MediaSessionManager: Apply API council review

Here's the comments from the review
  - RemoteUserInfo needs to override .hashCode() as well
  - Verify package name and the UID in the RemoteUserInfo
  - Docs: Document how to get RemoteUserInfo
  - Docs: Document that RemoteUserInfo is only valid on thread that the
          command is being called from
    * It's already documented in the
      MediaSession#getCurrentControllerInfo() and
      MediaBrowserService#getCurrentBrowserInfo().

Bug: 77507337
Test: Run following CtsMediaTestCases
  - MediaBrowserTest
  - MediaBrowserServiceTest
  - MediaControllerTest
Change-Id: If37560a7bc59d1ef5517ec1f3e0a8b74c2bb2980

diff --git a/media/java/android/media/session/MediaSessionManager.java b/media/java/android/media/session/MediaSessionManager.java
index 519af1b..fbc1438 100644 (file)
--- a/media/java/android/media/session/MediaSessionManager.java
+++ b/media/java/android/media/session/MediaSessionManager.java
@@ -47,6 +47,7 @@ import android.view.KeyEvent;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
+import java.util.Objects;
 import java.util.concurrent.Executor;
 
 /**
@@ -342,12 +343,16 @@ public final class MediaSessionManager {
     }
 
     /**
-     * Returns whether the app is trusted.
+     * Checks whether the remote user is a trusted app.
      * <p>
      * An app is trusted if the app holds the android.Manifest.permission.MEDIA_CONTENT_CONTROL
      * permission or has an enabled notification listener.
      *
-     * @param userInfo The remote user info
+     * @param userInfo The remote user info from either
+     *            {@link MediaSession#getCurrentControllerInfo()} or
+     *            {@link MediaBrowserService#getCurrentBrowserInfo()}.
+     * @return {@code true} if the remote user is trusted and its package name matches with the UID.
+     *            {@code false} otherwise.
      */
     public boolean isTrustedForMediaControl(RemoteUserInfo userInfo) {
         if (userInfo.getPackageName() == null) {
@@ -814,6 +819,11 @@ public final class MediaSessionManager {
                     && mPid == otherUserInfo.mPid
                     && mUid == otherUserInfo.mUid;
         }
+
+        @Override
+        public int hashCode() {
+            return Objects.hash(mPackageName, mPid, mUid);
+        }
     }
 
     private static final class SessionsChangedWrapper {

diff --git a/services/core/java/com/android/server/media/MediaSessionService.java b/services/core/java/com/android/server/media/MediaSessionService.java
index 6413ba9..a3c6c80 100644 (file)
--- a/services/core/java/com/android/server/media/MediaSessionService.java
+++ b/services/core/java/com/android/server/media/MediaSessionService.java
@@ -1515,6 +1515,24 @@ public class MediaSessionService extends SystemService implements Monitor {
             final int uid = Binder.getCallingUid();
             final long token = Binder.clearCallingIdentity();
             try {
+                int controllerUserId = UserHandle.getUserId(controllerUid);
+                int controllerUidFromPackageName;
+                try {
+                    controllerUidFromPackageName = getContext().getPackageManager()
+                            .getPackageUidAsUser(controllerPackageName, controllerUserId);
+                } catch (NameNotFoundException e) {
+                    if (DEBUG) {
+                        Log.d(TAG, "Package " + controllerPackageName + " doesn't exist");
+                    }
+                    return false;
+                }
+                if (controllerUidFromPackageName != controllerUid) {
+                    if (DEBUG) {
+                        Log.d(TAG, "Package name " + controllerPackageName
+                                + " doesn't match with the uid " + controllerUid);
+                    }
+                    return false;
+                }
                 return hasMediaControlPermission(UserHandle.getUserId(uid), controllerPackageName,
                         controllerPid, controllerUid);
             } finally {