Gitiles
Code Review Sign In
review.evervolv.com / android_frameworks_av / 893a5642871114fca3b2a00c6ff8e5699ce3e3ed^! / . / services / audioflinger
commit893a5642871114fca3b2a00c6ff8e5699ce3e3ed[log] [tgz]
authorJeff Brown <jeffbrown@google.com>Fri Aug 16 20:19:26 2013 -0700
committerJeff Brown <jeffbrown@google.com>Fri Aug 16 20:21:07 2013 -0700
treed34721dfd133e8a79a4ff32ee8e8d2d83ef24031
parent7fb865653293e665f48b31e791ca124e98c7d257 [diff]
Enforce permission for recording from remote submix.

Bug: 10265163
Change-Id: I2395036bac6e10baeaf6ea4bc3093bd9dd98742d

diff --git a/services/audioflinger/AudioFlinger.cpp b/services/audioflinger/AudioFlinger.cpp
index 3d65c44..b8a6b37 100644
--- a/services/audioflinger/AudioFlinger.cpp
+++ b/services/audioflinger/AudioFlinger.cpp

@@ -1206,6 +1206,10 @@
 
 // ----------------------------------------------------------------------------
 
+static bool deviceRequiresCaptureAudioOutputPermission(audio_devices_t inDevice) {
+    return audio_is_remote_submix_device(inDevice);
+}
+
 sp<IAudioRecord> AudioFlinger::openRecord(
         audio_io_handle_t input,
         uint32_t sampleRate,
@@ -1246,6 +1250,12 @@
             goto Exit;
         }
 
+        if (deviceRequiresCaptureAudioOutputPermission(thread->inDevice())
+                && !captureAudioOutputAllowed()) {
+            lStatus = PERMISSION_DENIED;
+            goto Exit;
+        }
+
         pid_t pid = IPCThreadState::self()->getCallingPid();
         client = registerPid_l(pid);
 

diff --git a/services/audioflinger/ServiceUtilities.cpp b/services/audioflinger/ServiceUtilities.cpp
index d15bd04..9ee513b 100644
--- a/services/audioflinger/ServiceUtilities.cpp
+++ b/services/audioflinger/ServiceUtilities.cpp

@@ -34,6 +34,15 @@
     return ok;
 }
 
+bool captureAudioOutputAllowed() {
+    if (getpid_cached == IPCThreadState::self()->getCallingPid()) return true;
+    static const String16 sCaptureAudioOutput("android.permission.CAPTURE_AUDIO_OUTPUT");
+    // don't use PermissionCache; this is not a system permission
+    bool ok = checkCallingPermission(sCaptureAudioOutput);
+    if (!ok) ALOGE("Request requires android.permission.CAPTURE_AUDIO_OUTPUT");
+    return ok;
+}
+
 bool settingsAllowed() {
     if (getpid_cached == IPCThreadState::self()->getCallingPid()) return true;
     static const String16 sAudioSettings("android.permission.MODIFY_AUDIO_SETTINGS");

diff --git a/services/audioflinger/ServiceUtilities.h b/services/audioflinger/ServiceUtilities.h
index 80cecba..175cd28 100644
--- a/services/audioflinger/ServiceUtilities.h
+++ b/services/audioflinger/ServiceUtilities.h

@@ -21,6 +21,7 @@
 extern pid_t getpid_cached;
 
 bool recordingAllowed();
+bool captureAudioOutputAllowed();
 bool settingsAllowed();
 bool dumpAllowed();