Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 130738f1 authored by Martijn Coenen's avatar Martijn Coenen
Browse files

Handle supplemental UIDs in package/UID verification. 

Supplemental UIDs are processes that are spawned alongside regular app
processes. These supplemental processes all share the same package name;
allow this package name when verifying packageName / UID combinations
for the supplemental UID range.

Bug: 215012578
Test: atest AppOpsTests CtsAppOpsTestCases
Change-Id: I10df1eff13b789caca91826d997c8c6e1cf241ed
parent ccfec228

services/core/java/com/android/server/appop/AppOpsService.java

+20 −0
Original line number Diff line number Diff line
@@ -4549,6 +4549,26 @@ public class AppOpsService extends IAppOpsService.Stub { 
            return new PackageVerificationResult(null,

                    /* isAttributionTagValid */ true);

        }

        if (Process.isSupplemental(uid)) {

            // Supplemental processes run in their own UID range, but their associated

            // UID for checks should always be the UID of the supplemental package.

            // TODO: We will need to modify the callers of this function instead, so

            // modifications and checks against the app ops state are done with the

            // correct UID.

            try {

                final PackageManager pm = mContext.getPackageManager();

                final String supplementalPackageName = pm.getSupplementalProcessPackageName();

                if (Objects.equals(packageName, supplementalPackageName)) {

                    int supplementalAppId = pm.getPackageUid(supplementalPackageName,

                            PackageManager.PackageInfoFlags.of(0));

                    uid = UserHandle.getUid(UserHandle.getUserId(uid), supplementalAppId);

                }

            } catch (PackageManager.NameNotFoundException e) {

                // Shouldn't happen for the supplemental package

                e.printStackTrace();

            }

        }





        // Do not check if uid/packageName/attributionTag is already known.

        synchronized (this) {