commit 8a1095a9f240b4ac69e8aa47954a3ceb1bd38e16
author Eric Laurent <elaurent@google.com> Fri Nov 08 14:44:16 2019 -0800
committer Eric Laurent <elaurent@google.com> Fri Nov 08 17:56:01 2019 -0800
tree 5e498499c94c3fa171a75e8daa55f949b4ea04ce
parent 484d6119d3ca9140d415dc1841d4c0c500d76a20

audio policy: fix playback permission checks

Align playback permission checks implementation in getOutputforAttr() on
capture checks in getInputForAttr(): use an "output type" returned by
audio policy manager and check permission accordingly.
- Do not modify but reject request to play to call uplink when permission
is denied.
- Add missing permission check for injection to remote submix.
- Clarify permission check for record from remote submix by using the
uid/pid of client explicitly.

Bug:
Test: CTS test for AudioTrack and AudioREcord.
Test: GTS tests for dynamic policies and playback capture
Change-Id: Ic0eb3b9921a491e97c58fa8f637583059a54b3a2

media/utils/ServiceUtilities.cpp

diff --git a/media/utils/ServiceUtilities.cpp b/media/utils/ServiceUtilities.cpp
index 971ae9f..b132782 100644
--- a/media/utils/ServiceUtilities.cpp
+++ b/media/utils/ServiceUtilities.cpp
@@ -167,9 +167,16 @@
 }
 
 bool modifyAudioRoutingAllowed() {
+    return modifyAudioRoutingAllowed(
+        IPCThreadState::self()->getCallingPid(), IPCThreadState::self()->getCallingUid());
+}
+
+bool modifyAudioRoutingAllowed(pid_t pid, uid_t uid) {
+    if (isAudioServerUid(IPCThreadState::self()->getCallingUid())) return true;
     // IMPORTANT: Use PermissionCache - not a runtime permission and may not change.
-    bool ok = PermissionCache::checkCallingPermission(sModifyAudioRouting);
-    if (!ok) ALOGE("android.permission.MODIFY_AUDIO_ROUTING");
+    bool ok = PermissionCache::checkPermission(sModifyAudioRouting, pid, uid);
+    if (!ok) ALOGE("%s(): android.permission.MODIFY_AUDIO_ROUTING denied for uid %d",
+        __func__, uid);
     return ok;
 }
 

media/utils/include/mediautils/ServiceUtilities.h

diff --git a/media/utils/include/mediautils/ServiceUtilities.h b/media/utils/include/mediautils/ServiceUtilities.h
index 2595761..9e852fd 100644
--- a/media/utils/include/mediautils/ServiceUtilities.h
+++ b/media/utils/include/mediautils/ServiceUtilities.h
@@ -85,6 +85,7 @@
 bool captureHotwordAllowed(const String16& opPackageName, pid_t pid, uid_t uid);
 bool settingsAllowed();
 bool modifyAudioRoutingAllowed();
+bool modifyAudioRoutingAllowed(pid_t pid, uid_t uid);
 bool modifyDefaultAudioEffectsAllowed();
 bool dumpAllowed();
 bool modifyPhoneStateAllowed(pid_t pid, uid_t uid);