Revert "Allow call audio access for default dialer application"
This reverts commit ac26cf749f457e12a3d8d7456bbcd58a3e028d69.
Reason for revert: Feature has been postponed
Bug: 151761909
Change-Id: I90a977a23c5b97ddf95976cf2c4d517165f8e8c2
diff --git a/media/libaudioclient/AudioSystem.cpp b/media/libaudioclient/AudioSystem.cpp
index f030ab0..b961209 100644
--- a/media/libaudioclient/AudioSystem.cpp
+++ b/media/libaudioclient/AudioSystem.cpp
@@ -886,7 +886,6 @@
audio_stream_type_t *stream,
pid_t pid,
uid_t uid,
- const String16& opPackageName,
const audio_config_t *config,
audio_output_flags_t flags,
audio_port_handle_t *selectedDeviceId,
@@ -896,7 +895,7 @@
const sp<IAudioPolicyService>& aps = AudioSystem::get_audio_policy_service();
if (aps == 0) return NO_INIT;
return aps->getOutputForAttr(attr, output, session, stream, pid, uid,
- opPackageName, config,
+ config,
flags, selectedDeviceId, portId, secondaryOutputs);
}
diff --git a/media/libaudioclient/IAudioPolicyService.cpp b/media/libaudioclient/IAudioPolicyService.cpp
index f1213a3..4d2e369 100644
--- a/media/libaudioclient/IAudioPolicyService.cpp
+++ b/media/libaudioclient/IAudioPolicyService.cpp
@@ -215,7 +215,6 @@
audio_stream_type_t *stream,
pid_t pid,
uid_t uid,
- const String16& opPackageName,
const audio_config_t *config,
audio_output_flags_t flags,
audio_port_handle_t *selectedDeviceId,
@@ -254,7 +253,6 @@
}
data.writeInt32(pid);
data.writeInt32(uid);
- data.writeString16(opPackageName);
data.write(config, sizeof(audio_config_t));
data.writeInt32(static_cast <uint32_t>(flags));
data.writeInt32(*selectedDeviceId);
@@ -1656,11 +1654,6 @@
}
pid_t pid = (pid_t)data.readInt32();
uid_t uid = (uid_t)data.readInt32();
- String16 opPackageName;
- status = data.readString16(&opPackageName);
- if (status != NO_ERROR) {
- return status;
- }
audio_config_t config;
memset(&config, 0, sizeof(audio_config_t));
data.read(&config, sizeof(audio_config_t));
@@ -1672,7 +1665,7 @@
std::vector<audio_io_handle_t> secondaryOutputs;
status = getOutputForAttr(&attr,
&output, session, &stream, pid, uid,
- opPackageName, &config,
+ &config,
flags, &selectedDeviceId, &portId, &secondaryOutputs);
reply->writeInt32(status);
status = reply->write(&attr, sizeof(audio_attributes_t));
diff --git a/media/libaudioclient/include/media/AudioSystem.h b/media/libaudioclient/include/media/AudioSystem.h
index aebc875..6e395e0 100644
--- a/media/libaudioclient/include/media/AudioSystem.h
+++ b/media/libaudioclient/include/media/AudioSystem.h
@@ -241,7 +241,6 @@
audio_stream_type_t *stream,
pid_t pid,
uid_t uid,
- const String16& opPackageName,
const audio_config_t *config,
audio_output_flags_t flags,
audio_port_handle_t *selectedDeviceId,
diff --git a/media/libaudioclient/include/media/IAudioFlinger.h b/media/libaudioclient/include/media/IAudioFlinger.h
index c9d9716..612ce7a 100644
--- a/media/libaudioclient/include/media/IAudioFlinger.h
+++ b/media/libaudioclient/include/media/IAudioFlinger.h
@@ -71,7 +71,6 @@
if (clientInfo.readFromParcel(parcel) != NO_ERROR) {
return DEAD_OBJECT;
}
- opPackageName = parcel->readString16();
if (parcel->readInt32() != 0) {
// TODO: Using unsecurePointer() has some associated security
// pitfalls (see declaration for details).
