commit dea7f94cc13c7f05fa5fd74094185be979f40b7a
author Bhalchandra Gajare <bgajare@google.com> Wed Jan 27 17:28:30 2021 -0800
committer Bhalchandra Gajare <bgajare@google.com> Mon Feb 01 09:54:50 2021 +0000
tree 9ad20d44c09b6cdfb42016ac64d148dc0dafbec8
parent 5b473026bd95779abcf5b44e6fed3f9da786ea35

audio policy: check permissions for AUDIO_INPUT_FLAG_HW_HOTWORD

Allow audio capture with AUDIO_INPUT_FLAG_HW_HOTWORD only if the
caller has CAPTURE_AUDIO_HOTWORD permission granted. While at it,
update the return code to PERMISSION_DENIED for other permission
checks as well.

Bug: 178654411
Test: tested by setting hotword mode from AGSA application that has the
required permission. Able to see hal opened with correct flag.
Test: Forced to always return error if flag was set and verified
AudioRecord starting in application fails.

Merged-In: I827ab5933621bff71a96164e40026ecccf1ba44f
Change-Id: I827ab5933621bff71a96164e40026ecccf1ba44f
(cherry picked from commit 499faed90b16ce8a09eff353ab71b6383f8b9908)

services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp

diff --git a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
index fed88a4..0ab63cf 100644
--- a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
+++ b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
@@ -590,7 +590,14 @@
 
     bool canCaptureHotword = captureHotwordAllowed(opPackageName, pid, uid);
     if ((inputSource == AUDIO_SOURCE_HOTWORD) && !canCaptureHotword) {
-        return binderStatusFromStatusT(BAD_VALUE);
+        return binderStatusFromStatusT(PERMISSION_DENIED);
+    }
+
+    if (((flags & AUDIO_INPUT_FLAG_HW_HOTWORD) != 0)
+            && !canCaptureHotword) {
+        ALOGE("%s: permission denied: hotword mode not allowed"
+              " for uid %d pid %d", __func__, uid, pid);
+        return binderStatusFromStatusT(PERMISSION_DENIED);
     }
 
     sp<AudioPolicyEffects>audioPolicyEffects;