From 4ef19fa450e8b523741a22fabee8f62691abec37 Mon Sep 17 00:00:00 2001 From: Andy Hung Date: Tue, 15 May 2018 19:35:29 -0700 Subject: [PATCH] Update audio permission checking Change captureAudioOutputAllowed to check client pid. Check calling uid with AID_AUDIOSERVER instead of calling pid with own pid. This is consistent, and works if AudioFlinger and AudioPolicyManager exist as different processes. Remove getpid_cached since getpid() is very fast. This removes any initialization issues. Replace getuid() with AID_AUDIOSERVER to remove ambiguity of multiple native audio services for multiple users. Only one exists regardless of users. Do not use multiuser UID checks for certain native services that do not spawn for multiple users to prevent accidently exposure. Move permission checks to use ServiceUtilities for control and consistency. Rename isTrustedCallingUid to isAudioServerOrMediaServerUid so that permission check is explicitly known to caller. Update MediaLogService to use ServiceUtilities. Test: Basic sanity Test: AudioTrackTest, AudioRecordTest, SoundPool, SoundTrigger Bug: 79485140 Change-Id: Ib8ccb36929a9b4806c01626f32fa023a046d6020 --- media/libaudioclient/Android.bp | 1 + media/libaudioclient/IAudioFlinger.cpp | 6 +-- media/libaudioclient/IAudioPolicyService.cpp | 5 +-- media/utils/Android.bp | 1 + media/utils/ServiceUtilities.cpp | 34 +++------------- .../include/mediautils/ServiceUtilities.h | 40 ++++++++++++++++++- services/audioflinger/AudioFlinger.cpp | 36 ++++++++--------- services/audioflinger/Effects.cpp | 2 +- services/audioflinger/Threads.cpp | 6 +-- services/audioflinger/Tracks.cpp | 11 ++--- .../managerdefault/AudioPolicyManager.cpp | 3 +- .../managerdefault/AudioPolicyManager.h | 2 +- .../service/AudioPolicyInterfaceImpl.cpp | 4 +- .../service/AudioPolicyService.cpp | 11 +---- .../audiopolicy/service/AudioPolicyService.h | 1 - services/medialog/Android.bp | 2 + services/medialog/MediaLogService.cpp | 12 +++--- 17 files changed, 91 insertions(+), 86 deletions(-) diff --git a/media/libaudioclient/Android.bp b/media/libaudioclient/Android.bp index 2df37a85c1..6146c0e2f5 100644 --- a/media/libaudioclient/Android.bp +++ b/media/libaudioclient/Android.bp @@ -49,6 +49,7 @@ cc_library_shared { "libaudiomanager", "libmedia_helper", "libmediametrics", + "libmediautils", ], export_shared_lib_headers: ["libbinder"], diff --git a/media/libaudioclient/IAudioFlinger.cpp b/media/libaudioclient/IAudioFlinger.cpp index 00af7e8ea1..37c62a81dd 100644 --- a/media/libaudioclient/IAudioFlinger.cpp +++ b/media/libaudioclient/IAudioFlinger.cpp @@ -24,10 +24,8 @@ #include #include -#include #include -#include - +#include #include "IAudioFlinger.h" namespace android { @@ -912,7 +910,7 @@ status_t BnAudioFlinger::onTransact( case SET_MIC_MUTE: case SET_LOW_RAM_DEVICE: case SYSTEM_READY: { - if (multiuser_get_app_id(IPCThreadState::self()->getCallingUid()) >= AID_APP_START) { + if (!isServiceUid(IPCThreadState::self()->getCallingUid())) { ALOGW("%s: transaction %d received from PID %d unauthorized UID %d", __func__, code, IPCThreadState::self()->getCallingPid(), IPCThreadState::self()->getCallingUid()); diff --git a/media/libaudioclient/IAudioPolicyService.cpp b/media/libaudioclient/IAudioPolicyService.cpp index a1236e7389..316105c56f 100644 --- a/media/libaudioclient/IAudioPolicyService.cpp +++ b/media/libaudioclient/IAudioPolicyService.cpp @@ -24,11 +24,10 @@ #include #include -#include #include #include #include -#include +#include #include namespace android { @@ -936,7 +935,7 @@ status_t BnAudioPolicyService::onTransact( case STOP_AUDIO_SOURCE: case GET_SURROUND_FORMATS: case SET_SURROUND_FORMAT_ENABLED: { - if (multiuser_get_app_id(IPCThreadState::self()->getCallingUid()) >= AID_APP_START) { + if (!isServiceUid(IPCThreadState::self()->getCallingUid())) { ALOGW("%s: transaction %d received from PID %d unauthorized UID %d", __func__, code, IPCThreadState::self()->getCallingPid(), IPCThreadState::self()->getCallingUid()); diff --git a/media/utils/Android.bp b/media/utils/Android.bp index c8da34d559..de8e46a016 100644 --- a/media/utils/Android.bp +++ b/media/utils/Android.bp @@ -25,6 +25,7 @@ cc_library { ], shared_libs: [ "libbinder", + "libcutils", "liblog", "libutils", "libmemunreachable", diff --git a/media/utils/ServiceUtilities.cpp b/media/utils/ServiceUtilities.cpp index c4a4374258..6a90beaeba 100644 --- a/media/utils/ServiceUtilities.cpp +++ b/media/utils/ServiceUtilities.cpp @@ -18,7 +18,6 @@ #include #include #include -#include #include "mediautils/ServiceUtilities.h" /* When performing permission checks we do not use permission cache for @@ -32,24 +31,6 @@ namespace android { static const String16 sAndroidPermissionRecordAudio("android.permission.RECORD_AUDIO"); -// Not valid until initialized by AudioFlinger constructor. It would have to be -// re-initialized if the process containing AudioFlinger service forks (which it doesn't). -// This is often used to validate binder interface calls within audioserver -// (e.g. AudioPolicyManager to AudioFlinger). -pid_t getpid_cached; - -// A trusted calling UID may specify the client UID as part of a binder interface call. -// otherwise the calling UID must be equal to the client UID. -bool isTrustedCallingUid(uid_t uid) { - switch (uid) { - case AID_MEDIA: - case AID_AUDIOSERVER: - return true; - default: - return false; - } -} - static String16 resolveCallingPackage(PermissionController& permissionController, const String16& opPackageName, uid_t uid) { if (opPackageName.size() > 0) { @@ -71,16 +52,11 @@ static String16 resolveCallingPackage(PermissionController& permissionController return packages[0]; } -static inline bool isAudioServerOrRoot(uid_t uid) { - // AID_ROOT is OK for command-line tests. Native unforked audioserver always OK. - return uid == AID_ROOT || uid == AID_AUDIOSERVER ; -} - static bool checkRecordingInternal(const String16& opPackageName, pid_t pid, uid_t uid, bool start) { // Okay to not track in app ops as audio server is us and if // device is rooted security model is considered compromised. - if (isAudioServerOrRoot(uid)) return true; + if (isAudioServerOrRootUid(uid)) return true; // We specify a pid and uid here as mediaserver (aka MediaRecorder or StageFrightRecorder) // may open a record track on behalf of a client. Note that pid may be a tid. @@ -127,7 +103,7 @@ bool startRecording(const String16& opPackageName, pid_t pid, uid_t uid) { void finishRecording(const String16& opPackageName, uid_t uid) { // Okay to not track in app ops as audio server is us and if // device is rooted security model is considered compromised. - if (isAudioServerOrRoot(uid)) return; + if (isAudioServerOrRootUid(uid)) return; PermissionController permissionController; String16 resolvedOpPackageName = resolveCallingPackage( @@ -142,7 +118,7 @@ void finishRecording(const String16& opPackageName, uid_t uid) { } bool captureAudioOutputAllowed(pid_t pid, uid_t uid) { - if (getpid_cached == IPCThreadState::self()->getCallingPid()) return true; + if (isAudioServerOrRootUid(uid)) return true; static const String16 sCaptureAudioOutput("android.permission.CAPTURE_AUDIO_OUTPUT"); bool ok = PermissionCache::checkPermission(sCaptureAudioOutput, pid, uid); if (!ok) ALOGE("Request requires android.permission.CAPTURE_AUDIO_OUTPUT"); @@ -163,7 +139,8 @@ bool captureHotwordAllowed(pid_t pid, uid_t uid) { } bool settingsAllowed() { - if (getpid_cached == IPCThreadState::self()->getCallingPid()) return true; + // given this is a permission check, could this be isAudioServerOrRootUid()? + if (isAudioServerUid(IPCThreadState::self()->getCallingUid())) return true; static const String16 sAudioSettings("android.permission.MODIFY_AUDIO_SETTINGS"); // IMPORTANT: Use PermissionCache - not a runtime permission and may not change. bool ok = PermissionCache::checkCallingPermission(sAudioSettings); @@ -180,7 +157,6 @@ bool modifyAudioRoutingAllowed() { } bool dumpAllowed() { - // don't optimize for same pid, since mediaserver never dumps itself static const String16 sDump("android.permission.DUMP"); // IMPORTANT: Use PermissionCache - not a runtime permission and may not change. bool ok = PermissionCache::checkCallingPermission(sDump); diff --git a/media/utils/include/mediautils/ServiceUtilities.h b/media/utils/include/mediautils/ServiceUtilities.h index 8ead410111..2bdba5e3d0 100644 --- a/media/utils/include/mediautils/ServiceUtilities.h +++ b/media/utils/include/mediautils/ServiceUtilities.h @@ -17,13 +17,49 @@ #include #include +#include +#include namespace android { // Audio permission utilities -extern pid_t getpid_cached; -bool isTrustedCallingUid(uid_t uid); +// Used for calls that should originate from system services. +// We allow that some services might have separate processes to +// handle multiple users, e.g. u10_system, u10_bluetooth, u10_radio. +static inline bool isServiceUid(uid_t uid) { + return multiuser_get_app_id(uid) < AID_APP_START; +} + +// Used for calls that should originate from audioserver. +static inline bool isAudioServerUid(uid_t uid) { + return uid == AID_AUDIOSERVER; +} + +// Used for some permission checks. +// AID_ROOT is OK for command-line tests. Native audioserver always OK. +static inline bool isAudioServerOrRootUid(uid_t uid) { + return uid == AID_AUDIOSERVER || uid == AID_ROOT; +} + +// Used for calls that should come from system server or internal. +// Note: system server is multiprocess for multiple users. audioserver is not. +static inline bool isAudioServerOrSystemServerUid(uid_t uid) { + return multiuser_get_app_id(uid) == AID_SYSTEM || uid == AID_AUDIOSERVER; +} + +// Mediaserver may forward the client PID and UID as part of a binder interface call; +// otherwise the calling UID must be equal to the client UID. +static inline bool isAudioServerOrMediaServerUid(uid_t uid) { + switch (uid) { + case AID_MEDIA: + case AID_AUDIOSERVER: + return true; + default: + return false; + } +} + bool recordingAllowed(const String16& opPackageName, pid_t pid, uid_t uid); bool startRecording(const String16& opPackageName, pid_t pid, uid_t uid); void finishRecording(const String16& opPackageName, uid_t uid); diff --git a/services/audioflinger/AudioFlinger.cpp