don't allow screenshots without the READ_FRAMEBUFFER permission
the recent screenshot rework allowed the older screenshot
interface to work without that permission
Change-Id: I6c4743f4591c81106e3b823d55a055f7b4907de1
diff --git a/include/gui/ISurfaceComposer.h b/include/gui/ISurfaceComposer.h
index 08eddcb..47f9552 100644
--- a/include/gui/ISurfaceComposer.h
+++ b/include/gui/ISurfaceComposer.h
@@ -103,16 +103,23 @@
uint32_t reqWidth, uint32_t reqHeight,
uint32_t minLayerZ, uint32_t maxLayerZ) = 0;
- /* triggers screen off and waits for it to complete */
+ /* triggers screen off and waits for it to complete
+ * requires ACCESS_SURFACE_FLINGER permission.
+ */
virtual void blank(const sp<IBinder>& display) = 0;
- /* triggers screen on and waits for it to complete */
+ /* triggers screen on and waits for it to complete
+ * requires ACCESS_SURFACE_FLINGER permission.
+ */
virtual void unblank(const sp<IBinder>& display) = 0;
/* returns information about a display
* intended to be used to get information about built-in displays */
virtual status_t getDisplayInfo(const sp<IBinder>& display, DisplayInfo* info) = 0;
+ /* Capture the specified screen. requires READ_FRAME_BUFFER permission
+ * This function will fail if there is a secure window on screen.
+ */
virtual status_t captureScreen(const sp<IBinder>& display,
const sp<IGraphicBufferProducer>& producer,
uint32_t reqWidth, uint32_t reqHeight,
diff --git a/services/surfaceflinger/SurfaceFlinger.cpp b/services/surfaceflinger/SurfaceFlinger.cpp
index 1daadcc..edf01f7 100644
--- a/services/surfaceflinger/SurfaceFlinger.cpp
+++ b/services/surfaceflinger/SurfaceFlinger.cpp
@@ -2399,6 +2399,7 @@
{
switch (code) {
case CREATE_CONNECTION:
+ case CREATE_DISPLAY:
case SET_TRANSACTION_STATE:
case BOOT_FINISHED:
case BLANK:
@@ -2417,6 +2418,7 @@
break;
}
case CAPTURE_SCREEN:
+ case CAPTURE_SCREEN_DEPRECATED:
{
// codes that require permission check
IPCThreadState* ipc = IPCThreadState::self();