1 /* 2 * Copyright (C) 2024 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 #ifndef ANDROID_SERVERS_CAMERA_ATTRIBUTION_AND_PERMISSION_UTILS_H 17 #define ANDROID_SERVERS_CAMERA_ATTRIBUTION_AND_PERMISSION_UTILS_H 18 19 #include <android/content/AttributionSourceState.h> 20 #include <android/permission/PermissionChecker.h> 21 #include <binder/BinderService.h> 22 #include <private/android_filesystem_config.h> 23 24 namespace android { 25 26 class CameraService; 27 28 using content::AttributionSourceState; 29 using permission::PermissionChecker; 30 31 /** 32 * Utility class consolidating methods/data for verifying permissions and the identity of the 33 * caller. 34 */ 35 class AttributionAndPermissionUtils { 36 public: AttributionAndPermissionUtils()37 AttributionAndPermissionUtils() { } ~AttributionAndPermissionUtils()38 virtual ~AttributionAndPermissionUtils() {} 39 setCameraService(wp<CameraService> cameraService)40 void setCameraService(wp<CameraService> cameraService) { 41 mCameraService = cameraService; 42 } 43 44 // Utilities handling Binder calling identities (previously in CameraThreadState) 45 virtual int getCallingUid(); 46 virtual int getCallingPid(); 47 virtual int64_t clearCallingIdentity(); 48 virtual void restoreCallingIdentity(int64_t token); 49 50 /** 51 * Pre-grants the permission if the attribution source uid is for an automotive 52 * privileged client. Otherwise uses system service permission checker to check 53 * for the appropriate permission. If this function is called for accessing a specific 54 * camera,then the cameraID must not be empty. CameraId is used only in case of automotive 55 * privileged client so that permission is pre-granted only to access system camera device 56 * which is located outside of the vehicle body frame because camera located inside the vehicle 57 * cabin would need user permission. 58 */ 59 virtual bool checkPermissionForPreflight(const std::string &cameraId, 60 const std::string &permission, const AttributionSourceState& attributionSource, 61 const std::string& message, int32_t attributedOpCode); 62 63 // Can camera service trust the caller based on the calling UID? 64 virtual bool isTrustedCallingUid(uid_t uid); 65 66 virtual bool isAutomotiveDevice(); 67 virtual bool isHeadlessSystemUserMode(); 68 69 /** 70 * Returns true if the client has uid AID_AUTOMOTIVE_EVS and the device is an automotive device. 71 */ 72 virtual bool isAutomotivePrivilegedClient(int32_t uid); 73 74 virtual status_t getUidForPackage(const std::string &packageName, int userId, 75 /*inout*/uid_t& uid, int err); 76 virtual bool isCallerCameraServerNotDelegating(); 77 78 // Utils for checking specific permissions 79 virtual bool hasPermissionsForCamera(const std::string& cameraId, 80 const AttributionSourceState& attributionSource); 81 virtual bool hasPermissionsForSystemCamera(const std::string& cameraId, 82 const AttributionSourceState& attributionSource, bool checkCameraPermissions = true); 83 virtual bool hasPermissionsForCameraHeadlessSystemUser(const std::string& cameraId, 84 const AttributionSourceState& attributionSource); 85 virtual bool hasPermissionsForCameraPrivacyAllowlist( 86 const AttributionSourceState& attributionSource); 87 virtual bool hasPermissionsForOpenCloseListener( 88 const AttributionSourceState& attributionSource); 89 90 static const std::string sDumpPermission; 91 static const std::string sManageCameraPermission; 92 static const std::string sCameraPermission; 93 static const std::string sSystemCameraPermission; 94 static const std::string sCameraHeadlessSystemUserPermission; 95 static const std::string sCameraPrivacyAllowlistPermission; 96 static const std::string