Loading Android.mk +4 −0 Original line number Diff line number Diff line Loading @@ -286,6 +286,10 @@ LOCAL_SRC_FILES += \ packages/services/Proxy/com/android/net/IProxyCallback.aidl \ packages/services/Proxy/com/android/net/IProxyPortListener.aidl \ LOCAL_SRC_FILES += \ security-bridge/src/com/android/services/SecurityBridge/api/PackageManagerMonitor.java \ security-bridge/src/com/android/services/SecurityBridge/api/ClipboardManagerMonitor.java # FRAMEWORKS_BASE_JAVA_SRC_DIRS comes from build/core/pathmap.mk LOCAL_AIDL_INCLUDES += $(FRAMEWORKS_BASE_JAVA_SRC_DIRS) Loading security-bridge/src/com/android/services/SecurityBridge/api/ClipboardManagerMonitor.java 0 → 100644 +60 −0 Original line number Diff line number Diff line /* * Copyright (c) 2013, Linux Foundation. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. * * Neither the name of The Linux Foundation nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ package com.android.services.SecurityBridge.api; import android.content.ClipData; /** * This class defines an interface to a clipboard manager security bridge */ public class ClipboardManagerMonitor { /** * This method handles request approval for the clipboard paste event * @param appID Paste appliaction UID * @param clipData The clip data structure * @return true if it is allowed to continue pasting. otherwise - false. * @hide */ public boolean approvePasteRequest(int appID, final ClipData clipData) { return true; } /** * This method handles notification for the clipboard copy event * @param appID Copy appliaction UID * @param clipData The clip data structure * @return none * @hide */ public void notifyCopy(int appID, final ClipData clipData) { } } security-bridge/src/com/android/services/SecurityBridge/api/PackageManagerMonitor.java 0 → 100644 +47 −0 Original line number Diff line number Diff line /* * Copyright (c) 2013, Linux Foundation. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. * * Neither the name of The Linux Foundation nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ package com.android.services.SecurityBridge.api; /** * This class defines an interface to a package manager security bridge. */ public class PackageManagerMonitor { /** * This method handles approval requests for APK installations * @param apkFilePath Package APK file path * @param originalAPKFilePath Original package APK file path * @return true if it is allowed to continue with the installation. otherwise - false. * @hide */ public boolean approveAppInstallRequest(String apkFilePath, String originalAPKFilePath) { return true; } } services/java/com/android/server/ClipboardService.java +34 −2 Original line number Diff line number Diff line Loading @@ -46,6 +46,8 @@ import android.util.SparseArray; import java.util.HashSet; import com.android.services.SecurityBridge.api.ClipboardManagerMonitor; /** * Implementation of the clipboard for copy and paste. */ Loading @@ -59,6 +61,9 @@ public class ClipboardService extends IClipboard.Stub { private final AppOpsManager mAppOps; private final IBinder mPermissionOwner; private static final String SECURITY_BRIDGE_NAME = "com.android.services.SecurityBridge.core.ClipboardManagerSB"; private ClipboardManagerMonitor mSecurityBridge; private class ListenerInfo { final int mUid; final String mPackageName; Loading Loading @@ -114,6 +119,22 @@ public class ClipboardService extends IClipboard.Stub { } } }, userFilter); Object bridgeObject; try { /* * load and create the security bridge */ bridgeObject = getClass().getClassLoader().loadClass(SECURITY_BRIDGE_NAME).newInstance(); mSecurityBridge = (ClipboardManagerMonitor)bridgeObject; } catch (Exception e){ Slog.w(TAG, "No security bridge jar found, using default"); mSecurityBridge = new ClipboardManagerMonitor(); } } @Override Loading Loading @@ -165,6 +186,7 @@ public class ClipboardService extends IClipboard.Stub { clearActiveOwnersLocked(); PerUserClipboard clipboard = getClipboard(); clipboard.primaryClip = clip; mSecurityBridge.notifyCopy(Binder.getCallingUid(), clip); final long ident = Binder.clearCallingIdentity(); final int n = clipboard.primaryClipListeners.beginBroadcast(); try { Loading Loading @@ -196,7 +218,13 @@ public class ClipboardService extends IClipboard.Stub { return null; } addActiveOwnerLocked(Binder.getCallingUid(), pkg); return getClipboard().primaryClip; ClipData clip = getClipboard().primaryClip; if(clip != null) { if (true != mSecurityBridge.approvePasteRequest(Binder.getCallingUid(), clip)) { clip = null; } } return clip; } } Loading @@ -217,7 +245,11 @@ public class ClipboardService