Limit access to head tracker sensor
Lock down access to only internal system usage and CTS due to privacy
considerations.
Bug: 224619073
Test: run SensorHeadTrackerTest with and without "cmd unrestrict-ht"
Change-Id: I0bd37472e058c550de8d0098caa0bd439d8f12a5
diff --git a/services/sensorservice/SensorService.h b/services/sensorservice/SensorService.h
index b18d204..234dc9c 100644
--- a/services/sensorservice/SensorService.h
+++ b/services/sensorservice/SensorService.h
@@ -373,7 +373,7 @@
status_t cleanupWithoutDisableLocked(const sp<SensorEventConnection>& connection, int handle);
void cleanupAutoDisabledSensorLocked(const sp<SensorEventConnection>& connection,
sensors_event_t const* buffer, const int count);
- static bool canAccessSensor(const Sensor& sensor, const char* operation,
+ bool canAccessSensor(const Sensor& sensor, const char* operation,
const String16& opPackageName);
static bool hasPermissionForSensor(const Sensor& sensor);
static int getTargetSdkVersion(const String16& opPackageName);
@@ -492,6 +492,10 @@
std::unordered_map<int, SensorServiceUtil::RecentEventLogger*> mRecentEvent;
Mode mCurrentOperatingMode;
+ // true if the head tracker sensor type is currently restricted to system usage only
+ // (can only be unrestricted for testing, via shell cmd)
+ bool mHtRestricted = true;
+
// This packagaName is set when SensorService is in RESTRICTED or DATA_INJECTION mode. Only
// applications with this packageName are allowed to activate/deactivate or call flush on
// sensors. To run CTS this is can be set to ".cts." and only CTS tests will get access to