1 /*
2  * Copyright (C) 2008 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef ANDROID_SERVERS_CAMERA_CAMERASERVICE_H
18 #define ANDROID_SERVERS_CAMERA_CAMERASERVICE_H
19 
20 #include <android/hardware/BnCameraService.h>
21 #include <android/hardware/BnSensorPrivacyListener.h>
22 #include <android/hardware/ICameraServiceListener.h>
23 #include <android/hardware/ICameraServiceProxy.h>
24 
25 #include <cutils/multiuser.h>
26 #include <utils/Vector.h>
27 #include <utils/KeyedVector.h>
28 #include <binder/AppOpsManager.h>
29 #include <binder/BinderService.h>
30 #include <binder/IAppOpsCallback.h>
31 #include <binder/IUidObserver.h>
32 #include <hardware/camera.h>
33 
34 #include <android/hardware/camera/common/1.0/types.h>
35 
36 #include <camera/VendorTagDescriptor.h>
37 #include <camera/CaptureResult.h>
38 #include <camera/CameraParameters.h>
39 
40 #include "CameraFlashlight.h"
41 
42 #include "common/CameraProviderManager.h"
43 #include "media/RingBuffer.h"
44 #include "utils/AutoConditionLock.h"
45 #include "utils/ClientManager.h"
46 
47 #include <set>
48 #include <string>
49 #include <map>
50 #include <memory>
51 #include <utility>
52 #include <unordered_map>
53 #include <unordered_set>
54 
55 namespace android {
56 
57 extern volatile int32_t gLogLevel;
58 
59 class MemoryHeapBase;
60 class MediaPlayer;
61 
62 class CameraService :
63     public BinderService<CameraService>,
64     public virtual ::android::hardware::BnCameraService,
65     public virtual IBinder::DeathRecipient,
66     public virtual CameraProviderManager::StatusListener
67 {
68     friend class BinderService<CameraService>;
69     friend class CameraClient;
70 public:
71     class Client;
72     class BasicClient;
73 
74     // The effective API level.  The Camera2 API running in LEGACY mode counts as API_1.
75     enum apiLevel {
76         API_1 = 1,
77         API_2 = 2
78     };
79 
80     // 3 second busy timeout when other clients are connecting
81     static const nsecs_t DEFAULT_CONNECT_TIMEOUT_NS = 3000000000;
82 
83     // 1 second busy timeout when other clients are disconnecting
84     static const nsecs_t DEFAULT_DISCONNECT_TIMEOUT_NS = 1000000000;
85 
86     // Default number of messages to store in eviction log
87     static const size_t DEFAULT_EVENT_LOG_LENGTH = 100;
88 
89     // Event log ID
90     static const int SN_EVENT_LOG_ID = 0x534e4554;
91 
92     // Implementation of BinderService<T>
getServiceName()93     static char const* getServiceName() { return "media.camera"; }
94 
95                         CameraService();
96     virtual             ~CameraService();
97 
98     /////////////////////////////////////////////////////////////////////
99     // HAL Callbacks - implements CameraProviderManager::StatusListener
100 
101     virtual void        onDeviceStatusChanged(const String8 &cameraId,
102             hardware::camera::common::V1_0::CameraDeviceStatus newHalStatus) override;
103     virtual void        onTorchStatusChanged(const String8& cameraId,
104             hardware::camera::common::V1_0::TorchModeStatus newStatus) override;
105     virtual void        onNewProviderRegistered() override;
106 
107     /////////////////////////////////////////////////////////////////////
108     // ICameraService
109     virtual binder::Status     getNumberOfCameras(int32_t type, int32_t* numCameras);
110 
111     virtual binder::Status     getCameraInfo(int cameraId,
112             hardware::CameraInfo* cameraInfo);
113     virtual binder::Status     getCameraCharacteristics(const String16& cameraId,
114             CameraMetadata* cameraInfo);
115     virtual binder::Status     getCameraVendorTagDescriptor(
116             /*out*/
117             hardware::camera2::params::VendorTagDescriptor* desc);
118     virtual binder::Status     getCameraVendorTagCache(
119             /*out*/
120             hardware::camera2::params::VendorTagDescriptorCache* cache);
121 
122     virtual binder::Status     connect(const sp<hardware::ICameraClient>& cameraClient,
123             int32_t cameraId, const String16& clientPackageName,
124             int32_t clientUid, int clientPid,
125             /*out*/
126             sp<hardware::ICamera>* device);
127 
128     virtual binder::Status     connectLegacy(const sp<hardware::ICameraClient>& cameraClient,
129             int32_t cameraId, int32_t halVersion,
130             const String16& clientPackageName, int32_t clientUid,
131             /*out*/
132             sp<hardware::ICamera>* device);
133 
134     virtual binder::Status     connectDevice(
135             const sp<hardware::camera2::ICameraDeviceCallbacks>& cameraCb, const String16& cameraId,
136             const String16& clientPackageName, int32_t clientUid,
137             /*out*/
138             sp<hardware::camera2::ICameraDeviceUser>* device);
139 
