52 lines
1.5 KiB
C++
52 lines
1.5 KiB
C++
#include "private/dvr/trusted_uids.h"
|
|
|
|
#include <mutex>
|
|
#include <unordered_map>
|
|
|
|
#include <binder/IPermissionController.h>
|
|
#include <binder/IServiceManager.h>
|
|
#include <private/android_filesystem_config.h>
|
|
#include <utils/String16.h>
|
|
#include <vr/vr_manager/vr_manager.h>
|
|
|
|
namespace android {
|
|
namespace dvr {
|
|
|
|
bool IsTrustedUid(uid_t uid, bool use_cache) {
|
|
static std::unordered_map<uid_t, bool> uid_cache;
|
|
static std::mutex uid_cache_mutex;
|
|
|
|
// Whitelist requests from the system UID.
|
|
// These are already whitelisted by the permission service, but it might not
|
|
// be available if the ActivityManagerService is up during boot.
|
|
// This ensures the correct result for system services while booting up.
|
|
if (uid == AID_SYSTEM)
|
|
return true;
|
|
|
|
std::lock_guard<std::mutex> lock(uid_cache_mutex);
|
|
|
|
if (use_cache) {
|
|
auto it = uid_cache.find(uid);
|
|
if (it != uid_cache.end())
|
|
return it->second;
|
|
}
|
|
|
|
sp<IBinder> binder = defaultServiceManager()->getService(String16("permission"));
|
|
if (binder == 0) {
|
|
ALOGW("Could not access permission service");
|
|
return false;
|
|
}
|
|
|
|
// Note: we ignore the pid because it's only used to automatically reply
|
|
// true if the caller is the Activity Manager Service.
|
|
bool trusted = interface_cast<IPermissionController>(binder)->checkPermission(
|
|
String16("android.permission.RESTRICTED_VR_ACCESS"), -1, uid);
|
|
|
|
// Cache the information for this uid to avoid future Java calls.
|
|
uid_cache[uid] = trusted;
|
|
return trusted;
|
|
}
|
|
|
|
} // namespace dvr
|
|
} // namespace android
|