b/services/audioflinger/AudioFlinger.cpp index 08d901d505..090705337a 100644 --- a/services/audioflinger/AudioFlinger.cpp +++ b/services/audioflinger/AudioFlinger.cpp @@ -28,7 +28,6 @@ #include #include -#include #include #include #include @@ -169,7 +168,6 @@ AudioFlinger::AudioFlinger() mNextUniqueIds[use] = AUDIO_UNIQUE_ID_USE_MAX; } - getpid_cached = getpid(); const bool doLog = property_get_bool("ro.test_harness", false); if (doLog) { mLogMemoryDealer = new MemoryDealer(kLogMemorySize, "LogWriters", @@ -665,7 +663,7 @@ sp AudioFlinger::createTrack(const CreateTrackInput& input, bool updatePid = (input.clientInfo.clientPid == -1); const uid_t callingUid = IPCThreadState::self()->getCallingUid(); uid_t clientUid = input.clientInfo.clientUid; - if (!isTrustedCallingUid(callingUid)) { + if (!isAudioServerOrMediaServerUid(callingUid)) { ALOGW_IF(clientUid != callingUid, "%s uid %d tried to pass itself off as %d", __FUNCTION__, callingUid, clientUid); @@ -1077,9 +1075,9 @@ status_t AudioFlinger::checkStreamType(audio_stream_type_t stream) const ALOGW("checkStreamType() invalid stream %d", stream); return BAD_VALUE; } - pid_t caller = IPCThreadState::self()->getCallingPid(); - if (uint32_t(stream) >= AUDIO_STREAM_PUBLIC_CNT && caller != getpid_cached) { - ALOGW("checkStreamType() pid %d cannot use internal stream type %d", caller, stream); + const uid_t callerUid = IPCThreadState::self()->getCallingUid(); + if (uint32_t(stream) >= AUDIO_STREAM_PUBLIC_CNT && !isAudioServerUid(callerUid)) { + ALOGW("checkStreamType() uid %d cannot use internal stream type %d", callerUid, stream); return PERMISSION_DENIED; } @@ -1199,9 +1197,8 @@ void AudioFlinger::filterReservedParameters(String8& keyValuePairs, uid_t callin String8(AudioParameter::keyStreamSupportedSamplingRates), }; - // multiuser friendly app ID check for requests coming from audioserver - if (multiuser_get_app_id(callingUid) == AID_AUDIOSERVER) { - return; + if (isAudioServerUid(callingUid)) { + return; // no need to filter if audioserver. } AudioParameter param = AudioParameter(keyValuePairs); @@ -1635,7 +1632,7 @@ sp AudioFlinger::createRecord(const CreateRecordInput& inpu bool updatePid = (input.clientInfo.clientPid == -1); const uid_t callingUid = IPCThreadState::self()->getCallingUid(); uid_t clientUid = input.clientInfo.clientUid; - if (!isTrustedCallingUid(callingUid)) { + if (!isAudioServerOrMediaServerUid(callingUid)) { ALOGW_IF(clientUid != callingUid, "%s uid %d tried to pass itself off as %d", __FUNCTION__, callingUid, clientUid); @@ -1883,7 +1880,7 @@ size_t AudioFlinger::getPrimaryOutputFrameCount() status_t AudioFlinger::setLowRamDevice(bool isLowRamDevice, int64_t totalMemory) { uid_t uid = IPCThreadState::self()->getCallingUid(); - if (uid != AID_SYSTEM) { + if (!isAudioServerOrSystemServerUid(uid)) { return PERMISSION_DENIED; } Mutex::Autolock _l(mLock); @@ -2625,7 +2622,8 @@ void AudioFlinger::acquireAudioSessionId(audio_session_t audioSession, pid_t pid Mutex::Autolock _l(mLock); pid_t caller = IPCThreadState::self()->getCallingPid(); ALOGV("acquiring %d from %d, for %d", audioSession, caller, pid); - if (pid != -1 && (caller == getpid_cached)) { + const uid_t callerUid = IPCThreadState::self()->getCallingUid(); + if (pid != -1 && isAudioServerUid(callerUid)) { // check must match releaseAudioSessionId() caller = pid; } @@ -2659,7 +2657,8 @@ void AudioFlinger::releaseAudioSessionId(audio_session_t