Merge "Create a token for the AttributionSource CameraSource passes to connect" into main
diff --git a/aidl/com/android/media/permission/PermissionEnum.aidl b/aidl/com/android/media/permission/PermissionEnum.aidl
index 7badb87..8eeae10 100644
--- a/aidl/com/android/media/permission/PermissionEnum.aidl
+++ b/aidl/com/android/media/permission/PermissionEnum.aidl
@@ -38,5 +38,6 @@
CAPTURE_VOICE_COMMUNICATION_OUTPUT = 12,
BLUETOOTH_CONNECT = 13,
BYPASS_CONCURRENT_RECORD_AUDIO_RESTRICTION = 14,
- ENUM_SIZE = 15, // Not for actual usage, used by Java
+ MODIFY_AUDIO_SETTINGS_PRIVILEGED = 15,
+ ENUM_SIZE = 16, // Not for actual usage, used by Java
}
diff --git a/media/audioaidlconversion/AidlConversionCppNdk.cpp b/media/audioaidlconversion/AidlConversionCppNdk.cpp
index f739f3c..0b784a3 100644
--- a/media/audioaidlconversion/AidlConversionCppNdk.cpp
+++ b/media/audioaidlconversion/AidlConversionCppNdk.cpp
@@ -1064,7 +1064,7 @@
// Use '01' for LSB bits 0 and 1 as Bluetooth MAC addresses are never multicast
// and universaly administered
constexpr std::array<uint8_t, 4> BTANON_PREFIX {0xFD, 0xFF, 0xFF, 0xFF};
- // Keep sync with ServiceUtilities.cpp mustAnonymizeBluetoothAddress
+ // Keep sync with ServiceUtilities.cpp anonymizeBluetoothAddress
constexpr const char * BTANON_PREFIX_STR = "XX:XX:XX:XX:";
}
diff --git a/media/libeffects/lvm/wrapper/Aidl/BundleContext.cpp b/media/libeffects/lvm/wrapper/Aidl/BundleContext.cpp
index 53d4311..5574ea1 100644
--- a/media/libeffects/lvm/wrapper/Aidl/BundleContext.cpp
+++ b/media/libeffects/lvm/wrapper/Aidl/BundleContext.cpp
@@ -93,7 +93,18 @@
RetCode BundleContext::setCommon(const Parameter::Common& common) {
RetCode ret = EffectContext::setCommon(common);
RETURN_VALUE_IF(ret != RetCode::SUCCESS, ret, " setCommonFailed");
- return init();
+ if (mInstance) {
+ LVM_ControlParams_t params;
+ RETURN_VALUE_IF(LVM_SUCCESS != LVM_GetControlParameters(mInstance, ¶ms),
+ RetCode::ERROR_EFFECT_LIB_ERROR, "failGetControlParams");
+ RETURN_VALUE_IF(RetCode::SUCCESS != applyCommonParameter(params),
+ RetCode::ERROR_EFFECT_LIB_ERROR, " applyCommonParameterFailed");
+ RETURN_VALUE_IF(LVM_SUCCESS != LVM_SetControlParameters(mInstance, ¶ms),
+ RetCode::ERROR_EFFECT_LIB_ERROR, "failSetControlParams");
+ } else {
+ RETURN_VALUE_IF(RetCode::SUCCESS != init(), RetCode::ERROR_EFFECT_LIB_ERROR, " initFailed");
+ }
+ return RetCode::SUCCESS;
}
RetCode BundleContext::enable() {
@@ -605,7 +616,7 @@
return ret;
}
-RetCode BundleContext::initControlParameter(LVM_ControlParams_t& params) const {
+RetCode BundleContext::applyCommonParameter(LVM_ControlParams_t& params) const {
int outputChannelCount = ::aidl::android::hardware::audio::common::getChannelCount(
mCommon.output.base.channelMask);
auto outputChannelMaskConv = aidl2legacy_AudioChannelLayout_audio_channel_mask_t(
@@ -627,6 +638,13 @@
params.SourceFormat = LVM_MULTICHANNEL;
}
+ return RetCode::SUCCESS;
+}
+
+RetCode BundleContext::initControlParameter(LVM_ControlParams_t& params) const {
+ RETURN_VALUE_IF(RetCode::SUCCESS != applyCommonParameter(params),
+ RetCode::ERROR_EFFECT_LIB_ERROR, " applyCommonParameterFailed");
+
/* General parameters */
params.OperatingMode = LVM_MODE_ON;
params.SpeakerType = LVM_HEADPHONES;
diff --git a/media/libeffects/lvm/wrapper/Aidl/BundleContext.h b/media/libeffects/lvm/wrapper/Aidl/BundleContext.h
index d5de5bd..96f63cd 100644
--- a/media/libeffects/lvm/wrapper/Aidl/BundleContext.h
+++ b/media/libeffects/lvm/wrapper/Aidl/BundleContext.h
@@ -135,6 +135,7 @@
bool isBandLevelIndexInRange(const std::vector<Equalizer::BandLevel>& bandLevels) const;
static LVM_EQNB_BandDef_t* getDefaultEqualizerBandDefs();
static LVM_HeadroomBandDef_t* getDefaultEqualizerHeadroomBanDefs();
+ RetCode applyCommonParameter(LVM_ControlParams_t& params) const;
};
} // namespace aidl::android::hardware::audio::effect
diff --git a/media/module/extractors/mpeg2/Android.bp b/media/module/extractors/mpeg2/Android.bp
index 63dbcda..c68ea51 100644
