From 893a5642871114fca3b2a00c6ff8e5699ce3e3ed Mon Sep 17 00:00:00 2001 From: Jeff Brown Date: Fri, 16 Aug 2013 20:19:26 -0700 Subject: Enforce permission for recording from remote submix. Bug: 10265163 Change-Id: I2395036bac6e10baeaf6ea4bc3093bd9dd98742d --- services/audioflinger/AudioFlinger.cpp | 10 ++++++++++ services/audioflinger/ServiceUtilities.cpp | 9 +++++++++ services/audioflinger/ServiceUtilities.h | 1 + 3 files changed, 20 insertions(+) (limited to 'services') diff --git a/services/audioflinger/AudioFlinger.cpp b/services/audioflinger/AudioFlinger.cpp index 3d65c44..b8a6b37 100644 --- a/services/audioflinger/AudioFlinger.cpp +++ b/services/audioflinger/AudioFlinger.cpp @@ -1206,6 +1206,10 @@ void AudioFlinger::NotificationClient::binderDied(const wp& who) // ---------------------------------------------------------------------------- +static bool deviceRequiresCaptureAudioOutputPermission(audio_devices_t inDevice) { + return audio_is_remote_submix_device(inDevice); +} + sp AudioFlinger::openRecord( audio_io_handle_t input, uint32_t sampleRate, @@ -1246,6 +1250,12 @@ sp AudioFlinger::openRecord( goto Exit; } + if (deviceRequiresCaptureAudioOutputPermission(thread->inDevice()) + && !captureAudioOutputAllowed()) { + lStatus = PERMISSION_DENIED; + goto Exit; + } + pid_t pid = IPCThreadState::self()->getCallingPid(); client = registerPid_l(pid); diff --git a/services/audioflinger/ServiceUtilities.cpp b/services/audioflinger/ServiceUtilities.cpp index d15bd04..9ee513b 100644 --- a/services/audioflinger/ServiceUtilities.cpp +++ b/services/audioflinger/ServiceUtilities.cpp @@ -34,6 +34,15 @@ bool recordingAllowed() { return ok; } +bool captureAudioOutputAllowed() { + if (getpid_cached == IPCThreadState::self()->getCallingPid()) return true; + static const String16 sCaptureAudioOutput("android.permission.CAPTURE_AUDIO_OUTPUT"); + // don't use PermissionCache; this is not a system permission + bool ok = checkCallingPermission(sCaptureAudioOutput); + if (!ok) ALOGE("Request requires android.permission.CAPTURE_AUDIO_OUTPUT"); + return ok; +} + bool settingsAllowed() { if (getpid_cached == IPCThreadState::self()->getCallingPid()) return true; static const String16 sAudioSettings("android.permission.MODIFY_AUDIO_SETTINGS"); diff --git a/services/audioflinger/ServiceUtilities.h b/services/audioflinger/ServiceUtilities.h index 80cecba..175cd28 100644 --- a/services/audioflinger/ServiceUtilities.h +++ b/services/audioflinger/ServiceUtilities.h @@ -21,6 +21,7 @@ namespace android { extern pid_t getpid_cached; bool recordingAllowed(); +bool captureAudioOutputAllowed(); bool settingsAllowed(); bool dumpAllowed(); -- cgit v1.1