140     virtual binder::Status    addListener(const sp<hardware::ICameraServiceListener>& listener,
141             /*out*/
142             std::vector<hardware::CameraStatus>* cameraStatuses);
143     virtual binder::Status    removeListener(
144             const sp<hardware::ICameraServiceListener>& listener);
145 
146     virtual binder::Status    getLegacyParameters(
147             int32_t cameraId,
148             /*out*/
149             String16* parameters);
150 
151     virtual binder::Status    setTorchMode(const String16& cameraId, bool enabled,
152             const sp<IBinder>& clientBinder);
153 
154     virtual binder::Status    notifySystemEvent(int32_t eventId,
155             const std::vector<int32_t>& args);
156 
157     virtual binder::Status    notifyDeviceStateChange(int64_t newState);
158 
159     // OK = supports api of that version, -EOPNOTSUPP = does not support
160     virtual binder::Status    supportsCameraApi(
161             const String16& cameraId, int32_t apiVersion,
162             /*out*/
163             bool *isSupported);
164 
165     virtual binder::Status    isHiddenPhysicalCamera(
166             const String16& cameraId,
167             /*out*/
168             bool *isSupported);
169 
170     // Extra permissions checks
171     virtual status_t    onTransact(uint32_t code, const Parcel& data,
172                                    Parcel* reply, uint32_t flags);
173 
174     virtual status_t    dump(int fd, const Vector<String16>& args);
175 
176     virtual status_t    shellCommand(int in, int out, int err, const Vector<String16>& args);
177 
178     binder::Status      addListenerHelper(const sp<hardware::ICameraServiceListener>& listener,
179             /*out*/
180             std::vector<hardware::CameraStatus>* cameraStatuses, bool isVendor = false);
181 
182     // Monitored UIDs availability notification
183     void                notifyMonitoredUids();
184 
185     /////////////////////////////////////////////////////////////////////
186     // Client functionality
187 
188     enum sound_kind {
189         SOUND_SHUTTER = 0,
190         SOUND_RECORDING_START = 1,
191         SOUND_RECORDING_STOP = 2,
192         NUM_SOUNDS
193     };
194 
195     void                playSound(sound_kind kind);
196     void                loadSoundLocked(sound_kind kind);
197     void                decreaseSoundRef();
198     void                increaseSoundRef();
199     /**
200      * Update the state of a given camera device (open/close/active/idle) with
201      * the camera proxy service in the system service
202      */
203     static void         updateProxyDeviceState(
204             int newState,
205             const String8& cameraId,
206             int facing,
207             const String16& clientName,
208             int apiLevel);
209 
210     /////////////////////////////////////////////////////////////////////
211     // CameraDeviceFactory functionality
212     int                 getDeviceVersion(const String8& cameraId, int* facing = NULL);
213 
214     /////////////////////////////////////////////////////////////////////
215     // Shared utilities
216     static binder::Status filterGetInfoErrorCode(status_t err);
217 
218     /////////////////////////////////////////////////////////////////////
219     // CameraClient functionality
220 
221     class BasicClient : public virtual RefBase {
222     public:
223         virtual status_t       initialize(sp<CameraProviderManager> manager,
224                 const String8& monitorTags) = 0;
225         virtual binder::Status disconnect();
226 
227         // because we can't virtually inherit IInterface, which breaks
228         // virtual inheritance
229         virtual sp<IBinder>    asBinderWrapper() = 0;
230 
231         // Return the remote callback binder object (e.g. ICameraDeviceCallbacks)
getRemote()232         sp<IBinder>            getRemote() {
233             return mRemoteBinder;
234         }
235 
236         // Disallows dumping over binder interface
237         virtual status_t dump(int fd, const Vector<String16>& args);
238         // Internal dump method to be called by CameraService
239         virtual status_t dumpClient(int fd, const Vector<String16>& args) = 0;
240 
241         // Return the package name for this client
242         virtual String16 getPackageName() const;
243 
244         // Notify client about a fatal error
245         virtual void notifyError(int32_t errorCode,
246                 const CaptureResultExtras& resultExtras) = 0;
247 
248         // Get the UID of the application client using this
249         virtual uid_t getClientUid() const;
250 
251         // Get the PID of the application client using this
252         virtual int getClientPid() const;
253 
254         // Check what API level is used for this client. This is used to determine which
255         // superclass this can be cast to.
