commit 7dca8a83b7c6922a69e266aa9f2b5693a4d773a9
author Eric Laurent <elaurent@google.com> Mon Jan 29 18:44:26 2018 -0800
committer Eric Laurent <elaurent@google.com> Fri Feb 09 16:09:06 2018 -0800
tree cd09df52888de8f7af339c9decc3f21367272c1b
parent fee1976a2849c37a53d8a01ac10327d522a1ba93

Revert "Revert "audio flinger: move record permission checks to audio policy service""

This reverts commit 67651f97c9c3880a4440c86618337f8a64c3e1a9.

Bug: 72628781
Test: manual camcorder tests
Change-Id: Id3687d2a4ab90f01d66ff30b2d77e6ec4ae72b3f

services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp

diff --git a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
index 0ce562c..306de3f 100644
--- a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
+++ b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
@@ -296,6 +296,7 @@
     if (mAudioPolicyManager == NULL) {
         return NO_INIT;
     }
+
     // already checked by client, but double-check in case the client wrapper is bypassed
     if (attr->source < AUDIO_SOURCE_DEFAULT && attr->source >= AUDIO_SOURCE_CNT &&
             attr->source != AUDIO_SOURCE_HOTWORD && attr->source != AUDIO_SOURCE_FM_TUNER) {
@@ -319,6 +320,13 @@
         pid = callingPid;
     }
 
+    // check calling permissions
+    if (!recordingAllowed(opPackageName, pid, uid)) {
+        ALOGE("%s permission denied: recording not allowed for uid %d pid %d",
+                __func__, uid, pid);
+        return PERMISSION_DENIED;
+    }
+
     if ((attr->source == AUDIO_SOURCE_HOTWORD) && !captureHotwordAllowed(pid, uid)) {
         return BAD_VALUE;
     }
@@ -392,18 +400,28 @@
     if (mAudioPolicyManager == NULL) {
         return NO_INIT;
     }
+    sp<AudioRecordClient> client;
+    {
+        Mutex::Autolock _l(mLock);
 
-    Mutex::Autolock _l(mLock);
-
-    ssize_t index = mAudioRecordClients.indexOfKey(portId);
-    if (index < 0) {
-        return INVALID_OPERATION;
+        ssize_t index = mAudioRecordClients.indexOfKey(portId);
+        if (index < 0) {
+            return INVALID_OPERATION;
+        }
+        client = mAudioRecordClients.valueAt(index);
     }
-    sp<AudioRecordClient> client = mAudioRecordClients.valueAt(index);
+
+    // check calling permissions
+    if (!recordingAllowed(client->opPackageName, client->pid, client->uid)) {
+        ALOGE("%s permission denied: recording not allowed for uid %d pid %d",
+                __func__, client->uid, client->pid);
+        return PERMISSION_DENIED;
+    }
 
     // If UID inactive it records silence until becoming active
     *silenced = !mUidPolicy->isUidActive(client->uid) && !client->isVirtualDevice;
 
+    Mutex::Autolock _l(mLock);
     AudioPolicyInterface::concurrency_type__mask_t concurrency =
             AudioPolicyInterface::API_INPUT_CONCURRENCY_NONE;