Use package name, pid, uid to check permission of capturing hotword.
Package name will be cached in ModuleClient when attaching a client. It
will be used when querying permission of capturing hotword.
Test: test with logging.
Bug: 74078996
Bug: 122721589
Change-Id: Icd2911f5d331d243c9eb5d58003ce5525c70c81e
diff --git a/include/soundtrigger/ISoundTriggerHwService.h b/include/soundtrigger/ISoundTriggerHwService.h
index ae0cb01..1faeb0f 100644
--- a/include/soundtrigger/ISoundTriggerHwService.h
+++ b/include/soundtrigger/ISoundTriggerHwService.h
@@ -33,12 +33,14 @@
DECLARE_META_INTERFACE(SoundTriggerHwService);
- virtual status_t listModules(struct sound_trigger_module_descriptor *modules,
+ virtual status_t listModules(const String16& opPackageName,
+ struct sound_trigger_module_descriptor *modules,
uint32_t *numModules) = 0;
- virtual status_t attach(const sound_trigger_module_handle_t handle,
- const sp<ISoundTriggerClient>& client,
- sp<ISoundTrigger>& module) = 0;
+ virtual status_t attach(const String16& opPackageName,
+ const sound_trigger_module_handle_t handle,
+ const sp<ISoundTriggerClient>& client,
+ sp<ISoundTrigger>& module) = 0;
virtual status_t setCaptureState(bool active) = 0;
};
diff --git a/include/soundtrigger/SoundTrigger.h b/include/soundtrigger/SoundTrigger.h
index 2e2ff7a..ccc61dc 100644
--- a/include/soundtrigger/SoundTrigger.h
+++ b/include/soundtrigger/SoundTrigger.h
@@ -36,10 +36,12 @@
virtual ~SoundTrigger();
- static status_t listModules(struct sound_trigger_module_descriptor *modules,
+ static status_t listModules(const String16& opPackageName,
+ struct sound_trigger_module_descriptor *modules,
uint32_t *numModules);
- static sp<SoundTrigger> attach(const sound_trigger_module_handle_t module,
- const sp<SoundTriggerCallback>& callback);
+ static sp<SoundTrigger> attach(const String16& opPackageName,
+ const sound_trigger_module_handle_t module,
+ const sp<SoundTriggerCallback>& callback);
static status_t setCaptureState(bool active);
diff --git a/media/utils/ServiceUtilities.cpp b/media/utils/ServiceUtilities.cpp
index cb681e0..768cd1e 100644
--- a/media/utils/ServiceUtilities.cpp
+++ b/media/utils/ServiceUtilities.cpp
@@ -138,14 +138,14 @@
return ok;
}
-bool captureHotwordAllowed(pid_t pid, uid_t uid) {
+bool captureHotwordAllowed(const String16& opPackageName, pid_t pid, uid_t uid) {
// CAPTURE_AUDIO_HOTWORD permission implies RECORD_AUDIO permission
- bool ok = recordingAllowed(String16(""), pid, uid);
+ bool ok = recordingAllowed(opPackageName, pid, uid);
if (ok) {
static const String16 sCaptureHotwordAllowed("android.permission.CAPTURE_AUDIO_HOTWORD");
// IMPORTANT: Use PermissionCache - not a runtime permission and may not change.
