ServiceUtilities: don't do RECORD_AUDIO check for system server
Only one system server seems to exist across multiple-users; however,
when the primary user is backgrounded, system server loses its
RECORD_AUDIO permission. Through a number of steps this prevents the
secondary user from starting any services that use the SoundTrigger HAL;
specifically, this was found because it prevents Oslo from functioning
when a secondary user is active.
Bug: 139839188
Test: Oslo use cases pass
Change-Id: Ia0dd5fd3b6992cb18279b81146b35ed040771245
Signed-off-by: Jeffrey Carlyle <jcarlyle@google.com>
diff --git a/media/utils/Android.bp b/media/utils/Android.bp
index 3adb40f..e2cd4e3 100644
--- a/media/utils/Android.bp
+++ b/media/utils/Android.bp
@@ -27,6 +27,7 @@
],
shared_libs: [
"libbinder",
+ "libcutils",
"liblog",
"libutils",
"libmemunreachable",
diff --git a/media/utils/ServiceUtilities.cpp b/media/utils/ServiceUtilities.cpp
index b824212..bc8fff6 100644
--- a/media/utils/ServiceUtilities.cpp
+++ b/media/utils/ServiceUtilities.cpp
@@ -63,7 +63,10 @@
uid_t uid, bool start) {
// Okay to not track in app ops as audio server is us and if
// device is rooted security model is considered compromised.
- if (isAudioServerOrRootUid(uid)) return true;
+ // system_server loses its RECORD_AUDIO permission when a secondary
+ // user is active, but it is a core system service so let it through.
+ // TODO(b/141210120): UserManager.DISALLOW_RECORD_AUDIO should not affect system user 0
+ if (isAudioServerOrSystemServerOrRootUid(uid)) return true;
// We specify a pid and uid here as mediaserver (aka MediaRecorder or StageFrightRecorder)
// may open a record track on behalf of a client. Note that pid may be a tid.
diff --git a/media/utils/include/mediautils/ServiceUtilities.h b/media/utils/include/mediautils/ServiceUtilities.h
index 2a6e609..e1089d5 100644
--- a/media/utils/include/mediautils/ServiceUtilities.h
+++ b/media/utils/include/mediautils/ServiceUtilities.h
@@ -58,6 +58,12 @@
return multiuser_get_app_id(uid) == AID_SYSTEM || uid == AID_AUDIOSERVER;
}
+// used for calls that should come from system_server or audio_server and
+// include AID_ROOT for command-line tests.
+static inline bool isAudioServerOrSystemServerOrRootUid(uid_t uid) {
+ return multiuser_get_app_id(uid) == AID_SYSTEM || uid == AID_AUDIOSERVER || uid == AID_ROOT;
+}
+
// Mediaserver may forward the client PID and UID as part of a binder interface call;
// otherwise the calling UID must be equal to the client UID.
static inline bool isAudioServerOrMediaServerUid(uid_t uid) {