Merge "Clear calling identity to grant CDM permission when checking device...

import android.app.PendingIntent;

import android.bluetooth.BluetoothAdapter;

import android.bluetooth.BluetoothDevice;

import android.companion.utils.FeatureUtils;

import android.content.ComponentName;

import android.content.Context;

import android.content.Intent;

    @Nullable

    public IntentSender buildPermissionTransferUserConsentIntent(int associationId)

            throws DeviceNotAssociatedException {

        if (!FeatureUtils.isPermSyncEnabled()) {

            throw new UnsupportedOperationException("Calling"

                    + " buildPermissionTransferUserConsentIntent, but this API is disabled by the"

                    + " system.");

        }

        try {

            PendingIntent pendingIntent = mService.buildPermissionTransferUserConsentIntent(

                    mContext.getOpPackageName(),

    @Deprecated

    @UserHandleAware

    public void startSystemDataTransfer(int associationId) throws DeviceNotAssociatedException {

        if (!FeatureUtils.isPermSyncEnabled()) {

            throw new UnsupportedOperationException("Calling startSystemDataTransfer, but this API"

                    + " is disabled by the system.");

        }

        try {

            mService.startSystemDataTransfer(mContext.getOpPackageName(), mContext.getUserId(),

                    associationId, null);

            @NonNull Executor executor,

            @NonNull OutcomeReceiver<Void, CompanionException> result)

            throws DeviceNotAssociatedException {

        if (!FeatureUtils.isPermSyncEnabled()) {

            throw new UnsupportedOperationException("Calling startSystemDataTransfer, but this API"

                    + " is disabled by the system.");

        }

        try {

            mService.startSystemDataTransfer(mContext.getOpPackageName(), mContext.getUserId(),

                    associationId, new SystemDataTransferCallbackProxy(executor, result));

package android.companion.utils;

import android.os.Binder;

import android.os.Build;

import android.provider.DeviceConfig;

    private static final String PROPERTY_PERM_SYNC_ENABLED = "perm_sync_enabled";

    public static boolean isPermSyncEnabled() {

        return Build.isDebuggable() || DeviceConfig.getBoolean(NAMESPACE_COMPANION,

        // Permissions sync is always enabled in debuggable mode.

        if (Build.isDebuggable()) {

            return true;

        }

        // Clear app identity to read the device config for feature flag.

        final long identity = Binder.clearCallingIdentity();

        try {

            return DeviceConfig.getBoolean(NAMESPACE_COMPANION,

                    PROPERTY_PERM_SYNC_ENABLED, false);

        } finally {

            Binder.restoreCallingIdentity(identity);

        }

    }

    private FeatureUtils() {

import android.companion.IOnMessageReceivedListener;

import android.companion.IOnTransportsChangedListener;

import android.companion.ISystemDataTransferCallback;

import android.companion.utils.FeatureUtils;

import android.content.ComponentName;

import android.content.Context;

import android.content.SharedPreferences;

        @Override

        public PendingIntent buildPermissionTransferUserConsentIntent(String packageName,

                int userId, int associationId) {

            if (!FeatureUtils.isPermSyncEnabled()) {

                throw new UnsupportedOperationException("Calling"

                        + " buildPermissionTransferUserConsentIntent, but this API is disabled by"

                        + " the system.");

            }

            return mSystemDataTransferProcessor.buildPermissionTransferUserConsentIntent(

                    packageName, userId, associationId);

        }

        @Override

        public void startSystemDataTransfer(String packageName, int userId, int associationId,

                ISystemDataTransferCallback callback) {

            if (!FeatureUtils.isPermSyncEnabled()) {

                throw new UnsupportedOperationException("Calling startSystemDataTransfer, but this"

                        + " API is disabled by the system.");

            }

            mSystemDataTransferProcessor.startSystemDataTransfer(packageName, userId,

                    associationId, callback);

        }

import android.annotation.NonNull;

import android.annotation.SuppressLint;

import android.app.ActivityManagerInternal;

import android.companion.AssociationInfo;

import android.companion.IOnMessageReceivedListener;

import android.companion.IOnTransportsChangedListener;

import android.content.Context;

import android.content.pm.ApplicationInfo;

import android.content.pm.PackageManager.NameNotFoundException;

import android.os.Binder;

import android.os.Build;

import android.os.ParcelFileDescriptor;

import android.os.RemoteCallbackList;

import android.util.SparseArray;

import com.android.internal.annotations.GuardedBy;

import com.android.server.LocalServices;

import com.android.server.companion.AssociationStore;

import java.io.FileDescriptor;

        }

    }

    /**

     * For the moment, we only offer transporting of system data to built-in

     * companion apps; future work will improve the security model to support

     * third-party companion apps.

     */

    private void enforceCallerCanTransportSystemData(String packageName, int userId) {

        mContext.enforceCallingOrSelfPermission(DELIVER_COMPANION_MESSAGES, TAG);

        try {

            final ApplicationInfo info = mContext.getPackageManager().getApplicationInfoAsUser(

                    packageName, 0, userId);

            final int instrumentationUid = LocalServices.getService(ActivityManagerInternal.class)

                    .getInstrumentationSourceUid(Binder.getCallingUid());

            if (!Build.isDebuggable() && !info.isSystemApp()

                    && instrumentationUid == android.os.Process.INVALID_UID) {

                throw new SecurityException("Transporting of system data currently only available "

                        + "to built-in companion apps or tests");

            }

        } catch (NameNotFoundException e) {

            throw new IllegalArgumentException(e);

        }

    }

    public void attachSystemDataTransport(String packageName, int userId, int associationId,

            ParcelFileDescriptor fd) {

        enforceCallerCanTransportSystemData(packageName, userId);

        mContext.enforceCallingOrSelfPermission(DELIVER_COMPANION_MESSAGES, TAG);

        synchronized (mTransports) {

            if (mTransports.contains(associationId)) {

                detachSystemDataTransport(packageName, userId, associationId);

    }

    public void detachSystemDataTransport(String packageName, int userId, int associationId) {

        enforceCallerCanTransportSystemData(packageName, userId);

        mContext.enforceCallingOrSelfPermission(DELIVER_COMPANION_MESSAGES, TAG);

        synchronized (mTransports) {

            final Transport transport = mTransports.get(associationId);

            if (transport != null) {

import android.annotation.NonNull;

import android.companion.IOnMessageReceivedListener;

import android.content.Context;

import android.content.pm.PackageManager;

import android.os.Build;

import android.os.ParcelFileDescriptor;

import android.os.RemoteException;

                break;

            }

            case MESSAGE_REQUEST_PERMISSION_RESTORE: {

                if (!mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_WATCH)

                        && !Build.isDebuggable()) {

                    Slog.w(TAG, "Restoring permissions only supported on watches");

                    sendMessage(MESSAGE_RESPONSE_FAILURE, sequence, EmptyArray.BYTE);

                    break;

                }

                try {

                    callback(message, data);

                    sendMessage(MESSAGE_RESPONSE_SUCCESS, sequence, EmptyArray.BYTE);