commit dd3cb84cfbe8068790c6233b5829fae9c4a0ee93
author Jamie Gennis <jgennis@google.com> Fri Oct 19 18:19:11 2012 -0700
committer Jamie Gennis <jgennis@google.com> Mon Oct 22 13:41:21 2012 -0700
tree 366d14c7147f365dd47f85f418e262dec0427141
parent 60393d45207b6548e1f61ca104fa59aecee87d30

SurfaceFlinger: add support for secure displays

This change adds support for displays that are not allowed to display surfaces
with the eSecure flag set.  All non-virtual displays are considered secure,
while virtual displays have their secure-ness specified at creation time.

Bug: 7368436
Change-Id: I81ad535d2d1e5a7ff78269017e85b111f0098500

services/surfaceflinger/LayerScreenshot.cpp

diff --git a/services/surfaceflinger/LayerScreenshot.cpp b/services/surfaceflinger/LayerScreenshot.cpp
index 0fd744f..f8009b3 100644
--- a/services/surfaceflinger/LayerScreenshot.cpp
+++ b/services/surfaceflinger/LayerScreenshot.cpp
@@ -37,7 +37,7 @@
 LayerScreenshot::LayerScreenshot(SurfaceFlinger* flinger,
         const sp<Client>& client)
     : LayerBaseClient(flinger, client),
-      mTextureName(0), mFlinger(flinger)
+      mTextureName(0), mFlinger(flinger), mIsSecure(false)
 {
 }
 
@@ -56,6 +56,10 @@
         return result;
     }
     initTexture(u, v);
+
+    // Currently screenshot always comes from the default display
+    mIsSecure = mFlinger->getDefaultDisplayDevice()->getSecureLayerVisible();
+
     return NO_ERROR;
 }
 
@@ -66,6 +70,10 @@
         return result;
     }
     initTexture(u, v);
+
+    // Currently screenshot always comes from the default display
+    mIsSecure = mFlinger->getDefaultDisplayDevice()->getSecureLayerVisible();
+    
     return NO_ERROR;
 }
 
@@ -84,6 +92,10 @@
     if (!(flags & ISurfaceComposerClient::eHidden)) {
         capture();
     }
+    if (flags & ISurfaceComposerClient::eSecure) {
+        ALOGW("ignoring surface flag eSecure - LayerScreenshot is considered "
+                "secure iff it captures the contents of a secure surface.");
+    }
 }
 
 uint32_t LayerScreenshot::doTransaction(uint32_t flags)
@@ -125,6 +137,11 @@
             glTexEnvx(GL_TEXTURE_ENV, GL_TEXTURE_ENV_MODE, GL_MODULATE);
         }
 
+        GLuint texName = mTextureName;
+        if (isSecure() && !hw->isSecure()) {
+            texName = mFlinger->getProtectedTexName();
+        }
+
         LayerMesh mesh;
         computeGeometry(hw, &mesh);
 
@@ -133,7 +150,7 @@
         glDisable(GL_TEXTURE_EXTERNAL_OES);
         glEnable(GL_TEXTURE_2D);
 
-        glBindTexture(GL_TEXTURE_2D, mTextureName);
+        glBindTexture(GL_TEXTURE_2D, texName);
         glMatrixMode(GL_TEXTURE);
         glLoadIdentity();
         glMatrixMode(GL_MODELVIEW);