open /dev/graphics/fb0 failed, despite app signature

[Axel Col]

hi @all,

I'm currently writing a system application for the latest jeally bean ( 4.3 ), signed with the fitting platform certificate running as android.uid.system. 

In my manifest, I added the permissions READ_FRAME_BUFFER, ACCESS_SURFACE_FLINGER. 

In my app, I'm able to access the SurfaceFlinger service via the ScreenShotClient ( c++ ). 

Accessing the /dev/graphics/fb0 device directly ( also using native code, c++ ) via open always failed with a permission error.

I wrote an little command line tool, which is able to open the /dev/graphics/fb0.

For sure my command line tool is running as root user, and my app is running as system user.

ls -l -a /dev/graphics/fb0 

crw-rw---- root     graphics  29,   0 2013-09-30 07:31 fb0

For my understanding only the root user, or a member of the graphics group can access the fb0.

For my understanding the READ_FRAME_BUFFER permission, is exactly for accessing /dev/graphics/fb<x> ?

Can someone please give me a hint?

many thanks in advance,

axel

[shridutt kothari]

Hi Axel,

1. In /frameworks/base/core/res/AndroidManifest.xml, You can see what access rights apply to each of the system-defined permissions.

 ->In this case, you'll see that READ_FRAME_BUFFER is marked as android:protectionLevel="signature | system",

and ACCESS_SURFACE_FLINGER is marked as android:protectionLevel="signature".

 

2. So logically in any system app, having these both permission you should not face any issue in accessing framebuffer and surface flinger. 

(Its also written in /frameworks/base/core/res/AndroidManifest.xml in comment where READ_FRAME_BUFFER permission is defined, that It is to get access to the frame buffer data)

So there might be something else creating the problem, You may want to post some error log messages etc.

Sincerely,

Shridutt Kothari

Impetus Infotech Limited

shridut...@gmail.com

[Axel Col]

Hi Shridutt,

many thanks for your replay. Let me post some more infos.

AndroidManifest.xml:

....

android:sharedUserId="android.uid.system"

....

<uses-permission android:name="android.permission.ACCESS_SURFACE_FLINGER"/>

<uses-permission android:name="android.permission.READ_FRAME_BUFFER"/>

Native Code:

const char* dev = "/dev/graphics/fb0";

const int fd = open( dev, O_RDONLY );

 if( fd < 0 )

 {

    LOGI( "failed to open %s error %i ( %s )", dev, fd, strerror(errno) );

    return -1;

  }

Logcat:

10-02 08:38:51.781: I/framebufferreader(1145): failed to open /dev/graphics/fb0 error -1 ( Permission denied )

ps:

system    1145  125   511436 66704 ffffffff 401dc408 S com.example.com.screenshotclient

ls -l /dev/graphics/fb0:

root@maguro:/ # ls -l /dev/graphics/fb0                                        

crw-rw---- root     graphics  29,   0 2013-10-02 08:36 fb0

For my understanding my app is running a system user, and have the correct permissions in the android manifest.

If i run the same code snippet in a console application as root user, I'm able to open the file descriptor.

Commandline Tool:

root@maguro:/data/data # id

uid=0(root) gid=0(root) context=u:r:shell:s0

./testtool  --> able to open file descriptor

su system

root@maguro:/data/data # id

uid=1000(system) gid=1000(system) context=u:r:su:s0

./testtool  --> able to open file descriptor

[Romain Guy]

FB0 is not used by the compositor. If you're trying to read from it to take a screenshot it won't work.

--
You received this message because you are subscribed to the Google Groups "android-platform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-platfo...@googlegroups.com.
To post to this group, send email to android-...@googlegroups.com.
Visit this group at http://groups.google.com/group/android-platform.
For more options, visit https://groups.google.com/groups/opt_out.

[shridutt kothari]

Yea, FB0 might not work for you see forum discussion.

~shridutt kothari

impetus infotech Limited

[Daniel Fages]

Hi Axel,

I think that since ICS, accessing /dev/fb0 will give you nothing but zeros as all rendering is done through OpenGL.

According to what I understand of the surfaceflinger implementation, the android.permission.READ_FRAME_BUFFER permission allows you to make screen capture (but you also need you app to be a system app - which is something you have).

You can find a "client" implementation of the surfaceflinger screen capture hereafter :

https://android.googlesource.com/platform/frameworks/native/+/master/services/surfaceflinger/tests/screencap/screencap.cpp

The corresponding surfaceflinger implementation is here : https://android.googlesource.com/platform/frameworks/native/+/master/services/surfaceflinger/SurfaceFlinger.cpp (look for CAPTURE_SCREEN constant and captureScreen method)

Dan.

2013/10/2 Axel Col <axel.and...@googlemail.com>

[Dianne Hackborn]

What are you trying to do?  The API for creating a screenshot was added because trying to directly access the driver to create a sceenshot does not work correctly across different hardware devices.  If you want to get a screenshot, the screenshot call to surface flinger is absolutely the right way to do it.  All other access to the graphics driver should go through the same HAL that surface flinger sits on top of (and of course means you don't want surface flinger running at the same time).

--
You received this message because you are subscribed to the Google Groups "android-platform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-platfo...@googlegroups.com.
To post to this group, send email to android-...@googlegroups.com.
Visit this group at http://groups.google.com/group/android-platform.
For more options, visit https://groups.google.com/groups/opt_out.

--
Dianne Hackborn
Android framework engineer
hac...@android.com

Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails.  All such questions should be posted on public forums, where I and others can see and answer them.

[Axel Col]

Hi @all,

many thanks for all your answers, and sorry for the late response. Thanks for the clarification that accessing fb0 won't work anymore ( since ICS ). 

As I mentioned before, I was successfully able to use the "offical" surfaceflinger service. The reason why I'm trying to access the framebuffer directly, is a performance reason.

On a galaxy nexus s, running android 4.3, a single screenshot needs 100-140 ms. Here I'm using the mentioned "client" ( ScreenshotClient ) implementation from daniel.

So in the best case, this is a  framerate of 10 fps. Is there any way to get a framerate of min 25 fps ?

[Bush Suli]

Hi Axel,

Did you use the platform key with the official stock of Galaxy Nexus (4.3)? because I am trying to achieve that without success. 

Thanks,

[Axel Col]

Hi,

For development I am using a self compiled room.  For production,  my app gets signed by a big manufacturer.  The app is currently only available for this manufacturer.

Means you app needs to be signed with the fitting platform keys.

Hope this helps? Feel free to contact me

[Bush Suli]

Thank you so much for your help, it is greatly appreciated.