Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f62d869e authored by baisheng's avatar baisheng
Browse files

Add dedicated signature permissions to platform manifest and shell manifest... 

Add dedicated signature permissions to platform manifest and shell manifest which could enable/disable BT and Wifi state on watch

Skip Bluetooth consent UI if running on shell, also fix a typo in log message.

Test: Manual test running `adb root; adb shell service call bluetooth_manager 6` and see if BT is on without consent UI.
Bug: 69872231
Change-Id: Ie513794a7fc13041259fd84734bfc651495ba5cf
parent 3c3ac03a

core/res/AndroidManifest.xml

+11 −0
Original line number Diff line number Diff line
@@ -1386,6 +1386,12 @@ 
    <permission android:name="android.permission.MANAGE_LOWPAN_INTERFACES"

        android:protectionLevel="signature|privileged" />



    <!-- @hide Allows internal management of Wi-Fi connectivity state when on

         permission review mode.

         <p>Not for use by third-party applications. -->

    <permission android:name="android.permission.MANAGE_WIFI_WHEN_PERMISSION_REVIEW_REQUIRED"

        android:protectionLevel="signature" />



    <!-- ======================================= -->

    <!-- Permissions for short range, peripheral networks -->

    <!-- ======================================= -->
@@ -1463,6 +1469,11 @@ 
    <permission android:name="android.permission.NFC_HANDOVER_STATUS"

        android:protectionLevel="signature|privileged" />



    <!-- @hide Allows internal management of Bluetooth state when on permission review mode.

         <p>Not for use by third-party applications. -->

    <permission android:name="android.permission.MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED"

        android:protectionLevel="signature" />



    <!-- ================================== -->

    <!-- Permissions for accessing accounts -->

    <!-- ================================== -->

packages/Shell/AndroidManifest.xml

+5 −0
Original line number Diff line number Diff line
@@ -138,6 +138,11 @@ 
    <uses-permission android:name="android.permission.MANAGE_SENSORS" />

    <uses-permission android:name="android.permission.MANAGE_AUDIO_POLICY" />

    <uses-permission android:name="android.permission.MANAGE_CAMERA" />

    <!-- Permission needed to enable/disable Bluetooth/Wifi when on permission review mode -->

    <uses-permission

        android:name="android.permission.MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED" />

    <uses-permission

        android:name="android.permission.MANAGE_WIFI_WHEN_PERMISSION_REVIEW_REQUIRED" />



    <application android:label="@string/app_label"

                 android:defaultToDeviceProtectedStorage="true"

services/core/java/com/android/server/BluetoothManagerService.java

+27 −3
Original line number Diff line number Diff line
@@ -948,8 +948,11 @@ class BluetoothManagerService extends IBluetoothManager.Stub { 
        return true;

    }



    private boolean startConsentUiIfNeeded(String packageName, int callingUid, String intentAction)

            throws RemoteException {

    private boolean startConsentUiIfNeeded(String packageName,

            int callingUid, String intentAction) throws RemoteException {

        if (checkBluetoothPermissionWhenPermissionReviewRequired()) {

            return false;

        }

        try {

            // Validate the package only if we are going to use it

            ApplicationInfo applicationInfo = mContext.getPackageManager()
@@ -957,7 +960,8 @@ class BluetoothManagerService extends IBluetoothManager.Stub { 
                            PackageManager.MATCH_DEBUG_TRIAGED_MISSING,

                            UserHandle.getUserId(callingUid));

            if (applicationInfo.uid != callingUid) {

                throw new SecurityException("Package " + callingUid + " not in uid " + callingUid);

                throw new SecurityException("Package " + packageName

                        + " not in uid " + callingUid);

            }



            Intent intent = new Intent(intentAction);
@@ -977,6 +981,26 @@ class BluetoothManagerService extends IBluetoothManager.Stub { 
        }

    }



    /**

     * Check if the caller must still pass permission check or if the caller is exempted

     * from the consent UI via the MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED check.

     *

     * Commands from some callers may be exempted from triggering the consent UI when

     * enabling bluetooth. This exemption is checked via the

     * MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED and allows calls to skip

     * the consent UI where it may otherwise be required.

     *

     * @hide

     */

    private boolean checkBluetoothPermissionWhenPermissionReviewRequired() {

        if (!mPermissionReviewRequired) {

            return false;

        }

        int result = mContext.checkCallingPermission(

                android.Manifest.permission.MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED);

        return result == PackageManager.PERMISSION_GRANTED;

    }



    public void unbindAndFinish() {

        if (DBG) {

            Slog.d(TAG, "unbindAndFinish(): " + mBluetooth + " mBinding = " + mBinding