commit 1f889d838459d4d5e6750388396989de562629b7
author Nathan Harold <nharold@google.com> Thu Jun 04 17:05:26 2020 -0700
committer Nathan Harold <nharold@google.com> Wed Jul 08 14:59:11 2020 -0700
tree f08bbabde8c0e921aa251615bf71e116f15ba141
parent 7df41348d12bdce3c26ae7f4e5e61723ad64a5b8

Add Permissions checks for updateServiceLocation()

Add permissions checks to updateServiceLocation to ensure
that callers have location permissions, otherwise this method
can't help them. Then ensure that apps are billed appropriately
for their power usage of calls to the modem.

Bug: 152648516
Test: cts atest CellLocationTest
Change-Id: I61c9d0358f605a667fb069bdb7db9b9695ec72db

src/com/android/phone/PhoneInterfaceManager.java

diff --git a/src/com/android/phone/PhoneInterfaceManager.java b/src/com/android/phone/PhoneInterfaceManager.java
index 1bd8609..aeda70c 100755
--- a/src/com/android/phone/PhoneInterfaceManager.java
+++ b/src/com/android/phone/PhoneInterfaceManager.java
@@ -1934,6 +1934,49 @@
 
     }
 
+    @Override
+    public void updateServiceLocationWithPackageName(String callingPackage) {
+        mApp.getSystemService(AppOpsManager.class)
+                .checkPackage(Binder.getCallingUid(), callingPackage);
+
+        final int targetSdk = getTargetSdk(callingPackage);
+        if (targetSdk > android.os.Build.VERSION_CODES.R) {
+            // Callers targeting S have no business invoking this method.
+            return;
+        }
+
+        LocationAccessPolicy.LocationPermissionResult locationResult =
+                LocationAccessPolicy.checkLocationPermission(mApp,
+                        new LocationAccessPolicy.LocationPermissionQuery.Builder()
+                                .setCallingPackage(callingPackage)
+                                .setCallingFeatureId(null)
+                                .setCallingPid(Binder.getCallingPid())
+                                .setCallingUid(Binder.getCallingUid())
+                                .setMethod("updateServiceLocation")
+                                .setMinSdkVersionForCoarse(Build.VERSION_CODES.BASE)
+                                .setMinSdkVersionForFine(Build.VERSION_CODES.Q)
+                                .build());
+        // Apps that lack location permission have no business calling this method;
+        // however, because no permission was declared in the public API, denials must
+        // all be "soft".
+        switch (locationResult) {
+            case DENIED_HARD: /* fall through */
+            case DENIED_SOFT:
+                return;
+        }
+
+        WorkSource workSource = getWorkSource(Binder.getCallingUid());
+        final long identity = Binder.clearCallingIdentity();
+        try {
+            final Phone phone = getPhone(getDefaultSubscription());
+            if (phone != null) {
+                phone.updateServiceLocation(workSource);
+            }
+        } finally {
+            Binder.restoreCallingIdentity(identity);
+        }
+    }
+
     public void updateServiceLocationForSubscriber(int subId) {
         // No permission check needed here: this call is harmless, and it's
         // needed for the ServiceState.requestStateUpdate() call (which is
@@ -1942,7 +1985,7 @@
         try {
             final Phone phone = getPhone(subId);
             if (phone != null) {
-                phone.updateServiceLocation();
+                phone.updateServiceLocation(null);
             }
         } finally {
             Binder.restoreCallingIdentity(identity);