- ok = PermissionCache::checkCallingPermission(sCaptureHotwordAllowed);
+ ok = PermissionCache::checkPermission(sCaptureHotwordAllowed, pid, uid);
}
if (!ok) ALOGE("android.permission.CAPTURE_AUDIO_HOTWORD");
return ok;
diff --git a/media/utils/include/mediautils/ServiceUtilities.h b/media/utils/include/mediautils/ServiceUtilities.h
index 9377ff3..c5fe05f 100644
--- a/media/utils/include/mediautils/ServiceUtilities.h
+++ b/media/utils/include/mediautils/ServiceUtilities.h
@@ -75,7 +75,7 @@
void finishRecording(const String16& opPackageName, uid_t uid);
bool captureAudioOutputAllowed(pid_t pid, uid_t uid);
bool captureMediaOutputAllowed(pid_t pid, uid_t uid);
-bool captureHotwordAllowed(pid_t pid, uid_t uid);
+bool captureHotwordAllowed(const String16& opPackageName, pid_t pid, uid_t uid);
bool settingsAllowed();
bool modifyAudioRoutingAllowed();
bool modifyDefaultAudioEffectsAllowed();
diff --git a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
index b2a2344..b8036bb 100644
--- a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
+++ b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
@@ -385,7 +385,7 @@
return PERMISSION_DENIED;
}
- bool canCaptureHotword = captureHotwordAllowed(pid, uid);
+ bool canCaptureHotword = captureHotwordAllowed(opPackageName, pid, uid);
if ((attr->source == AUDIO_SOURCE_HOTWORD) && !canCaptureHotword) {
return BAD_VALUE;
}
diff --git a/services/soundtrigger/SoundTriggerHwService.cpp b/services/soundtrigger/SoundTriggerHwService.cpp
index f89683a..377d30b 100644
--- a/services/soundtrigger/SoundTriggerHwService.cpp
+++ b/services/soundtrigger/SoundTriggerHwService.cpp
@@ -82,11 +82,13 @@
}
}
-status_t SoundTriggerHwService::listModules(struct sound_trigger_module_descriptor *modules,
+status_t SoundTriggerHwService::listModules(const String16& opPackageName,
+ struct sound_trigger_module_descriptor *modules,
uint32_t *numModules)
{
ALOGV("listModules");
- if (!captureHotwordAllowed(IPCThreadState::self()->getCallingPid(),
+ if (!captureHotwordAllowed(opPackageName,
+ IPCThreadState::self()->getCallingPid(),
IPCThreadState::self()->getCallingUid())) {
return PERMISSION_DENIED;
}
@@ -103,12 +105,14 @@
return NO_ERROR;
}
-status_t SoundTriggerHwService::attach(const sound_trigger_module_handle_t handle,
+status_t SoundTriggerHwService::attach(const String16& opPackageName,
+ const sound_trigger_module_handle_t handle,
const sp<ISoundTriggerClient>& client,
sp<ISoundTrigger>& moduleInterface)
{
ALOGV("attach module %d", handle);
- if (!captureHotwordAllowed(IPCThreadState::self()->getCallingPid(),
+ if (!captureHotwordAllowed(opPackageName,
+ IPCThreadState::self()->getCallingPid(),
IPCThreadState::self()->getCallingUid())) {
return PERMISSION_DENIED;
}
@@ -124,7 +128,7 @@
}
sp<Module> module = mModules.valueAt(index);
- sp<ModuleClient> moduleClient = module->addClient(client);
+ sp<ModuleClient> moduleClient = module->addClient(client, opPackageName);
if (moduleClient == 0) {
return NO_INIT;
}
@@ -479,7 +483,8 @@
}
sp<SoundTriggerHwService::ModuleClient>
-SoundTriggerHwService::Module::addClient(const sp<ISoundTriggerClient>& client)
+SoundTriggerHwService::Module::addClient(const sp<ISoundTriggerClient>& client,
+ const String16& opPackageName)
{
AutoMutex lock(mLock);
sp<ModuleClient> moduleClient;
@@ -490,7 +495,7 @@
return moduleClient;
}
}
- moduleClient = new ModuleClient(this, client);
+ moduleClient = new ModuleClient(this, client, opPackageName);
ALOGV("addClient() client %p", moduleClient.get());
mModuleClients.add(moduleClient);
@@ -913,8 +918,9 @@
#define LOG_TAG "SoundTriggerHwService::ModuleClient"
SoundTriggerHwService::ModuleClient::ModuleClient(const sp<Module>& module,
- const sp<ISoundTriggerClient>& client)
- : mModule(module), mClient(client)
+ const sp<ISoundTriggerClient>& client,
+ const String16& opPackageName)
+ : mModule(module), mClient(client), mOpPackageName(opPackageName)
