From c4895c4aa60d28a476af0652c5a60ba898842249 Mon Sep 17 00:00:00 2001
From: Thiébaud Weksteen <tweek@google.com>
Date: Mon, 10 Jan 2022 10:16:06 +1100
Subject: Transition SerialManager to @EnforcePermission

Use the new @EnforcePermission annotation for SerialService.

Test: Manually inspect ISerialManager.java, the permission checks are
      correctly generated.
Test: Run SerialChat app as regular app, SecurityException triggered
      when launching the app.
Test: Run SerialChat as priv-app. Access is granted, the app executes
      normally.
Bug: 197828948
Change-Id: Ide1d2809f2226f7cd84efa0d364dc78da726f294
---
 core/java/android/hardware/ISerialManager.aidl           | 2 ++
 services/core/java/com/android/server/SerialService.java | 6 +++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/core/java/android/hardware/ISerialManager.aidl b/core/java/android/hardware/ISerialManager.aidl
index 74d30f7afefe..65a0fa4f893e 100644
--- a/core/java/android/hardware/ISerialManager.aidl
+++ b/core/java/android/hardware/ISerialManager.aidl
@@ -22,8 +22,10 @@ import android.os.ParcelFileDescriptor;
 interface ISerialManager
 {
     /* Returns a list of all available serial ports */
+    @EnforcePermission("SERIAL_PORT")
     String[] getSerialPorts();
 
     /* Returns a file descriptor for the serial port. */
+    @EnforcePermission("SERIAL_PORT")
     ParcelFileDescriptor openSerialPort(String name);
 }
diff --git a/services/core/java/com/android/server/SerialService.java b/services/core/java/com/android/server/SerialService.java
index 1abe4588261a..e915fa1522a1 100644
--- a/services/core/java/com/android/server/SerialService.java
+++ b/services/core/java/com/android/server/SerialService.java
@@ -16,6 +16,7 @@
 
 package com.android.server;
 
+import android.annotation.EnforcePermission;
 import android.content.Context;
 import android.hardware.ISerialManager;
 import android.os.ParcelFileDescriptor;
@@ -34,9 +35,8 @@ public class SerialService extends ISerialManager.Stub {
                 com.android.internal.R.array.config_serialPorts);
     }
 
+    @EnforcePermission(android.Manifest.permission.SERIAL_PORT)
     public String[] getSerialPorts() {
-        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.SERIAL_PORT, null);
-
         ArrayList<String> ports = new ArrayList<String>();
         for (int i = 0; i < mSerialPorts.length; i++) {
             String path = mSerialPorts[i];
@@ -49,8 +49,8 @@ public class SerialService extends ISerialManager.Stub {
         return result;
     }
 
+    @EnforcePermission(android.Manifest.permission.SERIAL_PORT)
     public ParcelFileDescriptor openSerialPort(String path) {
-        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.SERIAL_PORT, null);
         for (int i = 0; i < mSerialPorts.length; i++) {
             if (mSerialPorts[i].equals(path)) {
                 return native_open(path);
-- 
cgit v1.2.3-59-g8ed1b