privilege Escalation in MediaServer (libOmxVenc problem) Bug: 27532497 Change-Id: I31e576ef9dc542df73aa6b0ea113d72724b50fc6 /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
16ee85d1d456a4b694fd32baa5f52341e638b5d8	30-Mar-2016	Praveen Chavan <pchavan@codeaurora.org>	mm-video-v4l2: vidc: validate omx param/config data Check the sanity of config/param strcuture objects passed to get/set _ config()/parameter() methods. Bug: 27533317 Security Vulnerability in MediaServer omx_vdec::get_config() Can lead to arbitrary write Change-Id: I6c3243afe12055ab94f1a1ecf758c10e88231809 /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp
e4010605f233a213cf0d972397bb33c34c364227	07-Mar-2016	Patrick Tjin <pattjin@google.com>	Initial import of msm8996 media HAL 1) Move existing HAL to msm8974/ 2) Import msm8996 HAL from LA.HB.1.1.2_rb1.12 3) Modify Makefiles to remove kernel dependencies and fix for new directory structure 4) Modify top level makefile for new directory structure Top commits from LA.HB.1.1.2_rb1.12 included in this commit: db7937a mm-video: vidc: memset struct v4l2_format prior to S_FMT d77ab10 Merge "mm-video-v4l2: vidc: Do not queue output buffer if flush is in progress" 8895985 mm-video-v4l2: vidc: vdec: Add property to disable UBWC for OPB 675af75 Merge "mm-video: vidc: Communicate the right colorformat to the driver" dd79df2 Merge "mm-video: vidc: Reliably stop the message thread" c3e8618 Merge "mm-video-v4l2: vidc: venc: Fix B-Frame handling" 755ec08 mm-video-v4l2: vidc: Do not queue output buffer if flush is in progress 3ac8410 mm-video: vidc: Reliably stop the message thread b73dcba Merge "mm-video-v4l2: vidc: venc: Bug fixes for VZIP" 8358109 Merge "mm-video-v4l2: vdec: fix picture type decode mode return status" BUG=27420204 Signed-off-by: Patrick Tjin <pattjin@google.com> Change-Id: I71aa0190e48b332268334677894b0ad7c606296b /hardware/qcom/media/msm8974/mm-video-v4l2/vidc/venc/src/omx_video_base.cpp