{
}
@@ -938,7 +944,8 @@
void SoundTriggerHwService::ModuleClient::detach() {
ALOGV("detach()");
- if (!captureHotwordAllowed(IPCThreadState::self()->getCallingPid(),
+ if (!captureHotwordAllowed(mOpPackageName,
+ IPCThreadState::self()->getCallingPid(),
IPCThreadState::self()->getCallingUid())) {
return;
}
@@ -962,7 +969,8 @@
sound_model_handle_t *handle)
{
ALOGV("loadSoundModel() handle");
- if (!captureHotwordAllowed(IPCThreadState::self()->getCallingPid(),
+ if (!captureHotwordAllowed(mOpPackageName,
+ IPCThreadState::self()->getCallingPid(),
IPCThreadState::self()->getCallingUid())) {
return PERMISSION_DENIED;
}
@@ -980,7 +988,8 @@
status_t SoundTriggerHwService::ModuleClient::unloadSoundModel(sound_model_handle_t handle)
{
ALOGV("unloadSoundModel() model handle %d", handle);
- if (!captureHotwordAllowed(IPCThreadState::self()->getCallingPid(),
+ if (!captureHotwordAllowed(mOpPackageName,
+ IPCThreadState::self()->getCallingPid(),
IPCThreadState::self()->getCallingUid())) {
return PERMISSION_DENIED;
}
@@ -996,7 +1005,8 @@
const sp<IMemory>& dataMemory)
{
ALOGV("startRecognition() model handle %d", handle);
- if (!captureHotwordAllowed(IPCThreadState::self()->getCallingPid(),
+ if (!captureHotwordAllowed(mOpPackageName,
+ IPCThreadState::self()->getCallingPid(),
IPCThreadState::self()->getCallingUid())) {
return PERMISSION_DENIED;
}
@@ -1014,7 +1024,8 @@
status_t SoundTriggerHwService::ModuleClient::stopRecognition(sound_model_handle_t handle)
{
ALOGV("stopRecognition() model handle %d", handle);
- if (!captureHotwordAllowed(IPCThreadState::self()->getCallingPid(),
+ if (!captureHotwordAllowed(mOpPackageName,
+ IPCThreadState::self()->getCallingPid(),
IPCThreadState::self()->getCallingUid())) {
return PERMISSION_DENIED;
}
@@ -1029,7 +1040,8 @@
status_t SoundTriggerHwService::ModuleClient::getModelState(sound_model_handle_t handle)
{
ALOGV("getModelState() model handle %d", handle);
- if (!captureHotwordAllowed(IPCThreadState::self()->getCallingPid(),
+ if (!captureHotwordAllowed(mOpPackageName,
+ IPCThreadState::self()->getCallingPid(),
IPCThreadState::self()->getCallingUid())) {
return PERMISSION_DENIED;
}
diff --git a/services/soundtrigger/SoundTriggerHwService.h b/services/soundtrigger/SoundTriggerHwService.h
index 4258ec0..43ad611 100644
--- a/services/soundtrigger/SoundTriggerHwService.h
+++ b/services/soundtrigger/SoundTriggerHwService.h
@@ -47,10 +47,12 @@
virtual ~SoundTriggerHwService();
// ISoundTriggerHwService
- virtual status_t listModules(struct sound_trigger_module_descriptor *modules,
+ virtual status_t listModules(const String16& opPackageName,
+ struct sound_trigger_module_descriptor *modules,
uint32_t *numModules);
- virtual status_t attach(const sound_trigger_module_handle_t handle,
+ virtual status_t attach(const String16& opPackageName,
+ const sound_trigger_module_handle_t handle,
const sp<ISoundTriggerClient>& client,
sp<ISoundTrigger>& module);
@@ -133,7 +135,8 @@
void setCaptureState_l(bool active);
- sp<ModuleClient> addClient(const sp<ISoundTriggerClient>& client);
+ sp<ModuleClient> addClient(const sp<ISoundTriggerClient>& client,
+ const String16& opPackageName);
void detach(const sp<ModuleClient>& moduleClient);
@@ -156,7 +159,8 @@
public:
ModuleClient(const sp<Module>& module,
- const sp<ISoundTriggerClient>& client);
+ const sp<ISoundTriggerClient>& client,
+ const String16& opPackageName);
virtual ~ModuleClient();
@@ -190,6 +194,7 @@
mutable Mutex mLock;
wp<Module> mModule;
sp<ISoundTriggerClient> mClient;
+ const String16 mOpPackageName;
}; // class ModuleClient
class CallbackThread : public Thread {
diff --git a/soundtrigger/ISoundTriggerHwService.cpp b/soundtrigger/ISoundTriggerHwService.cpp
index d44f5cb..bd107b4 100644
--- a/soundtrigger/ISoundTriggerHwService.cpp
+++ b/soundtrigger/ISoundTriggerHwService.cpp
@@ -50,7 +50,8 @@
{
}
- virtual status_t listModules(struct sound_trigger_module_descriptor *modules,
