audioserver: fix UID checks for multi user

Fix UID checks in audioserver to take into account multi user UIDs where the top part above AID_USER_OFFSET contains the user number. Bug: 76439650 Test: manual audio smoke tests. Change-Id: I6dbd616021bcb2639c7b7369000ce911c7e7e030
6 years ago · 96c7eed596
parent bebc764c6b
commit 96c7eed596
3 changed files with 10 additions and 6 deletions
--- a/media/libaudioclient/IAudioFlinger.cpp
+++ b/media/libaudioclient/IAudioFlinger.cpp
@ -903,13 +903,15 @@ status_t BnAudioFlinger::onTransact(
        case SET_MODE:
        case SET_MIC_MUTE:
        case SET_LOW_RAM_DEVICE:
-        case SYSTEM_READY:
-            if (IPCThreadState::self()->getCallingUid() >= AID_APP_START) {
+        case SYSTEM_READY: {
+            uid_t multiUserClientUid = IPCThreadState::self()->getCallingUid() % AID_USER_OFFSET;
+            if (multiUserClientUid >= AID_APP_START) {
                ALOGW("%s: transaction %d received from PID %d unauthorized UID %d",
                      __func__, code, IPCThreadState::self()->getCallingPid(),
                      IPCThreadState::self()->getCallingUid());
                return INVALID_OPERATION;
            }
+        } break;
        default:
            break;
    }
--- a/media/libaudioclient/IAudioPolicyService.cpp
+++ b/media/libaudioclient/IAudioPolicyService.cpp
@ -872,13 +872,15 @@ status_t BnAudioPolicyService::onTransact(
        case INIT_STREAM_VOLUME:
        case SET_STREAM_VOLUME:
        case REGISTER_POLICY_MIXES:
-        case SET_MASTER_MONO:
-            if (IPCThreadState::self()->getCallingUid() >= AID_APP_START) {
+        case SET_MASTER_MONO: {
+            uid_t multiUserClientUid = IPCThreadState::self()->getCallingUid() % AID_USER_OFFSET;
+            if (multiUserClientUid >= AID_APP_START) {
                ALOGW("%s: transaction %d received from PID %d unauthorized UID %d",
                      __func__, code, IPCThreadState::self()->getCallingPid(),
                      IPCThreadState::self()->getCallingUid());
                return INVALID_OPERATION;
            }
+        } break;
        default:
            break;
    }
--- a/services/audiopolicy/service/AudioPolicyService.cpp
+++ b/services/audiopolicy/service/AudioPolicyService.cpp
@ -273,7 +273,7 @@ void AudioPolicyService::NotificationClient::onAudioPatchListUpdate()
 void AudioPolicyService::NotificationClient::onDynamicPolicyMixStateUpdate(
        const String8& regId, int32_t state)
 {
-    if (mAudioPolicyServiceClient != 0 && mUid < AID_APP_START) {
+    if (mAudioPolicyServiceClient != 0 && (mUid % AID_USER_OFFSET) < AID_APP_START) {
        mAudioPolicyServiceClient->onDynamicPolicyMixStateUpdate(regId, state);
    }
 }
@ -283,7 +283,7 @@ void AudioPolicyService::NotificationClient::onRecordingConfigurationUpdate(
        const audio_config_base_t *clientConfig, const audio_config_base_t *deviceConfig,
        audio_patch_handle_t patchHandle)
 {
-    if (mAudioPolicyServiceClient != 0 && mUid < AID_APP_START) {
+    if (mAudioPolicyServiceClient != 0 && (mUid % AID_USER_OFFSET) < AID_APP_START) {
        mAudioPolicyServiceClient->onRecordingConfigurationUpdate(event, clientInfo,
                clientConfig, deviceConfig, patchHandle);
    }