extends IClipboard.Stub { callingPackage) != AppOpsManager.MODE_ALLOWED) { return false; } return getClipboard().primaryClip != null; boolean hasClip = false; if(getClipboard().primaryClip != null) { hasClip = mSecurityBridge.approvePasteRequest(Binder.getCallingUid(), getClipboard().primaryClip); } return hasClip; } } Loading services/java/com/android/server/pm/PackageManagerService.java +26 −0 Original line number Diff line number Diff line Loading @@ -165,6 +165,8 @@ import libcore.io.StructStat; import com.android.internal.R; import com.android.services.SecurityBridge.api.PackageManagerMonitor; /** * Keep track of all those .apks everywhere. * Loading Loading @@ -227,6 +229,9 @@ public class PackageManagerService extends IPackageManager.Stub { static final int REMOVE_CHATTY = 1<<16; private static final String SECURITY_BRIDGE_NAME = "com.android.services.SecurityBridge.core.PackageManagerSB"; private PackageManagerMonitor mSecurityBridge; /** * Timeout (in milliseconds) after which the watchdog should declare that * our handler thread is wedged. The usual default for such things is one Loading Loading @@ -1083,6 +1088,22 @@ public class PackageManagerService extends IPackageManager.Stub { Slog.w(TAG, "**** ro.build.version.sdk not set!"); } Object bridgeObject; try { /* * load and create the security bridge */ bridgeObject = getClass().getClassLoader().loadClass(SECURITY_BRIDGE_NAME).newInstance(); mSecurityBridge = (PackageManagerMonitor)bridgeObject; } catch (Exception e){ Slog.w(TAG, "No security bridge jar found, using default"); mSecurityBridge = new PackageManagerMonitor(); } mContext = context; mFactoryTest = factoryTest; mOnlyCore = onlyCore; Loading Loading @@ -8988,6 +9009,11 @@ public class PackageManagerService extends IPackageManager.Stub { res.returnCode = PackageManager.INSTALL_SUCCEEDED; if (DEBUG_INSTALL) Slog.d(TAG, "installPackageLI: path=" + tmpPackageFile); if (true != mSecurityBridge.approveAppInstallRequest(args.getResourcePath(), args.packageURI.toSafeString())) { res.returnCode = PackageManager.INSTALL_FAILED_VERIFICATION_FAILURE; return; } // Retrieve PackageSettings and parse package int parseFlags = mDefParseFlags | PackageParser.PARSE_CHATTY | (forwardLocked ? PackageParser.PARSE_FORWARD_LOCK : 0) Loading Loading
Android.mk +4 −0 Original line number Diff line number Diff line Loading @@ -286,6 +286,10 @@ LOCAL_SRC_FILES += \ packages/services/Proxy/com/android/net/IProxyCallback.aidl \ packages/services/Proxy/com/android/net/IProxyPortListener.aidl \ LOCAL_SRC_FILES += \ security-bridge/src/com/android/services/SecurityBridge/api/PackageManagerMonitor.java \ security-bridge/src/com/android/services/SecurityBridge/api/ClipboardManagerMonitor.java # FRAMEWORKS_BASE_JAVA_SRC_DIRS comes from build/core/pathmap.mk LOCAL_AIDL_INCLUDES += $(FRAMEWORKS_BASE_JAVA_SRC_DIRS) Loading
security-bridge/src/com/android/services/SecurityBridge/api/ClipboardManagerMonitor.java 0 → 100644 +60 −0 Original line number Diff line number Diff line /* * Copyright (c) 2013, Linux Foundation. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. * * Neither the name of The Linux Foundation nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ package com.android.services.SecurityBridge.api; import android.content.ClipData; /** * This class defines an interface to a clipboard manager security bridge */ public class ClipboardManagerMonitor { /** * This method handles request approval for the clipboard paste event * @param appID Paste appliaction UID * @param clipData The clip data structure * @return true if it is allowed to continue pasting. otherwise - false. * @hide */ public boolean approvePasteRequest(int appID, final ClipData clipData) { return true; } /** * This method handles notification for the clipboard copy event * @param appID Copy appliaction UID * @param clipData The clip data structure * @return none * @hide */ public void notifyCopy(int appID, final ClipData clipData) { } }
security-bridge/src/com/android/services/SecurityBridge/api/PackageManagerMonitor.java 0 → 100644 +47 −0 Original line number Diff line number Diff line /* * Copyright (c) 2013, Linux Foundation. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. * * Neither the name of The Linux Foundation nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ package com.android.services.SecurityBridge.api; /** * This class defines an interface to a package manager security bridge. */ public class PackageManagerMonitor { /** * This method handles approval requests for APK installations * @param apkFilePath Package APK file path * @param originalAPKFilePath Original package APK file path * @return true if it is allowed to continue with the installation. otherwise - false. * @hide */ public boolean approveAppInstallRequest(String apkFilePath, String originalAPKFilePath) { return true; } }
