From 142acc56658c68b549cfa3827abad57741f49ef5 Mon Sep 17 00:00:00 2001
From: Brian Delwiche <delwiche@google.com>
Date: Thu, 14 Nov 2024 00:35:48 +0000
Subject: [PATCH] Reset permissions for not bonded device

According to the PBAP specification,
The PSE user shall have to confirm at least the first Phone Book Access
Profile connection from each new PCE.

According to the MAP specification,
The MCE and MSE shall be bonded before setting up a Message Access Profile
connection.

Let's remove the permissions when the device is unbonded.

This is a backport of change ag/30386015 but requires minor changes to
logic.

Flag: EXEMPT, security fix
Bug: 289375038
Bug: 289811388
Test: atest BluetoothInstrumentationTests
Ignore-AOSP-First: security fix
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:968d2a53399e7fba43b6f51b632fafddc7b99e09)
Merged-In: I8b9b29310db2d14e5dfaddc81a682366fbef42d3
Change-Id: I8b9b29310db2d14e5dfaddc81a682366fbef42d3
---
 .../com/android/bluetooth/btservice/BondStateMachine.java  | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/android/app/src/com/android/bluetooth/btservice/BondStateMachine.java b/android/app/src/com/android/bluetooth/btservice/BondStateMachine.java
index 1cbd10d420c..d9fc67f036b 100644
--- a/android/app/src/com/android/bluetooth/btservice/BondStateMachine.java
+++ b/android/app/src/com/android/bluetooth/btservice/BondStateMachine.java
@@ -473,6 +473,13 @@ final class BondStateMachine extends StateMachine {
             }
         }
 
+        if (newState == BluetoothDevice.BOND_NONE) {
+            // Remove the permissions for unbonded devices
+            mAdapterService.setMessageAccessPermission(device, BluetoothDevice.ACCESS_UNKNOWN);
+            mAdapterService.setPhonebookAccessPermission(device, BluetoothDevice.ACCESS_UNKNOWN);
+            mAdapterService.setSimAccessPermission(device, BluetoothDevice.ACCESS_UNKNOWN);
+        }
+
         Intent intent = new Intent(BluetoothDevice.ACTION_BOND_STATE_CHANGED);
         intent.putExtra(BluetoothDevice.EXTRA_DEVICE, device);
         intent.putExtra(BluetoothDevice.EXTRA_BOND_STATE, newState);
-- 
GitLab