07971a32acb95fe50f5055e81ce32fb0a0cd8872 - android_frameworks_av

commit	07971a32acb95fe50f5055e81ce32fb0a0cd8872	[log] [tgz]
author	Atneya Nair <atneya@google.com>	Fri Oct 04 14:33:21 2024 -0700
committer	Atneya Nair <atneya@google.com>	Fri Oct 04 14:33:21 2024 -0700
tree	2fe7a86ac2d762c2850ad29113c32f00eea23f74
parent	9200d56f87b4db40ff32154f50adb9fab3e73873 [diff]

Anonymize bt addresses in listAudioPorts

Fix a security bypass where listAudioPorts would provide BT MAC
addresses without the required permission.

If a client doesn't have BLUETOOTH_CONNECT, partially redact the
address. To avoid performance issues, this change:
 - Caches uids which hold the permission, invalidating them on the
   package manager cache invalidation sysprop
 - Ensures we only call the check outside of any locks in audioserver.

Soaking for backport on main, a better solution to follow.

Test: Manual repro using the POC app
Bug: 285588444
Flag: EXEMPT security
Change-Id: Ide27226237236380814e6f19a74d1ce1e72828fd

media/audioaidlconversion/AidlConversionCppNdk.cpp[diff]
media/libaudioclient/tests/audio_aidl_legacy_conversion_tests.cpp[diff]
media/utils/ServiceUtilities.cpp[diff]
media/utils/include/mediautils/ServiceUtilities.h[diff]
services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp[diff]

5 files changed

tree: 2fe7a86ac2d762c2850ad29113c32f00eea23f74

aidl/
aidl_api/
apex/
camera/
cmds/
drm/
include/
media/
services/
tools/
.clang-format
Android.bp
CleanSpec.mk
MainlineFiles.cfg
METADATA
MODULE_LICENSE_APACHE2
NOTICE
OWNERS
PREUPLOAD.cfg