Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0e6240f8 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "Respect app-ops permission in FileIntegrityService" into rvc-dev

parents 2939486f b07f4854

core/java/android/app/SystemServiceRegistry.java

+1 −1
Original line number Diff line number Diff line
@@ -1310,7 +1310,7 @@ public final class SystemServiceRegistry { 
                            throws ServiceNotFoundException {

                        IBinder b = ServiceManager.getServiceOrThrow(

                                Context.FILE_INTEGRITY_SERVICE);

                        return new FileIntegrityManager(

                        return new FileIntegrityManager(ctx.getOuterContext(),

                                IFileIntegrityService.Stub.asInterface(b));

                    }});

        //CHECKSTYLE:ON IndentationCheck

core/java/android/security/FileIntegrityManager.java

+5 −2
Original line number Diff line number Diff line
@@ -31,9 +31,11 @@ import java.security.cert.X509Certificate; 
@SystemService(Context.FILE_INTEGRITY_SERVICE)

public final class FileIntegrityManager {

    @NonNull private final IFileIntegrityService mService;

    @NonNull private final Context mContext;



    /** @hide */

    public FileIntegrityManager(@NonNull IFileIntegrityService service) {

    public FileIntegrityManager(@NonNull Context context, @NonNull IFileIntegrityService service) {

        mContext = context;

        mService = service;

    }
@@ -69,7 +71,8 @@ public final class FileIntegrityManager { 
    public boolean isAppSourceCertificateTrusted(@NonNull X509Certificate certificate)

            throws CertificateEncodingException {

        try {

            return mService.isAppSourceCertificateTrusted(certificate.getEncoded());

            return mService.isAppSourceCertificateTrusted(

                    certificate.getEncoded(), mContext.getOpPackageName());

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

core/java/android/security/IFileIntegrityService.aidl

+1 −1
Original line number Diff line number Diff line
@@ -22,5 +22,5 @@ package android.security; 
 */

interface IFileIntegrityService {

    boolean isApkVeritySupported();

    boolean isAppSourceCertificateTrusted(in byte[] certificateBytes);

    boolean isAppSourceCertificateTrusted(in byte[] certificateBytes, in String packageName);

}

services/core/java/com/android/server/security/FileIntegrityService.java

+32 −11
Original line number Diff line number Diff line
@@ -18,14 +18,19 @@ package com.android.server.security; 


import android.annotation.NonNull;

import android.annotation.Nullable;

import android.app.AppOpsManager;

import android.content.Context;

import android.content.pm.PackageManager;

import android.content.pm.PackageManagerInternal;

import android.os.Binder;

import android.os.Build;

import android.os.IBinder;

import android.os.SystemProperties;

import android.os.UserHandle;

import android.security.IFileIntegrityService;

import android.util.Slog;



import com.android.server.LocalServices;

import com.android.server.SystemService;



import java.io.ByteArrayInputStream;
@@ -58,10 +63,10 @@ public class FileIntegrityService extends SystemService { 
        }



        @Override

        public boolean isAppSourceCertificateTrusted(@Nullable byte[] certificateBytes) {

            enforceAnyCallingPermissions(

                    android.Manifest.permission.REQUEST_INSTALL_PACKAGES,

                    android.Manifest.permission.INSTALL_PACKAGES);

        public boolean isAppSourceCertificateTrusted(@Nullable byte[] certificateBytes,

                @NonNull String packageName) {

            checkCallerPermission(packageName);



            try {

                if (!isApkVeritySupported()) {

                    return false;
@@ -77,14 +82,30 @@ public class FileIntegrityService extends SystemService { 
            }

        }



        private void enforceAnyCallingPermissions(String ...permissions) {

            for (String permission : permissions) {

                if (getContext().checkCallingPermission(permission)

        private void checkCallerPermission(String packageName) {

            final int callingUid = Binder.getCallingUid();

            final int callingUserId = UserHandle.getUserId(callingUid);

            final PackageManagerInternal packageManager =

                    LocalServices.getService(PackageManagerInternal.class);

            final int packageUid = packageManager.getPackageUid(

                    packageName, 0 /*flag*/, callingUserId);

            if (callingUid != packageUid) {

                throw new SecurityException(

                        "Calling uid " + callingUid + " does not own package " + packageName);

            }



            if (getContext().checkCallingPermission(android.Manifest.permission.INSTALL_PACKAGES)

                    == PackageManager.PERMISSION_GRANTED) {

                return;

            }



            final AppOpsManager appOpsManager = getContext().getSystemService(AppOpsManager.class);

            final int mode = appOpsManager.checkOpNoThrow(

                    AppOpsManager.OP_REQUEST_INSTALL_PACKAGES, callingUid, packageName);

            if (mode != AppOpsManager.MODE_ALLOWED) {

                throw new SecurityException(

                        "Caller should have INSTALL_PACKAGES or REQUEST_INSTALL_PACKAGES");

            }

            throw new SecurityException("Insufficient permission");

        }

    };