sCameraSendSystemEventsPermission; 97 static const std::string sCameraOpenCloseListenerPermission; 98 static const std::string sCameraInjectExternalCameraPermission; 99 100 protected: 101 wp<CameraService> mCameraService; 102 103 bool checkAutomotivePrivilegedClient(const std::string &cameraId, 104 const AttributionSourceState &attributionSource); 105 106 private: 107 std::unique_ptr<permission::PermissionChecker> mPermissionChecker = 108 std::make_unique<permission::PermissionChecker>(); 109 }; 110 111 /** 112 * Class to be inherited by classes encapsulating AttributionAndPermissionUtils. Provides an 113 * additional utility layer above AttributionAndPermissionUtils calls, and avoids verbosity 114 * in the encapsulating class's methods. 115 */ 116 class AttributionAndPermissionUtilsEncapsulator { 117 protected: 118 std::shared_ptr<AttributionAndPermissionUtils> mAttributionAndPermissionUtils; 119 120 public: AttributionAndPermissionUtilsEncapsulator(std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils)121 AttributionAndPermissionUtilsEncapsulator( 122 std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils) 123 : mAttributionAndPermissionUtils(attributionAndPermissionUtils) { } 124 buildAttributionSource(int callingPid,int callingUid)125 static AttributionSourceState buildAttributionSource(int callingPid, int callingUid) { 126 AttributionSourceState attributionSource{}; 127 attributionSource.pid = callingPid; 128 attributionSource.uid = callingUid; 129 return attributionSource; 130 } 131 buildAttributionSource(int callingPid,int callingUid,int32_t deviceId)132 static AttributionSourceState buildAttributionSource(int callingPid, int callingUid, 133 int32_t deviceId) { 134 AttributionSourceState attributionSource = buildAttributionSource(callingPid, callingUid); 135 attributionSource.deviceId = deviceId; 136 return attributionSource; 137 } 138 buildAttributionSource(int callingPid,int callingUid,const std::string & packageName,int32_t deviceId)139 static AttributionSourceState buildAttributionSource(int callingPid, int callingUid, 140 const std::string& packageName, int32_t deviceId) { 141 AttributionSourceState attributionSource = buildAttributionSource(callingPid, callingUid, 142 deviceId); 143 attributionSource.packageName = packageName; 144 return attributionSource; 145 } 146 getCallingUid()147 int getCallingUid() const { 148 return mAttributionAndPermissionUtils->getCallingUid(); 149 } 150 getCallingPid()151 int getCallingPid() const { 152 return mAttributionAndPermissionUtils->getCallingPid(); 153 } 154 clearCallingIdentity()155 int64_t clearCallingIdentity() const { 156 return mAttributionAndPermissionUtils->clearCallingIdentity(); 157 } 158 restoreCallingIdentity(int64_t token)159 void restoreCallingIdentity(int64_t token) const { 160 mAttributionAndPermissionUtils->restoreCallingIdentity(token); 161 } 162 163 // The word 'System' here does not refer to callers only on the system 164 // partition. They just need to have an android system uid. callerHasSystemUid()165 bool callerHasSystemUid() const { 166 return (getCallingUid() < AID_APP_START); 167 } 168 hasPermissionsForCamera(int callingPid,int callingUid,int32_t deviceId)169 bool hasPermissionsForCamera(int callingPid, int callingUid, int32_t deviceId) const { 170 return hasPermissionsForCamera(std::string(), callingPid, callingUid, deviceId); 171 } 172 hasPermissionsForCamera(int callingPid,int callingUid,const std::string & packageName,int32_t deviceId)173 bool hasPermissionsForCamera(int callingPid, int callingUid, 174 const std::string& packageName, int32_t deviceId) const { 175 return hasPermissionsForCamera(std::string(), callingPid, callingUid, packageName, 