audiopolicy: clear caller identity before calling audio policy manager Audio policy manager methods must always be executed with the level of priviledge of audioserver process. After checking calling permissions, audio policy service will clear binder caller identity before calling into audio policy manager. Also add restrictions for start source and stop source binder transactions. Bug: 77869640 Test: manual audio smoke tests Change-Id: I993d4fddcea9bfa3f44093c38406b85d69ca8890

commit: 10b7123bd6ce29fe756422aeedc5cfe469c4309f [log] [tgz]
author: Eric Laurent <elaurent@google.com> Fri Apr 13 18:14:44 2018 -0700
committer: Eric Laurent <elaurent@google.com> Fri Apr 13 18:18:49 2018 -0700
tree: 340803c949b9500ce5e2873fbf874fcec782fd3f
parent: 258fb48d1498c8d34d6877700db993938cc89f71 [diff] [blame]
diff --git a/services/audiopolicy/service/AudioPolicyService.cpp b/services/audiopolicy/service/AudioPolicyService.cpp
index 082923a..13bf605 100644
--- a/services/audiopolicy/service/AudioPolicyService.cpp
+++ b/services/audiopolicy/service/AudioPolicyService.cpp

@@ -151,6 +151,7 @@
     {
         Mutex::Autolock _l(mLock);
         if (mAudioPolicyManager) {
+            // called from binder death notification: no need to clear caller identity
             mAudioPolicyManager->releaseResourcesForUid(uid);
         }
     }
@@ -335,6 +336,7 @@
     {
         Mutex::Autolock _l(mLock);
         if (mAudioPolicyManager) {
+            AutoCallerClear acc;
             mAudioPolicyManager->setRecordSilenced(uid, silenced);
         }
     }
commit	10b7123bd6ce29fe756422aeedc5cfe469c4309f	[log] [tgz]
author	Eric Laurent <elaurent@google.com>	Fri Apr 13 18:14:44 2018 -0700
committer	Eric Laurent <elaurent@google.com>	Fri Apr 13 18:18:49 2018 -0700
tree	340803c949b9500ce5e2873fbf874fcec782fd3f
parent	258fb48d1498c8d34d6877700db993938cc89f71 [diff] [blame]