Switch media fw permissions checks to AttributionSource (av)
Attribution source is the abstraction to capture the data
flows for private data across apps. Checking permissions
for an attribution source does this for all apps in the
chain that would receive the data as well as the relevant
app ops are checked/noted/started as needed.
bug: 158792096
Test: atest CtsMediaTestCases
atest CtsPermissionTestCases
atest CtsPermission2TestCases
atest CtsPermission3TestCases
atest CtsPermission4TestCases
atest CtsPermission5TestCases
atest CtsAppOpsTestCases
atest CtsAppOps2TestCases
Merged-In: I1c5a4321dd3b2d458372058c99604a6ec208717c
Change-Id: I1c5a4321dd3b2d458372058c99604a6ec208717c
diff --git a/media/libaaudio/src/Android.bp b/media/libaaudio/src/Android.bp
index fe2d98e..33a5c7f 100644
--- a/media/libaaudio/src/Android.bp
+++ b/media/libaaudio/src/Android.bp
@@ -52,6 +52,7 @@
"libcutils",
"libutils",
"libbinder",
+ "libpermission",
],
sanitize: {
@@ -86,7 +87,7 @@
export_header_lib_headers: ["libaaudio_headers"],
export_shared_lib_headers: [
- "media_permission-aidl-cpp",
+ "framework-permission-aidl-cpp",
],
shared_libs: [
@@ -99,15 +100,11 @@
"libcutils",
"libutils",
"libbinder",
+ "framework-permission-aidl-cpp",
"aaudio-aidl-cpp",
- "media_permission-aidl-cpp",
"libaudioclient_aidl_conversion",
],
- static_libs: [
- "media_permission-aidl-cpp",
- ],
-
cflags: [
"-Wno-unused-parameter",
"-Wall",
@@ -177,7 +174,7 @@
imports: [
"audio_common-aidl",
"shared-file-region-aidl",
- "media_permission-aidl",
+ "framework-permission-aidl"
],
backend:
{
diff --git a/media/libaaudio/src/binding/AAudioStreamRequest.cpp b/media/libaaudio/src/binding/AAudioStreamRequest.cpp
index 5e0a4bb..8d90034 100644
--- a/media/libaaudio/src/binding/AAudioStreamRequest.cpp
+++ b/media/libaaudio/src/binding/AAudioStreamRequest.cpp
@@ -31,7 +31,7 @@
AAudioStreamRequest::AAudioStreamRequest(const StreamRequest& parcelable) :
mConfiguration(std::move(parcelable.params)),
- mIdentity(parcelable.identity),
+ mAttributionSource(parcelable.attributionSource),
mSharingModeMatchRequired(parcelable.sharingModeMatchRequired),
mInService(parcelable.inService) {
}
@@ -39,7 +39,7 @@
StreamRequest AAudioStreamRequest::parcelable() const {
StreamRequest result;
result.params = std::move(mConfiguration).parcelable();
- result.identity = mIdentity;
+ result.attributionSource = mAttributionSource;
result.sharingModeMatchRequired = mSharingModeMatchRequired;
result.inService = mInService;
return result;
@@ -50,7 +50,7 @@
}
void AAudioStreamRequest::dump() const {
- ALOGD("mIdentity = %s", mIdentity.toString().c_str());
+ ALOGD("mAttributionSource = %s", mAttributionSource.toString().c_str());
ALOGD("mSharingModeMatchRequired = %d", mSharingModeMatchRequired);
ALOGD("mInService = %d", mInService);
mConfiguration.dump();
diff --git a/media/libaaudio/src/binding/AAudioStreamRequest.h b/media/libaaudio/src/binding/AAudioStreamRequest.h
index 02341c8..cc43a48 100644
--- a/media/libaaudio/src/binding/AAudioStreamRequest.h
+++ b/media/libaaudio/src/binding/AAudioStreamRequest.h
@@ -23,10 +23,12 @@
#include <aaudio/StreamRequest.h>
#include "binding/AAudioStreamConfiguration.h"
-#include <android/media/permission/Identity.h>
+#include <android/content/AttributionSourceState.h>
namespace aaudio {
+using android::content::AttributionSourceState;
+
class AAudioStreamRequest {
public:
AAudioStreamRequest() = default;
@@ -34,12 +36,12 @@
// Construct based on a parcelable representation.
