Reapply "Audiopolicy permission check caching" (09859fe2) · Commits · e / os / android_frameworks_av

services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp

+164 −50

Original line number	Diff line number	Diff line
		@@ -23,6 +23,8 @@

		#include <android/content/AttributionSourceState.h>
		#include <android_media_audiopolicy.h>
		#include <com_android_media_audio.h>
		#include <error/expected_utils.h>
		#include <media/AidlConversion.h>
		#include <media/AudioPolicy.h>
		#include <media/AudioValidator.h>
		@@ -44,13 +46,30 @@
		if (!_tmp.isOk()) return _tmp; \
		}

		#define CHECK_PERM(expr1, expr2) \
		VALUE_OR_RETURN_STATUS(getPermissionProvider().checkPermission((expr1), (expr2)))

		#define MAX_ITEMS_PER_LIST 1024

		namespace android {
		namespace audiopolicy_flags = android::media::audiopolicy;
		using binder::Status;
		using aidl_utils::binderStatusFromStatusT;
		using com::android::media::audio::audioserver_permissions;
		using com::android::media::permission::NativePermissionController;
		using com::android::media::permission::PermissionEnum::ACCESS_ULTRASOUND;
		using com::android::media::permission::PermissionEnum::CALL_AUDIO_INTERCEPTION;
		using com::android::media::permission::PermissionEnum::CAPTURE_AUDIO_HOTWORD;
		using com::android::media::permission::PermissionEnum::CAPTURE_VOICE_COMMUNICATION_OUTPUT;
		using com::android::media::permission::PermissionEnum::CAPTURE_AUDIO_OUTPUT;
		using com::android::media::permission::PermissionEnum::CAPTURE_MEDIA_OUTPUT;
		using com::android::media::permission::PermissionEnum::CAPTURE_TUNER_AUDIO_INPUT;
		using com::android::media::permission::PermissionEnum::MODIFY_AUDIO_ROUTING;
		using com::android::media::permission::PermissionEnum::MODIFY_AUDIO_SETTINGS;
		using com::android::media::permission::PermissionEnum::MODIFY_DEFAULT_AUDIO_EFFECTS;
		using com::android::media::permission::PermissionEnum::MODIFY_PHONE_STATE;
		using com::android::media::permission::PermissionEnum::RECORD_AUDIO;
		using com::android::media::permission::PermissionEnum::WRITE_SECURE_SETTINGS;
		using content::AttributionSourceState;
		using media::audio::common::AudioConfig;
		using media::audio::common::AudioConfigBase;
		@@ -86,31 +105,37 @@ bool AudioPolicyService::isSupportedSystemUsage(audio_usage_t usage) {
		!= std::end(mSupportedSystemUsages);
		}

		status_t AudioPolicyService::validateUsage(const audio_attributes_t& attr) {
		Status AudioPolicyService::validateUsage(const audio_attributes_t& attr) {
		return validateUsage(attr, getCallingAttributionSource());
		}

		status_t AudioPolicyService::validateUsage(const audio_attributes_t& attr,
		Status AudioPolicyService::validateUsage(const audio_attributes_t& attr,
		const AttributionSourceState& attributionSource) {
		if (isSystemUsage(attr.usage)) {
		if (isSupportedSystemUsage(attr.usage)) {
		if (attr.usage == AUDIO_USAGE_CALL_ASSISTANT
		&& ((attr.flags & AUDIO_FLAG_CALL_REDIRECTION) != 0)) {
		if (!callAudioInterceptionAllowed(attributionSource)) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(CALL_AUDIO_INTERCEPTION, attributionSource.uid)
		: callAudioInterceptionAllowed(attributionSource))) {
		ALOGE("%s: call audio interception not allowed for attribution source: %s",
		__func__, attributionSource.toString().c_str());
		return PERMISSION_DENIED;
		return Status::fromExceptionCode(Status::EX_SECURITY,
		"Call audio interception not allowed");
		}
		} else if (!modifyAudioRoutingAllowed(attributionSource)) {
		} else if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, attributionSource.uid)
		: modifyAudioRoutingAllowed(attributionSource))) {
		ALOGE("%s: modify audio routing not allowed for attribution source: %s",
		__func__, attributionSource.toString().c_str());
		return PERMISSION_DENIED;
		return Status::fromExceptionCode(Status::EX_SECURITY,
		"Modify audio routing not allowed");
		}
		} else {
		return BAD_VALUE;
		return Status::fromExceptionCode(Status::EX_ILLEGAL_ARGUMENT);
		}
		}
		return NO_ERROR;
		return Status::ok();
		}


