Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d1e6b593 authored by Brian Julian's avatar Brian Julian
Browse files

DO NOT MERGE. Add a permissions check to LocationManagerService. 

Prevents apps from reading location requests of other users without INTERACT_ACROSS_USERS permission.
Bug: 222473855
Test: Build

Change-Id: Id591cd39ed7813c649b44d4a3210f0b1fb79b40d
(cherry picked from commit 16560c09)
parent 1d46810c

services/core/java/com/android/server/location/LocationManagerService.java

+6 −2
Original line number Diff line number Diff line
@@ -17,6 +17,7 @@ 
package com.android.server.location;



import static android.Manifest.permission.ACCESS_FINE_LOCATION;

import static android.Manifest.permission.INTERACT_ACROSS_USERS;

import static android.app.compat.CompatChanges.isChangeEnabled;

import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_AWARE;

import static android.content.pm.PackageManager.MATCH_SYSTEM_ONLY;
@@ -39,6 +40,7 @@ import android.Manifest; 
import android.Manifest.permission;

import android.annotation.NonNull;

import android.annotation.Nullable;

import android.annotation.RequiresPermission;

import android.app.ActivityManager;

import android.app.AppOpsManager;

import android.app.PendingIntent;
@@ -1063,10 +1065,12 @@ public class LocationManagerService extends ILocationManager.Stub implements 


    @Override

    public void addProviderRequestListener(IProviderRequestListener listener) {

        if (mContext.checkCallingOrSelfPermission(INTERACT_ACROSS_USERS) == PERMISSION_GRANTED) {

            for (LocationProviderManager manager : mProviderManagers) {

                manager.addProviderRequestListener(listener);

            }

        }

    }



    @Override

    public void removeProviderRequestListener(IProviderRequestListener listener) {