Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 03883128 authored by Brian Delwiche's avatar Brian Delwiche Committed by Android (Google) Code Review
Browse files

Merge "Fix permission bypasses to multiple methods" into main

parents bbb1b68c 8098771b

android/app/src/com/android/bluetooth/Utils.java

+16 −16
Original line number Diff line number Diff line
@@ -617,9 +617,9 @@ public final class Utils { 
        }

        // STOPSHIP(b/188391719): enable this security enforcement

        // attributionSource.enforceCallingUid();

        AttributionSource currentAttribution = new AttributionSource

                .Builder(context.getAttributionSource())

                .setNext(attributionSource)

        AttributionSource currentAttribution =

                new AttributionSource.Builder(context.getAttributionSource())

                        .setNext(Objects.requireNonNull(attributionSource))

                        .build();

        PermissionManager pm = context.getSystemService(PermissionManager.class);

        if (pm == null) {
@@ -892,9 +892,9 @@ public final class Utils { 
            Log.e(TAG, "Permission denial: Location is off.");

            return false;

        }

        AttributionSource currentAttribution = new AttributionSource

                .Builder(context.getAttributionSource())

                .setNext(attributionSource)

        AttributionSource currentAttribution =

                new AttributionSource.Builder(context.getAttributionSource())

                        .setNext(Objects.requireNonNull(attributionSource))

                        .build();

        // STOPSHIP(b/188391719): enable this security enforcement

        // attributionSource.enforceCallingUid();
@@ -926,9 +926,9 @@ public final class Utils { 
            return false;

        }



        final AttributionSource currentAttribution = new AttributionSource

                .Builder(context.getAttributionSource())

                .setNext(attributionSource)

        final AttributionSource currentAttribution =

                new AttributionSource.Builder(context.getAttributionSource())

                        .setNext(Objects.requireNonNull(attributionSource))

                        .build();

        // STOPSHIP(b/188391719): enable this security enforcement

        // attributionSource.enforceCallingUid();
@@ -964,9 +964,9 @@ public final class Utils { 
            return false;

        }



        AttributionSource currentAttribution = new AttributionSource

                .Builder(context.getAttributionSource())

                .setNext(attributionSource)

        AttributionSource currentAttribution =

                new AttributionSource.Builder(context.getAttributionSource())

                        .setNext(Objects.requireNonNull(attributionSource))

                        .build();

        // STOPSHIP(b/188391719): enable this security enforcement

        // attributionSource.enforceCallingUid();

android/app/tests/unit/src/com/android/bluetooth/UtilsTest.java

+9 −4
Original line number Diff line number Diff line
@@ -120,10 +120,12 @@ public class UtilsTest { 
        boolean enabledStatus = locationManager.isLocationEnabledForUser(userHandle);



        locationManager.setLocationEnabledForUser(false, userHandle);

        assertThat(Utils.checkCallerHasCoarseLocation(context, null, userHandle)).isFalse();

        assertThat(Utils.checkCallerHasCoarseLocation(

                       context, context.getAttributionSource(), userHandle))

                .isFalse();



        locationManager.setLocationEnabledForUser(true, userHandle);

        Utils.checkCallerHasCoarseLocation(context, null, userHandle);

        Utils.checkCallerHasCoarseLocation(context, context.getAttributionSource(), userHandle);

        if (!enabledStatus) {

            locationManager.setLocationEnabledForUser(false, userHandle);

        }
@@ -137,10 +139,13 @@ public class UtilsTest { 
        boolean enabledStatus = locationManager.isLocationEnabledForUser(userHandle);



        locationManager.setLocationEnabledForUser(false, userHandle);

        assertThat(Utils.checkCallerHasCoarseOrFineLocation(context, null, userHandle)).isFalse();

        assertThat(Utils.checkCallerHasCoarseOrFineLocation(

                       context, context.getAttributionSource(), userHandle))

                .isFalse();



        locationManager.setLocationEnabledForUser(true, userHandle);

        Utils.checkCallerHasCoarseOrFineLocation(context, null, userHandle);

        Utils.checkCallerHasCoarseOrFineLocation(

                context, context.getAttributionSource(), userHandle);

        if (!enabledStatus) {

            locationManager.setLocationEnabledForUser(false, userHandle);

        }

service/src/com/android/server/bluetooth/BtPermissionUtils.java

+3 −1
Original line number Diff line number Diff line
@@ -86,7 +86,9 @@ class BtPermissionUtils { 
            String message) {

        final String permission = BLUETOOTH_CONNECT;

        AttributionSource currentSource =

                new AttributionSource.Builder(ctx.getAttributionSource()).setNext(source).build();

                new AttributionSource.Builder(ctx.getAttributionSource())

                        .setNext(Objects.requireNonNull(source))

                        .build();

        final int result =

                permissionManager.checkPermissionForDataDeliveryFromDataSource(

                        permission, currentSource, message);