256         virtual bool canCastToApiClient(apiLevel level) const;
257 
258         // Block the client form using the camera
259         virtual void block();
260     protected:
261         BasicClient(const sp<CameraService>& cameraService,
262                 const sp<IBinder>& remoteCallback,
263                 const String16& clientPackageName,
264                 const String8& cameraIdStr,
265                 int cameraFacing,
266                 int clientPid,
267                 uid_t clientUid,
268                 int servicePid);
269 
270         virtual ~BasicClient();
271 
272         // the instance is in the middle of destruction. When this is set,
273         // the instance should not be accessed from callback.
274         // CameraService's mClientLock should be acquired to access this.
275         // - subclasses should set this to true in their destructors.
276         bool                            mDestructionStarted;
277 
278         // these are initialized in the constructor.
279         static sp<CameraService>        sCameraService;
280         const String8                   mCameraIdStr;
281         const int                       mCameraFacing;
282         String16                        mClientPackageName;
283         pid_t                           mClientPid;
284         const uid_t                     mClientUid;
285         const pid_t                     mServicePid;
286         bool                            mDisconnected;
287 
288         // - The app-side Binder interface to receive callbacks from us
289         sp<IBinder>                     mRemoteBinder;   // immutable after constructor
290 
291         // permissions management
292         status_t                        startCameraOps();
293         status_t                        finishCameraOps();
294 
295     private:
296         std::unique_ptr<AppOpsManager>  mAppOpsManager = nullptr;
297 
298         class OpsCallback : public BnAppOpsCallback {
299         public:
300             explicit OpsCallback(wp<BasicClient> client);
301             virtual void opChanged(int32_t op, const String16& packageName);
302 
303         private:
304             wp<BasicClient> mClient;
305 
306         }; // class OpsCallback
307 
308         sp<OpsCallback> mOpsCallback;
309         // Track whether startCameraOps was called successfully, to avoid
310         // finishing what we didn't start.
311         bool            mOpsActive;
312 
313         // IAppOpsCallback interface, indirected through opListener
314         virtual void opChanged(int32_t op, const String16& packageName);
315     }; // class BasicClient
316 
317     class Client : public hardware::BnCamera, public BasicClient
318     {
319     public:
320         typedef hardware::ICameraClient TCamCallbacks;
321 
322         // ICamera interface (see ICamera for details)
323         virtual binder::Status disconnect();
324         virtual status_t      connect(const sp<hardware::ICameraClient>& client) = 0;
325         virtual status_t      lock() = 0;
326         virtual status_t      unlock() = 0;
327         virtual status_t      setPreviewTarget(const sp<IGraphicBufferProducer>& bufferProducer)=0;
328         virtual void          setPreviewCallbackFlag(int flag) = 0;
329         virtual status_t      setPreviewCallbackTarget(
330                 const sp<IGraphicBufferProducer>& callbackProducer) = 0;
331         virtual status_t      startPreview() = 0;
332         virtual void          stopPreview() = 0;
333         virtual bool          previewEnabled() = 0;
334         virtual status_t      setVideoBufferMode(int32_t videoBufferMode) = 0;
335         virtual status_t      startRecording() = 0;
336         virtual void          stopRecording() = 0;
337         virtual bool          recordingEnabled() = 0;
338         virtual void          releaseRecordingFrame(const sp<IMemory>& mem) = 0;
339         virtual status_t      autoFocus() = 0;
340         virtual status_t      cancelAutoFocus() = 0;
341         virtual status_t      takePicture(int msgType) = 0;
342         virtual status_t      setParameters(const String8& params) = 0;
343         virtual String8       getParameters() const = 0;
344         virtual status_t      sendCommand(int32_t cmd, int32_t arg1, int32_t arg2) = 0;
345         virtual status_t      setVideoTarget(const sp<IGraphicBufferProducer>& bufferProducer) = 0;
346 
347         // Interface used by CameraService
348         Client(const sp<CameraService>& cameraService,
349                 const sp<hardware::ICameraClient>& cameraClient,
350                 const String16& clientPackageName,
351                 const String8& cameraIdStr,
352                 int api1CameraId,
353                 int cameraFacing,
354                 int clientPid,
355                 uid_t clientUid,
356                 int servicePid);
357         ~Client();
358 
359         // return our camera client
getRemoteCallback()360         const sp<hardware::ICameraClient>&    getRemoteCallback() {
361             return mRemoteCallback;
362         }
363 
asBinderWrapper()364         virtual sp<IBinder> asBinderWrapper() {
365             return asBinder(this);
366         }
367 
368         virtual void         notifyError(int32_t errorCode,
369                                          const CaptureResultExtras& resultExtras);
370 
371         // Check what API level is used for this client. This is used to determine which
372         // superclass this can be cast to.