		@@ -137,7 +162,9 @@ Status AudioPolicyService::setDeviceConnectionState(
		if (mAudioPolicyManager == NULL) {
		return binderStatusFromStatusT(NO_INIT);
		}
		if (!settingsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_SETTINGS, IPCThreadState::self()->getCallingUid())
		: settingsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (state != AUDIO_POLICY_DEVICE_STATE_AVAILABLE &&
		@@ -191,7 +218,9 @@ Status AudioPolicyService::handleDeviceConfigChange(
		if (mAudioPolicyManager == NULL) {
		return binderStatusFromStatusT(NO_INIT);
		}
		if (!settingsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_SETTINGS, IPCThreadState::self()->getCallingUid())
		: settingsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}

		@@ -215,7 +244,9 @@ Status AudioPolicyService::setPhoneState(AudioMode stateAidl, int32_t uidAidl)
		if (mAudioPolicyManager == NULL) {
		return binderStatusFromStatusT(NO_INIT);
		}
		if (!settingsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_SETTINGS, IPCThreadState::self()->getCallingUid())
		: settingsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (uint32_t(state) >= AUDIO_MODE_CNT) {
		@@ -265,7 +296,9 @@ Status AudioPolicyService::setForceUse(media::AudioPolicyForceUse usageAidl,
		return binderStatusFromStatusT(NO_INIT);
		}

		if (!modifyAudioRoutingAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, IPCThreadState::self()->getCallingUid())
		: modifyAudioRoutingAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}

		@@ -355,7 +388,7 @@ Status AudioPolicyService::getOutputForAttr(const media::audio::common::AudioAtt

		RETURN_IF_BINDER_ERROR(
		binderStatusFromStatusT(AudioValidator::validateAudioAttributes(attr, "68953950")));
		RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(validateUsage(attr, attributionSource)));
		RETURN_IF_BINDER_ERROR(validateUsage(attr, attributionSource));

		ALOGV("%s()", __func__);
		audio_utils::lock_guard _l(mMutex);
		@@ -364,14 +397,22 @@ Status AudioPolicyService::getOutputForAttr(const media::audio::common::AudioAtt
		aidl2legacy_int32_t_uid_t(attributionSource.uid)))) {
		attr.flags = static_cast<audio_flags_mask_t>(attr.flags \| AUDIO_FLAG_NO_MEDIA_PROJECTION);
		}
		const bool bypassInterruptionAllowed = audioserver_permissions() ? (
		CHECK_PERM(MODIFY_AUDIO_ROUTING, attributionSource.uid) \|\|
		CHECK_PERM(MODIFY_PHONE_STATE, attributionSource.uid) \|\|
		CHECK_PERM(WRITE_SECURE_SETTINGS, attributionSource.uid))
		: bypassInterruptionPolicyAllowed(attributionSource);

		if (((attr.flags & (AUDIO_FLAG_BYPASS_INTERRUPTION_POLICY\|AUDIO_FLAG_BYPASS_MUTE)) != 0)
		&& !bypassInterruptionPolicyAllowed(attributionSource)) {
		&& !bypassInterruptionAllowed) {
		attr.flags = static_cast<audio_flags_mask_t>(
		attr.flags & ~(AUDIO_FLAG_BYPASS_INTERRUPTION_POLICY\|AUDIO_FLAG_BYPASS_MUTE));
		}

