Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6f62844f authored by Martin Brabham's avatar Martin Brabham
Browse files

Revert "Revert "Enforce BluetoothPrivileged Permission for ScanFilter APIs"" 

This reverts commit 83241932.

Bug: 188630254
Test: atest CtsBluetoothTestCases:android.bluetooth.cts.BluetoothLeScanTest#testBasicBleScan -- --abi arm64-v8a
Tag: #feature
Change-Id: If7ba0243eb84896fd373fd5654ae8d412611e5ae
parent 9401f5be

android/app/src/com/android/bluetooth/gatt/GattService.java

+22 −1
Original line number Diff line number Diff line
@@ -84,6 +84,7 @@ import java.util.HashMap; 
import java.util.HashSet;

import java.util.List;

import java.util.Map;

import java.util.Objects;

import java.util.Set;

import java.util.UUID;

import java.util.concurrent.TimeUnit;
@@ -2270,6 +2271,7 @@ public class GattService extends ProfileService { 
        enforcePrivilegedPermissionIfNeeded(settings);

        String callingPackage = attributionSource.getPackageName();

        settings = enforceReportDelayFloor(settings);

        enforcePrivilegedPermissionIfNeeded(filters);

        final ScanClient scanClient = new ScanClient(scannerId, settings, filters, storages);

        scanClient.userHandle = UserHandle.of(UserHandle.getCallingUserId());

        mAppOps.checkPackage(Binder.getCallingUid(), callingPackage);
@@ -2326,7 +2328,7 @@ public class GattService extends ProfileService { 
        }

        enforcePrivilegedPermissionIfNeeded(settings);

        settings = enforceReportDelayFloor(settings);



        enforcePrivilegedPermissionIfNeeded(filters);

        UUID uuid = UUID.randomUUID();

        if (DBG) {

            Log.d(TAG, "startScan(PI) - UUID=" + uuid);
@@ -3673,6 +3675,25 @@ public class GattService extends ProfileService { 
        return settings.getScanResultType() == ScanSettings.SCAN_RESULT_TYPE_ABBREVIATED;

    }



    /*

     * The {@link ScanFilter#setDeviceAddress} API overloads are @SystemApi access methods.  This

     * requires that the permissions be BLUETOOTH_PRIVILEGED.

     */

    @SuppressLint("AndroidFrameworkRequiresPermission")

    private void enforcePrivilegedPermissionIfNeeded(List<ScanFilter> filters) {

        if (DBG) {

            Log.d(TAG, "enforcePrivilegedPermissionIfNeeded(" + filters + ")");

        }

        Objects.requireNonNull(filters, "'filters' must not be null!");

        for (ScanFilter filter : filters) {

            if (filter.getDeviceAddress() != null && filter.getAddressType()

                    == BluetoothDevice.ADDRESS_TYPE_PUBLIC && filter.getIrk() == null) {

            } else {

                enforcePrivilegedPermission();

            }

        }

    }



    // Enforce caller has BLUETOOTH_PRIVILEGED permission. A {@link SecurityException} will be

    // thrown if the caller app does not have BLUETOOTH_PRIVILEGED permission.

    @RequiresPermission(android.Manifest.permission.BLUETOOTH_PRIVILEGED)