Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 00f103e1 authored by Svet Ganov's avatar Svet Ganov
Browse files

Prevent instant apps to host app widgets 

Test: Added: AppWidgetTest#testInstantAppsCannotProvideAppWidgets
      Added: AppWidgetTest#testInstantAppsCannotHostAppWidgets
      Pass: cts-tradefed run cts -m CtsAppWidgetTestCases
      Pass: cts-tradefed run cts-instant -m CtsAppWidgetTestCases

bug:79663649

Change-Id: If5a97bd058e3f1b6fc70e45027e5f40af8228e77
parent a1aafd77

services/appwidget/java/com/android/server/appwidget/AppWidgetServiceImpl.java

+54 −2
Original line number Diff line number Diff line
@@ -102,7 +102,6 @@ import com.android.internal.appwidget.IAppWidgetService; 
import com.android.internal.os.BackgroundThread;

import com.android.internal.os.SomeArgs;

import com.android.internal.util.ArrayUtils;

import com.android.internal.util.CollectionUtils;

import com.android.internal.util.DumpUtils;

import com.android.internal.util.FastXmlSerializer;

import com.android.internal.widget.IRemoteViewsFactory;
@@ -110,7 +109,6 @@ import com.android.server.LocalServices; 
import com.android.server.WidgetBackupProvider;

import com.android.server.policy.IconUtilities;



import libcore.util.EmptyArray;

import org.xmlpull.v1.XmlPullParser;

import org.xmlpull.v1.XmlPullParserException;

import org.xmlpull.v1.XmlSerializer;
@@ -823,6 +821,12 @@ class AppWidgetServiceImpl extends IAppWidgetService.Stub implements WidgetBacku 
        mSecurityPolicy.enforceCallFromPackage(callingPackage);



        synchronized (mLock) {

            // Instant apps cannot host app widgets.

            if (mSecurityPolicy.isInstantAppLocked(callingPackage, userId)) {

                Slog.w(TAG, "Instant package " + callingPackage + " cannot host app widgets");

                return ParceledListSlice.emptyList();

            }



            ensureGroupStateLoadedLocked(userId);



            // NOTE: The lookup is enforcing security across users by making
@@ -889,6 +893,12 @@ class AppWidgetServiceImpl extends IAppWidgetService.Stub implements WidgetBacku 
        mSecurityPolicy.enforceCallFromPackage(callingPackage);



        synchronized (mLock) {

            // Instant apps cannot host app widgets.

            if (mSecurityPolicy.isInstantAppLocked(callingPackage, userId)) {

                Slog.w(TAG, "Instant package " + callingPackage + " cannot host app widgets");

                return AppWidgetManager.INVALID_APPWIDGET_ID;

            }



            ensureGroupStateLoadedLocked(userId);



            if (mNextAppWidgetIds.indexOfKey(userId) < 0) {
@@ -1620,6 +1630,13 @@ class AppWidgetServiceImpl extends IAppWidgetService.Stub implements WidgetBacku 


    @Override

    public boolean isRequestPinAppWidgetSupported() {

        synchronized (mLock) {

            if (mSecurityPolicy.isCallerInstantAppLocked()) {

                Slog.w(TAG, "Instant uid " + Binder.getCallingUid()

                        + " query information about app widgets");

                return false;

            }

        }

        return LocalServices.getService(ShortcutServiceInternal.class)

                .isRequestPinItemSupported(UserHandle.getCallingUserId(),

                        LauncherApps.PinItemRequest.REQUEST_TYPE_APPWIDGET);
@@ -1670,6 +1687,12 @@ class AppWidgetServiceImpl extends IAppWidgetService.Stub implements WidgetBacku 
        }



        synchronized (mLock) {

            if (mSecurityPolicy.isCallerInstantAppLocked()) {

                Slog.w(TAG, "Instant uid " + Binder.getCallingUid()

                        + " cannot access widget providers");

                return ParceledListSlice.emptyList();

            }



            ensureGroupStateLoadedLocked(userId);



            ArrayList<AppWidgetProviderInfo> result = new ArrayList<AppWidgetProviderInfo>();
@@ -3651,6 +3674,35 @@ class AppWidgetServiceImpl extends IAppWidgetService.Stub implements WidgetBacku 
                    "hasBindAppWidgetPermission packageName=" + packageName);

        }



        public boolean isCallerInstantAppLocked() {

            final int callingUid =  Binder.getCallingUid();

            final long identity = Binder.clearCallingIdentity();

            try {

                final String[] uidPackages = mPackageManager.getPackagesForUid(callingUid);

                if (!ArrayUtils.isEmpty(uidPackages)) {

                    return mPackageManager.isInstantApp(uidPackages[0],

                            UserHandle.getCallingUserId());

                }

            } catch (RemoteException e) {

                /* ignore - same process */

            } finally {

                Binder.restoreCallingIdentity(identity);

            }

            return false;

        }



        public boolean isInstantAppLocked(String packageName, int userId) {

            final long identity = Binder.clearCallingIdentity();

            try {

                return mPackageManager.isInstantApp(packageName, userId);

            } catch (RemoteException e) {

                /* ignore - same process */

            } finally {

                Binder.restoreCallingIdentity(identity);

            }

            return false;

        }



        public void enforceCallFromPackage(String packageName) {

            mAppOpsManager.checkPackage(Binder.getCallingUid(), packageName);

        }