Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3503431d authored by mrulhania's avatar mrulhania
Browse files

Add new permission for on device screen recorder 

We want to exempt on device screen recorder from blacking
out senstive content. we want to block sensitive content
projection over the network i.e. when screen is shared.

Our expectation is that most OEM would be using sys ui
recorder, but some of them may provide their own recorder.

Bug: 26420854
Test: atest RecordSensitiveContentPermissionTest
Test: atest PermissionPolicyTest
Flag: ACONFIG android.view.flags.sensitive_content_app_protection_api TRUNKFOOD PARTIAL

Change-Id: I228b52ecf850140a58a41dfad20b41244297ae26
parent 0d5f65a7

core/api/test-current.txt

+1 −0
Original line number Diff line number Diff line
@@ -42,6 +42,7 @@ package android { 
    field public static final String READ_PRIVILEGED_PHONE_STATE = "android.permission.READ_PRIVILEGED_PHONE_STATE";

    field public static final String READ_WRITE_SYNC_DISABLED_MODE_CONFIG = "android.permission.READ_WRITE_SYNC_DISABLED_MODE_CONFIG";

    field public static final String RECORD_BACKGROUND_AUDIO = "android.permission.RECORD_BACKGROUND_AUDIO";

    field @FlaggedApi("android.permission.flags.sensitive_notification_app_protection") public static final String RECORD_SENSITIVE_CONTENT = "android.permission.RECORD_SENSITIVE_CONTENT";

    field public static final String REMAP_MODIFIER_KEYS = "android.permission.REMAP_MODIFIER_KEYS";

    field public static final String REMOVE_TASKS = "android.permission.REMOVE_TASKS";

    field public static final String REQUEST_UNIQUE_ID_ATTESTATION = "android.permission.REQUEST_UNIQUE_ID_ATTESTATION";

core/res/AndroidManifest.xml

+6 −0
Original line number Diff line number Diff line
@@ -6916,6 +6916,12 @@ 
    <permission android:name="android.permission.MANAGE_MEDIA_PROJECTION"

        android:protectionLevel="signature" />



    <!-- @hide @TestApi Allows an application to record sensitive content during media

         projection. This is intended for on device screen recording system app.

         @FlaggedApi("android.permission.flags.sensitive_notification_app_protection") -->

    <permission android:name="android.permission.RECORD_SENSITIVE_CONTENT"

                android:protectionLevel="signature"/>



    <!-- @SystemApi Allows an application to read install sessions

         @hide This is not a third-party API (intended for system apps). -->

    <permission android:name="android.permission.READ_INSTALL_SESSIONS"

packages/SystemUI/AndroidManifest.xml

+1 −0
Original line number Diff line number Diff line
@@ -179,6 +179,7 @@ 
    <uses-permission android:name="android.permission.RECORD_AUDIO" />

    <uses-permission android:name="android.permission.CAPTURE_AUDIO_OUTPUT"/>

    <uses-permission android:name="android.permission.USE_EXACT_ALARM"/>

    <uses-permission android:name="android.permission.RECORD_SENSITIVE_CONTENT"/>



    <!-- Assist -->

    <uses-permission android:name="android.permission.ACCESS_VOICE_INTERACTION_SERVICE" />

services/core/java/com/android/server/SensitiveContentProtectionManagerService.java

+18 −12
Original line number Diff line number Diff line
@@ -24,6 +24,7 @@ import android.annotation.NonNull; 
import android.annotation.Nullable;

import android.content.ComponentName;

import android.content.Context;

import android.content.pm.PackageManager;

import android.content.pm.PackageManagerInternal;

import android.media.projection.MediaProjectionInfo;

import android.media.projection.MediaProjectionManager;
@@ -79,7 +80,7 @@ public final class SensitiveContentProtectionManagerService extends SystemServic 
                    Trace.beginSection(

                            "SensitiveContentProtectionManagerService.onProjectionStart");

                    try {

                        onProjectionStart(info);

                        onProjectionStart(info.getPackageName());

                    } finally {

                        Trace.endSection();

                    }
@@ -124,14 +125,6 @@ public final class SensitiveContentProtectionManagerService extends SystemServic 
        }

    }



    // These packages are exempted from screen share protection.

    private ArraySet<String> getExemptedPackages() {

        final ArraySet<String> exemptedPackages =

                SystemConfig.getInstance().getBugreportWhitelistedPackages();

        // TODO(b/323361046) - Add sys ui recorder package.

        return exemptedPackages;

    }



    @VisibleForTesting

    void init(MediaProjectionManager projectionManager, WindowManagerInternal windowManager,

            ArraySet<String> exemptedPackages) {
@@ -179,9 +172,22 @@ public final class SensitiveContentProtectionManagerService extends SystemServic 
        }

    }



    private void onProjectionStart(MediaProjectionInfo info) {

        if (mExemptedPackages != null && mExemptedPackages.contains(info.getPackageName())) {

            Log.w(TAG, info.getPackageName() + " is exempted from screen share protection.");

    private boolean canRecordSensitiveContent(@NonNull String packageName) {

        return getContext().getPackageManager()

                .checkPermission(android.Manifest.permission.RECORD_SENSITIVE_CONTENT,

                        packageName) == PackageManager.PERMISSION_GRANTED;

    }



    // These packages are exempted from screen share protection.

    private ArraySet<String> getExemptedPackages() {

        return SystemConfig.getInstance().getBugreportWhitelistedPackages();

    }



    private void onProjectionStart(String packageName) {

        // exempt on device screen recorder as well.

        if ((mExemptedPackages != null && mExemptedPackages.contains(packageName))

                || canRecordSensitiveContent(packageName)) {

            Log.w(TAG, packageName + " is exempted from screen share protection.");

            return;

        }

        // TODO(b/324447419): move GlobalSettings lookup to background thread