373         virtual bool canCastToApiClient(apiLevel level) const;
374     protected:
375         // Initialized in constructor
376 
377         // - The app-side Binder interface to receive callbacks from us
378         sp<hardware::ICameraClient>               mRemoteCallback;
379 
380         int mCameraId;  // All API1 clients use integer camera IDs
381     }; // class Client
382 
383     /**
384      * A listener class that implements the LISTENER interface for use with a ClientManager, and
385      * implements the following methods:
386      *    void onClientRemoved(const ClientDescriptor<KEY, VALUE>& descriptor);
387      *    void onClientAdded(const ClientDescriptor<KEY, VALUE>& descriptor);
388      */
389     class ClientEventListener {
390     public:
391         void onClientAdded(const resource_policy::ClientDescriptor<String8,
392                 sp<CameraService::BasicClient>>& descriptor);
393         void onClientRemoved(const resource_policy::ClientDescriptor<String8,
394                 sp<CameraService::BasicClient>>& descriptor);
395     }; // class ClientEventListener
396 
397     typedef std::shared_ptr<resource_policy::ClientDescriptor<String8,
398             sp<CameraService::BasicClient>>> DescriptorPtr;
399 
400     /**
401      * A container class for managing active camera clients that are using HAL devices.  Active
402      * clients are represented by ClientDescriptor objects that contain strong pointers to the
403      * actual BasicClient subclass binder interface implementation.
404      *
405      * This class manages the eviction behavior for the camera clients.  See the parent class
406      * implementation in utils/ClientManager for the specifics of this behavior.
407      */
408     class CameraClientManager : public resource_policy::ClientManager<String8,
409             sp<CameraService::BasicClient>, ClientEventListener> {
410     public:
411         CameraClientManager();
412         virtual ~CameraClientManager();
413 
414         /**
415          * Return a strong pointer to the active BasicClient for this camera ID, or an empty
416          * if none exists.
417          */
418         sp<CameraService::BasicClient> getCameraClient(const String8& id) const;
419 
420         /**
421          * Return a string describing the current state.
422          */
423         String8 toString() const;
424 
425         /**
426          * Make a ClientDescriptor object wrapping the given BasicClient strong pointer.
427          */
428         static DescriptorPtr makeClientDescriptor(const String8& key, const sp<BasicClient>& value,
429                 int32_t cost, const std::set<String8>& conflictingKeys, int32_t score,
430                 int32_t ownerId, int32_t state);
431 
432         /**
433          * Make a ClientDescriptor object wrapping the given BasicClient strong pointer with
434          * values intialized from a prior ClientDescriptor.
435          */
436         static DescriptorPtr makeClientDescriptor(const sp<BasicClient>& value,
437                 const CameraService::DescriptorPtr& partial);
438 
439     }; // class CameraClientManager
440 
441 private:
442 
443     typedef hardware::camera::common::V1_0::CameraDeviceStatus CameraDeviceStatus;
444 
445     /**
446      * Typesafe version of device status, containing both the HAL-layer and the service interface-
447      * layer values.
448      */
449     enum class StatusInternal : int32_t {
450         NOT_PRESENT = static_cast<int32_t>(CameraDeviceStatus::NOT_PRESENT),
451         PRESENT = static_cast<int32_t>(CameraDeviceStatus::PRESENT),
452         ENUMERATING = static_cast<int32_t>(CameraDeviceStatus::ENUMERATING),
453         NOT_AVAILABLE = static_cast<int32_t>(hardware::ICameraServiceListener::STATUS_NOT_AVAILABLE),
454         UNKNOWN = static_cast<int32_t>(hardware::ICameraServiceListener::STATUS_UNKNOWN)
455     };
456 
457     /**
458      * Container class for the state of each logical camera device, including: ID, status, and
459      * dependencies on other devices.  The mapping of camera ID -> state saved in mCameraStates
460      * represents the camera devices advertised by the HAL (and any USB devices, when we add
461      * those).
462      *
463      * This container does NOT represent an active camera client.  These are represented using
464      * the ClientDescriptors stored in mActiveClientManager.
465      */
466     class CameraState {
467     public:
468 
469         /**
470          * Make a new CameraState and set the ID, cost, and conflicting devices using the values
471          * returned in the HAL's camera_info struct for each device.
472          */
473         CameraState(const String8& id, int cost, const std::set<String8>& conflicting);
474         virtual ~CameraState();
475 
476         /**
477          * Return the status for this device.
478          *
479          * This method acquires mStatusLock.
