diff options
| author | 2022-01-05 19:20:32 +0100 | |
|---|---|---|
| committer | 2022-01-13 16:59:29 +0100 | |
| commit | e3f27df0ece4d80a514a0ea3bb60ae14d9a61fcb (patch) | |
| tree | d29a17cde3e3a6700182841accb386ac4370a6af | |
| parent | ea95959e20abfa585ec45c3da79dc40c074972bc (diff) | |
Sensor: expose sensor UUID to privileged clients
Allow privileged clients (system server and audio server)
to access the UUID of dynamic sensors.
For other clients, the UUID is replaced by the existing
obfuscated sensor ID.
Bug: 210803914
Test: make
Change-Id: I496ac59504da4e8d98310663c047cb3c0a2abad6
| -rw-r--r-- | libs/sensor/Sensor.cpp | 34 | ||||
| -rw-r--r-- | libs/sensor/include/sensor/Sensor.h | 9 | ||||
| -rw-r--r-- | services/sensorservice/SensorService.cpp | 5 | ||||
| -rw-r--r-- | services/sensorservice/SensorService.h | 5 |
4 files changed, 27 insertions, 26 deletions
diff --git a/libs/sensor/Sensor.cpp b/libs/sensor/Sensor.cpp index 0a49008584..5cf3f1aed0 100644 --- a/libs/sensor/Sensor.cpp +++ b/libs/sensor/Sensor.cpp @@ -468,7 +468,15 @@ const Sensor::uuid_t& Sensor::getUuid() const { } void Sensor::setId(int32_t id) { - mUuid.i64[0] = id; + mId = id; +} + +int32_t Sensor::getId() const { + return mId; +} + +void Sensor::anonymizeUuid() { + mUuid.i64[0] = mId; mUuid.i64[1] = 0; } @@ -485,17 +493,14 @@ void Sensor::capHighestDirectReportRateLevel(int32_t cappedRateLevel) { } } -int32_t Sensor::getId() const { - return int32_t(mUuid.i64[0]); -} - size_t Sensor::getFlattenedSize() const { size_t fixedSize = sizeof(mVersion) + sizeof(mHandle) + sizeof(mType) + sizeof(mMinValue) + sizeof(mMaxValue) + sizeof(mResolution) + sizeof(mPower) + sizeof(mMinDelay) + sizeof(mFifoMaxEventCount) + sizeof(mFifoMaxEventCount) + sizeof(mRequiredPermissionRuntime) + - sizeof(mRequiredAppOp) + sizeof(mMaxDelay) + sizeof(mFlags) + sizeof(mUuid); + sizeof(mRequiredAppOp) + sizeof(mMaxDelay) + sizeof(mFlags) + + sizeof(mUuid) + sizeof(mId); size_t variableSize = sizeof(uint32_t) + FlattenableUtils::align<4>(mName.length()) + @@ -529,18 +534,8 @@ status_t Sensor::flatten(void* buffer, size_t size) const { FlattenableUtils::write(buffer, size, mRequiredAppOp); FlattenableUtils::write(buffer, size, mMaxDelay); FlattenableUtils::write(buffer, size, mFlags); - if (mUuid.i64[1] != 0) { - // We should never hit this case with our current API, but we - // could via a careless API change. If that happens, - // this code will keep us from leaking our UUID (while probably - // breaking dynamic sensors). See b/29547335. - ALOGW("Sensor with UUID being flattened; sending 0. Expect " - "bad dynamic sensor behavior"); - uuid_t tmpUuid; // default constructor makes this 0. - FlattenableUtils::write(buffer, size, tmpUuid); - } else { - FlattenableUtils::write(buffer, size, mUuid); - } + FlattenableUtils::write(buffer, size, mUuid); + FlattenableUtils::write(buffer, size, mId); return NO_ERROR; } @@ -580,7 +575,7 @@ status_t Sensor::unflatten(void const* buffer, size_t size) { size_t fixedSize2 = sizeof(mRequiredPermissionRuntime) + sizeof(mRequiredAppOp) + sizeof(mMaxDelay) + - sizeof(mFlags) + sizeof(mUuid); + sizeof(mFlags) + sizeof(mUuid) + sizeof(mId); if (size < fixedSize2) { return NO_MEMORY; } @@ -590,6 +585,7 @@ status_t Sensor::unflatten(void const* buffer, size_t size) { FlattenableUtils::read(buffer, size, mMaxDelay); FlattenableUtils::read(buffer, size, mFlags); FlattenableUtils::read(buffer, size, mUuid); + FlattenableUtils::read(buffer, size, mId); return NO_ERROR; } diff --git a/libs/sensor/include/sensor/Sensor.h b/libs/sensor/include/sensor/Sensor.h index 374b68fab5..bae8a1380b 100644 --- a/libs/sensor/include/sensor/Sensor.h +++ b/libs/sensor/include/sensor/Sensor.h @@ -96,11 +96,8 @@ public: bool isDirectChannelTypeSupported(int32_t sharedMemType) const; int32_t getReportingMode() const; - // Note that after setId() has been called, getUuid() no longer - // returns the UUID. - // TODO(b/29547335): Remove getUuid(), add getUuidIndex(), and - // make sure setId() doesn't change the UuidIndex. const uuid_t& getUuid() const; + void anonymizeUuid(); int32_t getId() const; void setId(int32_t id); @@ -132,10 +129,8 @@ private: int32_t mRequiredAppOp; int32_t mMaxDelay; uint32_t mFlags; - // TODO(b/29547335): Get rid of this field and replace with an index. - // The index will be into a separate global vector of UUIDs. - // Also add an mId field (and change flatten/unflatten appropriately). uuid_t mUuid; + int32_t mId; static void flattenString8(void*& buffer, size_t& size, const String8& string8); static bool unflattenString8(void const*& buffer, size_t& size, String8& outputString8); }; diff --git a/services/sensorservice/SensorService.cpp b/services/sensorservice/SensorService.cpp index 9bc7b8e30e..517d383b5a 100644 --- a/services/sensorservice/SensorService.cpp +++ b/services/sensorservice/SensorService.cpp @@ -1254,6 +1254,11 @@ void SensorService::makeUuidsIntoIdsForSensorList(Vector<Sensor> &sensorList) co for (auto &sensor : sensorList) { int32_t id = getIdFromUuid(sensor.getUuid()); sensor.setId(id); + // The sensor UUID must always be anonymized here for non privileged clients. + // There is no other checks after this point before returning to client process. + if (!isAudioServerOrSystemServerUid(IPCThreadState::self()->getCallingUid())) { + sensor.anonymizeUuid(); + } } } diff --git a/services/sensorservice/SensorService.h b/services/sensorservice/SensorService.h index 9b6d01ab71..b009829ed6 100644 --- a/services/sensorservice/SensorService.h +++ b/services/sensorservice/SensorService.h @@ -26,6 +26,7 @@ #include <binder/IUidObserver.h> #include <cutils/compiler.h> #include <cutils/multiuser.h> +#include <private/android_filesystem_config.h> #include <sensor/ISensorServer.h> #include <sensor/ISensorEventConnection.h> #include <sensor/Sensor.h> @@ -447,6 +448,10 @@ private: // Removes the capped rate on active direct connections (when the mic toggle is flipped to off) void uncapRates(userid_t userId); + static inline bool isAudioServerOrSystemServerUid(uid_t uid) { + return multiuser_get_app_id(uid) == AID_SYSTEM || uid == AID_AUDIOSERVER; + } + static uint8_t sHmacGlobalKey[128]; static bool sHmacGlobalKeyIsValid; |