[Media Projection] Require valid token to set session
When MediaProjection sets the session details in
MediaProjectiondManagerService, clear and re-set the
calling identity (since we have entered the system server
across the aidl boundary).
Additionaly, verify that the call originated from a valid
MediaProjection session. In the current model for
MediaProjection, signature-level permission
MANAGE_MEDIA_PROJECTION is held by the component that shows the
acceptance dialog to the user. The user allowing some app to
capture with MediaProjection is represented by
the IMediaProjection token (see MediaProjectionManagerService#
isValidMediaProjection).
Bug: 230748205
Test: Manual
Change-Id: Iace8eb7eea6c7a99fba7ea726481461a11bd1c90
8 files changed