@@ -101,7 +100,6 @@
(void)parcel->write(&attr, sizeof(audio_attributes_t));
(void)parcel->write(&config, sizeof(audio_config_t));
(void)clientInfo.writeToParcel(parcel);
- (void)parcel->writeString16(opPackageName);
if (sharedBuffer != 0) {
(void)parcel->writeInt32(1);
(void)parcel->writeStrongBinder(IInterface::asBinder(sharedBuffer));
@@ -125,7 +123,6 @@
audio_attributes_t attr;
audio_config_t config;
AudioClient clientInfo;
- String16 opPackageName;
sp<IMemory> sharedBuffer;
uint32_t notificationsPerBuffer;
float speed;
diff --git a/media/libaudioclient/include/media/IAudioPolicyService.h b/media/libaudioclient/include/media/IAudioPolicyService.h
index ec3461e..0ceca85 100644
--- a/media/libaudioclient/include/media/IAudioPolicyService.h
+++ b/media/libaudioclient/include/media/IAudioPolicyService.h
@@ -65,7 +65,6 @@
audio_stream_type_t *stream,
pid_t pid,
uid_t uid,
- const String16& opPackageName,
const audio_config_t *config,
audio_output_flags_t flags,
audio_port_handle_t *selectedDeviceId,
diff --git a/media/utils/ServiceUtilities.cpp b/media/utils/ServiceUtilities.cpp
index 7fd4d0a..87ea084 100644
--- a/media/utils/ServiceUtilities.cpp
+++ b/media/utils/ServiceUtilities.cpp
@@ -223,25 +223,6 @@
return ok;
}
-bool accessCallAudioAllowed(const String16& opPackageName, pid_t pid, uid_t uid) {
- static const String16 sAccessCallAudio("android.permission.ACCESS_CALL_AUDIO");
- PermissionController permissionController;
- const String16 resolvedOpPackageName = resolveCallingPackage(
- permissionController, opPackageName, uid);
- if (resolvedOpPackageName.size() == 0) {
- ALOGE("accessCallAudioAllowed - FAIL - package not found.");
- return false;
- }
- AppOpsManager appOps;
- const int32_t op = appOps.permissionToOpCode(sAccessCallAudio);
- const int32_t opResult = appOps.noteOp(op, uid, resolvedOpPackageName);
- if (opResult == PermissionController::MODE_DEFAULT) {
- // Only allow in case this is a system app with the proper privilege permission
- return PermissionCache::checkPermission(sAccessCallAudio, pid, uid);
- }
- return opResult == PermissionController::MODE_ALLOWED;
-}
-
// privileged behavior needed by Dialer, Settings, SetupWizard and CellBroadcastReceiver
bool bypassInterruptionPolicyAllowed(pid_t pid, uid_t uid) {
static const String16 sWriteSecureSettings("android.permission.WRITE_SECURE_SETTINGS");
@@ -278,29 +259,28 @@
return NO_ERROR;
}
-void MediaPackageManager::loadPackageManager() {
- if (mPackageManager != nullptr) {
- return;
- }
+sp<content::pm::IPackageManagerNative> MediaPackageManager::retreivePackageManager() {
const sp<IServiceManager> sm = defaultServiceManager();
if (sm == nullptr) {
ALOGW("%s: failed to retrieve defaultServiceManager", __func__);
- return;
+ return nullptr;
}
sp<IBinder> packageManager = sm->checkService(String16(nativePackageManagerName));
if (packageManager == nullptr) {
ALOGW("%s: failed to retrieve native package manager", __func__);
- return;
+ return nullptr;
}
- mPackageManager = interface_cast<content::pm::IPackageManagerNative>(packageManager);
+ return interface_cast<content::pm::IPackageManagerNative>(packageManager);
}
std::optional<bool> MediaPackageManager::doIsAllowed(uid_t uid) {
- /** Can not fetch package manager at construction it may not yet be registered. */
- loadPackageManager();
if (mPackageManager == nullptr) {
- ALOGW("%s: Playback capture is denied as package manager is not reachable", __func__);
- return std::nullopt;
+ /** Can not fetch package manager at construction it may not yet be registered. */
+ mPackageManager = retreivePackageManager();
+ if (mPackageManager == nullptr) {
+ ALOGW("%s: Playback capture is denied as package manager is not reachable", __func__);
+ return std::nullopt;
+ }
}
std::vector<std::string> packageNames;
diff --git a/media/utils/include/mediautils/ServiceUtilities.h b/media/utils/include/mediautils/ServiceUtilities.h
index 060e849..212599a 100644
--- a/media/utils/include/mediautils/ServiceUtilities.h
+++ b/media/utils/include/mediautils/ServiceUtilities.h