480          */
481         StatusInternal getStatus() const;
482 
483         /**
484          * This function updates the status for this camera device, unless the given status
485          * is in the given list of rejected status states, and execute the function passed in
486          * with a signature onStatusUpdateLocked(const String8&, int32_t)
487          * if the status has changed.
488          *
489          * This method is idempotent, and will not result in the function passed to
490          * onStatusUpdateLocked being called more than once for the same arguments.
491          * This method aquires mStatusLock.
492          */
493         template<class Func>
494         void updateStatus(StatusInternal status,
495                 const String8& cameraId,
496                 std::initializer_list<StatusInternal> rejectSourceStates,
497                 Func onStatusUpdatedLocked);
498 
499         /**
500          * Return the last set CameraParameters object generated from the information returned by
501          * the HAL for this device (or an empty CameraParameters object if none has been set).
502          */
503         CameraParameters getShimParams() const;
504 
505         /**
506          * Set the CameraParameters for this device.
507          */
508         void setShimParams(const CameraParameters& params);
509 
510         /**
511          * Return the resource_cost advertised by the HAL for this device.
512          */
513         int getCost() const;
514 
515         /**
516          * Return a set of the IDs of conflicting devices advertised by the HAL for this device.
517          */
518         std::set<String8> getConflicting() const;
519 
520         /**
521          * Return the ID of this camera device.
522          */
523         String8 getId() const;
524 
525     private:
526         const String8 mId;
527         StatusInternal mStatus; // protected by mStatusLock
528         const int mCost;
529         std::set<String8> mConflicting;
530         mutable Mutex mStatusLock;
531         CameraParameters mShimParams;
532     }; // class CameraState
533 
534     // Observer for UID lifecycle enforcing that UIDs in idle
535     // state cannot use the camera to protect user privacy.
536     class UidPolicy : public BnUidObserver, public virtual IBinder::DeathRecipient {
537     public:
UidPolicy(sp<CameraService> service)538         explicit UidPolicy(sp<CameraService> service)
539                 : mRegistered(false), mService(service) {}
540 
541         void registerSelf();
542         void unregisterSelf();
543 
544         bool isUidActive(uid_t uid, String16 callingPackage);
545         int32_t getProcState(uid_t uid);
546 
547         void onUidGone(uid_t uid, bool disabled);
548         void onUidActive(uid_t uid);
549         void onUidIdle(uid_t uid, bool disabled);
550         void onUidStateChanged(uid_t uid, int32_t procState, int64_t procStateSeq);
551 
552         void addOverrideUid(uid_t uid, String16 callingPackage, bool active);
553         void removeOverrideUid(uid_t uid, String16 callingPackage);
554 
555         void registerMonitorUid(uid_t uid);
556         void unregisterMonitorUid(uid_t uid);
557 
558         // IBinder::DeathRecipient implementation
559         virtual void binderDied(const wp<IBinder> &who);
560     private:
561         bool isUidActiveLocked(uid_t uid, String16 callingPackage);
562         int32_t getProcStateLocked(uid_t uid);
563         void updateOverrideUid(uid_t uid, String16 callingPackage, bool active, bool insert);
564 
565         Mutex mUidLock;
566         bool mRegistered;
567         wp<CameraService> mService;
568         std::unordered_set<uid_t> mActiveUids;
569         // Monitored uid map to cached procState and refCount pair
570         std::unordered_map<uid_t, std::pair<int32_t, size_t>> mMonitoredUids;
571         std::unordered_map<uid_t, bool> mOverrideUids;
572     }; // class UidPolicy
573 
574     // If sensor privacy is enabled then all apps, including those that are active, should be
575     // prevented from accessing the camera.
576     class SensorPrivacyPolicy : public hardware::BnSensorPrivacyListener,
577             public virtual IBinder::DeathRecipient {
578         public:
SensorPrivacyPolicy(wp<CameraService> service)579             explicit SensorPrivacyPolicy(wp<CameraService> service)
580                     : mService(service), mSensorPrivacyEnabled(false), mRegistered(false) {}
581 
582             void registerSelf();
583             void unregisterSelf();
584 
585             bool isSensorPrivacyEnabled();
586 
587             binder::Status onSensorPrivacyChanged(bool enabled);
588 
589             // IBinder::DeathRecipient implementation
590             virtual void binderDied(const wp<IBinder> &who);
591 
592         private:
593             wp<CameraService> mService;
594             Mutex mSensorPrivacyLock;
595             bool mSensorPrivacyEnabled;
596             bool mRegistered;
597     };
598 
599     sp<UidPolicy> mUidPolicy;
600 
601     sp<SensorPrivacyPolicy> mSensorPrivacyPolicy;
602 
603     // Delay-load the Camera HAL module
604     virtual void onFirstRef();
605 
606     // Eumerate all camera providers in the system
607     status_t enumerateProviders();
608 
609     // Add/remove a new camera to camera and torch state lists or remove an unplugged one
610     // Caller must not hold mServiceLock
611     void addStates(const String8 id);
612     void removeStates(const String8 id);
613 
614     // Check if we can connect, before we acquire the service lock.
