Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0273969a authored by arangelov's avatar arangelov
Browse files

Protect getPersistentDataPackageName with ACCESS_PDB_STATE 

Fixes: 216528992
Test: none
Change-Id: I4f326c25b56e0c31746267a269f0b99c87798951
parent 9aaf48a2

core/api/system-current.txt

+1 −1
Original line number Diff line number Diff line
@@ -10880,7 +10880,7 @@ package android.service.persistentdata { 
    method @android.service.persistentdata.PersistentDataBlockManager.FlashLockState @RequiresPermission(anyOf={android.Manifest.permission.READ_OEM_UNLOCK_STATE, "android.permission.OEM_UNLOCK_STATE"}) public int getFlashLockState();

    method public long getMaximumDataBlockSize();

    method @Deprecated @RequiresPermission(anyOf={android.Manifest.permission.READ_OEM_UNLOCK_STATE, "android.permission.OEM_UNLOCK_STATE"}) public boolean getOemUnlockEnabled();

    method @NonNull public String getPersistentDataPackageName();

    method @NonNull @RequiresPermission(android.Manifest.permission.ACCESS_PDB_STATE) public String getPersistentDataPackageName();

    method public byte[] read();

    method @Deprecated @RequiresPermission("android.permission.OEM_UNLOCK_STATE") public void setOemUnlockEnabled(boolean);

    method @RequiresPermission("android.permission.OEM_UNLOCK_STATE") public void wipe();

core/java/android/app/SystemServiceRegistry.java

+3 −4
Original line number Diff line number Diff line
@@ -1019,15 +1019,14 @@ public final class SystemServiceRegistry { 
            }});



        registerService(Context.PERSISTENT_DATA_BLOCK_SERVICE, PersistentDataBlockManager.class,

                new CachedServiceFetcher<PersistentDataBlockManager>() {

                new StaticServiceFetcher<PersistentDataBlockManager>() {

            @Override

            public PersistentDataBlockManager createService(ContextImpl ctx)

                    throws ServiceNotFoundException {

            public PersistentDataBlockManager createService() throws ServiceNotFoundException {

                IBinder b = ServiceManager.getServiceOrThrow(Context.PERSISTENT_DATA_BLOCK_SERVICE);

                IPersistentDataBlockService persistentDataBlockService =

                        IPersistentDataBlockService.Stub.asInterface(b);

                if (persistentDataBlockService != null) {

                    return new PersistentDataBlockManager(ctx, persistentDataBlockService);

                    return new PersistentDataBlockManager(persistentDataBlockService);

                } else {

                    // not supported

                    return null;

core/java/android/service/persistentdata/IPersistentDataBlockService.aidl

+1 −0
Original line number Diff line number Diff line
@@ -37,5 +37,6 @@ interface IPersistentDataBlockService { 
    boolean getOemUnlockEnabled();

    int getFlashLockState();

    boolean hasFrpCredentialHandle();

    String getPersistentDataPackageName();

}

core/java/android/service/persistentdata/PersistentDataBlockManager.java

+7 −8
Original line number Diff line number Diff line
@@ -26,8 +26,6 @@ import android.content.Context; 
import android.os.RemoteException;

import android.service.oemlock.OemLockManager;



import com.android.internal.R;



import java.lang.annotation.Retention;

import java.lang.annotation.RetentionPolicy;
@@ -53,7 +51,6 @@ import java.lang.annotation.RetentionPolicy; 
@SystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE)

public class PersistentDataBlockManager {

    private static final String TAG = PersistentDataBlockManager.class.getSimpleName();

    private final Context mContext;

    private IPersistentDataBlockService sService;



    /**
@@ -78,10 +75,7 @@ public class PersistentDataBlockManager { 
    public @interface FlashLockState {}



    /** @hide */

    public PersistentDataBlockManager(

            Context context,

            IPersistentDataBlockService service) {

        mContext = context;

    public PersistentDataBlockManager(IPersistentDataBlockService service) {

        sService = service;

    }
@@ -219,7 +213,12 @@ public class PersistentDataBlockManager { 
     */

    @SystemApi

    @NonNull

    @RequiresPermission(android.Manifest.permission.ACCESS_PDB_STATE)

    public String getPersistentDataPackageName() {

        return mContext.getString(R.string.config_persistentDataPackageName);

        try {

            return sService.getPersistentDataPackageName();

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

    }

}

services/core/java/com/android/server/PersistentDataBlockService.java

+6 −0
Original line number Diff line number Diff line
@@ -673,6 +673,12 @@ public class PersistentDataBlockService extends SystemService { 
                throw new UnsupportedOperationException("cannot read frp credential");

            }

        }



        @Override

        public String getPersistentDataPackageName() {

            enforcePersistentDataBlockAccess();

            return mContext.getString(R.string.config_persistentDataPackageName);

        }

    };



    private PersistentDataBlockManagerInternal mInternalService =