Allow call audio access for default dialer application
The access to call audio (record and play) will be granted only to the app associated with Dialer role, who also includes a new system permission.
Test: Compilation and manual tests
Bug: 135197853
Change-Id: I65ca823c235d4d3420630837427103783ad1d1b0
diff --git a/media/utils/ServiceUtilities.cpp b/media/utils/ServiceUtilities.cpp
index 87ea084..7fd4d0a 100644
--- a/media/utils/ServiceUtilities.cpp
+++ b/media/utils/ServiceUtilities.cpp
@@ -223,6 +223,25 @@
return ok;
}
+bool accessCallAudioAllowed(const String16& opPackageName, pid_t pid, uid_t uid) {
+ static const String16 sAccessCallAudio("android.permission.ACCESS_CALL_AUDIO");
+ PermissionController permissionController;
+ const String16 resolvedOpPackageName = resolveCallingPackage(
+ permissionController, opPackageName, uid);
+ if (resolvedOpPackageName.size() == 0) {
+ ALOGE("accessCallAudioAllowed - FAIL - package not found.");
+ return false;
+ }
+ AppOpsManager appOps;
+ const int32_t op = appOps.permissionToOpCode(sAccessCallAudio);
+ const int32_t opResult = appOps.noteOp(op, uid, resolvedOpPackageName);
+ if (opResult == PermissionController::MODE_DEFAULT) {
+ // Only allow in case this is a system app with the proper privilege permission
+ return PermissionCache::checkPermission(sAccessCallAudio, pid, uid);
+ }
+ return opResult == PermissionController::MODE_ALLOWED;
+}
+
// privileged behavior needed by Dialer, Settings, SetupWizard and CellBroadcastReceiver
bool bypassInterruptionPolicyAllowed(pid_t pid, uid_t uid) {
static const String16 sWriteSecureSettings("android.permission.WRITE_SECURE_SETTINGS");
@@ -259,28 +278,29 @@
return NO_ERROR;
}
-sp<content::pm::IPackageManagerNative> MediaPackageManager::retreivePackageManager() {
+void MediaPackageManager::loadPackageManager() {
+ if (mPackageManager != nullptr) {
+ return;
+ }
const sp<IServiceManager> sm = defaultServiceManager();
if (sm == nullptr) {
ALOGW("%s: failed to retrieve defaultServiceManager", __func__);
- return nullptr;
+ return;
}
sp<IBinder> packageManager = sm->checkService(String16(nativePackageManagerName));
if (packageManager == nullptr) {
ALOGW("%s: failed to retrieve native package manager", __func__);
- return nullptr;
+ return;
}
- return interface_cast<content::pm::IPackageManagerNative>(packageManager);
+ mPackageManager = interface_cast<content::pm::IPackageManagerNative>(packageManager);
}
std::optional<bool> MediaPackageManager::doIsAllowed(uid_t uid) {
+ /** Can not fetch package manager at construction it may not yet be registered. */
+ loadPackageManager();
if (mPackageManager == nullptr) {
- /** Can not fetch package manager at construction it may not yet be registered. */
- mPackageManager = retreivePackageManager();
- if (mPackageManager == nullptr) {
- ALOGW("%s: Playback capture is denied as package manager is not reachable", __func__);
- return std::nullopt;
- }
+ ALOGW("%s: Playback capture is denied as package manager is not reachable", __func__);
+ return std::nullopt;
}
std::vector<std::string> packageNames;
diff --git a/media/utils/include/mediautils/ServiceUtilities.h b/media/utils/include/mediautils/ServiceUtilities.h
index 212599a..060e849 100644
--- a/media/utils/include/mediautils/ServiceUtilities.h
+++ b/media/utils/include/mediautils/ServiceUtilities.h
@@ -93,6 +93,7 @@
bool dumpAllowed();
bool modifyPhoneStateAllowed(pid_t pid, uid_t uid);
bool bypassInterruptionPolicyAllowed(pid_t pid, uid_t uid);
+bool accessCallAudioAllowed(const String16& opPackageName, pid_t pid, uid_t uid);
status_t checkIMemory(const sp<IMemory>& iMemory);
@@ -110,7 +111,7 @@
private:
static constexpr const char* nativePackageManagerName = "package_native";
std::optional<bool> doIsAllowed(uid_t uid);
- sp<content::pm::IPackageManagerNative> retreivePackageManager();
+ void loadPackageManager();
sp<content::pm::IPackageManagerNative> mPackageManager; // To check apps manifest
uint_t mPackageManagerErrors = 0;
struct Package {