CONFIGURED_NETWORKS_CHANGED_ACTION: stop sending WifiConfiguration and require ACCESS_WIFI_STATE permission

WifiConfiguration contains sensitive location
information. Stop sending this information in the
broadcast intent. Also require receivers to have
the ACCESS_WIFI_STATE permission.

Bug: 158874479
Test: Add logs locally in Settings to verify broadcast is received.
Test: Verify Settings still works correctly.
Test: atest FrameworksWifiTests
Change-Id: I657063f68701d57cfeb3765dfbab25ba50ef7b97

1 files changed, 15 insertions, 27 deletions

diff --git a/service/java/com/android/server/wifi/WifiConfigManager.java b/service/java/com/android/server/wifi/WifiConfigManager.java
index 6b88f7165..99de9277e 100644
--- a/service/java/com/android/server/wifi/WifiConfigManager.java
+++ b/service/java/com/android/server/wifi/WifiConfigManager.java
@@ -18,6 +18,7 @@ package com.android.server.wifi;
 
 import static android.net.wifi.WifiConfiguration.NetworkSelectionStatus.DISABLE_REASON_INFOS;
 
+import android.Manifest;
 import android.annotation.NonNull;
 import android.annotation.Nullable;
 import android.app.ActivityManager;
@@ -834,35 +835,23 @@ public class WifiConfigManager {
     }
 
     /**
-     * Method to send out the configured networks change broadcast when a single network
-     * configuration is changed.
+     * Method to send out the configured networks change broadcast when network configurations
+     * changed.
+     *
+     * In Android R we stopped sending out WifiConfiguration due to user privacy concerns.
+     * Thus, no matter how many networks changed,
+     * {@link WifiManager#EXTRA_MULTIPLE_NETWORKS_CHANGED} is always set to true, and
+     * {@link WifiManager#EXTRA_WIFI_CONFIGURATION} is always null.
      *
-     * @param network WifiConfiguration corresponding to the network that was changed.
      * @param reason  The reason for the change, should be one of WifiManager.CHANGE_REASON_ADDED,
      *                WifiManager.CHANGE_REASON_REMOVED, or WifiManager.CHANGE_REASON_CHANGE.
      */
-    private void sendConfiguredNetworkChangedBroadcast(
-            WifiConfiguration network, int reason) {
-        Intent intent = new Intent(WifiManager.CONFIGURED_NETWORKS_CHANGED_ACTION);
-        intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY_BEFORE_BOOT);
-        intent.putExtra(WifiManager.EXTRA_MULTIPLE_NETWORKS_CHANGED, false);
-        // Create a new WifiConfiguration with passwords masked before we send it out.
-        WifiConfiguration broadcastNetwork = new WifiConfiguration(network);
-        maskPasswordsInWifiConfiguration(broadcastNetwork);
-        intent.putExtra(WifiManager.EXTRA_WIFI_CONFIGURATION, broadcastNetwork);
-        intent.putExtra(WifiManager.EXTRA_CHANGE_REASON, reason);
-        mContext.sendBroadcastAsUser(intent, UserHandle.ALL);
-    }
-
-    /**
-     * Method to send out the configured networks change broadcast when multiple network
-     * configurations are changed.
-     */
-    private void sendConfiguredNetworksChangedBroadcast() {
+    private void sendConfiguredNetworkChangedBroadcast(int reason) {
         Intent intent = new Intent(WifiManager.CONFIGURED_NETWORKS_CHANGED_ACTION);
         intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY_BEFORE_BOOT);
         intent.putExtra(WifiManager.EXTRA_MULTIPLE_NETWORKS_CHANGED, true);
-        mContext.sendBroadcastAsUser(intent, UserHandle.ALL);
+        intent.putExtra(WifiManager.EXTRA_CHANGE_REASON, reason);
+        mContext.sendBroadcastAsUser(intent, UserHandle.ALL, Manifest.permission.ACCESS_WIFI_STATE);
     }
 
     /**
@@ -1376,7 +1365,6 @@ public class WifiConfigManager {
         }
         WifiConfiguration newConfig = getInternalConfiguredNetwork(result.getNetworkId());
         sendConfiguredNetworkChangedBroadcast(
-                newConfig,
                 result.isNewNetwork()
                         ? WifiManager.CHANGE_REASON_ADDED
                         : WifiManager.CHANGE_REASON_CONFIG_CHANGE);
@@ -1475,7 +1463,7 @@ public class WifiConfigManager {
         if (!config.ephemeral && !config.isPasspoint()) {
             mLruConnectionTracker.removeNetwork(config);
         }
-        sendConfiguredNetworkChangedBroadcast(config, WifiManager.CHANGE_REASON_REMOVED);
+        sendConfiguredNetworkChangedBroadcast(WifiManager.CHANGE_REASON_REMOVED);
         // Unless the removed network is ephemeral or Passpoint, persist the network removal.
         if (!config.ephemeral && !config.isPasspoint()) {
             saveToStore(true);
@@ -1688,7 +1676,7 @@ public class WifiConfigManager {
      */
     private void setNetworkStatus(WifiConfiguration config, int status) {
         config.status = status;
-        sendConfiguredNetworkChangedBroadcast(config, WifiManager.CHANGE_REASON_CONFIG_CHANGE);
+        sendConfiguredNetworkChangedBroadcast(WifiManager.CHANGE_REASON_CONFIG_CHANGE);
     }
 
     /**
@@ -1949,7 +1937,7 @@ public class WifiConfigManager {
             removeConnectChoiceFromAllNetworks(config.getKey());
             clearNetworkConnectChoice(config.networkId);
         }
-        sendConfiguredNetworkChangedBroadcast(config, WifiManager.CHANGE_REASON_CONFIG_CHANGE);
+        sendConfiguredNetworkChangedBroadcast(WifiManager.CHANGE_REASON_CONFIG_CHANGE);
         if (!config.ephemeral) {
             saveToStore(true);
         }
@@ -3056,7 +3044,7 @@ public class WifiConfigManager {
         // on load (i.e. boot) so that if the user changed SIMs while the device was powered off,
         // we do not reuse stale credentials that would lead to authentication failure.
         resetSimNetworks();
-        sendConfiguredNetworksChangedBroadcast();
+        sendConfiguredNetworkChangedBroadcast(WifiManager.CHANGE_REASON_ADDED);
         mPendingStoreRead = false;
     }