Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 11bb6fbc authored by Sanjana Sunil's avatar Sanjana Sunil
Browse files

Do not verify client app uid and package when stopping the sandbox 

The sandbox could be stopped after the app process was killed from an
uninstall. The check that verifies that a client app uid belongs to a
given package name could fail if app was being uninstalled. Remove the
check when stopping the sandbox.

Bug: 272046491
Test: Run sdksandbox tests
Change-Id: I6b25344cd02454c19ffa0beeff18bda02041a1af
parent 9397e311

services/core/java/com/android/server/am/ActivityManagerService.java

+6 −3
Original line number Diff line number Diff line
@@ -17246,6 +17246,9 @@ public class ActivityManagerService extends IActivityManager.Stub 
        public ComponentName startSdkSandboxService(Intent service, int clientAppUid,

                String clientAppPackage, String processName) throws RemoteException {

            validateSdkSandboxParams(service, clientAppUid, clientAppPackage, processName);

            if (mAppOpsService.checkPackage(clientAppUid, clientAppPackage) != MODE_ALLOWED) {

                throw new IllegalArgumentException("uid does not belong to provided package");

            }

            // TODO(b/269598719): Is passing the application thread of the system_server alright?

            // e.g. the sandbox getting privileged access due to this.

            ComponentName cn = ActivityManagerService.this.startService(
@@ -17312,6 +17315,9 @@ public class ActivityManagerService extends IActivityManager.Stub 
                String processName, long flags)

                throws RemoteException {

            validateSdkSandboxParams(service, clientAppUid, clientAppPackage, processName);

            if (mAppOpsService.checkPackage(clientAppUid, clientAppPackage) != MODE_ALLOWED) {

                throw new IllegalArgumentException("uid does not belong to provided package");

            }

            if (conn == null) {

                throw new IllegalArgumentException("connection is null");

            }
@@ -17364,9 +17370,6 @@ public class ActivityManagerService extends IActivityManager.Stub 
            if (!UserHandle.isApp(clientAppUid)) {

                throw new IllegalArgumentException("uid is not within application range");

            }

            if (mAppOpsService.checkPackage(clientAppUid, clientAppPackage) != MODE_ALLOWED) {

                throw new IllegalArgumentException("uid does not belong to provided package");

            }

        }















        @Override