		if (attr.content_type == AUDIO_CONTENT_TYPE_ULTRASOUND) {
		if (!accessUltrasoundAllowed(attributionSource)) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(ACCESS_ULTRASOUND, attributionSource.uid)
		: accessUltrasoundAllowed(attributionSource))) {
		ALOGE("%s: permission denied: ultrasound not allowed for uid %d pid %d",
		__func__, attributionSource.uid, attributionSource.pid);
		return binderStatusFromStatusT(PERMISSION_DENIED);
		@@ -400,18 +441,24 @@ Status AudioPolicyService::getOutputForAttr(const media::audio::common::AudioAtt
		break;
		case AudioPolicyInterface::API_OUTPUT_TELEPHONY_TX:
		if (((attr.flags & AUDIO_FLAG_CALL_REDIRECTION) != 0)
		&& !callAudioInterceptionAllowed(attributionSource)) {
		&& !(audioserver_permissions() ?
		CHECK_PERM(CALL_AUDIO_INTERCEPTION, attributionSource.uid)
		: callAudioInterceptionAllowed(attributionSource))) {
		ALOGE("%s() permission denied: call redirection not allowed for uid %d",
		__func__, attributionSource.uid);
		result = PERMISSION_DENIED;
		} else if (!modifyPhoneStateAllowed(attributionSource)) {
		} else if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_PHONE_STATE, attributionSource.uid)
		: modifyPhoneStateAllowed(attributionSource))) {
		ALOGE("%s() permission denied: modify phone state not allowed for uid %d",
		__func__, attributionSource.uid);
		result = PERMISSION_DENIED;
		}
		break;
		case AudioPolicyInterface::API_OUT_MIX_PLAYBACK:
		if (!modifyAudioRoutingAllowed(attributionSource)) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, attributionSource.uid)
		: modifyAudioRoutingAllowed(attributionSource))) {
		ALOGE("%s() permission denied: modify audio routing not allowed for uid %d",
		__func__, attributionSource.uid);
		result = PERMISSION_DENIED;
		@@ -630,8 +677,7 @@ Status AudioPolicyService::getInputForAttr(const media::audio::common::AudioAttr
		return binderStatusFromStatusT(BAD_VALUE);
		}

		RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(validateUsage(attr,
		attributionSource)));
		RETURN_IF_BINDER_ERROR(validateUsage(attr, attributionSource));

		uint32_t virtualDeviceId = kDefaultVirtualDeviceId;

		@@ -644,7 +690,10 @@ Status AudioPolicyService::getInputForAttr(const media::audio::common::AudioAttr
		// type is API_INPUT_MIX_EXT_POLICY_REROUTE and by AudioService if a media projection
		// is used and input type is API_INPUT_MIX_PUBLIC_CAPTURE_PLAYBACK
		// - ECHO_REFERENCE source is controlled by captureAudioOutputAllowed()
		if (!(recordingAllowed(attributionSource, inputSource)
		const auto isRecordingAllowed = audioserver_permissions() ?
		CHECK_PERM(RECORD_AUDIO, attributionSource.uid) :
		recordingAllowed(attributionSource, inputSource);
		if (!(isRecordingAllowed
		\|\| inputSource == AUDIO_SOURCE_FM_TUNER
		\|\| inputSource == AUDIO_SOURCE_REMOTE_SUBMIX
		\|\| inputSource == AUDIO_SOURCE_ECHO_REFERENCE)) {
		@@ -653,8 +702,12 @@ Status AudioPolicyService::getInputForAttr(const media::audio::common::AudioAttr
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}

		bool canCaptureOutput = captureAudioOutputAllowed(attributionSource);
		bool canInterceptCallAudio = callAudioInterceptionAllowed(attributionSource);
		bool canCaptureOutput = audioserver_permissions() ?
		CHECK_PERM(CAPTURE_AUDIO_OUTPUT, attributionSource.uid)
		: captureAudioOutputAllowed(attributionSource);
		bool canInterceptCallAudio = audioserver_permissions() ?
		CHECK_PERM(CALL_AUDIO_INTERCEPTION, attributionSource.uid)
		: callAudioInterceptionAllowed(attributionSource);
		bool isCallAudioSource = inputSource == AUDIO_SOURCE_VOICE_UPLINK
		\|\| inputSource == AUDIO_SOURCE_VOICE_DOWNLINK
		\|\| inputSource == AUDIO_SOURCE_VOICE_CALL;
		@@ -668,11 +721,15 @@ Status AudioPolicyService::getInputForAttr(const media::audio::common::AudioAttr
		}
		if (inputSource == AUDIO_SOURCE_FM_TUNER
		&& !canCaptureOutput
		&& !captureTunerAudioInputAllowed(attributionSource)) {
		&& !(audioserver_permissions() ?
		CHECK_PERM(CAPTURE_TUNER_AUDIO_INPUT, attributionSource.uid)
		: captureTunerAudioInputAllowed(attributionSource))) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}

		bool canCaptureHotword = captureHotwordAllowed(attributionSource);
		bool canCaptureHotword = audioserver_permissions() ?
		CHECK_PERM(CAPTURE_AUDIO_HOTWORD, attributionSource.uid)
		: captureHotwordAllowed(attributionSource);
		if ((inputSource == AUDIO_SOURCE_HOTWORD) && !canCaptureHotword) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		@@ -687,7 +744,9 @@ Status AudioPolicyService::getInputForAttr(const media::audio::common::AudioAttr
		}

