Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +36 −53 Original line number Original line Diff line number Diff line Loading @@ -6551,13 +6551,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); // Or ensure calling process is delegatePackage itself. // Or ensure calling process is delegatePackage itself. } else { } else { int uid = 0; if (!isCallingFromPackage(delegatePackage, callingUid)) { try { uid = mInjector.getPackageManager() .getPackageUidAsUser(delegatePackage, userId); } catch(NameNotFoundException e) { } if (uid != callingUid) { throw new SecurityException("Caller with uid " + callingUid + " is not " throw new SecurityException("Caller with uid " + callingUid + " is not " + delegatePackage); + delegatePackage); } } Loading Loading @@ -6677,15 +6671,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final List<String> scopes = policy.mDelegationMap.get(callerPackage); final List<String> scopes = policy.mDelegationMap.get(callerPackage); // Check callingUid only if callerPackage has the required scope delegation. // Check callingUid only if callerPackage has the required scope delegation. if (scopes != null && scopes.contains(scope)) { if (scopes != null && scopes.contains(scope)) { try { // Retrieve the expected UID for callerPackage. final int uid = mInjector.getPackageManager() .getPackageUidAsUser(callerPackage, userId); // Return true if the caller is actually callerPackage. // Return true if the caller is actually callerPackage. return uid == callerUid; return isCallingFromPackage(callerPackage, callerUid); } catch (NameNotFoundException e) { // Ignore. } } } return false; return false; } } Loading Loading @@ -8577,15 +8564,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { public void clearDeviceOwner(String packageName) { public void clearDeviceOwner(String packageName) { Objects.requireNonNull(packageName, "packageName is null"); Objects.requireNonNull(packageName, "packageName is null"); final int callingUid = mInjector.binderGetCallingUid(); final int callingUid = mInjector.binderGetCallingUid(); try { if (!isCallingFromPackage(packageName, callingUid)) { int uid = mInjector.getPackageManager().getPackageUidAsUser(packageName, UserHandle.getUserId(callingUid)); if (uid != callingUid) { throw new SecurityException("Invalid packageName"); throw new SecurityException("Invalid packageName"); } } } catch (NameNotFoundException e) { throw new SecurityException(e); } synchronized (getLockObject()) { synchronized (getLockObject()) { final ComponentName deviceOwnerComponent = mOwners.getDeviceOwnerComponent(); final ComponentName deviceOwnerComponent = mOwners.getDeviceOwnerComponent(); final int deviceOwnerUserId = mOwners.getDeviceOwnerUserId(); final int deviceOwnerUserId = mOwners.getDeviceOwnerUserId(); Loading Loading @@ -12299,14 +12280,16 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (ownerPackage == null) { if (ownerPackage == null) { ownerPackage = mOwners.getDeviceOwnerPackageName(); ownerPackage = mOwners.getDeviceOwnerPackageName(); } } final String packageName = ownerPackage; PackageManager pm = mInjector.getPackageManager(); PackageManager pm = mInjector.getPackageManager(); PackageInfo packageInfo; PackageInfo packageInfo = mInjector.binderWithCleanCallingIdentity(() -> { try { try { packageInfo = pm.getPackageInfo(ownerPackage, 0); return pm.getPackageInfo(packageName, 0); } catch (NameNotFoundException e) { } catch (NameNotFoundException e) { Log.e(LOG_TAG, "getPackageInfo error", e); Log.e(LOG_TAG, "getPackageInfo error", e); return null; return null; } } }); if (packageInfo == null) { if (packageInfo == null) { Log.e(LOG_TAG, "packageInfo is inexplicably null"); Log.e(LOG_TAG, "packageInfo is inexplicably null"); return null; return null; Loading Loading @@ -12871,6 +12854,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } boolean isPackageInstalledForUser(String packageName, int userHandle) { boolean isPackageInstalledForUser(String packageName, int userHandle) { return mInjector.binderWithCleanCallingIdentity(() -> { try { try { PackageInfo pi = mInjector.getIPackageManager().getPackageInfo(packageName, 0, PackageInfo pi = mInjector.getIPackageManager().getPackageInfo(packageName, 0, userHandle); userHandle); Loading @@ -12878,6 +12862,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } catch (RemoteException re) { } catch (RemoteException re) { throw new RuntimeException("Package manager has died", re); throw new RuntimeException("Package manager has died", re); } } }); } } public boolean isRuntimePermission(String permissionName) throws NameNotFoundException { public boolean isRuntimePermission(String permissionName) throws NameNotFoundException { Loading Loading @@ -13942,14 +13927,10 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } mPackagesToRemove.remove(packageUserPair); mPackagesToRemove.remove(packageUserPair); } } try { if (!isPackageInstalledForUser(packageName, userId)) { if (mInjector.getIPackageManager().getPackageInfo(packageName, 0, userId) == null) { // Package does not exist. Nothing to do. // Package does not exist. Nothing to do. return; return; } } } catch (RemoteException re) { Log.e(LOG_TAG, "Failure talking to PackageManager while getting package info"); } try { // force stop the package before uninstalling try { // force stop the package before uninstalling mInjector.getIActivityManager().forceStopPackage(packageName, userId); mInjector.getIActivityManager().forceStopPackage(packageName, userId); Loading Loading @@ -15536,6 +15517,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } private boolean isCallingFromPackage(String packageName, int callingUid) { private boolean isCallingFromPackage(String packageName, int callingUid) { return mInjector.binderWithCleanCallingIdentity(() -> { try { try { final int packageUid = mInjector.getPackageManager().getPackageUidAsUser( final int packageUid = mInjector.getPackageManager().getPackageUidAsUser( packageName, UserHandle.getUserId(callingUid)); packageName, UserHandle.getUserId(callingUid)); Loading @@ -15544,6 +15526,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Log.d(LOG_TAG, "Calling package not found", e); Log.d(LOG_TAG, "Calling package not found", e); return false; return false; } } }); } } private DevicePolicyConstants loadConstants() { private DevicePolicyConstants loadConstants() { Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +36 −53 Original line number Original line Diff line number Diff line Loading @@ -6551,13 +6551,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); // Or ensure calling process is delegatePackage itself. // Or ensure calling process is delegatePackage itself. } else { } else { int uid = 0; if (!isCallingFromPackage(delegatePackage, callingUid)) { try { uid = mInjector.getPackageManager() .getPackageUidAsUser(delegatePackage, userId); } catch(NameNotFoundException e) { } if (uid != callingUid) { throw new SecurityException("Caller with uid " + callingUid + " is not " throw new SecurityException("Caller with uid " + callingUid + " is not " + delegatePackage); + delegatePackage); } } Loading Loading @@ -6677,15 +6671,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final List<String> scopes = policy.mDelegationMap.get(callerPackage); final List<String> scopes = policy.mDelegationMap.get(callerPackage); // Check callingUid only if callerPackage has the required scope delegation. // Check callingUid only if callerPackage has the required scope delegation. if (scopes != null && scopes.contains(scope)) { if (scopes != null && scopes.contains(scope)) { try { // Retrieve the expected UID for callerPackage. final int uid = mInjector.getPackageManager() .getPackageUidAsUser(callerPackage, userId); // Return true if the caller is actually callerPackage. // Return true if the caller is actually callerPackage. return uid == callerUid; return isCallingFromPackage(callerPackage, callerUid); } catch (NameNotFoundException e) { // Ignore. } } } return false; return false; } } Loading Loading @@ -8577,15 +8564,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { public void clearDeviceOwner(String packageName) { public void clearDeviceOwner(String packageName) { Objects.requireNonNull(packageName, "packageName is null"); Objects.requireNonNull(packageName, "packageName is null"); final int callingUid = mInjector.binderGetCallingUid(); final int callingUid = mInjector.binderGetCallingUid(); try { if (!isCallingFromPackage(packageName, callingUid)) { int