diff options
author | Jeff Tinker <jtinker@google.com> | 2014-04-02 16:41:38 -0700 |
---|---|---|
committer | Jeff Tinker <jtinker@google.com> | 2014-04-02 16:41:38 -0700 |
commit | 81e0bd44a10e90778ab5b0a3babd4fc52cadedd8 (patch) | |
tree | e593e5db634c29de4c9351d9a5f64f2f2e49d503 /media/libmediaplayerservice/Drm.cpp | |
parent | 68d9d71a792deed75d32fe13febc07c9c12c8449 (diff) | |
download | frameworks_av-81e0bd44a10e90778ab5b0a3babd4fc52cadedd8.zip frameworks_av-81e0bd44a10e90778ab5b0a3babd4fc52cadedd8.tar.gz frameworks_av-81e0bd44a10e90778ab5b0a3babd4fc52cadedd8.tar.bz2 |
Add signature|system permission to MediaDrm signer APIs
Change-Id: If970e5ff8dcab2e67af2f3376dcd14dca82f2394
related-to-bug: 12702350
Diffstat (limited to 'media/libmediaplayerservice/Drm.cpp')
-rw-r--r-- | media/libmediaplayerservice/Drm.cpp | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/media/libmediaplayerservice/Drm.cpp b/media/libmediaplayerservice/Drm.cpp index e68d4cd..d50037f 100644 --- a/media/libmediaplayerservice/Drm.cpp +++ b/media/libmediaplayerservice/Drm.cpp @@ -28,9 +28,21 @@ #include <media/stagefright/foundation/AString.h> #include <media/stagefright/foundation/hexdump.h> #include <media/stagefright/MediaErrors.h> +#include <binder/IServiceManager.h> +#include <binder/IPCThreadState.h> namespace android { +static bool checkPermission(const char* permissionString) { +#ifndef HAVE_ANDROID_OS + return true; +#endif + if (getpid() == IPCThreadState::self()->getCallingPid()) return true; + bool ok = checkCallingPermission(String16(permissionString)); + if (!ok) ALOGE("Request requires %s", permissionString); + return ok; +} + KeyedVector<Vector<uint8_t>, String8> Drm::mUUIDToLibraryPathMap; KeyedVector<String8, wp<SharedLibrary> > Drm::mLibraryPathToOpenLibraryMap; Mutex Drm::mMapLock; @@ -608,6 +620,10 @@ status_t Drm::signRSA(Vector<uint8_t> const &sessionId, return -EINVAL; } + if (!checkPermission("android.permission.ACCESS_DRM_CERTIFICATES")) { + return -EPERM; + } + return mPlugin->signRSA(sessionId, algorithm, message, wrappedKey, signature); } |