Use PEERS_MAC_ADDRESS permission instead of isSystemProcess

A signature-level permission PEERS_MAC_ADDRESS was added to support a
use-case when SystemUI should be able to get the list of WiFi scan results for
Quick Settings. even when location is turned off in Settings.

Bug: 22777873
Bug: 21852542
Bug: 22728628
Change-Id: I68b42725ca5bc81f035f7e351070e5b7c5ff3050
diff --git a/service/java/com/android/server/wifi/WifiServiceImpl.java b/service/java/com/android/server/wifi/WifiServiceImpl.java
index 5420ba8..1b52a45 100644
--- a/service/java/com/android/server/wifi/WifiServiceImpl.java
+++ b/service/java/com/android/server/wifi/WifiServiceImpl.java
@@ -947,14 +947,15 @@
         enforceAccessPermission();
         int userId = UserHandle.getCallingUserId();
         int uid = Binder.getCallingUid();
-        boolean isSystemProcess = (UserHandle.getAppId(uid) == android.os.Process.SYSTEM_UID);
+        boolean canReadPeerMacAddresses = checkPeersMacAddress();
         boolean hasInteractUsersFull = checkInteractAcrossUsersFull();
         long ident = Binder.clearCallingIdentity();
-        if (!isSystemProcess && !isLocationEnabled()) {
-            return new ArrayList<ScanResult>();
-        }
         try {
-            if (!isSystemProcess && !checkCallerHasLocationPermission(callingPackage, uid)) {
+            if (!canReadPeerMacAddresses && !isLocationEnabled()) {
+                return new ArrayList<ScanResult>();
+            }
+            if (!canReadPeerMacAddresses
+                    && !checkCallerHasLocationPermission(callingPackage, uid)) {
                 return new ArrayList<ScanResult>();
             }
             if (mAppOps.noteOp(AppOpsManager.OP_WIFI_SCAN, uid, callingPackage)
@@ -985,6 +986,14 @@
     }
 
     /**
+     * Returns true if the caller holds PEERS_MAC_ADDRESS.
+     */
+    private boolean checkPeersMacAddress() {
+        return mContext.checkCallingOrSelfPermission(
+                android.Manifest.permission.PEERS_MAC_ADDRESS) == PackageManager.PERMISSION_GRANTED;
+    }
+
+    /**
      * Returns true if the calling user is the current one or a profile of the
      * current user..
      */