From cff8340c84ad1d6c0b3deae6a42f781e7db64082 Mon Sep 17 00:00:00 2001
From: Jimmy Chen <jimmycmchen@google.com>
Date: Thu, 4 Mar 2021 13:19:52 +0800
Subject: [PATCH] wifidisplay: restrict broadcast by the proper permission

WIFI_DISPLAY_STATUS_CHANGED event contains the MAC address of peers.
As the MAC address is PII data, this should be restricted by proper
permission.

Bug: 176541017
Test: install PoC in b/176541017 and check PII data is not leaked.
Change-Id: I36b85f44678fe232486702fa009f5f06d1a7af75
---
 core/java/android/hardware/display/DisplayManager.java     | 3 +++
 .../com/android/server/display/WifiDisplayAdapter.java     | 7 ++++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/core/java/android/hardware/display/DisplayManager.java b/core/java/android/hardware/display/DisplayManager.java
index c1ba2094d3cf6..99da669798921 100644
--- a/core/java/android/hardware/display/DisplayManager.java
+++ b/core/java/android/hardware/display/DisplayManager.java
@@ -61,6 +61,9 @@ public final class DisplayManager {
      * {@link #EXTRA_WIFI_DISPLAY_STATUS} extra.
      * </p><p>
      * This broadcast is only sent to registered receivers and can only be sent by the system.
+     * </p><p>
+     * {@link android.Manifest.permission#ACCESS_FINE_LOCATION} permission is required to
+     * receive this broadcast.
      * </p>
      * @hide
      */
diff --git a/services/core/java/com/android/server/display/WifiDisplayAdapter.java b/services/core/java/com/android/server/display/WifiDisplayAdapter.java
index 57323170b327a..551df49b550f0 100644
--- a/services/core/java/com/android/server/display/WifiDisplayAdapter.java
+++ b/services/core/java/com/android/server/display/WifiDisplayAdapter.java
@@ -91,6 +91,10 @@ final class WifiDisplayAdapter extends DisplayAdapter {
 
     private boolean mPendingStatusChangeBroadcast;
 
+    private static final String[] RECEIVER_PERMISSIONS_FOR_BROADCAST = {
+            android.Manifest.permission.ACCESS_FINE_LOCATION,
+    };
+
     // Called with SyncRoot lock held.
     public WifiDisplayAdapter(DisplayManagerService.SyncRoot syncRoot,
             Context context, Handler handler, Listener listener,
@@ -432,7 +436,8 @@ final class WifiDisplayAdapter extends DisplayAdapter {
         }
 
         // Send protected broadcast about wifi display status to registered receivers.
-        getContext().sendBroadcastAsUser(intent, UserHandle.ALL);
+        getContext().createContextAsUser(UserHandle.ALL, 0)
+                .sendBroadcastWithMultiplePermissions(intent, RECEIVER_PERMISSIONS_FOR_BROADCAST);
     }
 
     private final BroadcastReceiver mBroadcastReceiver = new BroadcastReceiver() {