Merge "Audio policy: anonymize Bluetooth MAC addresses" into tm-dev am: c92c5167

class AudioFormatDescriptionRoundTripTest :

class AudioFormatDescriptionRoundTripTest :

        public testing::TestWithParam<AudioFormatDescription> {};

        public testing::TestWithParam<AudioFormatDescription> {};

TEST_P(AudioFormatDescriptionRoundTripTest, Aidl2Legacy2Aidl) {

TEST_P(AudioFormatDescriptionRoundTripTest, Aidl2Legacy2Aidl) {

    const auto initial = GetParam();

    const auto initial = GetParam();

    auto conv = aidl2legacy_AudioFormatDescription_audio_format_t(initial);

    auto conv = aidl2legacy_AudioFormatDescription_audio_format_t(initial);

static const String16 sModifyPhoneState("android.permission.MODIFY_PHONE_STATE");

static const String16 sModifyPhoneState("android.permission.MODIFY_PHONE_STATE");

static const String16 sModifyAudioRouting("android.permission.MODIFY_AUDIO_ROUTING");

static const String16 sModifyAudioRouting("android.permission.MODIFY_AUDIO_ROUTING");

static const String16 sCallAudioInterception("android.permission.CALL_AUDIO_INTERCEPTION");

static const String16 sCallAudioInterception("android.permission.CALL_AUDIO_INTERCEPTION");

static const String16 sAndroidPermissionBluetoothConnect("android.permission.BLUETOOTH_CONNECT");

static String16 resolveCallingPackage(PermissionController& permissionController,

static String16 resolveCallingPackage(PermissionController& permissionController,

        const std::optional<String16> opPackageName, uid_t uid) {

        const std::optional<String16> opPackageName, uid_t uid) {

    return NO_ERROR;

    return NO_ERROR;

}

}

/**

 * Determines if the MAC address in Bluetooth device descriptors returned by APIs of

 * a native audio service (audio flinger, audio policy) must be anonymized.

 * MAC addresses returned to system server or apps with BLUETOOTH_CONNECT permission

 * are not anonymized.

 *

 * @param attributionSource The attribution source of the calling app.

 * @param caller string identifying the caller for logging.

 * @return true if the MAC addresses must be anonymized, false otherwise.

 */

bool mustAnonymizeBluetoothAddress(

        const AttributionSourceState& attributionSource, const String16& caller) {

    uid_t uid = VALUE_OR_FATAL(aidl2legacy_int32_t_uid_t(attributionSource.uid));

    if (isAudioServerOrSystemServerUid(uid)) {

        return false;

    }

    const std::optional<AttributionSourceState> resolvedAttributionSource =

            resolveAttributionSource(attributionSource);

    if (!resolvedAttributionSource.has_value()) {

        return true;

    }

    permission::PermissionChecker permissionChecker;

    return permissionChecker.checkPermissionForPreflightFromDatasource(

            sAndroidPermissionBluetoothConnect, resolvedAttributionSource.value(), caller,

            AppOpsManager::OP_BLUETOOTH_CONNECT)

                != permission::PermissionChecker::PERMISSION_GRANTED;

}

/**

 * Modifies the passed MAC address string in place for consumption by unprivileged clients.

 * the string is assumed to have a valid MAC address format.

 * the anonymzation must be kept in sync with toAnonymizedAddress() in BluetoothUtils.java

 *

 * @param address input/output the char string contining the MAC address to anonymize.

 */

void anonymizeBluetoothAddress(char *address) {

    if (address == nullptr || strlen(address) != strlen("AA:BB:CC:DD:EE:FF")) {

        return;

    }

    memcpy(address, "XX:XX:XX:XX", strlen("XX:XX:XX:XX"));

}

sp<content::pm::IPackageManagerNative> MediaPackageManager::retrievePackageManager() {

sp<content::pm::IPackageManagerNative> MediaPackageManager::retrievePackageManager() {

    const sp<IServiceManager> sm = defaultServiceManager();

    const sp<IServiceManager> sm = defaultServiceManager();

    if (sm == nullptr) {

    if (sm == nullptr) {

bool bypassInterruptionPolicyAllowed(const AttributionSourceState& attributionSource);

bool bypassInterruptionPolicyAllowed(const AttributionSourceState& attributionSource);

bool callAudioInterceptionAllowed(const AttributionSourceState& attributionSource);

bool callAudioInterceptionAllowed(const AttributionSourceState& attributionSource);

void purgePermissionCache();

void purgePermissionCache();

bool mustAnonymizeBluetoothAddress(

        const AttributionSourceState& attributionSource, const String16& caller);

void anonymizeBluetoothAddress(char *address);

int32_t getOpForSource(audio_source_t source);

int32_t getOpForSource(audio_source_t source);

