diff options
| author | 2019-05-08 17:02:53 -0700 | |
|---|---|---|
| committer | 2019-05-08 17:34:28 -0700 | |
| commit | 6a700f91a915df5f4e15746b4ccde295aec3f9be (patch) | |
| tree | 6b1e9de5c675d421103c4bbc368d637dd02458dc | |
| parent | 46b45af96e5916276e1628ca49c44251c93f5eea (diff) | |
Do not check AppOp if not required
Only check the AppOp if a sensor explicitly requires an AppOp.
Otherwise, only check if the client has permission to access the
sensor.
Bug: 131910349
Test: Verified a_sns_test can access sensors.
Test: Verified app targeting Q must have AR permission to access Step
Detector and Step Counter.
Test: Verified app targeting P with AR permission defined in manifest
cannot receive Step Counter or Step Detector events if user
revokes AR permission.
Test: Verified app targeting P without any permissions defined in the
manifest can access Step Counter and Step Detector.
Test: Verified app targeting J cannot receive Step Counter or Step
Detector events if user revokes AR permission.
Change-Id: I3c2dd20889b99bce047025607cc6e921330de52e
| -rw-r--r-- | services/sensorservice/SensorService.cpp | 37 |
1 files changed, 20 insertions, 17 deletions
diff --git a/services/sensorservice/SensorService.cpp b/services/sensorservice/SensorService.cpp index 639ce78ed3..fa1e2329cd 100644 --- a/services/sensorservice/SensorService.cpp +++ b/services/sensorservice/SensorService.cpp @@ -1686,26 +1686,29 @@ bool SensorService::canAccessSensor(const Sensor& sensor, const char* operation, const int32_t opCode = sensor.getRequiredAppOp(); const int32_t appOpMode = sAppOpsManager.checkOp(opCode, IPCThreadState::self()->getCallingUid(), opPackageName); + bool appOpAllowed = appOpMode == AppOpsManager::MODE_ALLOWED; - // Ensure that the AppOp is allowed - // - // This check is also required to ensure that the user hasn't revoked the necessary permissions - // to access the Step Detector and Step Counter when the application targets pre-Q. Without this - // check, if the user revokes the pre-Q install-time GMS Core AR permission, the app would - // still be able to receive Step Counter and Step Detector events. bool canAccess = false; - if (opCode >= 0 && appOpMode == AppOpsManager::MODE_ALLOWED) { - if (hasPermissionForSensor(sensor)) { + if (hasPermissionForSensor(sensor)) { + // Ensure that the AppOp is allowed, or that there is no necessary app op for the sensor + if (opCode < 0 || appOpAllowed) { + canAccess = true; + } + } else if (sensor.getType() == SENSOR_TYPE_STEP_COUNTER || + sensor.getType() == SENSOR_TYPE_STEP_DETECTOR) { + int targetSdkVersion = getTargetSdkVersion(opPackageName); + // Allow access to the sensor if the application targets pre-Q, which is before the + // requirement to hold the AR permission to access Step Counter and Step Detector events + // was introduced, and the user hasn't revoked the app op. + // + // Verifying the app op is required to ensure that the user hasn't revoked the necessary + // permissions to access the Step Detector and Step Counter when the application targets + // pre-Q. Without this check, if the user revokes the pre-Q install-time GMS Core AR + // permission, the app would still be able to receive Step Counter and Step Detector events. + if (appOpAllowed && + targetSdkVersion > 0 && + targetSdkVersion <= __ANDROID_API_P__) { canAccess = true; - } else if (sensor.getType() == SENSOR_TYPE_STEP_COUNTER || - sensor.getType() == SENSOR_TYPE_STEP_DETECTOR) { - int targetSdkVersion = getTargetSdkVersion(opPackageName); - // Allow access to the sensor if the application targets pre-Q, which is before the - // requirement to hold the AR permission to access Step Counter and Step Detector events - // was introduced. - if (targetSdkVersion > 0 && targetSdkVersion <= __ANDROID_API_P__) { - canAccess = true; - } } } |