Gitiles
Code Review Sign In
review.evervolv.com / android_frameworks_av / 4ef19fa450e8b523741a22fabee8f62691abec37^! / . / media / libaudioclient / IAudioPolicyService.cpp
commit4ef19fa450e8b523741a22fabee8f62691abec37[log] [tgz]
authorAndy Hung <hunga@google.com>Tue May 15 19:35:29 2018 -0700
committerAndy Hung <hunga@google.com>Thu May 17 18:11:55 2018 -0700
tree5d0eaaf73cebe029d1d8dd935d5c6fddb12ee70f
parentab7ef300b74904bce6c5c810d9e5679abfa582e6 [diff] [blame]
Update audio permission checking

Change captureAudioOutputAllowed to check client pid.

Check calling uid with AID_AUDIOSERVER instead of calling pid with
own pid. This is consistent, and works if AudioFlinger and
AudioPolicyManager exist as different processes.

Remove getpid_cached since getpid() is very fast. This removes
any initialization issues.

Replace getuid() with AID_AUDIOSERVER to remove ambiguity of
multiple native audio services for multiple users. Only
one exists regardless of users.

Do not use multiuser UID checks for certain native services
that do not spawn for multiple users to prevent accidently exposure.

Move permission checks to use ServiceUtilities for control and
consistency.

Rename isTrustedCallingUid to isAudioServerOrMediaServerUid
so that permission check is explicitly known to caller.

Update MediaLogService to use ServiceUtilities.

Test: Basic sanity
Test: AudioTrackTest, AudioRecordTest, SoundPool, SoundTrigger
Bug: 79485140
Change-Id: Ib8ccb36929a9b4806c01626f32fa023a046d6020

diff --git a/media/libaudioclient/IAudioPolicyService.cpp b/media/libaudioclient/IAudioPolicyService.cpp
index a1236e7..316105c 100644
--- a/media/libaudioclient/IAudioPolicyService.cpp
+++ b/media/libaudioclient/IAudioPolicyService.cpp

@@ -24,11 +24,10 @@
 
 #include <binder/IPCThreadState.h>
 #include <binder/Parcel.h>
-#include <cutils/multiuser.h>
 #include <media/AudioEffect.h>
 #include <media/IAudioPolicyService.h>
 #include <media/TimeCheck.h>
-#include <private/android_filesystem_config.h>
+#include <mediautils/ServiceUtilities.h>
 #include <system/audio.h>
 
 namespace android {
@@ -936,7 +935,7 @@
         case STOP_AUDIO_SOURCE:
         case GET_SURROUND_FORMATS:
         case SET_SURROUND_FORMAT_ENABLED: {
-            if (multiuser_get_app_id(IPCThreadState::self()->getCallingUid()) >= AID_APP_START) {
+            if (!isServiceUid(IPCThreadState::self()->getCallingUid())) {
                 ALOGW("%s: transaction %d received from PID %d unauthorized UID %d",
                       __func__, code, IPCThreadState::self()->getCallingPid(),
                       IPCThreadState::self()->getCallingUid());