Allow call audio access for default dialer application
The access to call audio (record and play) will be granted only to the app associated with Dialer role, who also includes a new system permission.
Test: Compilation and manual tests
Bug: 135197853
Change-Id: I65ca823c235d4d3420630837427103783ad1d1b0
diff --git a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
index 4d071c8..38801ec 100644
--- a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
+++ b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
@@ -211,6 +211,7 @@
audio_stream_type_t *stream,
pid_t pid,
uid_t uid,
+ const String16& opPackageName,
const audio_config_t *config,
audio_output_flags_t flags,
audio_port_handle_t *selectedDeviceId,
@@ -257,7 +258,8 @@
case AudioPolicyInterface::API_OUTPUT_LEGACY:
break;
case AudioPolicyInterface::API_OUTPUT_TELEPHONY_TX:
- if (!modifyPhoneStateAllowed(pid, uid)) {
+ if (!modifyPhoneStateAllowed(pid, uid) &&
+ !accessCallAudioAllowed(opPackageName, pid, uid)) {
ALOGE("%s() permission denied: modify phone state not allowed for uid %d",
__func__, uid);
result = PERMISSION_DENIED;
@@ -454,15 +456,22 @@
}
bool canCaptureOutput = captureAudioOutputAllowed(pid, uid);
- if ((inputSource == AUDIO_SOURCE_VOICE_UPLINK ||
- inputSource == AUDIO_SOURCE_VOICE_DOWNLINK ||
- inputSource == AUDIO_SOURCE_VOICE_CALL ||
- inputSource == AUDIO_SOURCE_ECHO_REFERENCE||
- inputSource == AUDIO_SOURCE_FM_TUNER) &&
+ bool canCaptureTelephonyOutput = canCaptureOutput
+ || accessCallAudioAllowed(opPackageName, pid, uid);
+
+ if ((attr->source == AUDIO_SOURCE_ECHO_REFERENCE ||
+ attr->source == AUDIO_SOURCE_FM_TUNER) &&
!canCaptureOutput) {
return PERMISSION_DENIED;
}
+ if ((attr->source == AUDIO_SOURCE_VOICE_UPLINK ||
+ attr->source == AUDIO_SOURCE_VOICE_DOWNLINK ||
+ attr->source == AUDIO_SOURCE_VOICE_CALL) &&
+ !canCaptureTelephonyOutput) {
+ return PERMISSION_DENIED;
+ }
+
bool canCaptureHotword = captureHotwordAllowed(opPackageName, pid, uid);
if ((inputSource == AUDIO_SOURCE_HOTWORD) && !canCaptureHotword) {
return BAD_VALUE;
@@ -494,6 +503,11 @@
break;
case AudioPolicyInterface::API_INPUT_TELEPHONY_RX:
// FIXME: use the same permission as for remote submix for now.
+ if (!canCaptureTelephonyOutput) {
+ ALOGE("getInputForAttr() permission denied: call capture not allowed");
+ status = PERMISSION_DENIED;
+ }
+ break;
case AudioPolicyInterface::API_INPUT_MIX_CAPTURE:
if (!canCaptureOutput) {
ALOGE("getInputForAttr() permission denied: capture not allowed");
@@ -521,9 +535,13 @@
return status;
}
+ bool allowAudioCapture = canCaptureOutput ||
+ (inputType == AudioPolicyInterface::API_INPUT_TELEPHONY_RX &&
+ canCaptureTelephonyOutput);
+
sp<AudioRecordClient> client = new AudioRecordClient(*attr, *input, uid, pid, session, *portId,
*selectedDeviceId, opPackageName,
- canCaptureOutput, canCaptureHotword);
+ allowAudioCapture, canCaptureHotword);
mAudioRecordClients.add(*portId, client);
}
diff --git a/services/audiopolicy/service/AudioPolicyService.cpp b/services/audiopolicy/service/AudioPolicyService.cpp
index e5c36ea..99cec5a 100644
--- a/services/audiopolicy/service/AudioPolicyService.cpp
+++ b/services/audiopolicy/service/AudioPolicyService.cpp
@@ -534,8 +534,8 @@
// OR client has CAPTURE_AUDIO_OUTPUT privileged permission
bool allowCapture = !isAssistantOnTop
&& ((isTopOrLatestActive && !isLatestSensitive) || isLatestSensitive)
- && !(isSensitiveActive && !(isLatestSensitive || current->canCaptureOutput))
- && !(isInCall && !current->canCaptureOutput);
+ && !(isSensitiveActive && !(isLatestSensitive || current->canCaptureCallOrOutput))
+ && !(isInCall && !current->canCaptureCallOrOutput);
if (isVirtualSource(source)) {
// Allow capture for virtual (remote submix, call audio TX or RX...) sources
@@ -555,7 +555,7 @@
} else {
if (((isAssistantOnTop && source == AUDIO_SOURCE_VOICE_RECOGNITION) ||
source == AUDIO_SOURCE_HOTWORD) &&
- (!(isSensitiveActive || isInCall) || current->canCaptureOutput)) {
+ (!(isSensitiveActive || isInCall) || current->canCaptureCallOrOutput)) {
allowCapture = true;
}
}
@@ -567,7 +567,7 @@
// OR
// Is on TOP AND the source is VOICE_RECOGNITION or HOTWORD
if (!isAssistantOnTop
- && (!(isSensitiveActive || isInCall) || current->canCaptureOutput)) {
+ && (!(isSensitiveActive || isInCall) || current->canCaptureCallOrOutput)) {
allowCapture = true;
}
if (isA11yOnTop) {
@@ -580,7 +580,7 @@
// All active clients are using HOTWORD source
// AND no call is active
// OR client has CAPTURE_AUDIO_OUTPUT privileged permission
- if (onlyHotwordActive && !(isInCall && !current->canCaptureOutput)) {
+ if (onlyHotwordActive && !(isInCall && !current->canCaptureCallOrOutput)) {
allowCapture = true;
}
}
diff --git a/services/audiopolicy/service/AudioPolicyService.h b/services/audiopolicy/service/AudioPolicyService.h
index 41a0d2b..c3c87f1 100644
--- a/services/audiopolicy/service/AudioPolicyService.h
+++ b/services/audiopolicy/service/AudioPolicyService.h
@@ -82,6 +82,7 @@
audio_stream_type_t *stream,
pid_t pid,
uid_t uid,
+ const String16& opPackageName,
const audio_config_t *config,
audio_output_flags_t flags,
audio_port_handle_t *selectedDeviceId,
@@ -807,15 +808,16 @@
const audio_io_handle_t io, uid_t uid, pid_t pid,
const audio_session_t session, audio_port_handle_t portId,
const audio_port_handle_t deviceId, const String16& opPackageName,
- bool canCaptureOutput, bool canCaptureHotword) :
+ bool canCaptureCallOrOutput, bool canCaptureHotword) :
AudioClient(attributes, io, uid, pid, session, portId, deviceId),
opPackageName(opPackageName), startTimeNs(0),
- canCaptureOutput(canCaptureOutput), canCaptureHotword(canCaptureHotword) {}
+ canCaptureCallOrOutput(canCaptureCallOrOutput),
+ canCaptureHotword(canCaptureHotword) {}
~AudioRecordClient() override = default;
const String16 opPackageName; // client package name
nsecs_t startTimeNs;
- const bool canCaptureOutput;
+ const bool canCaptureCallOrOutput;
const bool canCaptureHotword;
};