--- a/media/module/extractors/mpeg2/Android.bp
+++ b/media/module/extractors/mpeg2/Android.bp
@@ -44,6 +44,7 @@
shared_libs: [
"libbase",
+ "libutils",
],
header_libs: [
@@ -70,7 +71,6 @@
"libstagefright_foundation_without_imemory",
"libstagefright_mpeg2extractor",
"libstagefright_mpeg2support_nocrypto",
- "libutils",
],
apex_available: [
diff --git a/media/module/extractors/mpeg2/MPEG2PSExtractor.cpp b/media/module/extractors/mpeg2/MPEG2PSExtractor.cpp
index 44c8937..805f051 100644
--- a/media/module/extractors/mpeg2/MPEG2PSExtractor.cpp
+++ b/media/module/extractors/mpeg2/MPEG2PSExtractor.cpp
@@ -161,7 +161,7 @@
}
status_t MPEG2PSExtractor::feedMore() {
- Mutex::Autolock autoLock(mLock);
+ std::lock_guard<std::mutex> autoLock(mLock);
// How much data we're reading at a time
static const size_t kChunkSize = 8192;
diff --git a/media/module/extractors/mpeg2/MPEG2TSExtractor.cpp b/media/module/extractors/mpeg2/MPEG2TSExtractor.cpp
index 736b817..06bf9c2 100644
--- a/media/module/extractors/mpeg2/MPEG2TSExtractor.cpp
+++ b/media/module/extractors/mpeg2/MPEG2TSExtractor.cpp
@@ -479,7 +479,7 @@
}
status_t MPEG2TSExtractor::feedMore(bool isInit) {
- Mutex::Autolock autoLock(mLock);
+ std::lock_guard<std::mutex> autoLock(mLock);
uint8_t packet[kTSPacketSize];
ssize_t n = mDataSource->readAt(mOffset + mHeaderSkip, packet, kTSPacketSize);
diff --git a/media/module/extractors/mpeg2/include/MPEG2PSExtractor.h b/media/module/extractors/mpeg2/include/MPEG2PSExtractor.h
index e5d591f..77b073b 100644
--- a/media/module/extractors/mpeg2/include/MPEG2PSExtractor.h
+++ b/media/module/extractors/mpeg2/include/MPEG2PSExtractor.h
@@ -18,11 +18,12 @@
#define MPEG2_PS_EXTRACTOR_H_
+#include <mutex>
+
#include <media/stagefright/foundation/ABase.h>
#include <media/MediaExtractorPluginApi.h>
#include <media/MediaExtractorPluginHelper.h>
#include <media/stagefright/MetaDataBase.h>
-#include <utils/threads.h>
#include <utils/KeyedVector.h>
namespace android {
@@ -51,7 +52,7 @@
struct Track;
struct WrappedTrack;
- mutable Mutex mLock;
+ std::mutex mLock;
DataSourceHelper *mDataSource;
off64_t mOffset;
diff --git a/media/module/extractors/mpeg2/include/MPEG2TSExtractor.h b/media/module/extractors/mpeg2/include/MPEG2TSExtractor.h
index 0e3e484..d752ce1 100644
--- a/media/module/extractors/mpeg2/include/MPEG2TSExtractor.h
+++ b/media/module/extractors/mpeg2/include/MPEG2TSExtractor.h
@@ -19,12 +19,13 @@
#define MPEG2_TS_EXTRACTOR_H_
+#include <mutex>
+
#include <media/stagefright/foundation/ABase.h>
#include <media/MediaExtractorPluginApi.h>
#include <media/MediaExtractorPluginHelper.h>
#include <media/stagefright/MetaDataBase.h>
#include <mpeg2ts/ATSParser.h>
-#include <utils/threads.h>
#include <utils/KeyedVector.h>
#include <utils/Vector.h>
@@ -57,7 +58,7 @@
private:
friend struct MPEG2TSSource;
- mutable Mutex mLock;
+ std::mutex mLock;
DataSourceHelper *mDataSource;
diff --git a/media/utils/ServiceUtilities.cpp b/media/utils/ServiceUtilities.cpp
index 39a172f..ce8e00e 100644
--- a/media/utils/ServiceUtilities.cpp
+++ b/media/utils/ServiceUtilities.cpp
@@ -55,6 +55,8 @@
static const String16 sModifyPhoneState("android.permission.MODIFY_PHONE_STATE");
static const String16 sModifyAudioRouting("android.permission.MODIFY_AUDIO_ROUTING");
static const String16 sCallAudioInterception("android.permission.CALL_AUDIO_INTERCEPTION");
+static const String16 sModifyAudioSettingsPrivileged(
+ "android.permission.MODIFY_AUDIO_SETTINGS_PRIVILEGED");
static String16 resolveCallingPackage(PermissionController& permissionController,
const std::optional<String16> opPackageName, uid_t uid) {
@@ -387,6 +389,17 @@
return ok;
}
+bool modifyAudioSettingsPrivilegedAllowed(const AttributionSourceState& attributionSource) {
+ uid_t uid = VALUE_OR_FATAL(aidl2legacy_int32_t_uid_t(attributionSource.uid));
+ pid_t pid = VALUE_OR_FATAL(aidl2legacy_int32_t_pid_t(attributionSource.pid));
+ if (isAudioServerUid(uid)) return true;
+ // IMPORTANT: Use PermissionCache - not a runtime permission and may not change.
