Loading media/utils/ServiceUtilities.cpp +16 −9 Original line number Diff line number Diff line Loading @@ -62,7 +62,7 @@ static String16 resolveCallingPackage(PermissionController& permissionController } static bool checkRecordingInternal(const String16& opPackageName, pid_t pid, uid_t uid, bool start) { uid_t uid, bool start, bool isHotwordSource) { // Okay to not track in app ops as audio server or media server is us and if // device is rooted security model is considered compromised. // system_server loses its RECORD_AUDIO permission when a secondary Loading @@ -87,16 +87,21 @@ static bool checkRecordingInternal(const String16& opPackageName, pid_t pid, } AppOpsManager appOps; const int32_t op = appOps.permissionToOpCode(sAndroidPermissionRecordAudio); const int32_t opRecordAudio = appOps.permissionToOpCode(sAndroidPermissionRecordAudio); if (start) { const int32_t op = isHotwordSource ? AppOpsManager::OP_RECORD_AUDIO_HOTWORD : opRecordAudio; if (appOps.startOpNoThrow(op, uid, resolvedOpPackageName, /*startIfModeDefault*/ false) != AppOpsManager::MODE_ALLOWED) { ALOGE("Request denied by app op: %d", op); return false; } } else { if (appOps.checkOp(op, uid, resolvedOpPackageName) != AppOpsManager::MODE_ALLOWED) { ALOGE("Request denied by app op: %d", op); // Always use OP_RECORD_AUDIO for checks at creation time. if (appOps.checkOp(opRecordAudio, uid, resolvedOpPackageName) != AppOpsManager::MODE_ALLOWED) { ALOGE("Request denied by app op: %d", opRecordAudio); return false; } } Loading @@ -105,14 +110,15 @@ static bool checkRecordingInternal(const String16& opPackageName, pid_t pid, } bool recordingAllowed(const String16& opPackageName, pid_t pid, uid_t uid) { return checkRecordingInternal(opPackageName, pid, uid, /*start*/ false); return checkRecordingInternal(opPackageName, pid, uid, /*start*/ false, /*is_hotword_source*/ false); } bool startRecording(const String16& opPackageName, pid_t pid, uid_t uid) { return checkRecordingInternal(opPackageName, pid, uid, /*start*/ true); bool startRecording(const String16& opPackageName, pid_t pid, uid_t uid, bool isHotwordSource) { return checkRecordingInternal(opPackageName, pid, uid, /*start*/ true, isHotwordSource); } void finishRecording(const String16& opPackageName, uid_t uid) { void finishRecording(const String16& opPackageName, uid_t uid, bool isHotwordSource) { // Okay to not track in app ops as audio server is us and if // device is rooted security model is considered compromised. if (isAudioServerOrRootUid(uid)) return; Loading @@ -125,7 +131,8 @@ void finishRecording(const String16& opPackageName, uid_t uid) { } AppOpsManager appOps; const int32_t op = appOps.permissionToOpCode(sAndroidPermissionRecordAudio); const int32_t op = isHotwordSource ? AppOpsManager::OP_RECORD_AUDIO_HOTWORD : appOps.permissionToOpCode(sAndroidPermissionRecordAudio); appOps.finishOp(op, uid, resolvedOpPackageName); } Loading media/utils/include/mediautils/ServiceUtilities.h +2 −2 Original line number Diff line number Diff line Loading @@ -79,8 +79,8 @@ static inline bool isAudioServerOrMediaServerUid(uid_t uid) { } bool recordingAllowed(const String16& opPackageName, pid_t pid, uid_t uid); bool startRecording(const String16& opPackageName, pid_t pid, uid_t uid); void finishRecording(const String16& opPackageName, uid_t uid); bool startRecording(const String16& opPackageName, pid_t pid, uid_t uid, bool isHotwordSource); void finishRecording(const String16& opPackageName, uid_t uid, bool isHotwordSource); bool captureAudioOutputAllowed(pid_t pid, uid_t uid); bool captureMediaOutputAllowed(pid_t pid, uid_t uid); bool captureVoiceCommunicationOutputAllowed(pid_t pid, uid_t uid); Loading services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp +6 −3 Original line number Diff line number Diff line Loading @@ -572,7 +572,8 @@ status_t AudioPolicyService::startInput(audio_port_handle_t portId) } // check calling permissions if (!(startRecording(client->opPackageName, client->pid, client->uid) if (!(startRecording(client->opPackageName, client->pid, client->uid, client->attributes.source == AUDIO_SOURCE_HOTWORD) || client->attributes.source == AUDIO_SOURCE_FM_TUNER)) { ALOGE("%s permission denied: recording not allowed for uid %d pid %d", __func__, client->uid, client->pid); Loading Loading @@ -660,7 +661,8 @@ status_t AudioPolicyService::startInput(audio_port_handle_t portId) client->active = false; client->startTimeNs = 0; updateUidStates_l(); finishRecording(client->opPackageName, client->uid); finishRecording(client->opPackageName, client->uid, client->attributes.source == AUDIO_SOURCE_HOTWORD); } return status; Loading @@ -686,7 +688,8 @@ status_t AudioPolicyService::stopInput(audio_port_handle_t portId) updateUidStates_l(); // finish the recording app op finishRecording(client->opPackageName, client->uid); finishRecording(client->opPackageName, client->uid, client->attributes.source == AUDIO_SOURCE_HOTWORD); AutoCallerClear acc; return mAudioPolicyManager->stopInput(portId); } Loading Loading