audioSession, pid_t pid Mutex::Autolock _l(mLock); pid_t caller = IPCThreadState::self()->getCallingPid(); ALOGV("releasing %d from %d for %d", audioSession, caller, pid); - if (pid != -1 && (caller == getpid_cached)) { + const uid_t callerUid = IPCThreadState::self()->getCallingUid(); + if (pid != -1 && isAudioServerUid(callerUid)) { // check must match acquireAudioSessionId() caller = pid; } size_t num = mAudioSessionRefs.size(); @@ -2676,9 +2675,10 @@ void AudioFlinger::releaseAudioSessionId(audio_session_t audioSession, pid_t pid return; } } - // If the caller is mediaserver it is likely that the session being released was acquired + // If the caller is audioserver it is likely that the session being released was acquired // on behalf of a process not in notification clients and we ignore the warning. - ALOGW_IF(caller != getpid_cached, "session id %d not found for pid %d", audioSession, caller); + ALOGW_IF(!isAudioServerUid(callerUid), + "session id %d not found for pid %d", audioSession, caller); } bool AudioFlinger::isSessionAcquired_l(audio_session_t audioSession) @@ -2986,7 +2986,7 @@ sp AudioFlinger::createEffect( effect_descriptor_t desc; const uid_t callingUid = IPCThreadState::self()->getCallingUid(); - if (pid == -1 || !isTrustedCallingUid(callingUid)) { + if (pid == -1 || !isAudioServerOrMediaServerUid(callingUid)) { const pid_t callingPid = IPCThreadState::self()->getCallingPid(); ALOGW_IF(pid != -1 && pid != callingPid, "%s uid %d pid %d tried to pass itself off as pid %d", @@ -3009,8 +3009,8 @@ sp AudioFlinger::createEffect( } // Session AUDIO_SESSION_OUTPUT_STAGE is reserved for output stage effects - // that can only be created by audio policy manager (running in same process) - if (sessionId == AUDIO_SESSION_OUTPUT_STAGE && getpid_cached != pid) { + // that can only be created by audio policy manager + if (sessionId == AUDIO_SESSION_OUTPUT_STAGE && !isAudioServerUid(callingUid)) { lStatus = PERMISSION_DENIED; goto Exit; } diff --git a/services/audioflinger/Effects.cpp b/services/audioflinger/Effects.cpp index 5e82b75e42..25425b2363 100644 --- a/services/audioflinger/Effects.cpp +++ b/services/audioflinger/Effects.cpp @@ -1814,7 +1814,7 @@ void AudioFlinger::EffectHandle::dumpToBuffer(char* buffer, size_t size) bool locked = mCblk != NULL && AudioFlinger::dumpTryLock(mCblk->lock); snprintf(buffer, size, "\t\t\t%5d %5d %3s %3s %5u %5u\n", - (mClient == 0) ? getpid_cached : mClient->pid(), + (mClient == 0) ? getpid() : mClient->pid(), mPriority, mHasControl ? "yes" : "no", locked ? "yes" : "no", diff --git a/services/audioflinger/Threads.cpp b/services/audioflinger/Threads.cpp index 7b5d9e640a..8a41785eec 100644 --- a/services/audioflinger/Threads.cpp +++ b/services/audioflinger/Threads.cpp @@ -3946,7 +3946,7 @@ AudioFlinger::MixerThread::MixerThread(const sp& audioFlinger, Aud // start the fast mixer mFastMixer->run("FastMixer", PRIORITY_URGENT_AUDIO); pid_t tid = mFastMixer->getTid(); - sendPrioConfigEvent(getpid_cached, tid, kPriorityFastMixer, false /*forApp*/); + sendPrioConfigEvent(getpid(), tid, kPriorityFastMixer, false /*forApp*/); stream()->setHalThreadPriority(kPriorityFastMixer); #ifdef AUDIO_WATCHDOG @@ -3955,7 +3955,7 @@ AudioFlinger::MixerThread::MixerThread(const sp& audioFlinger, Aud mAudioWatchdog->setDump(&mAudioWatchdogDump); mAudioWatchdog->run("AudioWatchdog", PRIORITY_URGENT_AUDIO); tid = mAudioWatchdog->getTid(); - sendPrioConfigEvent(getpid_cached, tid, kPriorityFastMixer, false /*forApp*/); + sendPrioConfigEvent(getpid(), tid, kPriorityFastMixer, false /*forApp*/); #endif } @@ -6362,7 +6362,7 @@ AudioFlinger::RecordThread::RecordThread(const sp& audioFlinger, // start the fast capture mFastCapture->run("FastCapture", ANDROID_PRIORITY_URGENT_AUDIO); pid_t tid = mFastCapture->getTid(); - sendPrioConfigEvent(getpid_cached, tid, kPriorityFastCapture, false /*forApp*/); + sendPrioConfigEvent(getpid(), tid, kPriorityFastCapture, false /*forApp*/); stream()->setHalThreadPriority(kPriorityFastCapture); #ifdef AUDIO_WATCHDOG // FIXME diff --git a/services/audioflinger/Tracks.cpp b/services/audioflinger/Tracks.cpp index fc8f34b5f0..34950999cf 100644 --- a/services/audioflinger/Tracks.cpp +++ b/services/audioflinger/Tracks.cpp @@ -102,7 +102,7 @@ AudioFlinger::ThreadBase::TrackBase::TrackBase( mIsInvalid(false) { const uid_t callingUid = IPCThreadState::self()->getCallingUid(); - if (!isTrustedCallingUid(callingUid) || clientUid == AUDIO_UID_INVALID) { + if (!isAudioServerOrMediaServerUid(callingUid) || clientUid == AUDIO_UID_INVALID) { ALOGW_IF(clientUid != AUDIO_UID_INVALID && clientUid != callingUid, "%s uid %d tried to pass itself off as %d", __FUNCTION__, callingUid, clientUid); clientUid = callingUid; @@ -599,7 +599,7 @@ void AudioFlinger::PlaybackThread::Track::appendDump(String8& result, bool activ "%08X %6zu%c %6zu %c %9u%c %7u " "%08zX %08zX\n", active ? "yes" : "no", - (mClient == 0) ? getpid_cached : mClient->pid(), + (mClient == 0) ? getpid() : mClient->pid(), mSessionId, getTrackStateString(), mCblk->mFlags, @@ -1509,7 +1509,7 @@ AudioFlinger::PlaybackThread::PatchTrack::PatchTrack(PlaybackThread *playbackThr audio_attributes_t{} /* currently unused for patch track */, sampleRate, format, channelMask, frameCount, buffer, bufferSize, nullptr /* sharedBuffer */, - AUDIO_SESSION_NONE, getuid(), flags, TYPE_PATCH), + AUDIO_SESSION_NONE, AID_AUDIOSERVER, flags, TYPE_PATCH), mProxy(new ClientProxy(mCblk, mBuffer, frameCount, mFrameSize, true, true)) { uint64_t mixBufferNs = ((uint64_t)2 * playbackThread->frameCount() * 1000000000) / @@ -1795,7 +1795,7 @@ void AudioFlinger::RecordThread::RecordTrack::appendDump(String8& result, bool a "%08X %6zu %3c\n", isFastTrack() ? 'F' : ' ', active ? "yes" : "no", - (mClient == 0) ? getpid_cached : mClient->pid(), + (mClient == 0) ? getpid() : mClient->pid(), mSessionId, getTrackStateString(), mCblk->mFlags, @@ -1875,7 +1875,8 @@ AudioFlinger::RecordThread::PatchRecord::PatchRecord(RecordThread *recordThread, : RecordTrack(recordThread, NULL, audio_attributes_t{} /* currently unused for patch track */, sampleRate, format, channelMask, frameCount, - buffer, bufferSize, AUDIO_SESSION_NONE, getuid(), flags, TYPE_PATCH), + buffer, bufferSize, AUDIO_SESSION_NONE, AID_AUDIOSERVER, + flags, TYPE_PATCH), mProxy(new ClientProxy(mCblk, mBuffer, frameCount, mFrameSize, false, true)) { uint64_t mixBufferNs = ((uint64_t)2 * recordThread->frameCount() * 1000000000) / diff --git a/services/audiopolicy/managerdefault/AudioPolicyManager.cpp b/services/audiopolicy/managerdefault/AudioPolicyManager.cpp index 899a790e49..d0cea6e933 100644 --- a/services/audiopolicy/managerdefault/AudioPolicyManager.cpp +++ b/services/audiopolicy/managerdefault/AudioPolicyManager.cpp @@ -39,6 +39,7 @@ #include #include #include +#include #include #include #include @@ -3819,7 +3820,7 @@ static status_t deserializeAudioPolicyXmlConfig(AudioPolicyConfig &config) { AudioPolicyManager::AudioPolicyManager(AudioPolicyClientInterface *clientInterface, bool /*forTesting*/) : - mUidCached(getuid()), + mUidCached(AID_AUDIOSERVER), // no need to call getuid(), there's only one of us running. mpClientInterface(clientInterface), mLimitRingtoneVolume(false), mLastVoiceVolume(-1.0f), mA2dpSuspended(false), diff --git a/services/audiopolicy/managerdefault/AudioPolicyManager.h b/services/audiopolicy/managerdefault/AudioPolicyManager.h index c814ff91a6..008e1caf98 100644 --- a/services/audiopolicy/managerdefault/AudioPolicyManager.h +++ b/services/audiopolicy/managerdefault/AudioPolicyManager.h @@ -540,7 +540,7 @@ protected: static bool streamsMatchForvolume(audio_stream_type_t stream1, audio_stream_type_t stream2); - uid_t mUidCached; + const uid_t mUidCached; // AID_AUDIOSERVER AudioPolicyClientInterface *mpClientInterface; // audio policy client interface sp mPrimaryOutput; // primary output descriptor // list of descriptors for outputs currently opened diff --git a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp index b74bd966f1..48c4a206a1 100644 --- a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp +++ b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp @@ -183,7 +183,7 @@ status_t AudioPolicyService::getOutputForAttr(const audio_attributes_t *attr, Mutex::Autolock _l(mLock); const uid_t callingUid = IPCThreadState::self()->getCallingUid(); - if (!isTrustedCallingUid(callingUid) || uid == (uid_t)-1) { + if (!isAudioServerOrMediaServerUid(callingUid) || uid == (uid_t)-1) { ALOGW_IF(uid != (uid_t)-1 && uid != callingUid, "%s uid %d tried to pass itself off as %d", __FUNCTION__, callingUid, uid); uid = callingUid; @@ -320,7 +320,7 @@ status_t AudioPolicyService::getInputForAttr(const audio_attributes_t *attr, bool updatePid = (pid == -1); const uid_t callingUid = IPCThreadState::self()->getCallingUid(); - if (!isTrustedCallingUid(callingUid)) { + if (!isAudioServerOrMediaServerUid(callingUid)) { ALOGW_IF(uid != (uid_t)-1 && uid != callingUid, "%s uid %d tried to pass itself off as %d", __FUNCTION__, callingUid, uid); uid = callingUid; diff --git a/services/audiopolicy/service/AudioPolicyService.cpp b/services/audiopolicy/service/AudioPolicyService.cpp index 5d25ea837b..65b84957d4 100644 --- a/services/audiopolicy/service/AudioPolicyService.cpp +++ b/services/audiopolicy/service/AudioPolicyService.cpp @@ -26,7 +26,6 @@ #include #include #include -#include #include #include #include @@ -43,8 +42,6 @@ #include #include -#include - namespace android { static const char kDeadlockedString[] = "AudioPolicyService may be deadlocked\n"; @@ -275,7 +272,7 @@ void AudioPolicyService::NotificationClient::onAudioPatchListUpdate() void AudioPolicyService::NotificationClient::onDynamicPolicyMixStateUpdate( const String8& regId, int32_t state) { - if (mAudioPolicyServiceClient != 0 && multiuser_get_app_id(mUid) < AID_APP_START) { + if (mAudioPolicyServiceClient != 0 && isServiceUid(mUid)) { mAudioPolicyServiceClient->onDynamicPolicyMixStateUpdate(regId, state); } } @@ -285,7 +282,7 @@ void AudioPolicyService::NotificationClient::onRecordingConfigurationUpdate( const audio_config_base_t *clientConfig, const audio_config_base_t *deviceConfig, audio_patch_handle_t