Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 126d6831 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "Clear binder identity before querying package information" into rvc-dev

parents ce7c6850 547ef077
Loading
Loading
Loading
Loading
+36 −53
Original line number Original line Diff line number Diff line
@@ -6551,13 +6551,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
                getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
                getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
            // Or ensure calling process is delegatePackage itself.
            // Or ensure calling process is delegatePackage itself.
            } else {
            } else {
                int uid = 0;
                if (!isCallingFromPackage(delegatePackage, callingUid)) {
                try {
                  uid = mInjector.getPackageManager()
                          .getPackageUidAsUser(delegatePackage, userId);
                } catch(NameNotFoundException e) {
                }
                if (uid != callingUid) {
                    throw new SecurityException("Caller with uid " + callingUid + " is not "
                    throw new SecurityException("Caller with uid " + callingUid + " is not "
                            + delegatePackage);
                            + delegatePackage);
                }
                }
@@ -6677,15 +6671,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
            final List<String> scopes = policy.mDelegationMap.get(callerPackage);
            final List<String> scopes = policy.mDelegationMap.get(callerPackage);
            // Check callingUid only if callerPackage has the required scope delegation.
            // Check callingUid only if callerPackage has the required scope delegation.
            if (scopes != null && scopes.contains(scope)) {
            if (scopes != null && scopes.contains(scope)) {
                try {
                    // Retrieve the expected UID for callerPackage.
                    final int uid = mInjector.getPackageManager()
                            .getPackageUidAsUser(callerPackage, userId);
                // Return true if the caller is actually callerPackage.
                // Return true if the caller is actually callerPackage.
                    return uid == callerUid;
                return isCallingFromPackage(callerPackage, callerUid);
                } catch (NameNotFoundException e) {
                    // Ignore.
                }
            }
            }
            return false;
            return false;
        }
        }
@@ -8577,15 +8564,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
    public void clearDeviceOwner(String packageName) {
    public void clearDeviceOwner(String packageName) {
        Objects.requireNonNull(packageName, "packageName is null");
        Objects.requireNonNull(packageName, "packageName is null");
        final int callingUid = mInjector.binderGetCallingUid();
        final int callingUid = mInjector.binderGetCallingUid();
        try {
        if (!isCallingFromPackage(packageName, callingUid)) {
            int uid = mInjector.getPackageManager().getPackageUidAsUser(packageName,
                    UserHandle.getUserId(callingUid));
            if (uid != callingUid) {
            throw new SecurityException("Invalid packageName");
            throw new SecurityException("Invalid packageName");
        }
        }
        } catch (NameNotFoundException e) {
            throw new SecurityException(e);
        }
        synchronized (getLockObject()) {
        synchronized (getLockObject()) {
            final ComponentName deviceOwnerComponent = mOwners.getDeviceOwnerComponent();
            final ComponentName deviceOwnerComponent = mOwners.getDeviceOwnerComponent();
            final int deviceOwnerUserId = mOwners.getDeviceOwnerUserId();
            final int deviceOwnerUserId = mOwners.getDeviceOwnerUserId();
@@ -12299,14 +12280,16 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
                if (ownerPackage == null) {
                if (ownerPackage == null) {
                    ownerPackage = mOwners.getDeviceOwnerPackageName();
                    ownerPackage = mOwners.getDeviceOwnerPackageName();
                }
                }
                final String packageName = ownerPackage;
                PackageManager pm = mInjector.getPackageManager();
                PackageManager pm = mInjector.getPackageManager();
                PackageInfo packageInfo;
                PackageInfo packageInfo = mInjector.binderWithCleanCallingIdentity(() -> {
                    try {
                    try {
                    packageInfo = pm.getPackageInfo(ownerPackage, 0);
                        return pm.getPackageInfo(packageName, 0);
                    } catch (NameNotFoundException e) {
                    } catch (NameNotFoundException e) {
                        Log.e(LOG_TAG, "getPackageInfo error", e);
                        Log.e(LOG_TAG, "getPackageInfo error", e);
                        return null;
                        return null;
                    }
                    }
                });
                if (packageInfo == null) {
                if (packageInfo == null) {
                    Log.e(LOG_TAG, "packageInfo is inexplicably null");
                    Log.e(LOG_TAG, "packageInfo is inexplicably null");
                    return null;
                    return null;
@@ -12871,6 +12854,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
    }
    }
    boolean isPackageInstalledForUser(String packageName, int userHandle) {
    boolean isPackageInstalledForUser(String packageName, int userHandle) {
        return mInjector.binderWithCleanCallingIdentity(() -> {
            try {
            try {
                PackageInfo pi = mInjector.getIPackageManager().getPackageInfo(packageName, 0,
                PackageInfo pi = mInjector.getIPackageManager().getPackageInfo(packageName, 0,
                        userHandle);
                        userHandle);
@@ -12878,6 +12862,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
            } catch (RemoteException re) {
            } catch (RemoteException re) {
                throw new RuntimeException("Package manager has died", re);
                throw new RuntimeException("Package manager has died", re);
            }
            }
        });
    }
    }
    public boolean isRuntimePermission(String permissionName) throws NameNotFoundException {
    public boolean isRuntimePermission(String permissionName) throws NameNotFoundException {
@@ -13942,14 +13927,10 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
            }
            }
            mPackagesToRemove.remove(packageUserPair);
            mPackagesToRemove.remove(packageUserPair);
        }
        }
        try {
        if (!isPackageInstalledForUser(packageName, userId)) {
            if (mInjector.getIPackageManager().getPackageInfo(packageName, 0, userId) == null) {
            // Package does not exist. Nothing to do.
            // Package does not exist. Nothing to do.
            return;
            return;
        }
        }
        } catch (RemoteException re) {
            Log.e(LOG_TAG, "Failure talking to PackageManager while getting package info");
        }
        try { // force stop the package before uninstalling
        try { // force stop the package before uninstalling
            mInjector.getIActivityManager().forceStopPackage(packageName, userId);
            mInjector.getIActivityManager().forceStopPackage(packageName, userId);
@@ -15536,6 +15517,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
    }
    }
    private boolean isCallingFromPackage(String packageName, int callingUid) {
    private boolean isCallingFromPackage(String packageName, int callingUid) {
        return mInjector.binderWithCleanCallingIdentity(() -> {
            try {
            try {
                final int packageUid = mInjector.getPackageManager().getPackageUidAsUser(
                final int packageUid = mInjector.getPackageManager().getPackageUidAsUser(
                        packageName, UserHandle.getUserId(callingUid));
                        packageName, UserHandle.getUserId(callingUid));
@@ -15544,6 +15526,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
                Log.d(LOG_TAG, "Calling package not found", e);
                Log.d(LOG_TAG, "Calling package not found", e);
                return false;
                return false;
            }
            }
        });
    }
    }
    private DevicePolicyConstants loadConstants() {
    private DevicePolicyConstants loadConstants() {