+ bool ok = PermissionCache::checkPermission(sModifyAudioSettingsPrivileged, pid, uid);
+ if (!ok) ALOGE("%s(): android.permission.MODIFY_AUDIO_SETTINGS_PRIVILEGED denied for uid %d",
+ __func__, uid);
+ return ok;
+}
+
bool dumpAllowed() {
static const String16 sDump("android.permission.DUMP");
// IMPORTANT: Use PermissionCache - not a runtime permission and may not change.
@@ -531,7 +544,7 @@
* @param caller string identifying the caller for logging.
* @return true if the MAC addresses must be anonymized, false otherwise.
*/
-bool mustAnonymizeBluetoothAddress(
+bool mustAnonymizeBluetoothAddressLegacy(
const AttributionSourceState& attributionSource, const String16&) {
uid_t uid = VALUE_OR_FATAL(aidl2legacy_int32_t_uid_t(attributionSource.uid));
bool res;
diff --git a/media/utils/include/mediautils/ServiceUtilities.h b/media/utils/include/mediautils/ServiceUtilities.h
index 573cc14..2960232 100644
--- a/media/utils/include/mediautils/ServiceUtilities.h
+++ b/media/utils/include/mediautils/ServiceUtilities.h
@@ -110,12 +110,13 @@
bool modifyAudioRoutingAllowed(const AttributionSourceState& attributionSource);
bool modifyDefaultAudioEffectsAllowed();
bool modifyDefaultAudioEffectsAllowed(const AttributionSourceState& attributionSource);
+bool modifyAudioSettingsPrivilegedAllowed(const AttributionSourceState& attributionSource);
bool dumpAllowed();
bool modifyPhoneStateAllowed(const AttributionSourceState& attributionSource);
bool bypassInterruptionPolicyAllowed(const AttributionSourceState& attributionSource);
bool callAudioInterceptionAllowed(const AttributionSourceState& attributionSource);
void purgePermissionCache();
-bool mustAnonymizeBluetoothAddress(
+bool mustAnonymizeBluetoothAddressLegacy(
const AttributionSourceState& attributionSource, const String16& caller);
void anonymizeBluetoothAddress(char *address);
diff --git a/services/audiopolicy/managerdefault/AudioPolicyManager.cpp b/services/audiopolicy/managerdefault/AudioPolicyManager.cpp
index c635feb..73b574c 100644
--- a/services/audiopolicy/managerdefault/AudioPolicyManager.cpp
+++ b/services/audiopolicy/managerdefault/AudioPolicyManager.cpp
@@ -696,7 +696,7 @@
// RX Telephony and Rx sink devices are declared by Primary Audio HAL
if (isPrimaryModule(telephonyRxModule) && (telephonyRxModule->getHalVersionMajor() >= 3) &&
telephonyRxModule->supportsPatch(rxSourceDevice, rxSinkDevice)) {
- ALOGW("%s() device %s using HW Bridge", __func__, rxSinkDevice->toString().c_str());
+ ALOGI("%s() device %s using HW Bridge", __func__, rxSinkDevice->toString().c_str());
return DeviceVector(rxSinkDevice);
}
}
@@ -862,8 +862,8 @@
true /*internal*/, true /*isCallRx*/, delayMs);
ALOGE_IF(status != OK, "%s: failed to start audio source (%d)", __func__, status);
mCallRxSourceClient = mAudioSources.valueFor(portId);
- ALOGV("%s portdID %d between source %s and sink %s", __func__, portId,
- mCallRxSourceClient->srcDevice()->toString().c_str(),
+ ALOGV_IF(mCallRxSourceClient != nullptr, "%s portdID %d between source %s and sink %s",
+ __func__, portId, mCallRxSourceClient->srcDevice()->toString().c_str(),
mCallRxSourceClient->sinkDevice()->toString().c_str());
ALOGE_IF(mCallRxSourceClient == nullptr,
"%s failed to start Telephony Rx AudioSource", __func__);
diff --git a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
index 12320b7..0d342a8 100644
--- a/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
