Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Allow Cell Location for SYSTEM_UID and ROOT_UID" into stage-aosp-master

Browse Source 
am: 998c416213

Change-Id: I352b53ac10fed126a9e585bc1d3de1430a8cff4f
This commit is contained in:
Nathan Harold
2018-06-27 13:12:23 -07:00
committed by android-build-merger
parent 42bf3bef2b 998c416213
commit d9a7a59007
1 changed files with 12 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
telephony/java/android/telephony/LocationAccessPolicy.java
View File

@@ -39,7 +39,8 @@ import java.util.List;
* @hide
*/
public final class LocationAccessPolicy {
private static final String LOG_TAG = LocationAccessPolicy.class.getSimpleName();
private static final String TAG = "LocationAccessPolicy";
private static final boolean DBG = false;
/**
* API to determine if the caller has permissions to get cell location.
@@ -52,12 +53,13 @@ public final class LocationAccessPolicy {
*/
public static boolean canAccessCellLocation(@NonNull Context context, @NonNull String pkgName,
int uid, int pid, boolean throwOnDeniedPermission) throws SecurityException {
Trace.beginSection("TelephonyLohcationCheck");
Trace.beginSection("TelephonyLocationCheck");
try {
// Always allow the phone process to access location. This avoid breaking legacy code
// that rely on public-facing APIs to access cell location, and it doesn't create a
// info leak risk because the cell location is stored in the phone process anyway.
if (uid == Process.PHONE_UID) {
// Always allow the phone process and system server to access location. This avoid
// breaking legacy code that rely on public-facing APIs to access cell location, and
// it doesn't create an info leak risk because the cell location is stored in the phone
// process anyway, and the system server already has location access.
if (uid == Process.PHONE_UID || uid == Process.SYSTEM_UID || uid == Process.ROOT_UID) {
return true;
}
@@ -72,15 +74,18 @@ public final class LocationAccessPolicy {
pid, uid, "canAccessCellLocation");
} else if (context.checkPermission(Manifest.permission.ACCESS_COARSE_LOCATION,
pid, uid) == PackageManager.PERMISSION_DENIED) {
if (DBG) Log.w(TAG, "Permission checked failed (" + pid + "," + uid + ")");
return false;
}
final int opCode = AppOpsManager.permissionToOpCode(
Manifest.permission.ACCESS_COARSE_LOCATION);
if (opCode != AppOpsManager.OP_NONE && context.getSystemService(AppOpsManager.class)
.noteOpNoThrow(opCode, uid, pkgName) != AppOpsManager.MODE_ALLOWED) {
if (DBG) Log.w(TAG, "AppOp check failed (" + uid + "," + pkgName + ")");
return false;
}
if (!isLocationModeEnabled(context, UserHandle.getUserId(uid))) {
if (DBG) Log.w(TAG, "Location disabled, failed, (" + uid + ")");
return false;
}
// If the user or profile is current, permission is granted.
@@ -94,7 +99,7 @@ public final class LocationAccessPolicy {
private static boolean isLocationModeEnabled(@NonNull Context context, @UserIdInt int userId) {
LocationManager locationManager = context.getSystemService(LocationManager.class);
if (locationManager == null) {
Log.w(LOG_TAG, "Couldn't get location manager, denying location access");
Log.w(TAG, "Couldn't get location manager, denying location access");
return false;
}
return locationManager.isLocationEnabledForUser(UserHandle.of(userId));