Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3f0b32f1 authored by Atneya Nair's avatar Atneya Nair
Browse files

Revert^2 "Update bluetooth perm checking to perm cache" 

This reverts commit 8b79359e.

Reason for revert: Re-land

Test: Manual a2dp/sco playback, disconnect/connect
Test: Security POC
Test: avatar A2dpTest#test_avdt_handle_suspend_cfm_bad_state_error
Test: v2/pandora-prod-team/pts-bot
Bug: 285588444
Bug: 381940267
Bug: 382088208

Change-Id: I8cdf337c419651cbd21f6f3314bd31205621d7a1
parent d9e00897

media/audioaidlconversion/AidlConversionCppNdk.cpp

+1 −1
Original line number Diff line number Diff line
@@ -1100,7 +1100,7 @@ namespace { 
    // Use '01' for LSB bits 0 and 1 as Bluetooth MAC addresses are never multicast

    // and universaly administered

    constexpr std::array<uint8_t, 4> BTANON_PREFIX {0xFD, 0xFF, 0xFF, 0xFF};

    // Keep sync with ServiceUtilities.cpp mustAnonymizeBluetoothAddress

    // Keep sync with ServiceUtilities.cpp anonymizeBluetoothAddress

    constexpr const char * BTANON_PREFIX_STR = "XX:XX:XX:XX:";

}

media/utils/ServiceUtilities.cpp

+1 −1
Original line number Diff line number Diff line
@@ -544,7 +544,7 @@ bool checkBluetoothPermission(const AttributionSourceState& attr) { 
 * @param caller string identifying the caller for logging.

 * @return true if the MAC addresses must be anonymized, false otherwise.

 */

bool mustAnonymizeBluetoothAddress(

bool mustAnonymizeBluetoothAddressLegacy(

        const AttributionSourceState& attributionSource, const String16&) {

    uid_t uid = VALUE_OR_FATAL(aidl2legacy_int32_t_uid_t(attributionSource.uid));

    bool res;

media/utils/include/mediautils/ServiceUtilities.h

+1 −1
Original line number Diff line number Diff line
@@ -116,7 +116,7 @@ bool modifyPhoneStateAllowed(const AttributionSourceState& attributionSource); 
bool bypassInterruptionPolicyAllowed(const AttributionSourceState& attributionSource);

bool callAudioInterceptionAllowed(const AttributionSourceState& attributionSource);

void purgePermissionCache();

bool mustAnonymizeBluetoothAddress(

bool mustAnonymizeBluetoothAddressLegacy(

        const AttributionSourceState& attributionSource, const String16& caller);

void anonymizeBluetoothAddress(char *address);

services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp

+34 −3
Original line number Diff line number Diff line
@@ -78,6 +78,7 @@ using com::android::media::permission::PermissionEnum::MODIFY_DEFAULT_AUDIO_EFFE 
using com::android::media::permission::PermissionEnum::MODIFY_PHONE_STATE;

using com::android::media::permission::PermissionEnum::RECORD_AUDIO;

using com::android::media::permission::PermissionEnum::WRITE_SECURE_SETTINGS;

using com::android::media::permission::PermissionEnum::BLUETOOTH_CONNECT;

using com::android::media::permission::PermissionEnum::BYPASS_CONCURRENT_RECORD_AUDIO_RESTRICTION;

using content::AttributionSourceState;

using media::audio::common::AudioConfig;
@@ -98,6 +99,33 @@ constexpr int kDefaultVirtualDeviceId = 0; 
namespace {

constexpr auto PERMISSION_HARD_DENIED = permission::PermissionChecker::PERMISSION_HARD_DENIED;

constexpr auto PERMISSION_GRANTED = permission::PermissionChecker::PERMISSION_GRANTED;



bool mustAnonymizeBluetoothAddress(const AttributionSourceState& attributionSource,

                                   const String16& caller,

                                   const IPermissionProvider& provider) {

    if (audioserver_permissions()) {

        switch(multiuser_get_app_id(attributionSource.uid)) {

            // out of caution, to prevent regression

            case AID_ROOT:

            case AID_SYSTEM:

            case AID_AUDIOSERVER:

            case AID_RADIO:

            case AID_BLUETOOTH:

            case AID_MEDIA:

                return false;

        }

        const auto res = provider.checkPermission(BLUETOOTH_CONNECT, attributionSource.uid);

        if (res.has_value()) {

            return !(*res);

        } else {

            ALOGE("%s: error: %s", __func__, res.error().toString8().c_str());

            return true;

        }

    } else {

        return mustAnonymizeBluetoothAddressLegacy(attributionSource, caller);

    }

}



}



const std::vector<audio_usage_t>& SYSTEM_USAGES = {
@@ -1781,7 +1809,8 @@ Status AudioPolicyService::listAudioPorts(media::AudioPortRole roleAidl, 
        numPortsReq = std::min(numPortsReq, num_ports);

    }



    if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__))) {

    if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__),

                                      getPermissionProvider())) {

        for (size_t i = 0; i < numPortsReq; ++i) {

            anonymizePortBluetoothAddress(ports[i]);

        }
@@ -1823,7 +1852,8 @@ Status AudioPolicyService::getAudioPort(int portId, 
        RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(mAudioPolicyManager->getAudioPort(&port)));

    }



    if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__))) {

    if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__),

                                      getPermissionProvider())) {

        anonymizePortBluetoothAddress(port);

    }
@@ -1903,7 +1933,8 @@ Status AudioPolicyService::listAudioPatches(Int* count, 
        numPatchesReq = std::min(numPatchesReq, num_patches);

    }



    if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__))) {

    if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__),

                                      getPermissionProvider())) {

        for (size_t i = 0; i < numPatchesReq; ++i) {

            for (size_t j = 0; j < patches[i].num_sources; ++j) {

                anonymizePortBluetoothAddress(patches[i].sources[j]);