Move LocationPermissionChecker to libs/net (0c4e4a20) · Commits · e / os / android_frameworks_base

core/java/com/android/internal/util/LocationPermissionChecker.java

deleted100644 → 0

+0 −303

Original line number	Diff line number	Diff line
		/*
		* Copyright (C) 2020 The Android Open Source Project
		*
		* Licensed under the Apache License, Version 2.0 (the "License");
		* you may not use this file except in compliance with the License.
		* You may obtain a copy of the License at
		*
		* http://www.apache.org/licenses/LICENSE-2.0
		*
		* Unless required by applicable law or agreed to in writing, software
		* distributed under the License is distributed on an "AS IS" BASIS,
		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		* See the License for the specific language governing permissions and
		* limitations under the License.
		*/

		package com.android.internal.util;

		import android.Manifest;
		import android.annotation.IntDef;
		import android.annotation.Nullable;
		import android.app.ActivityManager;
		import android.app.AppOpsManager;
		import android.content.Context;
		import android.content.pm.PackageManager;
		import android.location.LocationManager;
		import android.net.NetworkStack;
		import android.os.Binder;
		import android.os.Build;
		import android.os.UserHandle;
		import android.util.Log;

		import com.android.internal.annotations.VisibleForTesting;

		import java.lang.annotation.Retention;
		import java.lang.annotation.RetentionPolicy;


		/**
		* The methods used for location permission and location mode checking.
		*
		* @hide
		*/
		public class LocationPermissionChecker {

		private static final String TAG = "LocationPermissionChecker";

		@Retention(RetentionPolicy.SOURCE)
		@IntDef(prefix = {"LOCATION_PERMISSION_CHECK_STATUS_"}, value = {
		SUCCEEDED,
		ERROR_LOCATION_MODE_OFF,
		ERROR_LOCATION_PERMISSION_MISSING,
		})
		public @interface LocationPermissionCheckStatus{}

		// The location permission check succeeded.
		public static final int SUCCEEDED = 0;
		// The location mode turns off for the caller.
		public static final int ERROR_LOCATION_MODE_OFF = 1;
		// The location permission isn't granted for the caller.
		public static final int ERROR_LOCATION_PERMISSION_MISSING = 2;

		private final Context mContext;
		private final AppOpsManager mAppOpsManager;

		public LocationPermissionChecker(Context context) {
		mContext = context;
		mAppOpsManager = (AppOpsManager) mContext.getSystemService(Context.APP_OPS_SERVICE);
		}

		/**
		* Check location permission granted by the caller.
		*
		* This API check if the location mode enabled for the caller and the caller has
		* ACCESS_COARSE_LOCATION permission is targetSDK<29, otherwise, has ACCESS_FINE_LOCATION.
		*
		* @param pkgName package name of the application requesting access
		* @param featureId The feature in the package
		* @param uid The uid of the package
		* @param message A message describing why the permission was checked. Only needed if this is
		* not inside of a two-way binder call from the data receiver
		*
		* @return {@code true} returns if the caller has location permission and the location mode is
		* enabled.
		*/
		public boolean checkLocationPermission(String pkgName, @Nullable String featureId,
		int uid, @Nullable String message) {
		return checkLocationPermissionInternal(pkgName, featureId, uid, message) == SUCCEEDED;
		}

		/**
		* Check location permission granted by the caller.
		*
		* This API check if the location mode enabled for the caller and the caller has
		* ACCESS_COARSE_LOCATION permission is targetSDK<29, otherwise, has ACCESS_FINE_LOCATION.
		* Compared with {@link #checkLocationPermission(String, String, int, String)}, this API returns
		* the detail information about the checking result, including the reason why it's failed and
		* logs the error for the caller.
		*
		* @param pkgName package name of the application requesting access
		* @param featureId The feature in the package
		* @param uid The uid of the package
		* @param message A message describing why the permission was checked. Only needed if this is
		* not inside of a two-way binder call from the data receiver
		*
		* @return {@link LocationPermissionCheckStatus} the result of the location permission check.
		*/
		public @LocationPermissionCheckStatus int checkLocationPermissionWithDetailInfo(
		String pkgName, @Nullable String featureId, int uid, @Nullable String message) {
		final int result = checkLocationPermissionInternal(pkgName, featureId, uid, message);
		switch (result) {
		case ERROR_LOCATION_MODE_OFF:
		Log.e(TAG, "Location mode is disabled for the device");
		break;
		case ERROR_LOCATION_PERMISSION_MISSING:
		Log.e(TAG, "UID " + uid + " has no location permission");
		break;
		}
		return result;
		}

