diff options
| author | Steve Kondik <shade@chemlab.org> | 2013-06-25 15:34:58 -0700 |
|---|---|---|
| committer | Steve Kondik <shade@chemlab.org> | 2013-06-25 15:34:58 -0700 |
| commit | a08b2419493163832cbb44f8f85dfd36c3203f39 (patch) | |
| tree | f571fae208802499c46860f2e4f58ddd7aa08f9e /services | |
| parent | faf556956cb8d33ef496aff0a897cf26c7ade6e1 (diff) | |
| download | frameworks_base-a08b2419493163832cbb44f8f85dfd36c3203f39.zip frameworks_base-a08b2419493163832cbb44f8f85dfd36c3203f39.tar.gz frameworks_base-a08b2419493163832cbb44f8f85dfd36c3203f39.tar.bz2 | |
privacy guard: Use LocationBlacklist for location filtering
* Google has built a per-package blacklist into the location service.
* Let's use this to handle Privacy Guard instead of our one-off code
which has a bunch of edge cases and can leave apps in a weird state.
Change-Id: I2f2ecd0b75ff51b44b1a6035189355d7bd63eaf4
Diffstat (limited to 'services')
| -rw-r--r-- | services/java/com/android/server/LocationManagerService.java | 58 | ||||
| -rw-r--r-- | services/java/com/android/server/location/LocationBlacklist.java | 10 |
2 files changed, 11 insertions, 57 deletions
diff --git a/services/java/com/android/server/LocationManagerService.java b/services/java/com/android/server/LocationManagerService.java index 4658156..0f08c56 100644 --- a/services/java/com/android/server/LocationManagerService.java +++ b/services/java/com/android/server/LocationManagerService.java @@ -16,7 +16,6 @@ package com.android.server; -import android.app.ActivityManagerNative; import android.app.PendingIntent; import android.content.BroadcastReceiver; import android.content.ContentResolver; @@ -665,20 +664,8 @@ public class LocationManagerService extends ILocationManager.Stub implements Run mProvidersByName.remove(provider.getName()); } - private boolean isPrivacyGuardEnabled(int pid) { - try { - if (ActivityManagerNative.getDefault().isPrivacyGuardEnabledForProcess(pid)) { - Slog.i(TAG, "Location services unavailable under privacy guard for process pid=" + pid); - return true; - } - } catch (RemoteException e) { - // nothing - } - return false; - } private boolean isAllowedBySettingsLocked(String provider, int userId) { - if (userId != mCurrentUserId) { return false; } @@ -839,9 +826,6 @@ public class LocationManagerService extends ILocationManager.Stub implements Run */ @Override public List<String> getProviders(Criteria criteria, boolean enabledOnly) { - if (isPrivacyGuardEnabled(Binder.getCallingPid())) { - return new ArrayList<String>(0); - } int allowedResolutionLevel = getCallerAllowedResolutionLevel(); ArrayList<String> out; int callingUserId = UserHandle.getCallingUserId(); @@ -1240,7 +1224,7 @@ public class LocationManagerService extends ILocationManager.Stub implements Run } boolean isProviderEnabled = isAllowedBySettingsLocked(name, UserHandle.getUserId(uid)); - if (isProviderEnabled && !isPrivacyGuardEnabled(pid)) { + if (isProviderEnabled) { applyRequirementsLocked(name); } else { // Notify the listener that updates are currently disabled @@ -1254,9 +1238,6 @@ public class LocationManagerService extends ILocationManager.Stub implements Run checkPackageName(packageName); final int pid = Binder.getCallingPid(); - if (isPrivacyGuardEnabled(pid)) { - return; - } final int uid = Binder.getCallingUid(); Receiver receiver = checkListenerOrIntent(listener, intent, pid, uid, packageName); @@ -1316,9 +1297,6 @@ public class LocationManagerService extends ILocationManager.Stub implements Run checkResolutionLevelIsSufficientForProviderUse(allowedResolutionLevel, request.getProvider()); // no need to sanitize this request, as only the provider name is used - if (isPrivacyGuardEnabled(Binder.getCallingPid())) { - return null; - } long identity = Binder.clearCallingIdentity(); try { @@ -1371,13 +1349,8 @@ public class LocationManagerService extends ILocationManager.Stub implements Run if (D) Log.d(TAG, "requestGeofence: " + sanitizedRequest + " " + geofence + " " + intent); - if (isPrivacyGuardEnabled(Binder.getCallingPid())) { - return; - } - // geo-fence