explicit AAudioStreamRequest(const StreamRequest& parcelable);
- const android::media::permission::Identity &getIdentity() const {
- return mIdentity;
+ const AttributionSourceState &getAttributionSource() const {
+ return mAttributionSource;
}
- void setIdentity(const android::media::permission::Identity &identity) {
- mIdentity = identity;
+ void setAttributionSource(const AttributionSourceState &attributionSource) {
+ mAttributionSource = attributionSource;
}
bool isSharingModeMatchRequired() const {
@@ -75,7 +77,7 @@
private:
AAudioStreamConfiguration mConfiguration;
- android::media::permission::Identity mIdentity;
+ AttributionSourceState mAttributionSource;
bool mSharingModeMatchRequired = false;
bool mInService = false; // Stream opened by AAudioservice
};
diff --git a/media/libaaudio/src/binding/aidl/aaudio/StreamRequest.aidl b/media/libaaudio/src/binding/aidl/aaudio/StreamRequest.aidl
index 12802e6..53787a0 100644
--- a/media/libaaudio/src/binding/aidl/aaudio/StreamRequest.aidl
+++ b/media/libaaudio/src/binding/aidl/aaudio/StreamRequest.aidl
@@ -17,11 +17,11 @@
package aaudio;
import aaudio.StreamParameters;
-import android.media.permission.Identity;
+import android.content.AttributionSourceState;
parcelable StreamRequest {
- StreamParameters params;
- Identity identity;
- boolean sharingModeMatchRequired; // = false;
- boolean inService; // = false; // Stream opened by AAudioservice
+ StreamParameters params;
+ AttributionSourceState attributionSource;
+ boolean sharingModeMatchRequired; // = false;
+ boolean inService; // = false; // Stream opened by AAudioservice
}
\ No newline at end of file
diff --git a/media/libaaudio/src/client/AudioStreamInternal.cpp b/media/libaaudio/src/client/AudioStreamInternal.cpp
index d8b27c3..cf2abe8 100644
--- a/media/libaaudio/src/client/AudioStreamInternal.cpp
+++ b/media/libaaudio/src/client/AudioStreamInternal.cpp
@@ -51,7 +51,7 @@
using android::Mutex;
using android::WrappingBuffer;
-using android::media::permission::Identity;
+using android::content::AttributionSourceState;
using namespace aaudio;
@@ -108,15 +108,16 @@
// Request FLOAT for the shared mixer or the device.
request.getConfiguration().setFormat(AUDIO_FORMAT_PCM_FLOAT);
- // TODO b/182392769: use identity util
- Identity identity;
- identity.uid = VALUE_OR_FATAL(android::legacy2aidl_uid_t_int32_t(getuid()));
- identity.pid = VALUE_OR_FATAL(android::legacy2aidl_pid_t_int32_t(getpid()));
- identity.packageName = builder.getOpPackageName();
- identity.attributionTag = builder.getAttributionTag();
+ // TODO b/182392769: use attribution source util
+ AttributionSourceState attributionSource;
+ attributionSource.uid = VALUE_OR_FATAL(android::legacy2aidl_uid_t_int32_t(getuid()));
+ attributionSource.pid = VALUE_OR_FATAL(android::legacy2aidl_pid_t_int32_t(getpid()));
+ attributionSource.packageName = builder.getOpPackageName();
+ attributionSource.attributionTag = builder.getAttributionTag();
+ attributionSource.token = sp<android::BBinder>::make();
// Build the request to send to the server.