		if (attr.source == AUDIO_SOURCE_ULTRASOUND) {
		if (!accessUltrasoundAllowed(attributionSource)) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(ACCESS_ULTRASOUND, attributionSource.uid)
		: accessUltrasoundAllowed(attributionSource))) {
		ALOGE("%s: permission denied: ultrasound not allowed for uid %d pid %d",
		__func__, attributionSource.uid, attributionSource.pid);
		return binderStatusFromStatusT(PERMISSION_DENIED);
		@@ -733,14 +792,29 @@ Status AudioPolicyService::getInputForAttr(const media::audio::common::AudioAttr
		status = PERMISSION_DENIED;
		}
		break;
		case AudioPolicyInterface::API_INPUT_MIX_EXT_POLICY_REROUTE:
		if (!(modifyAudioRoutingAllowed(attributionSource)
		case AudioPolicyInterface::API_INPUT_MIX_EXT_POLICY_REROUTE: {
		bool modAudioRoutingAllowed;
		if (audioserver_permissions()) {
		auto result = getPermissionProvider().checkPermission(
		MODIFY_AUDIO_ROUTING, attributionSource.uid);
		if (!result.ok()) {
		ALOGE("%s permission provider error: %s", __func__,
		result.error().toString8().c_str());
		status = aidl_utils::statusTFromBinderStatus(result.error());
		break;
		}
		modAudioRoutingAllowed = result.value();
		} else {
		modAudioRoutingAllowed = modifyAudioRoutingAllowed(attributionSource);
		}
		if (!(modAudioRoutingAllowed
		\|\| ((attr.flags & AUDIO_FLAG_CALL_REDIRECTION) != 0
		&& canInterceptCallAudio))) {
		ALOGE("%s permission denied for remote submix capture", __func__);
		status = PERMISSION_DENIED;
		}
		break;
		}
		case AudioPolicyInterface::API_INPUT_INVALID:
		default:
		LOG_ALWAYS_FATAL("%s encountered an invalid input type %d",
		@@ -1035,7 +1109,9 @@ Status AudioPolicyService::setDeviceAbsoluteVolumeEnabled(const AudioDevice& dev
		if (mAudioPolicyManager == nullptr) {
		return binderStatusFromStatusT(NO_INIT);
		}
		if (!settingsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_SETTINGS, IPCThreadState::self()->getCallingUid())
		: settingsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (uint32_t(streamToDriveAbs) >= AUDIO_STREAM_PUBLIC_CNT) {
		@@ -1059,7 +1135,9 @@ Status AudioPolicyService::initStreamVolume(AudioStreamType streamAidl,
		if (mAudioPolicyManager == NULL) {
		return binderStatusFromStatusT(NO_INIT);
		}
		if (!settingsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_SETTINGS, IPCThreadState::self()->getCallingUid())
		: settingsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (uint32_t(stream) >= AUDIO_STREAM_PUBLIC_CNT) {
		@@ -1083,7 +1161,9 @@ Status AudioPolicyService::setStreamVolumeIndex(AudioStreamType streamAidl,
		if (mAudioPolicyManager == NULL) {
		return binderStatusFromStatusT(NO_INIT);
		}
		if (!settingsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_SETTINGS, IPCThreadState::self()->getCallingUid())
		: settingsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (uint32_t(stream) >= AUDIO_STREAM_PUBLIC_CNT) {
		@@ -1133,7 +1213,9 @@ Status AudioPolicyService::setVolumeIndexForAttributes(
		if (mAudioPolicyManager == NULL) {
		return binderStatusFromStatusT(NO_INIT);
		}
		if (!settingsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_SETTINGS, IPCThreadState::self()->getCallingUid())
		: settingsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		audio_utils::lock_guard _l(mMutex);
		@@ -1439,7 +1521,9 @@ Status AudioPolicyService::addSourceDefaultEffect(const AudioUuid& typeAidl,

		sp<AudioPolicyEffects>audioPolicyEffects;
		RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(getAudioPolicyEffects(audioPolicyEffects)));
		if (!modifyDefaultAudioEffectsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_DEFAULT_AUDIO_EFFECTS, IPCThreadState::self()->getCallingUid())
		: modifyDefaultAudioEffectsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(audioPolicyEffects->addSourceDefaultEffect(
		@@ -1465,7 +1549,9 @@ Status AudioPolicyService::addStreamDefaultEffect(const AudioUuid& typeAidl,

