Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +66 −20 Original line number Original line Diff line number Diff line Loading @@ -80,6 +80,7 @@ import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WIFI; import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WINDOWS; import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WINDOWS; import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WIPE_DATA; import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WIPE_DATA; import static android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS; import static android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS; import static android.Manifest.permission.MASTER_CLEAR; import static android.Manifest.permission.QUERY_ADMIN_POLICY; import static android.Manifest.permission.QUERY_ADMIN_POLICY; import static android.Manifest.permission.REQUEST_PASSWORD_COMPLEXITY; import static android.Manifest.permission.REQUEST_PASSWORD_COMPLEXITY; import static android.Manifest.permission.SET_TIME; import static android.Manifest.permission.SET_TIME; Loading Loading @@ -7552,9 +7553,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { boolean calledByProfileOwnerOnOrgOwnedDevice = boolean calledByProfileOwnerOnOrgOwnedDevice = isProfileOwnerOfOrganizationOwnedDevice(caller.getUserId()); isProfileOwnerOfOrganizationOwnedDevice(caller.getUserId()); if (isPolicyEngineForFinanceFlagEnabled()) { if (isPolicyEngineForFinanceFlagEnabled()) { EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin( EnforcingAdmin enforcingAdmin = enforcePermissionsAndGetEnforcingAdmin( /*admin=*/ null, /*admin=*/ null, /*permission= */ MANAGE_DEVICE_POLICY_WIPE_DATA, /*permission=*/ new String[]{MANAGE_DEVICE_POLICY_WIPE_DATA, MASTER_CLEAR}, USES_POLICY_WIPE_DATA, USES_POLICY_WIPE_DATA, caller.getPackageName(), caller.getPackageName(), factoryReset ? UserHandle.USER_ALL : getAffectedUser(calledOnParentInstance)); factoryReset ? UserHandle.USER_ALL : getAffectedUser(calledOnParentInstance)); Loading @@ -7576,12 +7577,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { admin = getActiveAdminWithPolicyForUidLocked(/* who= */ null, admin = getActiveAdminWithPolicyForUidLocked(/* who= */ null, DeviceAdminInfo.USES_POLICY_WIPE_DATA, caller.getUid()); DeviceAdminInfo.USES_POLICY_WIPE_DATA, caller.getUid()); } } } Preconditions.checkCallAuthorization( Preconditions.checkCallAuthorization( (admin != null) || hasCallingOrSelfPermission(permission.MASTER_CLEAR), (admin != null) || hasCallingOrSelfPermission(permission.MASTER_CLEAR), "No active admin for user %d and caller %d does not hold MASTER_CLEAR permission", "No active admin for user %d and caller %d does not hold MASTER_CLEAR " + "permission", caller.getUserId(), caller.getUid()); caller.getUserId(), caller.getUid()); } checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_WIPE_DATA); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_WIPE_DATA); if (TextUtils.isEmpty(wipeReasonForUser)) { if (TextUtils.isEmpty(wipeReasonForUser)) { Loading Loading @@ -7836,15 +7838,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } else { } else { // Explicit behaviour // Explicit behaviour if (factoryReset) { if (factoryReset) { // TODO(b/254031494) Replace with new factory reset permission checks EnforcingAdmin enforcingAdmin = enforcePermissionsAndGetEnforcingAdmin( if (!isPermissionCheckFlagEnabled()) { /*admin=*/ null, boolean hasPermission = isDeviceOwnerUserId(userId) /*permission=*/ new String[]{MANAGE_DEVICE_POLICY_WIPE_DATA, || (isOrganizationOwnedDeviceWithManagedProfile() MASTER_CLEAR}, && calledOnParentInstance); USES_POLICY_WIPE_DATA, Preconditions.checkCallAuthorization(hasPermission, adminPackage, "Admin %s does not have permission to factory reset the device.", factoryReset ? UserHandle.USER_ALL : userId); getAffectedUser(calledOnParentInstance)); } wipeDevice = true; wipeDevice = true; } else { } else { Preconditions.checkCallAuthorization(!isSystemUser, Preconditions.checkCallAuthorization(!isSystemUser, Loading Loading @@ -23224,6 +23225,28 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return getEnforcingAdminForCaller(admin, callerPackageName); return getEnforcingAdminForCaller(admin, callerPackageName); } } /** * Checks if the calling process has been granted permission to apply a device policy on a * specific user. Only one permission provided in the list needs to be granted to pass this * check. * The given permissions will be checked along with their associated cross-user permissions if * they exist and the target user is different to the calling user. * Returns an {@link EnforcingAdmin} for the caller. * * @param admin the component name of the admin. * @param callerPackageName The