Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 09e13055 authored by Sumedh Sen's avatar Sumedh Sen
Browse files

[RESTRICT AUTOMERGE] Check cross user permissions for a given UID 

Instead of relying on Context#checkCallingOrSelfPermission, explicitly
check permissions against a given UID. However, to maintain legacy
behavior, replace custom UIDs with Binder.getCallingUid when enforcing
permissions from a method.

Also update tests affected by this change - by adding methods to mocked
objects

Bug: 350456241

Test: sts-tradefed run sts-dynamic-develop -m CtsSecurityTestCases -t android.security.cts.ContentProviderMultiUserTests#testAccessFromInitialUser --user-type PRIMARY

Test: sts-tradefed run sts-dynamic-develop -m CtsSecurityTestCases -t android.security.cts.ContentProviderMultiUserTests --user-type SECONDARY

Change-Id: Ib31cabff5714500471bd397c743e127c85751a5c
Merged-In: Ib31cabff5714500471bd397c743e127c85751a5c
parent ec5b02f0

services/core/java/com/android/server/pm/ComputerEngine.java

+12 −7
Original line number Diff line number Diff line
@@ -619,11 +619,11 @@ public class ComputerEngine implements Computer { 
            String resolvedType, @PackageManager.ResolveInfoFlagsBits long flags, int userId,

            int callingUid, boolean includeInstantApps) {

        if (!mUserManager.exists(userId)) return Collections.emptyList();

        enforceCrossUserOrProfilePermission(callingUid,

        enforceCrossUserOrProfilePermission(Binder.getCallingUid(),

                userId,

                false /*requireFullPermission*/,

                false /*checkShell*/,

                "query intent receivers");

                "query intent services");

        final String instantAppPkgName = getInstantAppPackageName(callingUid);

        flags = updateFlagsForResolve(flags, userId, callingUid, includeInstantApps,

                false /* isImplicitImageCaptureIntentAndNotSetByDpc */);
@@ -2426,10 +2426,10 @@ public class ComputerEngine implements Computer { 
            return true;

        }

        if (requireFullPermission) {

            return hasPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL);

            return hasPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingUid);

        }

        return hasPermission(android.Manifest.permission.INTERACT_ACROSS_USERS_FULL)

                || hasPermission(Manifest.permission.INTERACT_ACROSS_USERS);

        return hasPermission(android.Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingUid)

            || hasPermission(Manifest.permission.INTERACT_ACROSS_USERS, callingUid);

    }



    /**
@@ -2445,6 +2445,11 @@ public class ComputerEngine implements Computer { 
                == PackageManager.PERMISSION_GRANTED;

    }



    private boolean hasPermission(String permission, int uid) {

        return mContext.checkPermission(permission, /* pid= */ -1, uid)

                == PackageManager.PERMISSION_GRANTED;

    }



    public final boolean isCallerSameApp(String packageName, int uid) {

        if (Process.isSdkSandboxUid(uid)) {

            return (packageName != null
@@ -4684,7 +4689,7 @@ public class ComputerEngine implements Computer { 
        final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0;



        enforceCrossUserPermission(

                callingUid,

                Binder.getCallingUid(),

                userId,

                false /* requireFullPermission */,

                false /* checkShell */,
@@ -5208,7 +5213,7 @@ public class ComputerEngine implements Computer { 
    @Override

    public int getComponentEnabledSetting(@NonNull ComponentName component, int callingUid,

            @UserIdInt int userId) {

        enforceCrossUserPermission(callingUid, userId, false /*requireFullPermission*/,

        enforceCrossUserPermission(Binder.getCallingUid(), userId, false /*requireFullPermission*/,

                false /*checkShell*/, "getComponentEnabled");

        return getComponentEnabledSettingInternal(component, callingUid, userId);

    }

services/tests/PackageManagerComponentOverrideTests/src/com/android/server/pm/test/override/PackageManagerComponentLabelIconOverrideTest.kt

+5 −0
Original line number Diff line number Diff line
@@ -44,6 +44,7 @@ import org.junit.BeforeClass 
import org.junit.Test

import org.junit.runner.RunWith

import org.junit.runners.Parameterized

import org.mockito.ArgumentMatchers.eq

import org.mockito.Mockito.any

import org.mockito.Mockito.anyInt

import org.mockito.Mockito.doReturn
@@ -374,6 +375,10 @@ class PackageManagerComponentLabelIconOverrideTest { 
                    android.Manifest.permission.INTERACT_ACROSS_USERS_FULL)) {

                PackageManager.PERMISSION_GRANTED

            }

            whenever(this.checkPermission(

                eq(android.Manifest.permission.INTERACT_ACROSS_USERS_FULL), anyInt(), anyInt())) {

                PackageManager.PERMISSION_GRANTED

            }

        }

        val mockSharedLibrariesImpl: SharedLibrariesImpl = mock {

            whenever(this.snapshot()) { this@mock }