		sp<AudioPolicyEffects> audioPolicyEffects;
		RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(getAudioPolicyEffects(audioPolicyEffects)));
		if (!modifyDefaultAudioEffectsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_DEFAULT_AUDIO_EFFECTS, IPCThreadState::self()->getCallingUid())
		: modifyDefaultAudioEffectsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(audioPolicyEffects->addStreamDefaultEffect(
		@@ -1480,7 +1566,9 @@ Status AudioPolicyService::removeSourceDefaultEffect(int32_t idAidl)
		aidl2legacy_int32_t_audio_unique_id_t(idAidl));
		sp<AudioPolicyEffects>audioPolicyEffects;
		RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(getAudioPolicyEffects(audioPolicyEffects)));
		if (!modifyDefaultAudioEffectsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_DEFAULT_AUDIO_EFFECTS, IPCThreadState::self()->getCallingUid())
		: modifyDefaultAudioEffectsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		return binderStatusFromStatusT(audioPolicyEffects->removeSourceDefaultEffect(id));
		@@ -1492,7 +1580,9 @@ Status AudioPolicyService::removeStreamDefaultEffect(int32_t idAidl)
		aidl2legacy_int32_t_audio_unique_id_t(idAidl));
		sp<AudioPolicyEffects>audioPolicyEffects;
		RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(getAudioPolicyEffects(audioPolicyEffects)));
		if (!modifyDefaultAudioEffectsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_DEFAULT_AUDIO_EFFECTS, IPCThreadState::self()->getCallingUid())
		: modifyDefaultAudioEffectsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		return binderStatusFromStatusT(audioPolicyEffects->removeStreamDefaultEffect(id));
		@@ -1510,7 +1600,9 @@ Status AudioPolicyService::setSupportedSystemUsages(
		std::back_inserter(systemUsages), aidl2legacy_AudioUsage_audio_usage_t)));

		audio_utils::lock_guard _l(mMutex);
		if(!modifyAudioRoutingAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, IPCThreadState::self()->getCallingUid())
		: modifyAudioRoutingAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}

		@@ -1569,7 +1661,7 @@ Status AudioPolicyService::isDirectOutputSupported(
		return binderStatusFromStatusT(NO_INIT);
		}

		RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(validateUsage(attributes)));
		RETURN_IF_BINDER_ERROR(validateUsage(attributes));

		audio_utils::lock_guard _l(mMutex);
		*_aidl_return = mAudioPolicyManager->isDirectOutputSupported(config, attributes);
		@@ -1644,7 +1736,9 @@ Status AudioPolicyService::createAudioPatch(const media::AudioPatchFw& patchAidl
		RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(AudioValidator::validateAudioPatch(patch)));

		audio_utils::lock_guard _l(mMutex);
		if(!modifyAudioRoutingAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, IPCThreadState::self()->getCallingUid())
		: modifyAudioRoutingAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (mAudioPolicyManager == NULL) {
		@@ -1663,7 +1757,9 @@ Status AudioPolicyService::releaseAudioPatch(int32_t handleAidl)
		audio_patch_handle_t handle = VALUE_OR_RETURN_BINDER_STATUS(
		aidl2legacy_int32_t_audio_patch_handle_t(handleAidl));
		audio_utils::lock_guard _l(mMutex);
		if(!modifyAudioRoutingAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, IPCThreadState::self()->getCallingUid())
		: modifyAudioRoutingAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (mAudioPolicyManager == NULL) {
		@@ -1711,7 +1807,9 @@ Status AudioPolicyService::setAudioPortConfig(const media::AudioPortConfigFw& co
		binderStatusFromStatusT(AudioValidator::validateAudioPortConfig(config)));

		audio_utils::lock_guard _l(mMutex);
		if(!modifyAudioRoutingAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, IPCThreadState::self()->getCallingUid())
		: modifyAudioRoutingAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (mAudioPolicyManager == NULL) {
		@@ -1774,7 +1872,9 @@ Status AudioPolicyService::registerPolicyMixes(const std::vector<media::AudioMix
		// loopback\|render only need a MediaProjection (checked in caller AudioService.java)
		bool needModifyAudioRouting = std::any_of(mixes.begin(), mixes.end(), [](auto& mix) {
		return !is_mix_loopback_render(mix.mRouteFlags); });
		if (needModifyAudioRouting && !modifyAudioRoutingAllowed()) {
		if (needModifyAudioRouting && !(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, IPCThreadState::self()->getCallingUid())
		: modifyAudioRoutingAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}