+++ b/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
@@ -73,10 +73,12 @@
using com::android::media::permission::PermissionEnum::CAPTURE_TUNER_AUDIO_INPUT;
using com::android::media::permission::PermissionEnum::MODIFY_AUDIO_ROUTING;
using com::android::media::permission::PermissionEnum::MODIFY_AUDIO_SETTINGS;
+using com::android::media::permission::PermissionEnum::MODIFY_AUDIO_SETTINGS_PRIVILEGED;
using com::android::media::permission::PermissionEnum::MODIFY_DEFAULT_AUDIO_EFFECTS;
using com::android::media::permission::PermissionEnum::MODIFY_PHONE_STATE;
using com::android::media::permission::PermissionEnum::RECORD_AUDIO;
using com::android::media::permission::PermissionEnum::WRITE_SECURE_SETTINGS;
+using com::android::media::permission::PermissionEnum::BLUETOOTH_CONNECT;
using com::android::media::permission::PermissionEnum::BYPASS_CONCURRENT_RECORD_AUDIO_RESTRICTION;
using content::AttributionSourceState;
using media::audio::common::AudioConfig;
@@ -97,6 +99,28 @@
namespace {
constexpr auto PERMISSION_HARD_DENIED = permission::PermissionChecker::PERMISSION_HARD_DENIED;
constexpr auto PERMISSION_GRANTED = permission::PermissionChecker::PERMISSION_GRANTED;
+
+bool mustAnonymizeBluetoothAddress(const AttributionSourceState& attributionSource,
+ const String16& caller,
+ const IPermissionProvider& provider) {
+ if (audioserver_permissions()) {
+ switch(multiuser_get_app_id(attributionSource.uid)) {
+ // out of caution, to prevent regression
+ case AID_RADIO:
+ case AID_BLUETOOTH:
+ case AID_MEDIA:
+ return true;
+ }
+ const auto res = provider.checkPermission(BLUETOOTH_CONNECT, attributionSource.uid);
+ if (!res.has_value()) {
+ ALOGE("%s: error: %s", __func__, res.error().toString8().c_str());
+ }
+ return *res;
+ } else {
+ return mustAnonymizeBluetoothAddressLegacy(attributionSource, caller);
+ }
+}
+
}
const std::vector<audio_usage_t>& SYSTEM_USAGES = {
@@ -443,6 +467,16 @@
}
}
+ if (strlen(attr.tags) != 0) {
+ if (!(audioserver_permissions() ?
+ CHECK_PERM(MODIFY_AUDIO_SETTINGS_PRIVILEGED, attributionSource.uid)
+ : modifyAudioSettingsPrivilegedAllowed(attributionSource))) {
+ ALOGE("%s: permission denied: audio attributes tags not allowed for uid %d pid %d",
+ __func__, attributionSource.uid, attributionSource.pid);
+ return binderStatusFromStatusT(PERMISSION_DENIED);
+ }
+ }
+
AutoCallerClear acc;
AudioPolicyInterface::output_type_t outputType;
bool isSpatialized = false;
@@ -1770,7 +1804,8 @@
numPortsReq = std::min(numPortsReq, num_ports);
}
- if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__))) {
+ if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__),
+ getPermissionProvider())) {
for (size_t i = 0; i < numPortsReq; ++i) {
anonymizePortBluetoothAddress(ports[i]);
}
@@ -1812,7 +1847,8 @@
RETURN_IF_BINDER_ERROR(binderStatusFromStatusT(mAudioPolicyManager->getAudioPort(&port)));
}
- if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__))) {
+ if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__),
+ getPermissionProvider())) {
anonymizePortBluetoothAddress(port);
}
@@ -1892,7 +1928,8 @@
numPatchesReq = std::min(numPatchesReq, num_patches);
}
- if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__))) {
+ if (mustAnonymizeBluetoothAddress(attributionSource, String16(__func__),
+ getPermissionProvider())) {
for (size_t i = 0; i < numPatchesReq; ++i) {
for (size_t j = 0; j < patches[i].num_sources; ++j) {
anonymizePortBluetoothAddress(patches[i].sources[j]);