Merge tag 'android-14.0.0_r61' into leaf-3.2
Android 14.0.0 Release 61 (AP2A.240805.005.F1)
* tag 'android-14.0.0_r61':
Fix permission bypasses to multiple methods
Change-Id: I88d091e981ca70bf1dc34baf7aa8410be37da219
diff --git a/android/app/src/com/android/bluetooth/Utils.java b/android/app/src/com/android/bluetooth/Utils.java
index 8ce32f5..ca80330 100644
--- a/android/app/src/com/android/bluetooth/Utils.java
+++ b/android/app/src/com/android/bluetooth/Utils.java
@@ -548,10 +548,10 @@
}
// STOPSHIP(b/188391719): enable this security enforcement
// attributionSource.enforceCallingUid();
- AttributionSource currentAttribution = new AttributionSource
- .Builder(context.getAttributionSource())
- .setNext(attributionSource)
- .build();
+ AttributionSource currentAttribution =
+ new AttributionSource.Builder(context.getAttributionSource())
+ .setNext(Objects.requireNonNull(attributionSource))
+ .build();
PermissionManager pm = context.getSystemService(PermissionManager.class);
if (pm == null) {
return false;
@@ -823,10 +823,10 @@
Log.e(TAG, "Permission denial: Location is off.");
return false;
}
- AttributionSource currentAttribution = new AttributionSource
- .Builder(context.getAttributionSource())
- .setNext(attributionSource)
- .build();
+ AttributionSource currentAttribution =
+ new AttributionSource.Builder(context.getAttributionSource())
+ .setNext(Objects.requireNonNull(attributionSource))
+ .build();
// STOPSHIP(b/188391719): enable this security enforcement
// attributionSource.enforceCallingUid();
PermissionManager pm = context.getSystemService(PermissionManager.class);
@@ -857,10 +857,10 @@
return false;
}
- final AttributionSource currentAttribution = new AttributionSource
- .Builder(context.getAttributionSource())
- .setNext(attributionSource)
- .build();
+ final AttributionSource currentAttribution =
+ new AttributionSource.Builder(context.getAttributionSource())
+ .setNext(Objects.requireNonNull(attributionSource))
+ .build();
// STOPSHIP(b/188391719): enable this security enforcement
// attributionSource.enforceCallingUid();
PermissionManager pm = context.getSystemService(PermissionManager.class);
@@ -895,10 +895,10 @@
return false;
}
- AttributionSource currentAttribution = new AttributionSource
- .Builder(context.getAttributionSource())
- .setNext(attributionSource)
- .build();
+ AttributionSource currentAttribution =
+ new AttributionSource.Builder(context.getAttributionSource())
+ .setNext(Objects.requireNonNull(attributionSource))
+ .build();
// STOPSHIP(b/188391719): enable this security enforcement
// attributionSource.enforceCallingUid();
PermissionManager pm = context.getSystemService(PermissionManager.class);
diff --git a/android/app/tests/unit/src/com/android/bluetooth/UtilsTest.java b/android/app/tests/unit/src/com/android/bluetooth/UtilsTest.java
index b4d73bc..2b3d17e 100644
--- a/android/app/tests/unit/src/com/android/bluetooth/UtilsTest.java
+++ b/android/app/tests/unit/src/com/android/bluetooth/UtilsTest.java
@@ -120,10 +120,12 @@
boolean enabledStatus = locationManager.isLocationEnabledForUser(userHandle);
locationManager.setLocationEnabledForUser(false, userHandle);
- assertThat(Utils.checkCallerHasCoarseLocation(context, null, userHandle)).isFalse();
+ assertThat(Utils.checkCallerHasCoarseLocation(
+ context, context.getAttributionSource(), userHandle))
+ .isFalse();
locationManager.setLocationEnabledForUser(true, userHandle);
- Utils.checkCallerHasCoarseLocation(context, null, userHandle);
+ Utils.checkCallerHasCoarseLocation(context, context.getAttributionSource(), userHandle);
if (!enabledStatus) {
locationManager.setLocationEnabledForUser(false, userHandle);
}
@@ -137,10 +139,13 @@
boolean enabledStatus = locationManager.isLocationEnabledForUser(userHandle);
locationManager.setLocationEnabledForUser(false, userHandle);
- assertThat(Utils.checkCallerHasCoarseOrFineLocation(context, null, userHandle)).isFalse();
+ assertThat(Utils.checkCallerHasCoarseOrFineLocation(
+ context, context.getAttributionSource(), userHandle))
+ .isFalse();
locationManager.setLocationEnabledForUser(true, userHandle);
- Utils.checkCallerHasCoarseOrFineLocation(context, null, userHandle);
+ Utils.checkCallerHasCoarseOrFineLocation(
+ context, context.getAttributionSource(), userHandle);
if (!enabledStatus) {
locationManager.setLocationEnabledForUser(false, userHandle);
}
diff --git a/service/src/com/android/server/bluetooth/BtPermissionUtils.java b/service/src/com/android/server/bluetooth/BtPermissionUtils.java
index c68f25b..b3ba3b0 100644
--- a/service/src/com/android/server/bluetooth/BtPermissionUtils.java
+++ b/service/src/com/android/server/bluetooth/BtPermissionUtils.java
@@ -86,7 +86,9 @@
String message) {
final String permission = BLUETOOTH_CONNECT;
AttributionSource currentSource =
- new AttributionSource.Builder(ctx.getAttributionSource()).setNext(source).build();
+ new AttributionSource.Builder(ctx.getAttributionSource())
+ .setNext(Objects.requireNonNull(source))
+ .build();
final int result =
permissionManager.checkPermissionForDataDeliveryFromDataSource(
permission, currentSource, message);