package name of the calling application. * @param permissions The names of the permissions being checked. * @param deviceAdminPolicy The userId of the user which the caller needs permission to act on. * @throws SecurityException if the caller has not been granted the given permission, * the associated cross-user permission if the caller's user is different to the target user. */ private EnforcingAdmin enforcePermissionsAndGetEnforcingAdmin(@Nullable ComponentName admin, String[] permissions, int deviceAdminPolicy, String callerPackageName, int targetUserId) { enforcePermissions(permissions, deviceAdminPolicy, callerPackageName, targetUserId); return getEnforcingAdminForCaller(admin, callerPackageName); } /** /** * Checks whether the calling process has been granted permission to query a device policy on * Checks whether the calling process has been granted permission to query a device policy on * a specific user. * a specific user. Loading Loading @@ -23270,12 +23293,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { /** /** * Checks if the calling process has been granted permission to apply a device policy on a * Checks if the calling process has been granted permission to apply a device policy on a * specific user. * specific user. Only one permission provided in the list needs to be granted to pass this * The given permission will be checked along with its associated cross-user permission if it * check. * exists and the target user is different to the calling user. * The given permissions will be checked along with their associated cross-user permissions if * they exists and the target user is different to the calling user. * * * @param callerPackageName The package name of the calling application. * @param callerPackageName The package name of the calling application. * @param permission The name of the permission being checked. * @param permissions The names of the permissions being checked. * @param targetUserId The userId of the user which the caller needs permission to act on. * @param targetUserId The userId of the user which the caller needs permission to act on. * @throws SecurityException if the caller has not been granted the given permission, * @throws SecurityException if the caller has not been granted the given permission, * the associated cross-user permission if the caller's user is different to the target user. * the associated cross-user permission if the caller's user is different to the target user. Loading Loading @@ -23339,6 +23363,27 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { enforcePermission(permission, callerPackageName, targetUserId); enforcePermission(permission, callerPackageName, targetUserId); } } /** * Checks if the calling process has been granted permission to apply a device policy on a * specific user. * The given permission will be checked along with its associated cross-user permission if it * exists and the target user is different to the calling user. * * @param callerPackageName The package name of the calling application. * @param adminPolicy The admin policy that should grant holders permission. * @param permission The name of the permission being checked. * @param targetUserId The userId of the user which the caller needs permission to act on. * @throws SecurityException if the caller has not been granted the given permission, * the associated cross-user permission if the caller's user is different to the target user. */ private void enforcePermissions(String[] permissions, int adminPolicy, String callerPackageName, int targetUserId) throws SecurityException { if (hasAdminPolicy(adminPolicy, callerPackageName)) { return; } enforcePermissions(permissions, callerPackageName, targetUserId); } /** /** * Checks whether the calling process has been granted permission to query a device policy on * Checks whether the calling process has been granted permission to query a device policy on * a specific user. * a specific user. Loading Loading @@ -23466,7 +23511,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { // Check for non-DPC active admins. // Check for non-DPC active admins. admin = getActiveAdminForCaller(who, caller); admin = getActiveAdminForCaller(who, caller); if (admin != null) { if (admin != null) { return EnforcingAdmin.createDeviceAdminEnforcingAdmin(who, userId, admin); return EnforcingAdmin.createDeviceAdminEnforcingAdmin(admin.info.getComponent(), userId, admin); } } admin = getUserData(userId).createOrGetPermissionBasedAdmin(userId); admin = getUserData(userId).createOrGetPermissionBasedAdmin(userId); return EnforcingAdmin.createEnforcingAdmin(caller.getPackageName(), userId, admin); return EnforcingAdmin.createEnforcingAdmin(caller.getPackageName(), userId, admin); Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +66 −20 Original line number Original line Diff line number Diff line Loading @@ -80,6 +80,7 @@ import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WIFI; import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WINDOWS; import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WINDOWS; import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WIPE_DATA; import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WIPE_DATA; import static android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS; import static android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS; import static android.Manifest.permission.MASTER_CLEAR; import static android.Manifest.permission.QUERY_ADMIN_POLICY; import static android.Manifest.permission.QUERY_ADMIN_POLICY; import static android.Manifest.permission.REQUEST_PASSWORD_COMPLEXITY; import static android.Manifest.permission.REQUEST_PASSWORD_COMPLEXITY; import static android.Manifest.permission.SET_TIME; import static android.Manifest.permission.SET_TIME; Loading Loading @@ -7552,9 +7553,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { boolean calledByProfileOwnerOnOrgOwnedDevice = boolean calledByProfileOwnerOnOrgOwnedDevice = isProfileOwnerOfOrganizationOwnedDevice(caller.getUserId()); isProfileOwnerOfOrganizationOwnedDevice(caller.getUserId()); if (isPolicyEngineForFinanceFlagEnabled()) { if (isPolicyEngineForFinanceFlagEnabled()) { EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin( EnforcingAdmin enforcingAdmin = enforcePermissionsAndGetEnforcingAdmin( /*admin=*/ null, /*admin=*/ null, /*permission= */ MANAGE_DEVICE_POLICY_WIPE_DATA, /*permission=*/ new String[]{MANAGE_DEVICE_POLICY_WIPE_DATA, MASTER_CLEAR}, USES_POLICY_WIPE_DATA, USES_POLICY_WIPE_DATA, caller.getPackageName(), caller.getPackageName(), factoryReset ? UserHandle.USER_ALL : getAffectedUser(calledOnParentInstance)); factoryReset ? UserHandle.USER_ALL : getAffectedUser(calledOnParentInstance)); Loading @@ -7576,12 +7577,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { admin = getActiveAdminWithPolicyForUidLocked(/* who= */ null, admin = getActiveAdminWithPolicyForUidLocked(/* who= */ null, DeviceAdminInfo.USES_POLICY_WIPE_DATA, caller.getUid()); DeviceAdminInfo.USES_POLICY_WIPE_DATA, caller.getUid()); } } } Preconditions.checkCallAuthorization( Preconditions.checkCallAuthorization( (admin != null) || hasCallingOrSelfPermission(permission.MASTER_CLEAR), (admin != null) || hasCallingOrSelfPermission(permission.MASTER_CLEAR), "No active admin for user %d and caller %d does not hold MASTER_CLEAR permission", "No active admin for user %d and caller %d does not hold MASTER_CLEAR " + "permission", caller.getUserId(), caller.getUid()); caller.getUserId(), caller.getUid()); } checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_WIPE_DATA); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_WIPE_DATA); if (TextUtils.isEmpty(wipeReasonForUser)) { if (TextUtils.isEmpty(wipeReasonForUser)) { Loading Loading @@ -7836,15 +7838,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } else { } else { // Explicit behaviour // Explicit behaviour if (factoryReset) { if (factoryReset) { // TODO(b/254031494) Replace with new factory reset permission checks EnforcingAdmin enforcingAdmin = enforcePermissionsAndGetEnforcingAdmin( if (!isPermissionCheckFlagEnabled()) { /*admin=*/ null, boolean hasPermission = isDeviceOwnerUserId(userId) /*permission=*/ new String[]{MANAGE_DEVICE_POLICY_WIPE_DATA, || (isOrganizationOwnedDeviceWithManagedProfile() MASTER_CLEAR}, && calledOnParentInstance); USES_POLICY_WIPE_DATA, Preconditions.checkCallAuthorization(hasPermission, adminPackage, "Admin %s does not have permission to factory reset the device.", factoryReset ? UserHandle.USER_ALL : userId); getAffectedUser(calledOnParentInstance)); } wipeDevice = true; wipeDevice = true; } else { } else { Preconditions.checkCallAuthorization(!isSystemUser, Preconditions.checkCallAuthorization(!isSystemUser, Loading Loading @@ -23224,6 +23225,28 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return getEnforcingAdminForCaller(admin, callerPackageName); return getEnforcingAdminForCaller(admin, callerPackageName); } } /** * Checks if the calling process has been granted permission to apply a device policy on a * specific user. Only one permission provided in the list needs to be granted to pass this * check. * The given permissions will be checked along with their associated cross-user permissions if * they exist and the target user is different to the calling user. * Returns an {@link EnforcingAdmin} for the caller. * * @param admin the component name of the admin. * @param callerPackageName The