manager uses the public location API, need to clear identity int uid = Binder.getCallingUid(); - if (UserHandle.getUserId(uid) != UserHandle.USER_OWNER) { // temporary measure until geofences work for secondary users Log.w(TAG, "proximity alerts are currently available only to the primary user"); @@ -1399,10 +1372,6 @@ public class LocationManagerService extends ILocationManager.Stub implements Run if (D) Log.d(TAG, "removeGeofence: " + geofence + " " + intent); - if (isPrivacyGuardEnabled(Binder.getCallingPid())) { - return; - } - // geo-fence manager uses the public location API, need to clear identity long identity = Binder.clearCallingIdentity(); try { @@ -1421,10 +1390,6 @@ public class LocationManagerService extends ILocationManager.Stub implements Run checkResolutionLevelIsSufficientForProviderUse(getCallerAllowedResolutionLevel(), LocationManager.GPS_PROVIDER); - if (isPrivacyGuardEnabled(Binder.getCallingPid())) { - return false; - } - try { mGpsStatusProvider.addGpsStatusListener(listener); } catch (RemoteException e) { @@ -1436,10 +1401,6 @@ public class LocationManagerService extends ILocationManager.Stub implements Run @Override public void removeGpsStatusListener(IGpsStatusListener listener) { - if (isPrivacyGuardEnabled(Binder.getCallingPid())) { - return; - } - synchronized (mLock) { try { mGpsStatusProvider.removeGpsStatusListener(listener); @@ -1458,10 +1419,6 @@ public class LocationManagerService extends ILocationManager.Stub implements Run checkResolutionLevelIsSufficientForProviderUse(getCallerAllowedResolutionLevel(), provider); - if (isPrivacyGuardEnabled(Binder.getCallingPid())) { - return false; - } - // and check for ACCESS_LOCATION_EXTRA_COMMANDS if ((mContext.checkCallingOrSelfPermission(ACCESS_LOCATION_EXTRA_COMMANDS) != PackageManager.PERMISSION_GRANTED)) { @@ -1482,11 +1439,6 @@ public class LocationManagerService extends ILocationManager.Stub implements Run throw new SecurityException( "calling sendNiResponse from outside of the system is not allowed"); } - - if (isPrivacyGuardEnabled(Binder.getCallingPid())) { - return false; - } - try { return mNetInitiatedListener.sendNiResponse(notifId, userResponse); } catch (RemoteException e) { @@ -1509,10 +1461,6 @@ public class LocationManagerService extends ILocationManager.Stub implements Run checkResolutionLevelIsSufficientForProviderUse(getCallerAllowedResolutionLevel(), provider); - if (isPrivacyGuardEnabled(Binder.getCallingPid())) { - return null; - } - LocationProviderInterface p; synchronized (mLock) { p = mProvidersByName.get(provider); @@ -1528,10 +1476,6 @@ public class LocationManagerService extends ILocationManager.Stub implements Run provider); if (LocationManager.FUSED_PROVIDER.equals(provider)) return false; - if (isPrivacyGuardEnabled(Binder.getCallingPid())) { - return false; - } - long identity = Binder.clearCallingIdentity(); try { synchronized (mLock) { diff --git a/services/java/com/android/server/location/LocationBlacklist.java b/services/java/com/android/server/location/LocationBlacklist.java index 2437a37..d080d8d 100644 --- a/services/java/com/android/server/location/LocationBlacklist.java +++ b/services/java/com/android/server/location/LocationBlacklist.java @@ -17,9 +17,11 @@ package com.android.server.location; +import android.app.AppGlobals; import android.content.Context; import android.database.ContentObserver; import android.os.Handler; +import android.os.RemoteException; import android.os.UserHandle; import android.provider.Settings; import android.util.Log; @@ -84,6 +86,14 @@ public final class LocationBlacklist extends ContentObserver { */ public boolean isBlacklisted(String packageName) { synchronized (mLock) { + try { + if (AppGlobals.getPackageManager().getPrivacyGuardSetting(packageName, mCurrentUserId)) { + Log.d(TAG, "dropping location due to privacy guard package=" + packageName); + return true; + } + } catch (RemoteException e) { + // nothing + } for (String black : mBlacklist) { if (packageName.startsWith(black)) { if (inWhitelist(packageName)) { |