		/**
		* Enforce the caller has location permission.
		*
		* This API determines if the location mode enabled for the caller and the caller has
		* ACCESS_COARSE_LOCATION permission is targetSDK<29, otherwise, has ACCESS_FINE_LOCATION.
		* SecurityException is thrown if the caller has no permission or the location mode is disabled.
		*
		* @param pkgName package name of the application requesting access
		* @param featureId The feature in the package
		* @param uid The uid of the package
		* @param message A message describing why the permission was checked. Only needed if this is
		* not inside of a two-way binder call from the data receiver
		*/
		public void enforceLocationPermission(String pkgName, @Nullable String featureId, int uid,
		@Nullable String message) throws SecurityException {
		final int result = checkLocationPermissionInternal(pkgName, featureId, uid, message);

		switch (result) {
		case ERROR_LOCATION_MODE_OFF:
		throw new SecurityException("Location mode is disabled for the device");
		case ERROR_LOCATION_PERMISSION_MISSING:
		throw new SecurityException("UID " + uid + " has no location permission");
		}
		}

		private int checkLocationPermissionInternal(String pkgName, @Nullable String featureId,
		int uid, @Nullable String message) {
		checkPackage(uid, pkgName);

		// Apps with NETWORK_SETTINGS, NETWORK_SETUP_WIZARD, NETWORK_STACK & MAINLINE_NETWORK_STACK
		// are granted a bypass.
		if (checkNetworkSettingsPermission(uid) \|\| checkNetworkSetupWizardPermission(uid)
		\|\| checkNetworkStackPermission(uid) \|\| checkMainlineNetworkStackPermission(uid)) {
		return SUCCEEDED;
		}

		// Location mode must be enabled
		if (!isLocationModeEnabled()) {
		return ERROR_LOCATION_MODE_OFF;
		}

		// LocationAccess by App: caller must have Coarse/Fine Location permission to have access to
		// location information.
		if (!checkCallersLocationPermission(pkgName, featureId, uid,
		true /* coarseForTargetSdkLessThanQ */, message)) {
		return ERROR_LOCATION_PERMISSION_MISSING;
		}
		return SUCCEEDED;
		}

		/**
		* Checks that calling process has android.Manifest.permission.ACCESS_FINE_LOCATION or
		* android.Manifest.permission.ACCESS_COARSE_LOCATION (depending on config/targetSDK level)
		* and a corresponding app op is allowed for this package and uid.
		*
		* @param pkgName PackageName of the application requesting access
		* @param featureId The feature in the package
		* @param uid The uid of the package
		* @param coarseForTargetSdkLessThanQ If true and the targetSDK < Q then will check for COARSE
		* else (false or targetSDK >= Q) then will check for FINE
		* @param message A message describing why the permission was checked. Only needed if this is
		* not inside of a two-way binder call from the data receiver
		*/
		public boolean checkCallersLocationPermission(String pkgName, @Nullable String featureId,
		int uid, boolean coarseForTargetSdkLessThanQ, @Nullable String message) {

		boolean isTargetSdkLessThanQ = isTargetSdkLessThan(pkgName, Build.VERSION_CODES.Q, uid);

		String permissionType = Manifest.permission.ACCESS_FINE_LOCATION;
		if (coarseForTargetSdkLessThanQ && isTargetSdkLessThanQ) {
		// Having FINE permission implies having COARSE permission (but not the reverse)
		permissionType = Manifest.permission.ACCESS_COARSE_LOCATION;
		}
		if (getUidPermission(permissionType, uid) == PackageManager.PERMISSION_DENIED) {
		return false;
		}

		// Always checking FINE - even if will not enforce. This will record the request for FINE
		// so that a location request by the app is surfaced to the user.
		boolean isFineLocationAllowed = noteAppOpAllowed(
		AppOpsManager.OPSTR_FINE_LOCATION, pkgName, featureId, uid, message);
		if (isFineLocationAllowed) {
		return true;
		}
		if (coarseForTargetSdkLessThanQ && isTargetSdkLessThanQ) {
		return noteAppOpAllowed(AppOpsManager.OPSTR_COARSE_LOCATION, pkgName, featureId, uid,
		message);
		}
		return false;
		}

		/**
		* Retrieves a handle to LocationManager (if not already done) and check if location is enabled.
		*/
		public boolean isLocationModeEnabled() {
		final LocationManager LocationManager =
		(LocationManager) mContext.getSystemService(Context.LOCATION_SERVICE);
		try {
		return LocationManager.isLocationEnabledForUser(UserHandle.of(
		getCurrentUser()));
		} catch (Exception e) {
		Log.e(TAG, "Failure to get location mode via API, falling back to settings", e);
		return false;
		}
		}

