144deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten/* 244deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * Copyright (C) 2012 The Android Open Source Project 344deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * 444deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * Licensed under the Apache License, Version 2.0 (the "License"); 544deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * you may not use this file except in compliance with the License. 644deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * You may obtain a copy of the License at 744deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * 844deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * http://www.apache.org/licenses/LICENSE-2.0 944deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * 1044deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * Unless required by applicable law or agreed to in writing, software 1144deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * distributed under the License is distributed on an "AS IS" BASIS, 1244deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1344deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * See the License for the specific language governing permissions and 1444deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten * limitations under the License. 1544deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten */ 1644deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten 1744deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten#include <binder/IPCThreadState.h> 1844deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten#include <binder/IServiceManager.h> 1944deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten#include <binder/PermissionCache.h> 2044deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten#include "ServiceUtilities.h" 2144deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten 2244deb053252a3bd2f57a007ab9560f4924f62394Glenn Kastennamespace android { 2344deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten 24949a926cadbc961fbb649c91d76d7aee8ea4d7bdGlenn Kasten// Not valid until initialized by AudioFlinger constructor. It would have to be 25949a926cadbc961fbb649c91d76d7aee8ea4d7bdGlenn Kasten// re-initialized if the process containing AudioFlinger service forks (which it doesn't). 26949a926cadbc961fbb649c91d76d7aee8ea4d7bdGlenn Kastenpid_t getpid_cached; 2744deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten 2844deb053252a3bd2f57a007ab9560f4924f62394Glenn Kastenbool recordingAllowed() { 2944deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten if (getpid_cached == IPCThreadState::self()->getCallingPid()) return true; 3044deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten static const String16 sRecordAudio("android.permission.RECORD_AUDIO"); 3144deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten // don't use PermissionCache; this is not a system permission 3244deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten bool ok = checkCallingPermission(sRecordAudio); 3344deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten if (!ok) ALOGE("Request requires android.permission.RECORD_AUDIO"); 3444deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten return ok; 3544deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten} 3644deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten 37893a5642871114fca3b2a00c6ff8e5699ce3e3edJeff Brownbool captureAudioOutputAllowed() { 38893a5642871114fca3b2a00c6ff8e5699ce3e3edJeff Brown if (getpid_cached == IPCThreadState::self()->getCallingPid()) return true; 39893a5642871114fca3b2a00c6ff8e5699ce3e3edJeff Brown static const String16 sCaptureAudioOutput("android.permission.CAPTURE_AUDIO_OUTPUT"); 40893a5642871114fca3b2a00c6ff8e5699ce3e3edJeff Brown // don't use PermissionCache; this is not a system permission 41893a5642871114fca3b2a00c6ff8e5699ce3e3edJeff Brown bool ok = checkCallingPermission(sCaptureAudioOutput); 42893a5642871114fca3b2a00c6ff8e5699ce3e3edJeff Brown if (!ok) ALOGE("Request requires android.permission.CAPTURE_AUDIO_OUTPUT"); 43893a5642871114fca3b2a00c6ff8e5699ce3e3edJeff Brown return ok; 44893a5642871114fca3b2a00c6ff8e5699ce3e3edJeff Brown} 45893a5642871114fca3b2a00c6ff8e5699ce3e3edJeff Brown 469a54bc27876acd5d8be5b1fc3dc46701fe76fbb3Eric Laurentbool captureHotwordAllowed() { 479a54bc27876acd5d8be5b1fc3dc46701fe76fbb3Eric Laurent static const String16 sCaptureHotwordAllowed("android.permission.CAPTURE_AUDIO_HOTWORD"); 489a54bc27876acd5d8be5b1fc3dc46701fe76fbb3Eric Laurent bool ok = checkCallingPermission(sCaptureHotwordAllowed); 499a54bc27876acd5d8be5b1fc3dc46701fe76fbb3Eric Laurent if (!ok) ALOGE("android.permission.CAPTURE_AUDIO_HOTWORD"); 509a54bc27876acd5d8be5b1fc3dc46701fe76fbb3Eric Laurent return ok; 519a54bc27876acd5d8be5b1fc3dc46701fe76fbb3Eric Laurent} 529a54bc27876acd5d8be5b1fc3dc46701fe76fbb3Eric Laurent 53f53eaf49df1e1e1c01708919e9e0a046543de9b6Hochi Huangbool captureFmTunerAllowed() { 54f53eaf49df1e1e1c01708919e9e0a046543de9b6Hochi Huang static const String16 sCaptureFmTunerAllowed("android.permission.ACCESS_FM_RADIO"); 55f53eaf49df1e1e1c01708919e9e0a046543de9b6Hochi Huang bool ok = checkCallingPermission(sCaptureFmTunerAllowed); 56f53eaf49df1e1e1c01708919e9e0a046543de9b6Hochi Huang if (!ok) ALOGE("android.permission.ACCESS_FM_RADIO"); 57f53eaf49df1e1e1c01708919e9e0a046543de9b6Hochi Huang return ok; 58f53eaf49df1e1e1c01708919e9e0a046543de9b6Hochi Huang} 59f53eaf49df1e1e1c01708919e9e0a046543de9b6Hochi Huang 6044deb053252a3bd2f57a007ab9560f4924f62394Glenn Kastenbool settingsAllowed() { 6144deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten if (getpid_cached == IPCThreadState::self()->getCallingPid()) return true; 6244deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten static const String16 sAudioSettings("android.permission.MODIFY_AUDIO_SETTINGS"); 6344deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten // don't use PermissionCache; this is not a system permission 6444deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten bool ok = checkCallingPermission(sAudioSettings); 6544deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten if (!ok) ALOGE("Request requires android.permission.MODIFY_AUDIO_SETTINGS"); 6644deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten return ok; 6744deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten} 6844deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten 695284ed53c14cd4d15bd793000ede7166d143e69aEric Laurentbool modifyAudioRoutingAllowed() { 705284ed53c14cd4d15bd793000ede7166d143e69aEric Laurent static const String16 sModifyAudioRoutingAllowed("android.permission.MODIFY_AUDIO_ROUTING"); 715284ed53c14cd4d15bd793000ede7166d143e69aEric Laurent bool ok = checkCallingPermission(sModifyAudioRoutingAllowed); 725284ed53c14cd4d15bd793000ede7166d143e69aEric Laurent if (!ok) ALOGE("android.permission.MODIFY_AUDIO_ROUTING"); 735284ed53c14cd4d15bd793000ede7166d143e69aEric Laurent return ok; 745284ed53c14cd4d15bd793000ede7166d143e69aEric Laurent} 755284ed53c14cd4d15bd793000ede7166d143e69aEric Laurent 7644deb053252a3bd2f57a007ab9560f4924f62394Glenn Kastenbool dumpAllowed() { 7744deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten // don't optimize for same pid, since mediaserver never dumps itself 7844deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten static const String16 sDump("android.permission.DUMP"); 7944deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten // OK to use PermissionCache; this is a system permission 8044deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten bool ok = PermissionCache::checkCallingPermission(sDump); 8144deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten // convention is for caller to dump an error message to fd instead of logging here 8244deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten //if (!ok) ALOGE("Request requires android.permission.DUMP"); 8344deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten return ok; 8444deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten} 8544deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten 8644deb053252a3bd2f57a007ab9560f4924f62394Glenn Kasten} // namespace android 87