diff options
4 files changed, 21 insertions, 0 deletions
diff --git a/api/system-current.txt b/api/system-current.txt index 4be8905f4fc7..9f892c392260 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -25,6 +25,7 @@ package android { field public static final String BIND_AUGMENTED_AUTOFILL_SERVICE = "android.permission.BIND_AUGMENTED_AUTOFILL_SERVICE"; field @Deprecated public static final String BIND_CONNECTION_SERVICE = "android.permission.BIND_CONNECTION_SERVICE"; field public static final String BIND_CONTENT_CAPTURE_SERVICE = "android.permission.BIND_CONTENT_CAPTURE_SERVICE"; + field public static final String BIND_CONTENT_SUGGESTIONS_SERVICE = "android.permission.BIND_CONTENT_SUGGESTIONS_SERVICE"; field public static final String BIND_DIRECTORY_SEARCH = "android.permission.BIND_DIRECTORY_SEARCH"; field public static final String BIND_EUICC_SERVICE = "android.permission.BIND_EUICC_SERVICE"; field public static final String BIND_IMS_SERVICE = "android.permission.BIND_IMS_SERVICE"; diff --git a/core/java/android/service/contentsuggestions/ContentSuggestionsService.java b/core/java/android/service/contentsuggestions/ContentSuggestionsService.java index 40333bf7709e..28143003fcc4 100644 --- a/core/java/android/service/contentsuggestions/ContentSuggestionsService.java +++ b/core/java/android/service/contentsuggestions/ContentSuggestionsService.java @@ -52,6 +52,10 @@ public abstract class ContentSuggestionsService extends Service { /** * The action for the intent used to define the content suggestions service. + * + * <p>To be supported, the service must also require the + * * {@link android.Manifest.permission#BIND_CONTENT_SUGGESTIONS_SERVICE} permission so + * * that other applications can not abuse it. */ public static final String SERVICE_INTERFACE = "android.service.contentsuggestions.ContentSuggestionsService"; diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index e87295a7a86a..fb2140e0713e 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -3139,6 +3139,14 @@ <permission android:name="android.permission.BIND_CONTENT_CAPTURE_SERVICE" android:protectionLevel="signature" /> + <!-- Must be required by a android.service.contentsuggestions.ContentSuggestionsService, + to ensure that only the system can bind to it. + @SystemApi @hide This is not a third-party API (intended for OEMs and system apps). + <p>Protection level: signature + --> + <permission android:name="android.permission.BIND_CONTENT_SUGGESTIONS_SERVICE" + android:protectionLevel="signature" /> + <!-- Must be required by a android.service.autofill.augmented.AugmentedAutofillService, to ensure that only the system can bind to it. @SystemApi @hide This is not a third-party API (intended for OEMs and system apps). diff --git a/services/contentsuggestions/java/com/android/server/contentsuggestions/ContentSuggestionsPerUserService.java b/services/contentsuggestions/java/com/android/server/contentsuggestions/ContentSuggestionsPerUserService.java index a18686da653e..9b70272ed952 100644 --- a/services/contentsuggestions/java/com/android/server/contentsuggestions/ContentSuggestionsPerUserService.java +++ b/services/contentsuggestions/java/com/android/server/contentsuggestions/ContentSuggestionsPerUserService.java @@ -16,6 +16,7 @@ package com.android.server.contentsuggestions; +import android.Manifest; import android.annotation.NonNull; import android.annotation.Nullable; import android.app.ActivityManager; @@ -73,6 +74,13 @@ public final class ContentSuggestionsPerUserService extends throw new PackageManager.NameNotFoundException( "Could not get service for " + serviceComponent); } + if (!Manifest.permission.BIND_CONTENT_SUGGESTIONS_SERVICE.equals(si.permission)) { + Slog.w(TAG, "ContentSuggestionsService from '" + si.packageName + + "' does not require permission " + + Manifest.permission.BIND_CONTENT_SUGGESTIONS_SERVICE); + throw new SecurityException("Service does not require permission " + + Manifest.permission.BIND_CONTENT_SUGGESTIONS_SERVICE); + } return si; } |