Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ec3c5f10 authored by Charles Chen's avatar Charles Chen
Browse files

Verify BIND_VISUAL_QUERY_DETECTION permission 

Verify the permission in the system server to protect
VisualQueryDetectionService and fix minor bugs.

Bug: 265540209
Test: Manual & atest CtsVoiceInteractionTestCases
Change-Id: I1a85fec4df50111cf4b2ef2e0c008607810f9043
parent 2b7e1dcc

core/java/android/service/voice/VoiceInteractionService.java

+2 −2
Original line number Diff line number Diff line
@@ -719,8 +719,8 @@ public class VoiceInteractionService extends Service { 


    private void onHotwordDetectorDestroyed(@NonNull HotwordDetector detector) {

        synchronized (mLock) {

            if (mActiveVisualQueryDetector!= null &&

                    detector == mActiveVisualQueryDetector.getInitializationDelegate()) {

            if (mActiveVisualQueryDetector != null

                    && detector == mActiveVisualQueryDetector.getInitializationDelegate()) {

                mActiveVisualQueryDetector = null;

            }

            mActiveDetectors.remove(detector);

services/voiceinteraction/java/com/android/server/voiceinteraction/HotwordDetectionConnection.java

+1 −0
Original line number Diff line number Diff line
@@ -635,6 +635,7 @@ final class HotwordDetectionConnection { 
                    return;

                }

            }

            //TODO(b265535257): report error to either service only.

            synchronized (HotwordDetectionConnection.this.mLock) {

                runForEachDetectorSessionLocked((session) -> {

                    session.reportErrorLocked(

services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerServiceImpl.java

+15 −0
Original line number Diff line number Diff line
@@ -673,6 +673,21 @@ class VoiceInteractionManagerServiceImpl implements VoiceInteractionSessionConne 
            Slog.w(TAG, "Visual query detection service not in isolated process");

            throw new IllegalStateException("Visual query detection not in isolated process");

        }

        if (!Manifest.permission.BIND_VISUAL_QUERY_DETECTION_SERVICE.equals(

                visualQueryDetectionServiceInfo.permission)) {

            Slog.w(TAG, "Visual query detection does not require permission "

                    + Manifest.permission.BIND_VISUAL_QUERY_DETECTION_SERVICE);

            throw new SecurityException("Visual query detection does not require permission "

                    + Manifest.permission.BIND_VISUAL_QUERY_DETECTION_SERVICE);

        }

        if (mContext.getPackageManager().checkPermission(

                Manifest.permission.BIND_VISUAL_QUERY_DETECTION_SERVICE,

                mInfo.getServiceInfo().packageName) == PackageManager.PERMISSION_GRANTED) {

            Slog.w(TAG, "Voice interaction service should not hold permission "

                    + Manifest.permission.BIND_VISUAL_QUERY_DETECTION_SERVICE);

            throw new SecurityException("Voice interaction service should not hold permission "

                    + Manifest.permission.BIND_VISUAL_QUERY_DETECTION_SERVICE);

        }

        if (sharedMemory != null && !sharedMemory.setProtect(OsConstants.PROT_READ)) {

            Slog.w(TAG, "Can't set sharedMemory to be read-only");

            throw new IllegalStateException("Can't set sharedMemory to be read-only");