		private boolean isTargetSdkLessThan(String packageName, int versionCode, int callingUid) {
		final long ident = Binder.clearCallingIdentity();
		try {
		if (mContext.getPackageManager().getApplicationInfoAsUser(
		packageName, 0,
		UserHandle.getUserHandleForUid(callingUid)).targetSdkVersion
		< versionCode) {
		return true;
		}
		} catch (PackageManager.NameNotFoundException e) {
		// In case of exception, assume unknown app (more strict checking)
		// Note: This case will never happen since checkPackage is
		// called to verify validity before checking App's version.
		} finally {
		Binder.restoreCallingIdentity(ident);
		}
		return false;
		}

		private boolean noteAppOpAllowed(String op, String pkgName, @Nullable String featureId,
		int uid, @Nullable String message) {
		return mAppOpsManager.noteOp(op, uid, pkgName, featureId, message)
		== AppOpsManager.MODE_ALLOWED;
		}

		private void checkPackage(int uid, String pkgName)
		throws SecurityException {
		if (pkgName == null) {
		throw new SecurityException("Checking UID " + uid + " but Package Name is Null");
		}
		mAppOpsManager.checkPackage(uid, pkgName);
		}

		@VisibleForTesting
		protected int getCurrentUser() {
		return ActivityManager.getCurrentUser();
		}

		private int getUidPermission(String permissionType, int uid) {
		// We don't care about pid, pass in -1
		return mContext.checkPermission(permissionType, -1, uid);
		}

		/**
		* Returns true if the \|uid\| holds NETWORK_SETTINGS permission.
		*/
		public boolean checkNetworkSettingsPermission(int uid) {
		return getUidPermission(android.Manifest.permission.NETWORK_SETTINGS, uid)
		== PackageManager.PERMISSION_GRANTED;
		}

		/**
		* Returns true if the \|uid\| holds NETWORK_SETUP_WIZARD permission.
		*/
		public boolean checkNetworkSetupWizardPermission(int uid) {
		return getUidPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD, uid)
		== PackageManager.PERMISSION_GRANTED;
		}

		/**
		* Returns true if the \|uid\| holds NETWORK_STACK permission.
		*/
		public boolean checkNetworkStackPermission(int uid) {
		return getUidPermission(android.Manifest.permission.NETWORK_STACK, uid)
		== PackageManager.PERMISSION_GRANTED;
		}

		/**
		* Returns true if the \|uid\| holds MAINLINE_NETWORK_STACK permission.
		*/
		public boolean checkMainlineNetworkStackPermission(int uid) {
		return getUidPermission(NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, uid)
		== PackageManager.PERMISSION_GRANTED;
		}

		}

core/tests/utiltests/src/com/android/internal/util/LocationPermissionCheckerTest.java

deleted100644 → 0

+0 −296

File deleted.

Preview size limit exceeded, changes collapsed.

services/core/java/com/android/server/ConnectivityService.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -192,13 +192,13 @@ import com.android.internal.annotations.VisibleForTesting;
		import com.android.internal.app.IBatteryStats;
		import com.android.internal.util.AsyncChannel;
		import com.android.internal.util.IndentingPrintWriter;
		import com.android.internal.util.LocationPermissionChecker;
		import com.android.internal.util.MessageUtils;
		import com.android.modules.utils.BasicShellCommandHandler;
		import com.android.net.module.util.BaseNetdUnsolicitedEventListener;
		import com.android.net.module.util.CollectionUtils;
		import com.android.net.module.util.LinkPropertiesUtils.CompareOrUpdateResult;
		import com.android.net.module.util.LinkPropertiesUtils.CompareResult;
		import com.android.net.module.util.LocationPermissionChecker;
		import com.android.net.module.util.NetworkCapabilitiesUtils;
		import com.android.net.module.util.PermissionUtils;
		import com.android.server.am.BatteryStatsService;

services/core/java/com/android/server/VcnManagementService.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -64,7 +64,7 @@ import android.util.Slog;
		import com.android.internal.annotations.GuardedBy;
		import com.android.internal.annotations.VisibleForTesting;
		import com.android.internal.annotations.VisibleForTesting.Visibility;
		import com.android.internal.util.LocationPermissionChecker;
		import com.android.net.module.util.LocationPermissionChecker;
		import com.android.server.vcn.TelephonySubscriptionTracker;
		import com.android.server.vcn.Vcn;
		import com.android.server.vcn.VcnContext;

tests/vcn/java/com/android/server/VcnManagementServiceTest.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -74,7 +74,7 @@ import android.telephony.TelephonyManager;
		import androidx.test.filters.SmallTest;
		import androidx.test.runner.AndroidJUnit4;

		import com.android.internal.util.LocationPermissionChecker;
		import com.android.net.module.util.LocationPermissionChecker;
		import com.android.server.VcnManagementService.VcnCallback;
		import com.android.server.VcnManagementService.VcnStatusCallbackInfo;
		import com.android.server.vcn.TelephonySubscriptionTracker;