uid = mInjector.getPackageManager().getPackageUidAsUser(packageName, UserHandle.getUserId(callingUid)); if (uid != callingUid) { throw new SecurityException("Invalid packageName"); throw new SecurityException("Invalid packageName"); } } } catch (NameNotFoundException e) { throw new SecurityException(e); } synchronized (getLockObject()) { synchronized (getLockObject()) { final ComponentName deviceOwnerComponent = mOwners.getDeviceOwnerComponent(); final ComponentName deviceOwnerComponent = mOwners.getDeviceOwnerComponent(); final int deviceOwnerUserId = mOwners.getDeviceOwnerUserId(); final int deviceOwnerUserId = mOwners.getDeviceOwnerUserId(); Loading Loading @@ -12299,14 +12280,16 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (ownerPackage == null) { if (ownerPackage == null) { ownerPackage = mOwners.getDeviceOwnerPackageName(); ownerPackage = mOwners.getDeviceOwnerPackageName(); } } final String packageName = ownerPackage; PackageManager pm = mInjector.getPackageManager(); PackageManager pm = mInjector.getPackageManager(); PackageInfo packageInfo; PackageInfo packageInfo = mInjector.binderWithCleanCallingIdentity(() -> { try { try { packageInfo = pm.getPackageInfo(ownerPackage, 0); return pm.getPackageInfo(packageName, 0); } catch (NameNotFoundException e) { } catch (NameNotFoundException e) { Log.e(LOG_TAG, "getPackageInfo error", e); Log.e(LOG_TAG, "getPackageInfo error", e); return null; return null; } } }); if (packageInfo == null) { if (packageInfo == null) { Log.e(LOG_TAG, "packageInfo is inexplicably null"); Log.e(LOG_TAG, "packageInfo is inexplicably null"); return null; return null; Loading Loading @@ -12871,6 +12854,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } boolean isPackageInstalledForUser(String packageName, int userHandle) { boolean isPackageInstalledForUser(String packageName, int userHandle) { return mInjector.binderWithCleanCallingIdentity(() -> { try { try { PackageInfo pi = mInjector.getIPackageManager().getPackageInfo(packageName, 0, PackageInfo pi = mInjector.getIPackageManager().getPackageInfo(packageName, 0, userHandle); userHandle); Loading @@ -12878,6 +12862,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } catch (RemoteException re) { } catch (RemoteException re) { throw new RuntimeException("Package manager has died", re); throw new RuntimeException("Package manager has died", re); } } }); } } public boolean isRuntimePermission(String permissionName) throws NameNotFoundException { public boolean isRuntimePermission(String permissionName) throws NameNotFoundException { Loading Loading @@ -13942,14 +13927,10 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } mPackagesToRemove.remove(packageUserPair); mPackagesToRemove.remove(packageUserPair); } } try { if (!isPackageInstalledForUser(packageName, userId)) { if (mInjector.getIPackageManager().getPackageInfo(packageName, 0, userId) == null) { // Package does not exist. Nothing to do. // Package does not exist. Nothing to do. return; return; } } } catch (RemoteException re) { Log.e(LOG_TAG, "Failure talking to PackageManager while getting package info"); } try { // force stop the package before uninstalling try { // force stop the package before uninstalling mInjector.getIActivityManager().forceStopPackage(packageName, userId); mInjector.getIActivityManager().forceStopPackage(packageName, userId); Loading Loading @@ -15536,6 +15517,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } private boolean isCallingFromPackage(String packageName, int callingUid) { private boolean isCallingFromPackage(String packageName, int callingUid) { return mInjector.binderWithCleanCallingIdentity(() -> { try { try { final int packageUid = mInjector.getPackageManager().getPackageUidAsUser( final int packageUid = mInjector.getPackageManager().getPackageUidAsUser( packageName, UserHandle.getUserId(callingUid)); packageName, UserHandle.getUserId(callingUid)); Loading @@ -15544,6 +15526,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Log.d(LOG_TAG, "Calling package not found", e); Log.d(LOG_TAG, "Calling package not found", e); return false; return false; } } }); } } private DevicePolicyConstants loadConstants() { private DevicePolicyConstants loadConstants() {
