Update AttributionSource deviceIds thoroughly
PermissionChecker expects consistent deviceIds throughout the
AttributionSource chain.
Bug: 291737188
Test: atest VirtualAudioPermissionTest
Change-Id: I101a4705fc8703cf77bc8046d032bc58b3404ed5
diff --git a/media/utils/ServiceUtilities.cpp b/media/utils/ServiceUtilities.cpp
index 4926e46..4b0192a 100644
--- a/media/utils/ServiceUtilities.cpp
+++ b/media/utils/ServiceUtilities.cpp
@@ -86,7 +86,7 @@
}
std::optional<AttributionSourceState> resolveAttributionSource(
- const AttributionSourceState& callerAttributionSource) {
+ const AttributionSourceState& callerAttributionSource, const uint32_t virtualDeviceId) {
AttributionSourceState nextAttributionSource = callerAttributionSource;
if (!nextAttributionSource.packageName.has_value()) {
@@ -101,6 +101,7 @@
return std::nullopt;
}
}
+ nextAttributionSource.deviceId = virtualDeviceId;
AttributionSourceState myAttributionSource;
myAttributionSource.uid = VALUE_OR_FATAL(android::legacy2aidl_uid_t_int32_t(getuid()));
@@ -109,6 +110,7 @@
// audioserver to the app ops system
static sp<BBinder> appOpsToken = sp<BBinder>::make();
myAttributionSource.token = appOpsToken;
+ myAttributionSource.deviceId = virtualDeviceId;
myAttributionSource.next.push_back(nextAttributionSource);
return std::optional<AttributionSourceState>{myAttributionSource};
@@ -129,7 +131,7 @@
// may open a record track on behalf of a client. Note that pid may be a tid.
// IMPORTANT: DON'T USE PermissionCache - RUNTIME PERMISSIONS CHANGE.
std::optional<AttributionSourceState> resolvedAttributionSource =
- resolveAttributionSource(attributionSource);
+ resolveAttributionSource(attributionSource, virtualDeviceId);
if (!resolvedAttributionSource.has_value()) {
return false;
}
@@ -137,7 +139,6 @@
const int32_t attributedOpCode = getOpForSource(source);
permission::PermissionChecker permissionChecker;
- resolvedAttributionSource.value().deviceId = virtualDeviceId;
bool permitted = false;
if (start) {
permitted = (permissionChecker.checkPermissionForStartDataDeliveryFromDatasource(
@@ -166,13 +167,16 @@
String16(), /*start*/ false, source);
}
-bool startRecording(const AttributionSourceState& attributionSource, const String16& msg,
- audio_source_t source) {
- return checkRecordingInternal(attributionSource, DEVICE_ID_DEFAULT, msg, /*start*/ true,
+bool startRecording(const AttributionSourceState& attributionSource,
+ const uint32_t virtualDeviceId,
+ const String16& msg,
+ audio_source_t source) {
+ return checkRecordingInternal(attributionSource, virtualDeviceId, msg, /*start*/ true,
source);
}
-void finishRecording(const AttributionSourceState& attributionSource, audio_source_t source) {
+void finishRecording(const AttributionSourceState &attributionSource, uint32_t virtualDeviceId,
+ audio_source_t source) {
// Okay to not track in app ops as audio server is us and if
// device is rooted security model is considered compromised.
uid_t uid = VALUE_OR_FATAL(aidl2legacy_int32_t_uid_t(attributionSource.uid));
@@ -182,7 +186,7 @@
// may open a record track on behalf of a client. Note that pid may be a tid.
// IMPORTANT: DON'T USE PermissionCache - RUNTIME PERMISSIONS CHANGE.
const std::optional<AttributionSourceState> resolvedAttributionSource =
- resolveAttributionSource(attributionSource);
+ resolveAttributionSource(attributionSource, virtualDeviceId);
if (!resolvedAttributionSource.has_value()) {
return;
}
@@ -406,7 +410,7 @@
return false;
}
const std::optional<AttributionSourceState> resolvedAttributionSource =
- resolveAttributionSource(attributionSource);
+ resolveAttributionSource(attributionSource, DEVICE_ID_DEFAULT);
if (!resolvedAttributionSource.has_value()) {
return true;
}