package name of the calling application. * @param permissions The names of the permissions being checked. * @param deviceAdminPolicy The userId of the user which the caller needs permission to act on. * @throws SecurityException if the caller has not been granted the given permission, * the associated cross-user permission if the caller's user is different to the target user. */ private EnforcingAdmin enforcePermissionsAndGetEnforcingAdmin(@Nullable ComponentName admin, String[] permissions, int deviceAdminPolicy, String callerPackageName, int targetUserId) { enforcePermissions(permissions, deviceAdminPolicy, callerPackageName, targetUserId); return getEnforcingAdminForCaller(admin, callerPackageName); } /** /** * Checks whether the calling process has been granted permission to query a device policy on * Checks whether the calling process has been granted permission to query a device policy on * a specific user. * a specific user. Loading Loading @@ -23270,12 +23293,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { /** /** * Checks if the calling process has been granted permission to apply a device policy on a * Checks if the calling process has been granted permission to apply a device policy on a * specific user. * specific user. Only one permission provided in the list needs to be granted to pass this * The given permission will be checked along with its associated cross-user permission if it * check. * exists and the target user is different to the calling user. * The given permissions will be checked along with their associated cross-user permissions if * they exists and the target user is different to the calling user. * * * @param callerPackageName The package name of the calling application. * @param callerPackageName The package name of the calling application. * @param permission The name of the permission being checked. * @param permissions The names of the permissions being checked. * @param targetUserId The userId of the user which the caller needs permission to act on. * @param targetUserId The userId of the user which the caller needs permission to act on. * @throws SecurityException if the caller has not been granted the given permission, * @throws SecurityException if the caller has not been granted the given permission, * the associated cross-user permission if the caller's user is different to the target user. * the associated cross-user permission if the caller's user is different to the target user. Loading Loading @@ -23339,6 +23363,27 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { enforcePermission(permission, callerPackageName, targetUserId); enforcePermission(permission, callerPackageName, targetUserId); } } /** * Checks if the calling process has been granted permission to apply a device policy on a * specific user. * The given permission will be checked along with its associated cross-user permission if it * exists and the target user is different to the calling user. * * @param callerPackageName The package name of the calling application. * @param adminPolicy The admin policy that should grant holders permission. * @param permission The name of the permission being checked. * @param targetUserId The userId of the user which the caller needs permission to act on. * @throws SecurityException if the caller has not been granted the given permission, * the associated cross-user permission if the caller's user is different to the target user. */ private void enforcePermissions(String[] permissions, int adminPolicy, String callerPackageName, int targetUserId) throws SecurityException { if (hasAdminPolicy(adminPolicy, callerPackageName)) { return; } enforcePermissions(permissions, callerPackageName, targetUserId); } /** /** * Checks whether the calling process has been granted permission to query a device policy on * Checks whether the calling process has been granted permission to query a device policy on * a specific user. * a specific user. Loading Loading @@ -23466,7 +23511,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { // Check for non-DPC active admins. // Check for non-DPC active admins. admin = getActiveAdminForCaller(who, caller); admin = getActiveAdminForCaller(who, caller); if (admin != null) { if (admin != null) { return EnforcingAdmin.createDeviceAdminEnforcingAdmin(who, userId, admin); return EnforcingAdmin.createDeviceAdminEnforcingAdmin(admin.info.getComponent(), userId, admin); } } admin = getUserData(userId).createOrGetPermissionBasedAdmin(userId); admin = getUserData(userId).createOrGetPermissionBasedAdmin(userId); return EnforcingAdmin.createEnforcingAdmin(caller.getPackageName(), userId, admin); return EnforcingAdmin.createEnforcingAdmin(caller.getPackageName(), userId, admin);
