DrmHal: remove permission check
Permission check should now be performed in HIDL HALs. The removed app-side
permission check does not accomplish much because any app can communicate
with a Drm HIDL HAL directly.
Bug: 134787536
Test: CastV2SignerTest
Change-Id: I4d90effbc0a265459829c63e843b9a5d16e75359
diff --git a/drm/libmediadrm/DrmHal.cpp b/drm/libmediadrm/DrmHal.cpp
index 8c2d8f2..f3028d8 100644
--- a/drm/libmediadrm/DrmHal.cpp
+++ b/drm/libmediadrm/DrmHal.cpp
@@ -20,8 +20,7 @@
#include <utils/Log.h>
-#include <binder/IPCThreadState.h>
-#include <binder/IServiceManager.h>
+#include <android/binder_manager.h>
#include <aidl/android/media/BnResourceManagerClient.h>
#include <android/hardware/drm/1.2/types.h>
@@ -99,17 +98,6 @@
#define INIT_CHECK() {if (mInitCheck != OK) return mInitCheck;}
-static inline int getCallingPid() {
- return IPCThreadState::self()->getCallingPid();
-}
-
-static bool checkPermission(const char* permissionString) {
- if (getpid() == IPCThreadState::self()->getCallingPid()) return true;
- bool ok = checkCallingPermission(String16(permissionString));
- if (!ok) ALOGE("Request requires %s", permissionString);
- return ok;
-}
-
static const Vector<uint8_t> toVector(const hidl_vec<uint8_t> &vec) {
Vector<uint8_t> vector;
vector.appendArray(vec.data(), vec.size());
@@ -454,7 +442,7 @@
const uint8_t uuid[16], const String8& appPackageName) {
mAppPackageName = appPackageName;
mMetrics.SetAppPackageName(appPackageName);
- mMetrics.SetAppUid(IPCThreadState::self()->getCallingUid());
+ mMetrics.SetAppUid(AIBinder_getCallingUid());
sp<IDrmPlugin> plugin;
Return<void> hResult = factory->createPlugin(uuid, appPackageName.string(),
@@ -751,7 +739,7 @@
// reclaimSession may call back to closeSession, since mLock is
// shared between Drm instances, we should unlock here to avoid
// deadlock.
- retry = DrmSessionManager::Instance()->reclaimSession(getCallingPid());
+ retry = DrmSessionManager::Instance()->reclaimSession(AIBinder_getCallingPid());
mLock.lock();
} else {
retry = false;
@@ -760,7 +748,7 @@
if (err == OK) {
std::shared_ptr<DrmSessionClient> client(new DrmSessionClient(this, sessionId));
- DrmSessionManager::Instance()->addSession(getCallingPid(),
+ DrmSessionManager::Instance()->addSession(AIBinder_getCallingPid(),
std::static_pointer_cast<IResourceManagerClient>(client), sessionId);
mOpenSessions.push_back(client);
mMetrics.SetSessionStart(sessionId);
@@ -1543,10 +1531,6 @@
Mutex::Autolock autoLock(mLock);
INIT_CHECK();
- if (!checkPermission("android.permission.ACCESS_DRM_CERTIFICATES")) {
- return -EPERM;
- }
-
DrmSessionManager::Instance()->useSession(sessionId);
status_t err = UNKNOWN_ERROR;