diff options
| author | TreeHugger Robot <treehugger-gerrit@google.com> | 2019-04-04 18:14:43 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2019-04-04 18:14:43 +0000 |
| commit | a3630a97076a1c43ab7a78584be981a620d50f4f (patch) | |
| tree | a952f73377ede105690528b966c7763588edaceb | |
| parent | 3841ec1593beb4478f4cc04b7698275c9534e926 (diff) | |
| parent | 6eae4a6a60d9a4303c7a47b792437cb5bbb8f27f (diff) | |
Merge "Prevent accessing companion records from arbitrary uids"
| -rw-r--r-- | core/res/AndroidManifest.xml | 5 | ||||
| -rw-r--r-- | packages/Shell/AndroidManifest.xml | 1 | ||||
| -rw-r--r-- | services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java | 5 |
3 files changed, 11 insertions, 0 deletions
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index fb92fbfd8eb7..c7a60cf39964 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -3440,6 +3440,11 @@ <permission android:name="android.permission.OBSERVE_ROLE_HOLDERS" android:protectionLevel="signature|installer" /> + <!-- Allows an application to manage the companion devices. + @hide --> + <permission android:name="android.permission.MANAGE_COMPANION_DEVICES" + android:protectionLevel="signature" /> + <!-- @SystemApi Allows an application to use SurfaceFlinger's low level features. <p>Not for use by third-party applications. @hide diff --git a/packages/Shell/AndroidManifest.xml b/packages/Shell/AndroidManifest.xml index 2a9456dd723c..6ac2b3024600 100644 --- a/packages/Shell/AndroidManifest.xml +++ b/packages/Shell/AndroidManifest.xml @@ -178,6 +178,7 @@ <uses-permission android:name="android.permission.READ_CLIPBOARD_IN_BACKGROUND" /> <!-- Permission needed to wipe the device for Test Harness Mode --> <uses-permission android:name="android.permission.ENABLE_TEST_HARNESS_MODE" /> + <uses-permission android:name="android.permission.MANAGE_COMPANION_DEVICES" /> <uses-permission android:name="android.permission.MANAGE_APPOPS" /> diff --git a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java index a3e7d3685100..e9c38501643e 100644 --- a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java +++ b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java @@ -657,6 +657,11 @@ public class CompanionDeviceManagerService extends SystemService implements Bind + "associate USER_ID PACKAGE MAC_ADDRESS\n" + "disassociate USER_ID PACKAGE MAC_ADDRESS"; + ShellCmd() { + getContext().enforceCallingOrSelfPermission( + android.Manifest.permission.MANAGE_COMPANION_DEVICES, "ShellCmd"); + } + @Override public int onCommand(String cmd) { switch (cmd) { |