+ virtual status_t listModules(const String16& opPackageName,
+ struct sound_trigger_module_descriptor *modules,
uint32_t *numModules)
{
if (numModules == NULL || (*numModules != 0 && modules == NULL)) {
@@ -58,6 +59,7 @@
}
Parcel data, reply;
data.writeInterfaceToken(ISoundTriggerHwService::getInterfaceDescriptor());
+ data.writeString16(opPackageName);
unsigned int numModulesReq = (modules == NULL) ? 0 : *numModules;
data.writeInt32(numModulesReq);
status_t status = remote()->transact(LIST_MODULES, data, &reply);
@@ -77,12 +79,14 @@
return status;
}
- virtual status_t attach(const sound_trigger_module_handle_t handle,
+ virtual status_t attach(const String16& opPackageName,
+ const sound_trigger_module_handle_t handle,
const sp<ISoundTriggerClient>& client,
sp<ISoundTrigger>& module)
{
Parcel data, reply;
data.writeInterfaceToken(ISoundTriggerHwService::getInterfaceDescriptor());
+ data.writeString16(opPackageName);
data.write(&handle, sizeof(sound_trigger_module_handle_t));
data.writeStrongBinder(IInterface::asBinder(client));
status_t status = remote()->transact(ATTACH, data, &reply);
@@ -120,6 +124,11 @@
switch(code) {
case LIST_MODULES: {
CHECK_INTERFACE(ISoundTriggerHwService, data, reply);
+ String16 opPackageName;
+ status_t status = data.readString16(&opPackageName);
+ if (status != NO_ERROR) {
+ return status;
+ }
unsigned int numModulesReq = data.readInt32();
if (numModulesReq > MAX_ITEMS_PER_LIST) {
numModulesReq = MAX_ITEMS_PER_LIST;
@@ -133,7 +142,7 @@
reply->writeInt32(0);
return NO_ERROR;
}
- status_t status = listModules(modules, &numModules);
+ status = listModules(opPackageName, modules, &numModules);
reply->writeInt32(status);
reply->writeInt32(numModules);
ALOGV("LIST_MODULES status %d got numModules %d", status, numModules);
@@ -151,12 +160,17 @@
case ATTACH: {
CHECK_INTERFACE(ISoundTriggerHwService, data, reply);
+ String16 opPackageName;
+ status_t status = data.readString16(&opPackageName);
+ if (status != NO_ERROR) {
+ return status;
+ }
sound_trigger_module_handle_t handle;
data.read(&handle, sizeof(sound_trigger_module_handle_t));
sp<ISoundTriggerClient> client =
interface_cast<ISoundTriggerClient>(data.readStrongBinder());
sp<ISoundTrigger> module;
- status_t status = attach(handle, client, module);
+ status = attach(opPackageName, handle, client, module);
reply->writeInt32(status);
if (module != 0) {
reply->writeInt32(1);
diff --git a/soundtrigger/SoundTrigger.cpp b/soundtrigger/SoundTrigger.cpp
index d1eb367..9708ea7 100644
--- a/soundtrigger/SoundTrigger.cpp
+++ b/soundtrigger/SoundTrigger.cpp
@@ -80,19 +80,21 @@
}
// Static methods
-status_t SoundTrigger::listModules(struct sound_trigger_module_descriptor *modules,
- uint32_t *numModules)
+status_t SoundTrigger::listModules(const String16& opPackageName,
+ struct sound_trigger_module_descriptor *modules,
+ uint32_t *numModules)
{
ALOGV("listModules()");
const sp<ISoundTriggerHwService> service = getSoundTriggerHwService();
if (service == 0) {
return NO_INIT;
}
- return service->listModules(modules, numModules);
+ return service->listModules(opPackageName, modules, numModules);
}
-sp<SoundTrigger> SoundTrigger::attach(const sound_trigger_module_handle_t module,
- const sp<SoundTriggerCallback>& callback)
+sp<SoundTrigger> SoundTrigger::attach(const String16& opPackageName,
+ const sound_trigger_module_handle_t module,
+ const sp<SoundTriggerCallback>& callback)
{
ALOGV("attach()");
sp<SoundTrigger> soundTrigger;
@@ -101,7 +103,8 @@
return soundTrigger;
}
soundTrigger = new SoundTrigger(module, callback);
- status_t status = service->attach(module, soundTrigger, soundTrigger->mISoundTrigger);
+ status_t status = service->attach(opPackageName, module, soundTrigger,
+ soundTrigger->mISoundTrigger);
if (status == NO_ERROR && soundTrigger->mISoundTrigger != 0) {
IInterface::asBinder(soundTrigger->mISoundTrigger)->linkToDeath(soundTrigger);