- request.setIdentity(identity);
+ request.setAttributionSource(attributionSource);
request.setSharingModeMatchRequired(isSharingModeMatchRequired());
request.setInService(isInService());
diff --git a/media/libaaudio/src/legacy/AudioStreamRecord.cpp b/media/libaaudio/src/legacy/AudioStreamRecord.cpp
index eca5392..dc66742 100644
--- a/media/libaaudio/src/legacy/AudioStreamRecord.cpp
+++ b/media/libaaudio/src/legacy/AudioStreamRecord.cpp
@@ -32,7 +32,7 @@
#include "utility/AudioClock.h"
#include "utility/FixedBlockWriter.h"
-using android::media::permission::Identity;
+using android::content::AttributionSourceState;
using namespace android;
using namespace aaudio;
@@ -157,12 +157,13 @@
.tags = ""
};
- // TODO b/182392769: use identity util
- Identity identity;
- identity.uid = VALUE_OR_FATAL(legacy2aidl_uid_t_int32_t(getuid()));
- identity.pid = VALUE_OR_FATAL(legacy2aidl_pid_t_int32_t(getpid()));
- identity.packageName = builder.getOpPackageName();
- identity.attributionTag = builder.getAttributionTag();
+ // TODO b/182392769: use attribution source util
+ AttributionSourceState attributionSource;
+ attributionSource.uid = VALUE_OR_FATAL(legacy2aidl_uid_t_int32_t(getuid()));
+ attributionSource.pid = VALUE_OR_FATAL(legacy2aidl_pid_t_int32_t(getpid()));
+ attributionSource.packageName = builder.getOpPackageName();
+ attributionSource.attributionTag = builder.getAttributionTag();
+ attributionSource.token = sp<BBinder>::make();
// ----------- open the AudioRecord ---------------------
// Might retry, but never more than once.
@@ -170,7 +171,7 @@
const audio_format_t requestedInternalFormat = getDeviceFormat();
mAudioRecord = new AudioRecord(
- identity
+ attributionSource
);
mAudioRecord->set(
AUDIO_SOURCE_DEFAULT, // ignored because we pass attributes below
diff --git a/media/libaaudio/src/legacy/AudioStreamRecord.h b/media/libaaudio/src/legacy/AudioStreamRecord.h
index 7d0a197..692651d 100644
--- a/media/libaaudio/src/legacy/AudioStreamRecord.h
+++ b/media/libaaudio/src/legacy/AudioStreamRecord.h
@@ -25,7 +25,7 @@
#include "AAudioLegacy.h"
#include "legacy/AudioStreamLegacy.h"
#include "utility/FixedBlockWriter.h"
-#include <android/media/permission/Identity.h>
+#include <android/content/AttributionSourceState.h>
namespace aaudio {
@@ -87,7 +87,7 @@
FixedBlockWriter mFixedBlockWriter;
// TODO add 64-bit position reporting to AudioRecord and use it.
- android::media::permission::Identity mIdentity;
+ android::content::AttributionSourceState mAttributionSource;
// Only one type of conversion buffer is used.
std::unique_ptr<float[]> mFormatConversionBufferFloat;
diff --git a/media/libaaudio/src/legacy/AudioStreamTrack.cpp b/media/libaaudio/src/legacy/AudioStreamTrack.cpp
index 04a9dec..1d412c0 100644
--- a/media/libaaudio/src/legacy/AudioStreamTrack.cpp
+++ b/media/libaaudio/src/legacy/AudioStreamTrack.cpp
@@ -33,7 +33,7 @@
using namespace android;
using namespace aaudio;
-using media::permission::Identity;
+using android::content::AttributionSourceState;
// Arbitrary and somewhat generous number of bursts.
#define DEFAULT_BURSTS_PER_BUFFER_CAPACITY 8
@@ -151,7 +151,7 @@
};
mAudioTrack = new AudioTrack();
- // TODO b/182392769: use identity util
+ // TODO b/182392769: use attribution source util
mAudioTrack->set(
AUDIO_STREAM_DEFAULT, // ignored because we pass attributes below
getSampleRate(),
@@ -167,7 +167,7 @@
sessionId,
streamTransferType,
NULL, // DEFAULT audio_offload_info_t
- Identity(), // DEFAULT uid and pid
+ AttributionSourceState(), // DEFAULT uid and pid
&attributes,
// WARNING - If doNotReconnect set true then audio stops after plugging and unplugging
// headphones a few times.