AttributionSourceState getCallingAttributionSource();

AttributionSourceState getCallingAttributionSource();

    return Status::ok();

    return Status::ok();

}

}

template <typename Port>

void anonymizePortBluetoothAddress(Port *port) {

    if (port->type != AUDIO_PORT_TYPE_DEVICE) {

        return;

    }

    if (!(audio_is_a2dp_device(port->ext.device.type)

            || audio_is_ble_device(port->ext.device.type)

            || audio_is_bluetooth_sco_device(port->ext.device.type)

            || audio_is_hearing_aid_out_device(port->ext.device.type))) {

        return;

    }

    anonymizeBluetoothAddress(port->ext.device.address);

}

Status AudioPolicyService::listAudioPorts(media::AudioPortRole roleAidl,

Status AudioPolicyService::listAudioPorts(media::AudioPortRole roleAidl,

                                          media::AudioPortType typeAidl, Int* count,

                                          media::AudioPortType typeAidl, Int* count,

    if (mAudioPolicyManager == NULL) {

    if (mAudioPolicyManager == NULL) {

        return binderStatusFromStatusT(NO_INIT);

        return binderStatusFromStatusT(NO_INIT);

    }

    }

    const AttributionSourceState attributionSource = getCallingAttributionSource();

    AutoCallerClear acc;

    AutoCallerClear acc;

    RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(

    RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(

            mAudioPolicyManager->listAudioPorts(role, type, &num_ports, ports.get(), &generation)));

            mAudioPolicyManager->listAudioPorts(role, type, &num_ports, ports.get(), &generation)));

    numPortsReq = std::min(numPortsReq, num_ports);

    numPortsReq = std::min(numPortsReq, num_ports);

    if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__))) {

        for (size_t i = 0; i < numPortsReq; ++i) {

            anonymizePortBluetoothAddress(&ports[i]);

        }

    }

    RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(

    RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(

            convertRange(ports.get(), ports.get() + numPortsReq, std::back_inserter(*portsAidl),

            convertRange(ports.get(), ports.get() + numPortsReq, std::back_inserter(*portsAidl),

                         legacy2aidl_audio_port_v7_AudioPort)));

                         legacy2aidl_audio_port_v7_AudioPort)));

    if (mAudioPolicyManager == NULL) {

    if (mAudioPolicyManager == NULL) {

        return binderStatusFromStatusT(NO_INIT);

        return binderStatusFromStatusT(NO_INIT);

    }

    }

    const AttributionSourceState attributionSource = getCallingAttributionSource();

    AutoCallerClear acc;

    AutoCallerClear acc;

    RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(mAudioPolicyManager->getAudioPort(&port)));

    RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(mAudioPolicyManager->getAudioPort(&port)));

    if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__))) {

        anonymizePortBluetoothAddress(&port);

    }

    *_aidl_return = VALUE_OR_RETURN_BINDER_STATUS(legacy2aidl_audio_port_v7_AudioPort(port));

    *_aidl_return = VALUE_OR_RETURN_BINDER_STATUS(legacy2aidl_audio_port_v7_AudioPort(port));

    return Status::ok();

    return Status::ok();

}

}

    if (mAudioPolicyManager == NULL) {

    if (mAudioPolicyManager == NULL) {

        return binderStatusFromStatusT(NO_INIT);

        return binderStatusFromStatusT(NO_INIT);

    }

    }

    const AttributionSourceState attributionSource = getCallingAttributionSource();

    AutoCallerClear acc;

    AutoCallerClear acc;

    RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(

    RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(

            mAudioPolicyManager->listAudioPatches(&num_patches, patches.get(), &generation)));

            mAudioPolicyManager->listAudioPatches(&num_patches, patches.get(), &generation)));

    numPatchesReq = std::min(numPatchesReq, num_patches);

    numPatchesReq = std::min(numPatchesReq, num_patches);

    if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__))) {

        for (size_t i = 0; i < numPatchesReq; ++i) {

            for (size_t j = 0; j < patches[i].num_sources; ++j) {

                anonymizePortBluetoothAddress(&patches[i].sources[j]);

            }

            for (size_t j = 0; j < patches[i].num_sinks; ++j) {

                anonymizePortBluetoothAddress(&patches[i].sinks[j]);

            }

        }

    }

    RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(

    RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(

            convertRange(patches.get(), patches.get() + numPatchesReq,

            convertRange(patches.get(), patches.get() + numPatchesReq,

                         std::back_inserter(*patchesAidl), legacy2aidl_audio_patch_AudioPatch)));

                         std::back_inserter(*patchesAidl), legacy2aidl_audio_patch_AudioPatch)));