615     // The returned originalClientPid is the PID of the original process that wants to connect to
616     // camera.
617     // The returned clientPid is the PID of the client that directly connects to camera.
618     // originalClientPid and clientPid are usually the same except when the application uses
619     // mediaserver to connect to camera (using MediaRecorder to connect to camera). In that case,
620     // clientPid is the PID of mediaserver and originalClientPid is the PID of the application.
621     binder::Status validateConnectLocked(const String8& cameraId, const String8& clientName8,
622             /*inout*/int& clientUid, /*inout*/int& clientPid, /*out*/int& originalClientPid) const;
623     binder::Status validateClientPermissionsLocked(const String8& cameraId, const String8& clientName8,
624             /*inout*/int& clientUid, /*inout*/int& clientPid, /*out*/int& originalClientPid) const;
625 
626     // Handle active client evictions, and update service state.
627     // Only call with with mServiceLock held.
628     status_t handleEvictionsLocked(const String8& cameraId, int clientPid,
629         apiLevel effectiveApiLevel, const sp<IBinder>& remoteCallback, const String8& packageName,
630         /*out*/
631         sp<BasicClient>* client,
632         std::shared_ptr<resource_policy::ClientDescriptor<String8, sp<BasicClient>>>* partial);
633 
634     // Should an operation attempt on a cameraId be rejected, if the camera id is
635     // advertised as a publically hidden secure camera, by the camera HAL ?
636     bool shouldRejectHiddenCameraConnection(const String8 & cameraId);
637 
638     // Single implementation shared between the various connect calls
639     template<class CALLBACK, class CLIENT>
640     binder::Status connectHelper(const sp<CALLBACK>& cameraCb, const String8& cameraId,
641             int api1CameraId, int halVersion, const String16& clientPackageName,
642             int clientUid, int clientPid, apiLevel effectiveApiLevel, bool shimUpdateOnly,
643             /*out*/sp<CLIENT>& device);
644 
645     // Lock guarding camera service state
646     Mutex               mServiceLock;
647 
648     // Condition to use with mServiceLock, used to handle simultaneous connect calls from clients
649     std::shared_ptr<WaitableMutexWrapper> mServiceLockWrapper;
650 
651     // Return NO_ERROR if the device with a give ID can be connected to
652     status_t checkIfDeviceIsUsable(const String8& cameraId) const;
653 
654     // Container for managing currently active application-layer clients
655     CameraClientManager mActiveClientManager;
656 
657     // Mapping from camera ID -> state for each device, map is protected by mCameraStatesLock
658     std::map<String8, std::shared_ptr<CameraState>> mCameraStates;
659 
660     // Mutex guarding mCameraStates map
661     mutable Mutex mCameraStatesLock;
662 
663     // Circular buffer for storing event logging for dumps
664     RingBuffer<String8> mEventLog;
665     Mutex mLogLock;
666 
667     // The last monitored tags set by client
668     String8 mMonitorTags;
669 
670     // Currently allowed user IDs
671     std::set<userid_t> mAllowedUsers;
672 
673     /**
674      * Get the camera state for a given camera id.
675      *
676      * This acquires mCameraStatesLock.
677      */
678     std::shared_ptr<CameraService::CameraState> getCameraState(const String8& cameraId) const;
679 
680     /**
681      * Evict client who's remote binder has died.  Returns true if this client was in the active
682      * list and was disconnected.
683      *
684      * This method acquires mServiceLock.
685      */
686     bool evictClientIdByRemote(const wp<IBinder>& cameraClient);
687 
688     /**
689      * Remove the given client from the active clients list; does not disconnect the client.
690      *
691      * This method acquires mServiceLock.
692      */
693     void removeByClient(const BasicClient* client);
694 
695     /**
696      * Add new client to active clients list after conflicting clients have disconnected using the
697      * values set in the partial descriptor passed in to construct the actual client descriptor.
698      * This is typically called at the end of a connect call.
699      *
700      * This method must be called with mServiceLock held.
701      */
702     void finishConnectLocked(const sp<BasicClient>& client, const DescriptorPtr& desc);
703 
704     /**
705      * Returns the underlying camera Id string mapped to a camera id int
706      * Empty string is returned when the cameraIdInt is invalid.
