Project-1CE/frameworks_base - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2021-04-21	Annotations for Bluetooth broadcast intents.	Jeff Sharkey
	Recent work has been using Error Prone rules and annotations to reflect the current state of permission enforcement across the Bluetooth stack, and we're now in a position were we can add new permission enforcement that had been missing. We've currently standardized on saying that APIs that return device or Bluetooth state information (without sharing details about any particular remote Bluetooth device) do not need to be permission protected. Bug: 183626724 Test: ./build/soong/soong_ui.bash --make-mode Bluetooth RUN_ERROR_PRONE=true Change-Id: I53ac7a4fe1dea57316048c3cac4fa237b6ba3d38
2021-04-16	More Bluetooth API annotation updates.	Jeff Sharkey
	This change adds a "BluetoothPermissionChecker" that ensures that all Bluetooth permission annotations are consistent. In addition, it verifies that all Bluetooth public APIs have been audited to be permission protected where relevant. We've currently standardized on saying that APIs that return device or Bluetooth state information (without sharing details about any particular remote Bluetooth device) do not need to be permission protected. This change is only annotations and has no behavior changes. Bug: 183626724 Test: ./build/soong/soong_ui.bash --make-mode Bluetooth RUN_ERROR_PRONE=true Change-Id: Ie80b15b058359bf1e9a6ee881b89cb3e5b584ca1
2021-04-14	Error Prone for RequiresPermission across AIDL.	Jeff Sharkey
	We've had @RequiresPermission annotations across public APIs for many years, but we've never built out the tooling to validate that the service implementations actually enforced those permissions. This change adds an Error Prone checker that does bi-directional validation of these annotations, confirming that AIDL implementations enforce the permissions, and that AIDL callers carry those annotations through any indirect call-paths. Currently, enforcement validation is best-effort, since it assumes that any enforcement referencing the annotated permissions is enough to pass; it doesn't attempt any code flow analysis. It also doesn't understand concepts like Binder.clearCallingIdentity(). To begin using this checker, simply begin annotating your AIDL files using a strategy like this: @JavaPassthrough(annotation="@android.annotation.RequiresPermission(android.Manifest.permission.BLUETOOTH_PRIVILEGED)") void aidlMethod(); Bug: 183626724 Test: atest error_prone_android_framework_test:RequiresPermissionCheckerTest Change-Id: I26a872f07ab13931c241cbb02ff7228edf7dc3b9