Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 35c2c13b authored by Charles Chen's avatar Charles Chen
Browse files

Verify SandboxedDetectionServices for sharedIsolatedProcess 

Add checking of shared isolated tag for HotwordDetectionService and
VisualQueryDetectionService.

Bug: 265535257
Test: atest CtsVoiceInteractionTestCases
Change-Id: I6e4933bb315f63ee2c7376c527cc0113321eac6a
parent 215a1e79

services/voiceinteraction/java/com/android/server/voiceinteraction/HotwordDetectionConnection.java

+6 −1
Original line number Diff line number Diff line
@@ -621,8 +621,13 @@ final class HotwordDetectionConnection { 
        ServiceConnectionFactory(@NonNull Intent intent, boolean bindInstantServiceAllowed,

                int detectionServiceType) {

            mIntent = intent;

            mBindingFlags = bindInstantServiceAllowed ? Context.BIND_ALLOW_INSTANT : 0;

            mDetectionServiceType = detectionServiceType;

            int flags = bindInstantServiceAllowed ? Context.BIND_ALLOW_INSTANT : 0;

            if (mVisualQueryDetectionComponentName != null

                    && mHotwordDetectionComponentName != null) {

                flags |= Context.BIND_SHARED_ISOLATED_PROCESS;

            }

            mBindingFlags = flags;

        }



        ServiceConnection createLocked() {

services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerServiceImpl.java

+20 −0
Original line number Diff line number Diff line
@@ -738,6 +738,13 @@ class VoiceInteractionManagerServiceImpl implements VoiceInteractionSessionConne 
        } else {

            verifyDetectorForVisualQueryDetectionLocked(sharedMemory);

        }

        if (!verifyProcessSharingLocked()) {

            Slog.w(TAG, "Sandboxed detection service not in shared isolated process");

            throw new IllegalStateException("VisualQueryDetectionService or HotworDetectionService "

                    + "not in a shared isolated process. Please make sure to set "

                    + "android:allowSharedIsolatedProcess and android:isolatedProcess to be true "

                    + "and android:externalService to be false in the manifest file");

        }



        if (mHotwordDetectionConnection == null) {

            mHotwordDetectionConnection = new HotwordDetectionConnection(mServiceStub, mContext,
@@ -931,6 +938,19 @@ class VoiceInteractionManagerServiceImpl implements VoiceInteractionSessionConne 
        return (serviceInfo.flags & ServiceInfo.FLAG_ISOLATED_PROCESS) != 0

                && (serviceInfo.flags & ServiceInfo.FLAG_EXTERNAL_SERVICE) == 0;

    }

    @GuardedBy("this")

    boolean verifyProcessSharingLocked() {

        // only check this if both VQDS and HDS are declared in the app

        ServiceInfo hotwordInfo = getServiceInfoLocked(mHotwordDetectionComponentName, mUser);

        ServiceInfo visualQueryInfo =

                getServiceInfoLocked(mVisualQueryDetectionComponentName, mUser);

        if (hotwordInfo == null || visualQueryInfo == null) {

            return true;

        }

        return (hotwordInfo.flags & ServiceInfo.FLAG_ALLOW_SHARED_ISOLATED_PROCESS) != 0

                && (visualQueryInfo.flags & ServiceInfo.FLAG_ALLOW_SHARED_ISOLATED_PROCESS) != 0;

    }





    void forceRestartHotwordDetector() {

        if (mHotwordDetectionConnection == null) {