Handle attribution chains when checking for location disavowal. am: 29a5bafec8 (d014dc4e) · Commits · e / os / android_packages_modules_Bluetooth

android/app/src/com/android/bluetooth/Utils.java

+19 −8

Original line number	Diff line number	Diff line
		@@ -546,16 +546,27 @@ public final class Utils {
		// Suppressed since we're not actually enforcing here
		@SuppressLint("AndroidFrameworkRequiresPermission")
		public static boolean hasDisavowedLocationForScan(
		Context context, String packageName, AttributionSource attributionSource,
		boolean inTestMode) {

		// TODO(b/183625242): Handle multi-step attribution chains here.
		if (attributionSource.getRenouncedPermissions().contains(ACCESS_FINE_LOCATION)
		&& (inTestMode \|\| context.checkCallingPermission(RENOUNCE_PERMISSIONS)
		Context context, AttributionSource attributionSource, boolean inTestMode) {

		// Check every step along the attribution chain for a renouncement.
		// If location has been renounced anywhere in the chain we treat it as a disavowal.
		AttributionSource currentAttrib = attributionSource;
		while (true) {
		if (currentAttrib.getRenouncedPermissions().contains(ACCESS_FINE_LOCATION)
		&& (inTestMode \|\| context.checkPermission(RENOUNCE_PERMISSIONS, -1,
		currentAttrib.getUid())
		== PackageManager.PERMISSION_GRANTED)) {
		return true;
		}
		AttributionSource nextAttrib = currentAttrib.getNext();
		if (nextAttrib == null) {
		break;
		}
		currentAttrib = nextAttrib;
		}

		// Check the last attribution in the chain for a neverForLocation disavowal.
		String packageName = currentAttrib.getPackageName();
		PackageManager pm = context.getPackageManager();
		try {
		// TODO(b/183478032): Cache PackageInfo for use here.

+1 −2

Original line number	Diff line number	Diff line
		@@ -2532,8 +2532,7 @@ public class AdapterService extends Service {
		mAppOps.checkPackage(Binder.getCallingUid(), callingPackage);
		boolean isQApp = Utils.isQApp(this, callingPackage);
		boolean hasDisavowedLocation =
		Utils.hasDisavowedLocationForScan(this, callingPackage, attributionSource,
		mTestModeEnabled);
		Utils.hasDisavowedLocationForScan(this, attributionSource, mTestModeEnabled);
		String permission = null;
		if (Utils.checkCallerHasNetworkSettingsPermission(this)) {
		permission = android.Manifest.permission.NETWORK_SETTINGS;

+2 −4

Original line number	Diff line number	Diff line
		@@ -2278,8 +2278,7 @@ public class GattService extends ProfileService {
		callingPackage.equals(mExposureNotificationPackage);

		scanClient.hasDisavowedLocation =
		Utils.hasDisavowedLocationForScan(this, callingPackage, attributionSource,
		isTestModeEnabled());
		Utils.hasDisavowedLocationForScan(this, attributionSource, isTestModeEnabled());

		scanClient.isQApp = Utils.isQApp(this, callingPackage);
		if (!scanClient.hasDisavowedLocation) {
		@@ -2352,8 +2351,7 @@ public class GattService extends ProfileService {
		callingPackage.equals(mExposureNotificationPackage);

		app.mHasDisavowedLocation =
		Utils.hasDisavowedLocationForScan(this, callingPackage, attributionSource,
		isTestModeEnabled());
		Utils.hasDisavowedLocationForScan(this, attributionSource, isTestModeEnabled());

		app.mIsQApp = Utils.isQApp(this, callingPackage);
		if (!app.mHasDisavowedLocation) {