@@ -93,7 +93,6 @@
bool dumpAllowed();
bool modifyPhoneStateAllowed(pid_t pid, uid_t uid);
bool bypassInterruptionPolicyAllowed(pid_t pid, uid_t uid);
-bool accessCallAudioAllowed(const String16& opPackageName, pid_t pid, uid_t uid);
status_t checkIMemory(const sp<IMemory>& iMemory);
@@ -111,7 +110,7 @@
private:
static constexpr const char* nativePackageManagerName = "package_native";
std::optional<bool> doIsAllowed(uid_t uid);
- void loadPackageManager();
+ sp<content::pm::IPackageManagerNative> retreivePackageManager();
sp<content::pm::IPackageManagerNative> mPackageManager; // To check apps manifest
uint_t mPackageManagerErrors = 0;
struct Package {
diff --git a/services/audioflinger/AudioFlinger.cpp b/services/audioflinger/AudioFlinger.cpp
index ecda56b..1be2fcb 100644
--- a/services/audioflinger/AudioFlinger.cpp
+++ b/services/audioflinger/AudioFlinger.cpp
@@ -343,7 +343,7 @@
ret = AudioSystem::getOutputForAttr(&localAttr, &io,
actualSessionId,
&streamType, client.clientPid, client.clientUid,
- client.packageName, &fullConfig,
+ &fullConfig,
(audio_output_flags_t)(AUDIO_OUTPUT_FLAG_MMAP_NOIRQ |
AUDIO_OUTPUT_FLAG_DIRECT),
deviceId, &portId, &secondaryOutputs);
@@ -783,9 +783,8 @@
output.outputId = AUDIO_IO_HANDLE_NONE;
output.selectedDeviceId = input.selectedDeviceId;
lStatus = AudioSystem::getOutputForAttr(&localAttr, &output.outputId, sessionId, &streamType,
- clientPid, clientUid, input.opPackageName,
- &input.config, input.flags, &output.selectedDeviceId,
- &portId, &secondaryOutputs);
+ clientPid, clientUid, &input.config, input.flags,
+ &output.selectedDeviceId, &portId, &secondaryOutputs);
if (lStatus != NO_ERROR || output.outputId == AUDIO_IO_HANDLE_NONE) {
ALOGE("createTrack() getOutputForAttr() return error %d or invalid output handle", lStatus);
diff --git a/services/audioflinger/Threads.cpp b/services/audioflinger/Threads.cpp
index 65cf96c..d8d4d35 100644
--- a/services/audioflinger/Threads.cpp
+++ b/services/audioflinger/Threads.cpp
@@ -8774,7 +8774,6 @@
&stream,
client.clientPid,
client.clientUid,
- client.packageName,
&config,
flags,
&deviceId,
diff --git a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
index 0da3b9c..57b23b7 100644
--- a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
+++ b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
@@ -219,7 +219,6 @@
audio_stream_type_t *stream,
pid_t pid,
uid_t uid,
- const String16& opPackageName,
const audio_config_t *config,
audio_output_flags_t flags,
audio_port_handle_t *selectedDeviceId,
@@ -266,8 +265,7 @@
case AudioPolicyInterface::API_OUTPUT_LEGACY:
break;
case AudioPolicyInterface::API_OUTPUT_TELEPHONY_TX:
- if (!modifyPhoneStateAllowed(pid, uid) &&
- !accessCallAudioAllowed(opPackageName, pid, uid)) {
+ if (!modifyPhoneStateAllowed(pid, uid)) {
ALOGE("%s() permission denied: modify phone state not allowed for uid %d",
__func__, uid);
result = PERMISSION_DENIED;
@@ -464,22 +462,15 @@
}
bool canCaptureOutput = captureAudioOutputAllowed(pid, uid);
- bool canCaptureTelephonyOutput = canCaptureOutput
- || accessCallAudioAllowed(opPackageName, pid, uid);
-
- if ((attr->source == AUDIO_SOURCE_ECHO_REFERENCE ||
- attr->source == AUDIO_SOURCE_FM_TUNER) &&
+ if ((inputSource == AUDIO_SOURCE_VOICE_UPLINK ||
+ inputSource == AUDIO_SOURCE_VOICE_DOWNLINK ||
+ inputSource == AUDIO_SOURCE_VOICE_CALL ||
+ inputSource == AUDIO_SOURCE_ECHO_REFERENCE||
+ inputSource == AUDIO_SOURCE_FM_TUNER) &&
!canCaptureOutput) {
return PERMISSION_DENIED;
}
- if ((attr->source == AUDIO_SOURCE_VOICE_UPLINK ||
- attr->source == AUDIO_SOURCE_VOICE_DOWNLINK ||
- attr->source == AUDIO_SOURCE_VOICE_CALL) &&
- !canCaptureTelephonyOutput) {
- return PERMISSION_DENIED;
- }
-
bool canCaptureHotword = captureHotwordAllowed(opPackageName, pid, uid);
if ((inputSource == AUDIO_SOURCE_HOTWORD) && !canCaptureHotword) {
return BAD_VALUE;
@@ -511,11 +502,6 @@
break;
case AudioPolicyInterface::API_INPUT_TELEPHONY_RX:
// FIXME: use the same permission as for remote submix for now.
