Gitiles
Code Review Sign In
review.evervolv.com / android_frameworks_av / 337611324fb7b22600d588493f938e7df4789e3d^! / . / services / oboeservice / AAudioService.cpp
commit337611324fb7b22600d588493f938e7df4789e3d[log] [tgz]
authorSvet Ganov <svetoslavganov@google.com>Thu May 13 22:51:08 2021 +0000
committerSvet Ganov <svetoslavganov@google.com>Wed Jun 02 00:46:14 2021 +0000
treecd187ef9b4d8a9161004df0f6a74342207f7b553
parentc52f8f4eaae1d4495b992be01c488c52f699ac31 [diff] [blame]
Switch media fw permissions checks to AttributionSource (av)

Attribution source is the abstraction to capture the data
flows for private data across apps. Checking permissions
for an attribution source does this for all apps in the
chain that would receive the data as well as the relevant
app ops are checked/noted/started as needed.

bug: 158792096

Test: atest CtsMediaTestCases
      atest CtsPermissionTestCases
      atest CtsPermission2TestCases
      atest CtsPermission3TestCases
      atest CtsPermission4TestCases
      atest CtsPermission5TestCases
      atest CtsAppOpsTestCases
      atest CtsAppOps2TestCases

Merged-In: I1c5a4321dd3b2d458372058c99604a6ec208717c

Change-Id: I1c5a4321dd3b2d458372058c99604a6ec208717c

diff --git a/services/oboeservice/AAudioService.cpp b/services/oboeservice/AAudioService.cpp
index 0b69bf6..40a664e 100644
--- a/services/oboeservice/AAudioService.cpp
+++ b/services/oboeservice/AAudioService.cpp

@@ -22,7 +22,7 @@
 #include <iostream>
 #include <sstream>
 
-#include <android/media/permission/Identity.h>
+#include <android/content/AttributionSourceState.h>
 #include <aaudio/AAudio.h>
 #include <media/AidlConversion.h>
 #include <mediautils/ServiceUtilities.h>
@@ -47,18 +47,18 @@
        std::move(_tmp.value()); })
 
 using android::AAudioService;
-using android::media::permission::Identity;
+using android::content::AttributionSourceState;
 using binder::Status;
 
 android::AAudioService::AAudioService()
     : BnAAudioService(),
       mAdapter(this) {
     // TODO consider using geteuid()
-    // TODO b/182392769: use identity util
-    mAudioClient.identity.uid = VALUE_OR_FATAL(legacy2aidl_uid_t_int32_t(getuid()));
-    mAudioClient.identity.pid = VALUE_OR_FATAL(legacy2aidl_pid_t_int32_t(getpid()));
-    mAudioClient.identity.packageName = std::nullopt;
-    mAudioClient.identity.attributionTag = std::nullopt;
+    // TODO b/182392769: use attribution source util
+    mAudioClient.attributionSource.uid = VALUE_OR_FATAL(legacy2aidl_uid_t_int32_t(getuid()));
+    mAudioClient.attributionSource.pid = VALUE_OR_FATAL(legacy2aidl_pid_t_int32_t(getpid()));
+    mAudioClient.attributionSource.packageName = std::nullopt;
+    mAudioClient.attributionSource.attributionTag = std::nullopt;
     AAudioClientTracker::getInstance().setAAudioService(this);
 }
 
@@ -115,13 +115,14 @@
     aaudio_sharing_mode_t sharingMode = configurationInput.getSharingMode();
 
     // Enforce limit on client processes.
-    Identity callingIdentity = request.getIdentity();
+    AttributionSourceState attributionSource = request.getAttributionSource();
     pid_t pid = IPCThreadState::self()->getCallingPid();
-    callingIdentity.pid = VALUE_OR_RETURN_ILLEGAL_ARG_STATUS(
+    attributionSource.pid = VALUE_OR_RETURN_ILLEGAL_ARG_STATUS(
         legacy2aidl_pid_t_int32_t(pid));
-    callingIdentity.uid = VALUE_OR_RETURN_ILLEGAL_ARG_STATUS(
+    attributionSource.uid = VALUE_OR_RETURN_ILLEGAL_ARG_STATUS(
         legacy2aidl_uid_t_int32_t(IPCThreadState::self()->getCallingUid()));
-    if (callingIdentity.pid != mAudioClient.identity.pid) {
+    attributionSource.token = sp<BBinder>::make();
+    if (attributionSource.pid != mAudioClient.attributionSource.pid) {
         int32_t count = AAudioClientTracker::getInstance().getStreamCount(pid);
         if (count >= MAX_STREAMS_PER_PROCESS) {
             ALOGE("openStream(): exceeded max streams per process %d >= %d",
@@ -280,8 +281,8 @@
 }
 
 bool AAudioService::isCallerInService() {
-    pid_t clientPid = VALUE_OR_FATAL(aidl2legacy_int32_t_pid_t(mAudioClient.identity.pid));
-    uid_t clientUid = VALUE_OR_FATAL(aidl2legacy_int32_t_uid_t(mAudioClient.identity.uid));
+    pid_t clientPid = VALUE_OR_FATAL(aidl2legacy_int32_t_pid_t(mAudioClient.attributionSource.pid));
+    uid_t clientUid = VALUE_OR_FATAL(aidl2legacy_int32_t_uid_t(mAudioClient.attributionSource.uid));
     return clientPid == IPCThreadState::self()->getCallingPid() &&
         clientUid == IPCThreadState::self()->getCallingUid();
 }
@@ -307,7 +308,7 @@
         const uid_t callingUserId = IPCThreadState::self()->getCallingUid();
         const uid_t ownerUserId = serviceStream->getOwnerUserId();
         const uid_t clientUid = VALUE_OR_FATAL(
-            aidl2legacy_int32_t_uid_t(mAudioClient.identity.uid));
+            aidl2legacy_int32_t_uid_t(mAudioClient.attributionSource.uid));
         bool callerOwnsIt = callingUserId == ownerUserId;
         bool serverCalling = callingUserId == clientUid;
         bool serverOwnsIt = ownerUserId == clientUid;