176 deviceId); 177 } 178 hasPermissionsForCamera(const std::string & cameraId,int callingPid,int callingUid,int32_t deviceId)179 bool hasPermissionsForCamera(const std::string& cameraId, int callingPid, 180 int callingUid, int32_t deviceId) const { 181 auto attributionSource = buildAttributionSource(callingPid, callingUid, 182 deviceId); 183 return mAttributionAndPermissionUtils->hasPermissionsForCamera(cameraId, attributionSource); 184 } 185 hasPermissionsForCamera(const std::string & cameraId,int callingPid,int callingUid,const std::string & packageName,int32_t deviceId)186 bool hasPermissionsForCamera(const std::string& cameraId, int callingPid, int callingUid, 187 const std::string& packageName, int32_t deviceId) const { 188 auto attributionSource = buildAttributionSource(callingPid, callingUid, packageName, 189 deviceId); 190 return mAttributionAndPermissionUtils->hasPermissionsForCamera(cameraId, attributionSource); 191 } 192 193 bool hasPermissionsForSystemCamera(const std::string& cameraId, int callingPid, int callingUid, 194 bool checkCameraPermissions = true) const { 195 auto attributionSource = buildAttributionSource(callingPid, callingUid); 196 return mAttributionAndPermissionUtils->hasPermissionsForSystemCamera( 197 cameraId, attributionSource, checkCameraPermissions); 198 } 199 hasPermissionsForCameraHeadlessSystemUser(const std::string & cameraId,int callingPid,int callingUid)200 bool hasPermissionsForCameraHeadlessSystemUser(const std::string& cameraId, int callingPid, 201 int callingUid) const { 202 auto attributionSource = buildAttributionSource(callingPid, callingUid); 203 return mAttributionAndPermissionUtils->hasPermissionsForCameraHeadlessSystemUser( 204 cameraId, attributionSource); 205 } 206 hasPermissionsForCameraPrivacyAllowlist(int callingPid,int callingUid)207 bool hasPermissionsForCameraPrivacyAllowlist(int callingPid, int callingUid) const { 208 auto attributionSource = buildAttributionSource(callingPid, callingUid); 209 return mAttributionAndPermissionUtils->hasPermissionsForCameraPrivacyAllowlist( 210 attributionSource); 211 } 212 hasPermissionsForOpenCloseListener(int callingPid,int callingUid)213 bool hasPermissionsForOpenCloseListener(int callingPid, int callingUid) const { 214 auto attributionSource = buildAttributionSource(callingPid, callingUid); 215 return mAttributionAndPermissionUtils->hasPermissionsForOpenCloseListener( 216 attributionSource); 217 } 218 isAutomotiveDevice()219 bool isAutomotiveDevice() const { 220 return mAttributionAndPermissionUtils->isAutomotiveDevice(); 221 } 222 isAutomotivePrivilegedClient(int32_t uid)223 bool isAutomotivePrivilegedClient(int32_t uid) const { 224 return mAttributionAndPermissionUtils->isAutomotivePrivilegedClient(uid); 225 } 226 isTrustedCallingUid(uid_t uid)227 bool isTrustedCallingUid(uid_t uid) const { 228 return mAttributionAndPermissionUtils->isTrustedCallingUid(uid); 229 } 230 isHeadlessSystemUserMode()231 bool isHeadlessSystemUserMode() const { 232 return mAttributionAndPermissionUtils->isHeadlessSystemUserMode(); 233 } 234 getUidForPackage(const std::string & packageName,int userId,uid_t & uid,int err)235 status_t getUidForPackage(const std::string &packageName, int userId, 236 /*inout*/uid_t& uid, int err) const { 237 return mAttributionAndPermissionUtils->getUidForPackage(packageName, userId, uid, err); 238 } 239 isCallerCameraServerNotDelegating()240 bool isCallerCameraServerNotDelegating() const { 241 return mAttributionAndPermissionUtils->isCallerCameraServerNotDelegating(); 242 } 243 }; 244 245 } // namespace android 246 247 #endif // ANDROID_SERVERS_CAMERA_ATTRIBUTION_AND_PERMISSION_UTILS_H 248