Merge "MediaMetrics: Use AllowUid property for services to control client... (577fbb3d) · Commits · e / os / android_frameworks_av

media/libmediametrics/include/MediaMetricsConstants.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -86,6 +86,7 @@
		// of suppressed in the Time Machine.
		#define AMEDIAMETRICS_PROP_SUFFIX_CHAR_DUPLICATES_ALLOWED '#'

		#define AMEDIAMETRICS_PROP_ALLOWUID "_allowUid" // int32_t, allow client uid to post
		#define AMEDIAMETRICS_PROP_AUXEFFECTID "auxEffectId" // int32 (AudioTrack)
		#define AMEDIAMETRICS_PROP_BUFFERSIZEFRAMES "bufferSizeFrames" // int32
		#define AMEDIAMETRICS_PROP_BUFFERCAPACITYFRAMES "bufferCapacityFrames" // int32

services/audioflinger/Tracks.cpp

+2 −0

Original line number	Diff line number	Diff line
		@@ -605,6 +605,7 @@ AudioFlinger::PlaybackThread::Track::Track(
		mediametrics::LogItem(mMetricsId)
		.setPid(creatorPid)
		.setUid(uid)
		.set(AMEDIAMETRICS_PROP_ALLOWUID, (int32_t)uid)
		.set(AMEDIAMETRICS_PROP_EVENT,
		AMEDIAMETRICS_PROP_PREFIX_SERVER AMEDIAMETRICS_PROP_EVENT_VALUE_CTOR)
		.record();
		@@ -2165,6 +2166,7 @@ AudioFlinger::RecordThread::RecordTrack::RecordTrack(
		mediametrics::LogItem(mMetricsId)
		.setPid(creatorPid)
		.setUid(uid)
		.set(AMEDIAMETRICS_PROP_ALLOWUID, (int32_t)uid)
		.set(AMEDIAMETRICS_PROP_EVENT, "server." AMEDIAMETRICS_PROP_EVENT_VALUE_CTOR)
		.record();
		}

services/mediametrics/TimeMachine.h

+20 −9

Original line number	Diff line number	Diff line
		@@ -75,21 +75,30 @@ private:
		class KeyHistory {
		public:
		template <typename T>
		KeyHistory(T key, pid_t pid, uid_t uid, int64_t time)
		KeyHistory(T key, uid_t allowUid, int64_t time)
		: mKey(key)
		, mPid(pid)
		, mUid(uid)
		, mAllowUid(allowUid)
		, mCreationTime(time)
		, mLastModificationTime(time)
		{
		putValue(BUNDLE_PID, (int32_t)pid, time);
		putValue(BUNDLE_UID, (int32_t)uid, time);
		// allowUid allows an untrusted client with a matching uid to set properties
		// in this key.
		// If allowUid == (uid_t)-1, no untrusted client may set properties in the key.
		if (allowUid != (uid_t)-1) {
		// Set ALLOWUID property here; does not change after key creation.
		putValue(AMEDIAMETRICS_PROP_ALLOWUID, (int32_t)allowUid, time);
		}
		}

		KeyHistory(const KeyHistory &other) = default;

		// Return NO_ERROR only if the passed in uidCheck is -1 or matches
		// the internal mAllowUid.
		// An external submit will always have a valid uidCheck parameter.
		// An internal get request within mediametrics will have a uidCheck == -1 which
		// we allow to proceed.
		status_t checkPermission(uid_t uidCheck) const {
		return uidCheck != (uid_t)-1 && uidCheck != mUid ? PERMISSION_DENIED : NO_ERROR;
		return uidCheck != (uid_t)-1 && uidCheck != mAllowUid ? PERMISSION_DENIED : NO_ERROR;
		}

		template <typename T>
		@@ -199,8 +208,7 @@ private:
		}

		const std::string mKey;
		const pid_t mPid __unused;
		const uid_t mUid;
		const uid_t mAllowUid;
		const int64_t mCreationTime __unused;

		int64_t mLastModificationTime;
		@@ -276,10 +284,13 @@ public:

		(void)gc(garbage);

		// We set the allowUid for client access on key creation.
		int32_t allowUid = -1;
		(void)item->get(AMEDIAMETRICS_PROP_ALLOWUID, &allowUid);
		// no keylock needed here as we are sole owner
		// until placed on mHistory.
		keyHistory = std::make_shared<KeyHistory>(
		key, item->getPid(), item->getUid(), time);
		key, allowUid, time);
		mHistory[key] = keyHistory;
		} else {
		keyHistory = it->second;

services/mediametrics/tests/mediametrics_tests.cpp

+36 −0

Original line number	Diff line number	Diff line
		@@ -813,6 +813,42 @@ TEST(mediametrics_tests, audio_analytics_permission) {
		ASSERT_LT(9, audioAnalytics.dump(1000).second /* lines */);
		}

		TEST(mediametrics_tests, audio_analytics_permission2) {
		constexpr int32_t transactionUid = 1010; // arbitrary
		auto item = std::make_shared<mediametrics::Item>("audio.1");
		(*item).set("one", (int32_t)1)
		.set("two", (int32_t)2)
		.set(AMEDIAMETRICS_PROP_ALLOWUID, transactionUid)
		.setTimestamp(10);

		// item2 submitted untrusted
		auto item2 = std::make_shared<mediametrics::Item>("audio.1");
		(*item2).set("three", (int32_t)3)
		.setUid(transactionUid)
		.setTimestamp(11);

		auto item3 = std::make_shared<mediametrics::Item>("audio.2");
		(*item3).set("four", (int32_t)4)
		.setTimestamp(12);

		android::mediametrics::AudioAnalytics audioAnalytics;

		// untrusted entities cannot create a new key.
		ASSERT_EQ(PERMISSION_DENIED, audioAnalytics.submit(item, false /* isTrusted */));
		ASSERT_EQ(PERMISSION_DENIED, audioAnalytics.submit(item2, false /* isTrusted */));

		// TODO: Verify contents of AudioAnalytics.
		// Currently there is no getter API in AudioAnalytics besides dump.
		ASSERT_EQ(9, audioAnalytics.dump(1000).second /* lines */);

		ASSERT_EQ(NO_ERROR, audioAnalytics.submit(item, true /* isTrusted */));
		// untrusted entities can add to an existing key
		ASSERT_EQ(NO_ERROR, audioAnalytics.submit(item2, false /* isTrusted */));

		// Check that we have some info in the dump.
		ASSERT_LT(9, audioAnalytics.dump(1000).second /* lines */);
		}

		TEST(mediametrics_tests, audio_analytics_dump) {
		auto item = std::make_shared<mediametrics::Item>("audio.1");
		(*item).set("one", (int32_t)1)

services/oboeservice/AAudioServiceStreamBase.cpp

+1 −0

Original line number	Diff line number	Diff line
		@@ -105,6 +105,7 @@ void AAudioServiceStreamBase::logOpen(aaudio_handle_t streamHandle) {
		mediametrics::LogItem(mMetricsId)
		.setPid(getOwnerProcessId())
		.setUid(getOwnerUserId())
		.set(AMEDIAMETRICS_PROP_ALLOWUID, (int32_t)getOwnerUserId())
		.set(AMEDIAMETRICS_PROP_EVENT, AMEDIAMETRICS_PROP_EVENT_VALUE_OPEN)
		// the following are immutable
		.set(AMEDIAMETRICS_PROP_BUFFERCAPACITYFRAMES, (int32_t)getBufferCapacity())