707      */
708     String8 cameraIdIntToStr(int cameraIdInt);
709 
710     /**
711      * Returns the underlying camera Id string mapped to a camera id int
712      * Empty string is returned when the cameraIdInt is invalid.
713      */
714     std::string cameraIdIntToStrLocked(int cameraIdInt);
715 
716     /**
717      * Remove a single client corresponding to the given camera id from the list of active clients.
718      * If none exists, return an empty strongpointer.
719      *
720      * This method must be called with mServiceLock held.
721      */
722     sp<CameraService::BasicClient> removeClientLocked(const String8& cameraId);
723 
724     /**
725      * Handle a notification that the current device user has changed.
726      */
727     void doUserSwitch(const std::vector<int32_t>& newUserIds);
728 
729     /**
730      * Add an event log message.
731      */
732     void logEvent(const char* event);
733 
734     /**
735      * Add an event log message that a client has been disconnected.
736      */
737     void logDisconnected(const char* cameraId, int clientPid, const char* clientPackage);
738 
739     /**
740      * Add an event log message that a client has been connected.
741      */
742     void logConnected(const char* cameraId, int clientPid, const char* clientPackage);
743 
744     /**
745      * Add an event log message that a client's connect attempt has been rejected.
746      */
747     void logRejected(const char* cameraId, int clientPid, const char* clientPackage,
748             const char* reason);
749 
750     /**
751      * Add an event log message when a client calls setTorchMode succesfully.
752      */
753     void logTorchEvent(const char* cameraId, const char *torchState, int clientPid);
754 
755     /**
756      * Add an event log message that the current device user has been switched.
757      */
758     void logUserSwitch(const std::set<userid_t>& oldUserIds,
759         const std::set<userid_t>& newUserIds);
760 
761     /**
762      * Add an event log message that a device has been removed by the HAL
763      */
764     void logDeviceRemoved(const char* cameraId, const char* reason);
765 
766     /**
767      * Add an event log message that a device has been added by the HAL
768      */
769     void logDeviceAdded(const char* cameraId, const char* reason);
770 
771     /**
772      * Add an event log message that a client has unexpectedly died.
773      */
774     void logClientDied(int clientPid, const char* reason);
775 
776     /**
777      * Add a event log message that a serious service-level error has occured
778      * The errorCode should be one of the Android Errors
779      */
780     void logServiceError(const char* msg, int errorCode);
781 
782     /**
783      * Dump the event log to an FD
784      */
785     void dumpEventLog(int fd);
786 
787     /**
788      * This method will acquire mServiceLock
789      */
790     void updateCameraNumAndIds();
791 
792     int                 mNumberOfCameras;
793 
794     std::vector<std::string> mNormalDeviceIds;
795 
796     // sounds
797     sp<MediaPlayer>     newMediaPlayer(const char *file);
798 
799     Mutex               mSoundLock;
800     sp<MediaPlayer>     mSoundPlayer[NUM_SOUNDS];
801     int                 mSoundRef;  // reference count (release all MediaPlayer when 0)
802 
803     // Basic flag on whether the camera subsystem is in a usable state
804     bool                mInitialized;
805 
806     sp<CameraProviderManager> mCameraProviderManager;
807 
808     class ServiceListener : public virtual IBinder::DeathRecipient {
809         public:
ServiceListener(sp<CameraService> parent,sp<hardware::ICameraServiceListener> listener,int uid)810             ServiceListener(sp<CameraService> parent, sp<hardware::ICameraServiceListener> listener,
811                     int uid) : mParent(parent), mListener(listener), mListenerUid(uid) {}
812 
initialize()813             status_t initialize() {
814                 return IInterface::asBinder(mListener)->linkToDeath(this);
815             }
816 
binderDied(const wp<IBinder> &)817             virtual void binderDied(const wp<IBinder> &/*who*/) {
818                 auto parent = mParent.promote();
819                 if (parent.get() != nullptr) {
820                     parent->removeListener(mListener);
821                 }
822             }
823 
getListenerUid()824             int getListenerUid() { return mListenerUid; }
getListener()825             sp<hardware::ICameraServiceListener> getListener() { return mListener; }
826 
827         private:
828             wp<CameraService> mParent;
829             sp<hardware::ICameraServiceListener> mListener;
830             int mListenerUid;
831     };
832 
833     // Guarded by mStatusListenerMutex
834     std::vector<std::pair<bool, sp<ServiceListener>>> mListenerList;
835 
836     Mutex       mStatusListenerLock;
837 
838     /**
839      * Update the status for the given camera id (if that device exists), and broadcast the
840      * status update to all current ICameraServiceListeners if the status has changed.  Any
841      * statuses in rejectedSourceStates will be ignored.