		@@ -1790,12 +1890,16 @@ Status AudioPolicyService::registerPolicyMixes(const std::vector<media::AudioMix
		const AttributionSourceState attributionSource = getCallingAttributionSource();


		if (needCaptureMediaOutput && !captureMediaOutputAllowed(attributionSource)) {
		if (needCaptureMediaOutput && !(audioserver_permissions() ?
		CHECK_PERM(CAPTURE_MEDIA_OUTPUT, attributionSource.uid)
		: modifyAudioRoutingAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}

		if (needCaptureVoiceCommunicationOutput &&
		!captureVoiceCommunicationOutputAllowed(attributionSource)) {
		!(audioserver_permissions() ?
		CHECK_PERM(CAPTURE_VOICE_COMMUNICATION_OUTPUT, attributionSource.uid)
		: captureVoiceCommunicationOutputAllowed(attributionSource))) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}

		@@ -1852,7 +1956,9 @@ Status AudioPolicyService::setUidDeviceAffinities(
		aidl2legacy_AudioDeviceTypeAddress));

		audio_utils::lock_guard _l(mMutex);
		if(!modifyAudioRoutingAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, IPCThreadState::self()->getCallingUid())
		: modifyAudioRoutingAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (mAudioPolicyManager == NULL) {
		@@ -1866,7 +1972,9 @@ Status AudioPolicyService::removeUidDeviceAffinities(int32_t uidAidl) {
		uid_t uid = VALUE_OR_RETURN_BINDER_STATUS(aidl2legacy_int32_t_uid_t(uidAidl));

		audio_utils::lock_guard _l(mMutex);
		if(!modifyAudioRoutingAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, IPCThreadState::self()->getCallingUid())
		: modifyAudioRoutingAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (mAudioPolicyManager == NULL) {
		@@ -1885,7 +1993,9 @@ Status AudioPolicyService::setUserIdDeviceAffinities(
		aidl2legacy_AudioDeviceTypeAddress));

		audio_utils::lock_guard _l(mMutex);
		if(!modifyAudioRoutingAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, IPCThreadState::self()->getCallingUid())
		: modifyAudioRoutingAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (mAudioPolicyManager == NULL) {
		@@ -1899,7 +2009,9 @@ Status AudioPolicyService::removeUserIdDeviceAffinities(int32_t userIdAidl) {
		int userId = VALUE_OR_RETURN_BINDER_STATUS(convertReinterpret<int>(userIdAidl));

		audio_utils::lock_guard _l(mMutex);
		if(!modifyAudioRoutingAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_ROUTING, IPCThreadState::self()->getCallingUid())
		: modifyAudioRoutingAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		if (mAudioPolicyManager == NULL) {
		@@ -1927,7 +2039,7 @@ Status AudioPolicyService::startAudioSource(const media::AudioPortConfigFw& sour
		return binderStatusFromStatusT(NO_INIT);
		}

		RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(validateUsage(attributes)));
		RETURN_IF_BINDER_ERROR(validateUsage(attributes));

		// startAudioSource should be created as the calling uid
		const uid_t callingUid = IPCThreadState::self()->getCallingUid();
		@@ -1956,7 +2068,9 @@ Status AudioPolicyService::setMasterMono(bool mono)
		if (mAudioPolicyManager == NULL) {
		return binderStatusFromStatusT(NO_INIT);
		}
		if (!settingsAllowed()) {
		if (!(audioserver_permissions() ?
		CHECK_PERM(MODIFY_AUDIO_SETTINGS, IPCThreadState::self()->getCallingUid())
		: settingsAllowed())) {
		return binderStatusFromStatusT(PERMISSION_DENIED);
		}
		audio_utils::lock_guard _l(mMutex);

services/audiopolicy/service/AudioPolicyService.h

+2 −2

Original line number	Diff line number	Diff line
		@@ -452,8 +452,8 @@ private:
		app_state_t apmStatFromAmState(int amState);

		bool isSupportedSystemUsage(audio_usage_t usage);
		status_t validateUsage(const audio_attributes_t& attr);
		status_t validateUsage(const audio_attributes_t& attr,
		binder::Status validateUsage(const audio_attributes_t& attr);
		binder::Status validateUsage(const audio_attributes_t& attr,
		const AttributionSourceState& attributionSource);

		void updateUidStates();