Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2758037a authored by skill's avatar skill Committed by Stanley Tng
Browse files

Don't validate BLUETOOTH_PRIVILEGED permission every time the restricted

handler is notified via onNotify callback. Instead cache that permission
if granted.

This is possible because permissions cannot be revoked at run time
without killing the process.

Test: manual testing
Change-Id: I8aa150cdd481cff7d18f5f5937d08a075287adbc
parent b12f1a82
Loading
Loading
Loading
Loading
+3 −0
Original line number Diff line number Diff line
@@ -89,6 +89,9 @@ import java.util.UUID;
        /** Whether the calling app has location permission */
        boolean hasLocationPermission;

        /** Whether the calling app has bluetooth privileged permission */
        boolean hasBluetoothPrivilegedPermission;

        /** The user handle of the app that started the scan */
        UserHandle mUserHandle;

+18 −5
Original line number Diff line number Diff line
@@ -300,6 +300,20 @@ public class GattService extends ProfileService {
                == PERMISSION_GRANTED);
    }

    private boolean permissionCheck(ClientMap.App app, int connId, int handle) {
        Set<Integer> restrictedHandles = mRestrictedHandles.get(connId);
        if (restrictedHandles == null || !restrictedHandles.contains(handle)) {
            return true;
        }

        if (!app.hasBluetoothPrivilegedPermission
                && checkCallingOrSelfPermission(BLUETOOTH_PRIVILEGED)== PERMISSION_GRANTED) {
            app.hasBluetoothPrivilegedPermission = true;
        }

        return app.hasBluetoothPrivilegedPermission;
    }

    @Override
    public int onStartCommand(Intent intent, int flags, int startId) {
        if (GattDebugUtils.handleDebugAction(this, intent)) {
@@ -1390,13 +1404,12 @@ public class GattService extends ProfileService {
                    + data.length);
        }

        if (!permissionCheck(connId, handle)) {
        ClientMap.App app = mClientMap.getByConnId(connId);
        if (app != null) {
            if (!permissionCheck(app, connId, handle)) {
                Log.w(TAG, "onNotify() - permission check failed!");
                return;
            }

        ClientMap.App app = mClientMap.getByConnId(connId);
        if (app != null) {
            app.callback.onNotify(address, handle, data);
        }
    }