Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 013e3748 authored by Kholoud Mohamed's avatar Kholoud Mohamed Committed by Automerger Merge Worker
Browse files

Merge "Fix security vulnerability in DPMS" into sc-dev am: 58d0a178

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/14919135

Change-Id: Ia405b5ed58d9eca1d4b8431f5adc52d565e6a1c3
parents bce57b1f 58d0a178
Loading
Loading
Loading
Loading
+4 −0
Original line number Diff line number Diff line
@@ -13088,6 +13088,10 @@ public class DevicePolicyManager {
     * @see #getCrossProfileCalendarPackages(ComponentName)
     * @hide
     */
    @RequiresPermission(anyOf = {
            permission.INTERACT_ACROSS_USERS_FULL,
            permission.INTERACT_ACROSS_USERS
    }, conditional = true)
    public boolean isPackageAllowedToAccessCalendar(@NonNull  String packageName) {
        throwIfParentInstance("isPackageAllowedToAccessCalendar");
        if (mService != null) {
+14 −1
Original line number Diff line number Diff line
@@ -16067,7 +16067,20 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
        Preconditions.checkArgumentNonnegative(userHandle, "Invalid userId");
        final CallerIdentity caller = getCallerIdentity();
        Preconditions.checkCallAuthorization(hasCrossUsersPermission(caller, userHandle));
        final int packageUid = mInjector.binderWithCleanCallingIdentity(() -> {
            try {
                return mInjector.getPackageManager().getPackageUidAsUser(packageName, userHandle);
            } catch (NameNotFoundException e) {
                Slogf.w(LOG_TAG, e,
                        "Couldn't find package %s in user %d", packageName, userHandle);
                return -1;
            }
        });
        if (caller.getUid() != packageUid) {
            Preconditions.checkCallAuthorization(
                    hasCallingOrSelfPermission(permission.INTERACT_ACROSS_USERS)
                            || hasCallingOrSelfPermission(permission.INTERACT_ACROSS_USERS_FULL));
        }
        synchronized (getLockObject()) {
            if (mInjector.settingsSecureGetIntForUser(
+31 −0
Original line number Diff line number Diff line
@@ -6524,6 +6524,8 @@ public class DevicePolicyManagerTest extends DpmTestBase {
        when(getServices().settings.settingsSecureGetIntForUser(
                Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED,
                0, CALLER_USER_HANDLE)).thenReturn(1);
        mContext.permissions.add(permission.INTERACT_ACROSS_USERS);

        assertThat(dpm.isPackageAllowedToAccessCalendar("TEST_PACKAGE")).isFalse();
    }

@@ -6535,6 +6537,8 @@ public class DevicePolicyManagerTest extends DpmTestBase {
        when(getServices().settings.settingsSecureGetIntForUser(
                Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED,
                0, CALLER_USER_HANDLE)).thenReturn(0);
        mContext.permissions.add(permission.INTERACT_ACROSS_USERS);

        assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isFalse();
    }

@@ -6546,6 +6550,33 @@ public class DevicePolicyManagerTest extends DpmTestBase {
        when(getServices().settings.settingsSecureGetIntForUser(
                Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED,
                0, CALLER_USER_HANDLE)).thenReturn(1);
        mContext.permissions.add(permission.INTERACT_ACROSS_USERS);

        assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isTrue();
    }

    @Test
    public void testIsPackageAllowedToAccessCalendar_requiresPermission() {
        final String testPackage = "TEST_PACKAGE";

        assertExpectException(SecurityException.class, /* messageRegex= */ null,
                () -> dpm.isPackageAllowedToAccessCalendar(testPackage));
    }

    @Test
    public void testIsPackageAllowedToAccessCalendar_samePackageAndSameUser_noPermissionRequired()
            throws Exception {
        final String testPackage = "TEST_PACKAGE";
        setAsProfileOwner(admin1);
        dpm.setCrossProfileCalendarPackages(admin1, null);
        when(getServices().settings.settingsSecureGetIntForUser(
                Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED,
                0, CALLER_USER_HANDLE)).thenReturn(1);
        doReturn(mContext.binder.callingUid)
                .when(getServices().packageManager).getPackageUidAsUser(
                eq(testPackage),
                anyInt());

        assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isTrue();
    }