audio policy: call redirection permission
Add specific permission check for audio capture and playback associated
to call audio redirection.
Bug: 189472651
Test: make
Change-Id: Ie1b63dabef36a9931f4809b8200dc0b18e5230ec
diff --git a/media/utils/ServiceUtilities.cpp b/media/utils/ServiceUtilities.cpp
index 4f0909b..3ee7626 100644
--- a/media/utils/ServiceUtilities.cpp
+++ b/media/utils/ServiceUtilities.cpp
@@ -45,6 +45,7 @@
static const String16 sAndroidPermissionRecordAudio("android.permission.RECORD_AUDIO");
static const String16 sModifyPhoneState("android.permission.MODIFY_PHONE_STATE");
static const String16 sModifyAudioRouting("android.permission.MODIFY_AUDIO_ROUTING");
+static const String16 sCallAudioInterception("android.permission.CALL_AUDIO_INTERCEPTION");
static String16 resolveCallingPackage(PermissionController& permissionController,
const std::optional<String16> opPackageName, uid_t uid) {
@@ -309,6 +310,17 @@
return ok;
}
+bool callAudioInterceptionAllowed(const AttributionSourceState& attributionSource) {
+ uid_t uid = VALUE_OR_FATAL(aidl2legacy_int32_t_uid_t(attributionSource.uid));
+ pid_t pid = VALUE_OR_FATAL(aidl2legacy_int32_t_pid_t(attributionSource.pid));
+
+ // IMPORTANT: Use PermissionCache - not a runtime permission and may not change.
+ bool ok = PermissionCache::checkPermission(sCallAudioInterception, pid, uid);
+ if (!ok) ALOGE("%s(): android.permission.CALL_AUDIO_INTERCEPTION denied for uid %d",
+ __func__, uid);
+ return ok;
+}
+
AttributionSourceState getCallingAttributionSource() {
AttributionSourceState attributionSource = AttributionSourceState();
attributionSource.pid = VALUE_OR_FATAL(legacy2aidl_pid_t_int32_t(