Call noteOp for sensor events
Call noteOp whenever a sensor event that requires a permission is
received in the sensor framework.
Bug: 130640415
Test: Builds
Test: Verified 'adb shell appops get PACKAGE_NAME' shows updated time
whenever Step Counter or Step Detector events are received
Test: Verified AppOp is not called for sensors that do not require
permission.
Change-Id: Ia5601e896bebdb9e20e6e3364e6e5f7424962b3b
diff --git a/services/sensorservice/SensorEventConnection.cpp b/services/sensorservice/SensorEventConnection.cpp
index c4cfdc6..0e40940 100644
--- a/services/sensorservice/SensorEventConnection.cpp
+++ b/services/sensorservice/SensorEventConnection.cpp
@@ -285,8 +285,9 @@
scratch[count++] = buffer[i];
}
} else {
- // Regular sensor event, just copy it to the scratch buffer.
- if (hasSensorAccess()) {
+ // Regular sensor event, just copy it to the scratch buffer after checking
+ // the AppOp.
+ if (hasSensorAccess() && noteOpIfRequired(buffer[i])) {
scratch[count++] = buffer[i];
}
}
@@ -386,6 +387,16 @@
return mHasSensorAccess && !mService->mSensorPrivacyPolicy->isSensorPrivacyEnabled();
}
+bool SensorService::SensorEventConnection::noteOpIfRequired(const sensors_event_t& event) {
+ bool success = true;
+ const auto iter = mHandleToAppOp.find(event.sensor);
+ if (iter != mHandleToAppOp.end()) {
+ int32_t appOpMode = mService->sAppOpsManager.noteOp((*iter).second, mUid, mOpPackageName);
+ success = (appOpMode == AppOpsManager::MODE_ALLOWED);
+ }
+ return success;
+}
+
void SensorService::SensorEventConnection::reAllocateCacheLocked(sensors_event_t const* scratch,
int count) {
sensors_event_t *eventCache_new;
diff --git a/services/sensorservice/SensorEventConnection.h b/services/sensorservice/SensorEventConnection.h
index 7077880..fd881cb 100644
--- a/services/sensorservice/SensorEventConnection.h
+++ b/services/sensorservice/SensorEventConnection.h
@@ -19,6 +19,7 @@
#include <stdint.h>
#include <sys/types.h>
+#include <unordered_map>
#include <utils/Vector.h>
#include <utils/SortedVector.h>
@@ -134,6 +135,9 @@
// privacy not being enabled.
bool hasSensorAccess();
+ // Call noteOp for the sensor if the sensor requires a permission
+ bool noteOpIfRequired(const sensors_event_t& event);
+
sp<SensorService> const mService;
sp<BitTube> mChannel;
uid_t mUid;
@@ -181,6 +185,10 @@
mutable Mutex mDestroyLock;
bool mDestroyed;
bool mHasSensorAccess;
+
+ // Store a mapping of sensor handles to required AppOp for a sensor. This map only contains a
+ // valid mapping for sensors that require a permission in order to reduce the lookup time.
+ std::unordered_map<int32_t, int32_t> mHandleToAppOp;
};
} // namepsace android
diff --git a/services/sensorservice/SensorService.cpp b/services/sensorservice/SensorService.cpp
index 5efff92..639ce78 100644
--- a/services/sensorservice/SensorService.cpp
+++ b/services/sensorservice/SensorService.cpp
@@ -1550,6 +1550,10 @@
if (err == NO_ERROR) {
connection->updateLooperRegistration(mLooper);
+ if (sensor->getSensor().getRequiredPermission().size() > 0) {
+ connection->mHandleToAppOp[handle] = sensor->getSensor().getRequiredAppOp();
+ }
+
mLastNSensorRegistrations.editItemAt(mNextSensorRegIndex) =
SensorRegistrationInfo(handle, connection->getPackageName(),
samplingPeriodNs, maxBatchReportLatencyNs, true);