ab42e66b4c27253a6a45c3ce70bd798694d44631 - platform_frameworks_base

commit	ab42e66b4c27253a6a45c3ce70bd798694d44631	[log] [tgz]
author	Anthony Stange <stange@google.com>	Fri Jan 29 18:04:39 2021 +0000
committer	Anthony Stange <stange@google.com>	Wed Feb 17 16:53:37 2021 +0000
tree	d42bf4fc5c99528d1e1d2be522759ff39fe6fcb5
parent	750d5df6c6b64807c6d14b6a5dfef008b8f1d750 [diff]

Enforce nanoapp permissions for ContextHub APIs

Adds the following behavior:
1) Ensures nanoapp messages aren't delivered to host apps unless they
hold the required permissions
2) Ensures that host apps continue to hold the required permissions set

Also pipes the package name for callback clients since their package
name can't be determined on the other side of the binder.

Bug: 166846988
Test: Disable permissions on host client and verify that nanoapp and
host lose communication after ~1 minute
Test: Re-enable permissions on host client and verify host receives
appropriate callback

Change-Id: I14af504f0b230f6ce15852f16fc8b174fdd52252

core/java/android/hardware/location/ContextHubManager.java[diff]
core/java/android/hardware/location/IContextHubService.aidl[diff]
services/core/java/com/android/server/location/contexthub/AuthStateDenialTimer.java[Added - diff]
services/core/java/com/android/server/location/contexthub/ContextHubClientBroker.java[diff]
services/core/java/com/android/server/location/contexthub/ContextHubClientManager.java[diff]
services/core/java/com/android/server/location/contexthub/ContextHubService.java[diff]
services/core/java/com/android/server/location/contexthub/IContextHubWrapper.java[diff]

7 files changed