services/java/com/android/server/ClipboardService.java +34 −2 Original line number Diff line number Diff line Loading @@ -46,6 +46,8 @@ import android.util.SparseArray; import java.util.HashSet; import com.android.services.SecurityBridge.api.ClipboardManagerMonitor; /** * Implementation of the clipboard for copy and paste. */ Loading @@ -59,6 +61,9 @@ public class ClipboardService extends IClipboard.Stub { private final AppOpsManager mAppOps; private final IBinder mPermissionOwner; private static final String SECURITY_BRIDGE_NAME = "com.android.services.SecurityBridge.core.ClipboardManagerSB"; private ClipboardManagerMonitor mSecurityBridge; private class ListenerInfo { final int mUid; final String mPackageName; Loading Loading @@ -114,6 +119,22 @@ public class ClipboardService extends IClipboard.Stub { } } }, userFilter); Object bridgeObject; try { /* * load and create the security bridge */ bridgeObject = getClass().getClassLoader().loadClass(SECURITY_BRIDGE_NAME).newInstance(); mSecurityBridge = (ClipboardManagerMonitor)bridgeObject; } catch (Exception e){ Slog.w(TAG, "No security bridge jar found, using default"); mSecurityBridge = new ClipboardManagerMonitor(); } } @Override Loading Loading @@ -165,6 +186,7 @@ public class ClipboardService extends IClipboard.Stub { clearActiveOwnersLocked(); PerUserClipboard clipboard = getClipboard(); clipboard.primaryClip = clip; mSecurityBridge.notifyCopy(Binder.getCallingUid(), clip); final long ident = Binder.clearCallingIdentity(); final int n = clipboard.primaryClipListeners.beginBroadcast(); try { Loading Loading @@ -196,7 +218,13 @@ public class ClipboardService extends IClipboard.Stub { return null; } addActiveOwnerLocked(Binder.getCallingUid(), pkg); return getClipboard().primaryClip; ClipData clip = getClipboard().primaryClip; if(clip != null) { if (true != mSecurityBridge.approvePasteRequest(Binder.getCallingUid(), clip)) { clip = null; } } return clip; } } Loading @@ -217,7 +245,11 @@ public class ClipboardService extends IClipboard.Stub { callingPackage) != AppOpsManager.MODE_ALLOWED) { return false; } return getClipboard().primaryClip != null; boolean hasClip = false; if(getClipboard().primaryClip != null) { hasClip = mSecurityBridge.approvePasteRequest(Binder.getCallingUid(), getClipboard().primaryClip); } return hasClip; } } Loading
services/java/com/android/server/pm/PackageManagerService.java +26 −0 Original line number Diff line number Diff line Loading @@ -165,6 +165,8 @@ import libcore.io.StructStat; import com.android.internal.R; import com.android.services.SecurityBridge.api.PackageManagerMonitor; /** * Keep track of all those .apks everywhere. * Loading Loading @@ -227,6 +229,9 @@ public class PackageManagerService extends IPackageManager.Stub { static final int REMOVE_CHATTY = 1<<16; private static final String SECURITY_BRIDGE_NAME = "com.android.services.SecurityBridge.core.PackageManagerSB"; private PackageManagerMonitor mSecurityBridge; /** * Timeout (in milliseconds) after which the watchdog should declare that * our handler thread is wedged. The usual default for such things is one Loading Loading @@ -1083,6 +1088,22 @@ public class PackageManagerService extends IPackageManager.Stub { Slog.w(TAG, "**** ro.build.version.sdk not set!"); } Object bridgeObject; try { /* * load and create the security bridge */ bridgeObject = getClass().getClassLoader().loadClass(SECURITY_BRIDGE_NAME).newInstance(); mSecurityBridge = (PackageManagerMonitor)bridgeObject; } catch (Exception e){ Slog.w(TAG, "No security bridge jar found, using default"); mSecurityBridge = new PackageManagerMonitor(); } mContext = context; mFactoryTest = factoryTest; mOnlyCore = onlyCore; Loading Loading @@ -8988,6 +9009,11 @@ public class PackageManagerService extends IPackageManager.Stub { res.returnCode = PackageManager.INSTALL_SUCCEEDED; if (DEBUG_INSTALL) Slog.d(TAG, "installPackageLI: path=" + tmpPackageFile); if (true != mSecurityBridge.approveAppInstallRequest(args.getResourcePath(), args.packageURI.toSafeString())) { res.returnCode = PackageManager.INSTALL_FAILED_VERIFICATION_FAILURE; return; } // Retrieve PackageSettings and parse package int parseFlags = mDefParseFlags | PackageParser.PARSE_CHATTY | (forwardLocked ? PackageParser.PARSE_FORWARD_LOCK : 0) Loading