842      *
843      * This method must be idempotent.
844      * This method acquires mStatusLock and mStatusListenerLock.
845      */
846     void updateStatus(StatusInternal status,
847             const String8& cameraId,
848             std::initializer_list<StatusInternal>
849                 rejectedSourceStates);
850     void updateStatus(StatusInternal status,
851             const String8& cameraId);
852 
853     // flashlight control
854     sp<CameraFlashlight> mFlashlight;
855     // guard mTorchStatusMap
856     Mutex                mTorchStatusMutex;
857     // guard mTorchClientMap
858     Mutex                mTorchClientMapMutex;
859     // guard mTorchUidMap
860     Mutex                mTorchUidMapMutex;
861     // camera id -> torch status
862     KeyedVector<String8, hardware::camera::common::V1_0::TorchModeStatus>
863             mTorchStatusMap;
864     // camera id -> torch client binder
865     // only store the last client that turns on each camera's torch mode
866     KeyedVector<String8, sp<IBinder>> mTorchClientMap;
867     // camera id -> [incoming uid, current uid] pair
868     std::map<String8, std::pair<int, int>> mTorchUidMap;
869 
870     // check and handle if torch client's process has died
871     void handleTorchClientBinderDied(const wp<IBinder> &who);
872 
873     // handle torch mode status change and invoke callbacks. mTorchStatusMutex
874     // should be locked.
875     void onTorchStatusChangedLocked(const String8& cameraId,
876             hardware::camera::common::V1_0::TorchModeStatus newStatus);
877 
878     // get a camera's torch status. mTorchStatusMutex should be locked.
879     status_t getTorchStatusLocked(const String8 &cameraId,
880              hardware::camera::common::V1_0::TorchModeStatus *status) const;
881 
882     // set a camera's torch status. mTorchStatusMutex should be locked.
883     status_t setTorchStatusLocked(const String8 &cameraId,
884             hardware::camera::common::V1_0::TorchModeStatus status);
885 
886     // IBinder::DeathRecipient implementation
887     virtual void        binderDied(const wp<IBinder> &who);
888 
889     /**
890      * Initialize and cache the metadata used by the HAL1 shim for a given cameraId.
891      *
892      * Sets Status to a service-specific error on failure
893      */
894     binder::Status      initializeShimMetadata(int cameraId);
895 
896     /**
897      * Get the cached CameraParameters for the camera. If they haven't been
898      * cached yet, then initialize them for the first time.
899      *
900      * Sets Status to a service-specific error on failure
901      */
902     binder::Status      getLegacyParametersLazy(int cameraId, /*out*/CameraParameters* parameters);
903 
904     // Blocks all clients from the UID
905     void blockClientsForUid(uid_t uid);
906 
907     // Blocks all active clients.
908     void blockAllClients();
909 
910     // Overrides the UID state as if it is idle
911     status_t handleSetUidState(const Vector<String16>& args, int err);
912 
913     // Clears the override for the UID state
914     status_t handleResetUidState(const Vector<String16>& args, int err);
915 
916     // Gets the UID state
917     status_t handleGetUidState(const Vector<String16>& args, int out, int err);
918 
919     // Prints the shell command help
920     status_t printHelp(int out);
921 
922     /**
923      * Get the current system time as a formatted string.
924      */
925     static String8 getFormattedCurrentTime();
926 
927     static binder::Status makeClient(const sp<CameraService>& cameraService,
928             const sp<IInterface>& cameraCb, const String16& packageName, const String8& cameraId,
929             int api1CameraId, int facing, int clientPid, uid_t clientUid, int servicePid,
930             int halVersion, int deviceVersion, apiLevel effectiveApiLevel,
931             /*out*/sp<BasicClient>* client);
932 
933     status_t checkCameraAccess(const String16& opPackageName);
934 
935     static String8 toString(std::set<userid_t> intSet);
936     static int32_t mapToInterface(hardware::camera::common::V1_0::TorchModeStatus status);
937     static StatusInternal mapToInternal(hardware::camera::common::V1_0::CameraDeviceStatus status);
938     static int32_t mapToInterface(StatusInternal status);
939 
940     // Guard mCameraServiceProxy
941     static Mutex sProxyMutex;
942     // Cached interface to the camera service proxy in system service
943     static sp<hardware::ICameraServiceProxy> sCameraServiceProxy;
944 
945     static sp<hardware::ICameraServiceProxy> getCameraServiceProxy();
946     static void pingCameraServiceProxy();
947 
948     void broadcastTorchModeStatus(const String8& cameraId,
949             hardware::camera::common::V1_0::TorchModeStatus status);
950 };
951 
952 } // namespace android
953 
954 #endif
955