- if (!canCaptureTelephonyOutput) {
- ALOGE("getInputForAttr() permission denied: call capture not allowed");
- status = PERMISSION_DENIED;
- }
- break;
case AudioPolicyInterface::API_INPUT_MIX_CAPTURE:
if (!canCaptureOutput) {
ALOGE("getInputForAttr() permission denied: capture not allowed");
@@ -543,13 +529,9 @@
return status;
}
- bool allowAudioCapture = canCaptureOutput ||
- (inputType == AudioPolicyInterface::API_INPUT_TELEPHONY_RX &&
- canCaptureTelephonyOutput);
-
sp<AudioRecordClient> client = new AudioRecordClient(*attr, *input, uid, pid, session, *portId,
*selectedDeviceId, opPackageName,
- allowAudioCapture, canCaptureHotword);
+ canCaptureOutput, canCaptureHotword);
mAudioRecordClients.add(*portId, client);
}
diff --git a/services/audiopolicy/service/AudioPolicyService.cpp b/services/audiopolicy/service/AudioPolicyService.cpp
index bf38477..59fb481 100644
--- a/services/audiopolicy/service/AudioPolicyService.cpp
+++ b/services/audiopolicy/service/AudioPolicyService.cpp
@@ -543,7 +543,7 @@
// else
// favor the privacy sensitive case
if (topActive != nullptr && topSensitiveActive != nullptr
- && !topActive->canCaptureCallOrOutput) {
+ && !topActive->canCaptureOutput) {
topActive = nullptr;
}
@@ -559,8 +559,8 @@
false : current->uid == topSensitiveActive->uid;
auto canCaptureIfInCallOrCommunication = [&](const auto &recordClient) {
- bool canCaptureCall = recordClient->canCaptureCallOrOutput;
- bool canCaptureCommunication = recordClient->canCaptureCallOrOutput
+ bool canCaptureCall = recordClient->canCaptureOutput;
+ bool canCaptureCommunication = recordClient->canCaptureOutput
|| recordClient->uid == mPhoneStateOwnerUid
|| isServiceUid(mPhoneStateOwnerUid);
return !(isInCall && !canCaptureCall)
@@ -575,7 +575,7 @@
bool allowCapture = !isAssistantOnTop
&& (isTopOrLatestActive || isTopOrLatestSensitive)
&& !(isSensitiveActive
- && !(isTopOrLatestSensitive || current->canCaptureCallOrOutput))
+ && !(isTopOrLatestSensitive || current->canCaptureOutput))
&& canCaptureIfInCallOrCommunication(current);
if (isVirtualSource(source)) {
@@ -596,7 +596,7 @@
} else {
if (((isAssistantOnTop && source == AUDIO_SOURCE_VOICE_RECOGNITION) ||
source == AUDIO_SOURCE_HOTWORD)
- && !(isSensitiveActive && !current->canCaptureCallOrOutput)
+ && !(isSensitiveActive && !current->canCaptureOutput)
&& canCaptureIfInCallOrCommunication(current)) {
allowCapture = true;
}
@@ -609,7 +609,7 @@
// OR
// Is on TOP AND the source is VOICE_RECOGNITION or HOTWORD
if (!isAssistantOnTop
- && !(isSensitiveActive && !current->canCaptureCallOrOutput)
+ && !(isSensitiveActive && !current->canCaptureOutput)
&& canCaptureIfInCallOrCommunication(current)) {
allowCapture = true;
}
diff --git a/services/audiopolicy/service/AudioPolicyService.h b/services/audiopolicy/service/AudioPolicyService.h
index ff99124..9a619dd 100644
--- a/services/audiopolicy/service/AudioPolicyService.h
+++ b/services/audiopolicy/service/AudioPolicyService.h
@@ -83,7 +83,6 @@
audio_stream_type_t *stream,
pid_t pid,
uid_t uid,
- const String16& opPackageName,
const audio_config_t *config,
audio_output_flags_t flags,
audio_port_handle_t *selectedDeviceId,
@@ -812,16 +811,15 @@
const audio_io_handle_t io, uid_t uid, pid_t pid,
const audio_session_t session, audio_port_handle_t portId,
const audio_port_handle_t deviceId, const String16& opPackageName,
- bool canCaptureCallOrOutput, bool canCaptureHotword) :
+ bool canCaptureOutput, bool canCaptureHotword) :
AudioClient(attributes, io, uid, pid, session, portId, deviceId),
opPackageName(opPackageName), startTimeNs(0),
- canCaptureCallOrOutput(canCaptureCallOrOutput),
- canCaptureHotword(canCaptureHotword) {}
+ canCaptureOutput(canCaptureOutput), canCaptureHotword(canCaptureHotword) {}
~AudioRecordClient() override = default;
const String16 opPackageName; // client package name
nsecs_t startTimeNs;
- const bool canCaptureCallOrOutput;
+ const bool canCaptureOutput;
const bool canCaptureHotword;
};