patchHandle) { - if (mAudioPolicyServiceClient != 0 && multiuser_get_app_id(mUid) < AID_APP_START) { + if (mAudioPolicyServiceClient != 0 && isServiceUid(mUid)) { mAudioPolicyServiceClient->onRecordingConfigurationUpdate(event, clientInfo, clientConfig, deviceConfig, patchHandle); } @@ -577,10 +574,6 @@ void AudioPolicyService::UidPolicy::onUidIdle(uid_t uid, __unused bool disabled) updateUidCache(uid, false, true); } -bool AudioPolicyService::UidPolicy::isServiceUid(uid_t uid) const { - return multiuser_get_app_id(uid) < AID_APP_START; -} - void AudioPolicyService::UidPolicy::notifyService(uid_t uid, bool active) { sp service = mService.promote(); if (service != nullptr) { diff --git a/services/audiopolicy/service/AudioPolicyService.h b/services/audiopolicy/service/AudioPolicyService.h index 3e179c088d..7755c3b027 100644 --- a/services/audiopolicy/service/AudioPolicyService.h +++ b/services/audiopolicy/service/AudioPolicyService.h @@ -291,7 +291,6 @@ private: void removeOverrideUid(uid_t uid) { updateOverrideUid(uid, false, false); } private: - bool isServiceUid(uid_t uid) const; void notifyService(uid_t uid, bool active); void updateOverrideUid(uid_t uid, bool active, bool insert); void updateUidCache(uid_t uid, bool active, bool insert); diff --git a/services/medialog/Android.bp b/services/medialog/Android.bp index 29e6dfcd68..ca96f622fc 100644 --- a/services/medialog/Android.bp +++ b/services/medialog/Android.bp @@ -9,7 +9,9 @@ cc_library_shared { shared_libs: [ "libaudioutils", "libbinder", + "libcutils", "liblog", + "libmediautils", "libnbaio", "libnblog", "libutils", diff --git a/services/medialog/MediaLogService.cpp b/services/medialog/MediaLogService.cpp index 1be5544457..e58dff7159 100644 --- a/services/medialog/MediaLogService.cpp +++ b/services/medialog/MediaLogService.cpp @@ -21,7 +21,7 @@ #include #include #include -#include +#include #include "MediaLogService.h" namespace android { @@ -53,7 +53,7 @@ MediaLogService::~MediaLogService() void MediaLogService::registerWriter(const sp& shared, size_t size, const char *name) { - if (IPCThreadState::self()->getCallingUid() != AID_AUDIOSERVER || shared == 0 || + if (!isAudioServerOrMediaServerUid(IPCThreadState::self()->getCallingUid()) || shared == 0 || size < kMinSize || size > kMaxSize || name == NULL || shared->size() < NBLog::Timeline::sharedSize(size)) { return; @@ -67,7 +67,7 @@ void MediaLogService::registerWriter(const sp& shared, size_t size, con void MediaLogService::unregisterWriter(const sp& shared) { - if (IPCThreadState::self()->getCallingUid() != AID_AUDIOSERVER || shared == 0) { + if (!isAudioServerOrMediaServerUid(IPCThreadState::self()->getCallingUid()) || shared == 0) { return; } Mutex::Autolock _l(mLock); @@ -95,10 +95,8 @@ bool MediaLogService::dumpTryLock(Mutex& mutex) status_t MediaLogService::dump(int fd, const Vector& args __unused) { - // FIXME merge with similar but not identical code at services/audioflinger/ServiceUtilities.cpp - static const String16 sDump("android.permission.DUMP"); - if (!(IPCThreadState::self()->getCallingUid() == AID_AUDIOSERVER || - PermissionCache::checkCallingPermission(sDump))) { + if (!(isAudioServerOrMediaServerUid(IPCThreadState::self()->getCallingUid()) + || dumpAllowed())) { dprintf(fd, "Permission Denial: can't dump media.log from pid=%d, uid=%d\n", IPCThreadState::self()->getCallingPid(), IPCThreadState::self()->getCallingUid());