media/utils/ServiceUtilities.cpp +16 −9 Original line number Diff line number Diff line Loading @@ -62,7 +62,7 @@ static String16 resolveCallingPackage(PermissionController& permissionController } static bool checkRecordingInternal(const String16& opPackageName, pid_t pid, uid_t uid, bool start) { uid_t uid, bool start, bool isHotwordSource) { // Okay to not track in app ops as audio server or media server is us and if // device is rooted security model is considered compromised. // system_server loses its RECORD_AUDIO permission when a secondary Loading @@ -87,16 +87,21 @@ static bool checkRecordingInternal(const String16& opPackageName, pid_t pid, } AppOpsManager appOps; const int32_t op = appOps.permissionToOpCode(sAndroidPermissionRecordAudio); const int32_t opRecordAudio = appOps.permissionToOpCode(sAndroidPermissionRecordAudio); if (start) { const int32_t op = isHotwordSource ? AppOpsManager::OP_RECORD_AUDIO_HOTWORD : opRecordAudio; if (appOps.startOpNoThrow(op, uid, resolvedOpPackageName, /*startIfModeDefault*/ false) != AppOpsManager::MODE_ALLOWED) { ALOGE("Request denied by app op: %d", op); return false; } } else { if (appOps.checkOp(op, uid, resolvedOpPackageName) != AppOpsManager::MODE_ALLOWED) { ALOGE("Request denied by app op: %d", op); // Always use OP_RECORD_AUDIO for checks at creation time. if (appOps.checkOp(opRecordAudio, uid, resolvedOpPackageName) != AppOpsManager::MODE_ALLOWED) { ALOGE("Request denied by app op: %d", opRecordAudio); return false; } } Loading @@ -105,14 +110,15 @@ static bool checkRecordingInternal(const String16& opPackageName, pid_t pid, } bool recordingAllowed(const String16& opPackageName, pid_t pid, uid_t uid) { return checkRecordingInternal(opPackageName, pid, uid, /*start*/ false); return checkRecordingInternal(opPackageName, pid, uid, /*start*/ false, /*is_hotword_source*/ false); } bool startRecording(const String16& opPackageName, pid_t pid, uid_t uid) { return checkRecordingInternal(opPackageName, pid, uid, /*start*/ true); bool startRecording(const String16& opPackageName, pid_t pid, uid_t uid, bool isHotwordSource) { return checkRecordingInternal(opPackageName, pid, uid, /*start*/ true, isHotwordSource); } void finishRecording(const String16& opPackageName, uid_t uid) { void finishRecording(const String16& opPackageName, uid_t uid, bool isHotwordSource) { // Okay to not track in app ops as audio server is us and if // device is rooted security model is considered compromised. if (isAudioServerOrRootUid(uid)) return; Loading @@ -125,7 +131,8 @@ void finishRecording(const String16& opPackageName, uid_t uid) { } AppOpsManager appOps; const int32_t op = appOps.permissionToOpCode(sAndroidPermissionRecordAudio); const int32_t op = isHotwordSource ? AppOpsManager::OP_RECORD_AUDIO_HOTWORD : appOps.permissionToOpCode(sAndroidPermissionRecordAudio); appOps.finishOp(op, uid, resolvedOpPackageName); } Loading
media/utils/include/mediautils/ServiceUtilities.h +2 −2 Original line number Diff line number Diff line Loading @@ -79,8 +79,8 @@ static inline bool isAudioServerOrMediaServerUid(uid_t uid) { } bool recordingAllowed(const String16& opPackageName, pid_t pid, uid_t uid); bool startRecording(const String16& opPackageName, pid_t pid, uid_t uid); void finishRecording(const String16& opPackageName, uid_t uid); bool startRecording(const String16& opPackageName, pid_t pid, uid_t uid, bool isHotwordSource); void finishRecording(const String16& opPackageName, uid_t uid, bool isHotwordSource); bool captureAudioOutputAllowed(pid_t pid, uid_t uid); bool captureMediaOutputAllowed(pid_t pid, uid_t uid); bool captureVoiceCommunicationOutputAllowed(pid_t pid, uid_t uid); Loading
services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp +6 −3 Original line number Diff line number Diff line Loading @@ -572,7 +572,8 @@ status_t AudioPolicyService::startInput(audio_port_handle_t portId) } // check calling permissions if (!(startRecording(client->opPackageName, client->pid, client->uid) if (!(startRecording(client->opPackageName, client->pid, client->uid, client->attributes.source == AUDIO_SOURCE_HOTWORD) || client->attributes.source == AUDIO_SOURCE_FM_TUNER)) { ALOGE("%s permission denied: recording not allowed for uid %d pid %d", __func__, client->uid, client->pid); Loading Loading @@ -660,7 +661,8 @@ status_t AudioPolicyService::startInput(audio_port_handle_t portId) client->active = false; client->startTimeNs = 0; updateUidStates_l(); finishRecording(client->opPackageName, client->uid); finishRecording(client->opPackageName, client->uid, client->attributes.source == AUDIO_SOURCE_HOTWORD); } return status; Loading @@ -686,7 +688,8 @@ status_t AudioPolicyService::stopInput(audio_port_handle_t portId) updateUidStates_l(); // finish the recording app op finishRecording(client->opPackageName, client->uid); finishRecording(client->opPackageName, client->uid, client->attributes.source == AUDIO_SOURCE_HOTWORD); AutoCallerClear acc; return mAudioPolicyManager->stopInput(portId); } Loading
