Revert "Block adb from changing certain settings value when corresponding user" (348bf625) · Commits · e / os / android_frameworks_base

core/java/android/os/IUserManager.aidl

+0 −1

Original line number	Diff line number	Diff line
		@@ -101,5 +101,4 @@ interface IUserManager {
		boolean requestQuietModeEnabled(String callingPackage, boolean enableQuietMode, int userHandle, in IntentSender target);
		long getUserStartRealtime();
		long getUserUnlockRealtime();
		boolean isSettingRestrictedForUser(String setting, int userId, String value);
		}

core/java/android/os/UserManager.java

+0 −19

Original line number	Diff line number	Diff line
		@@ -2730,25 +2730,6 @@ public class UserManager {
		}
		}

		/**
		* Checks whether changing a setting to a value is prohibited by the corresponding user
		* restriction.
		*
		* <p>See also {@link com.android.server.pm.UserRestrictionsUtils#applyUserRestriction(
		* Context, int, String, boolean)}, which should be in sync with this method.
		*
		* @return true if the change is prohibited, false if the change is allowed.
		*
		* @hide
		*/
		public boolean isSettingRestrictedForUser(String setting, int userId, String value) {
		try {
		return mService.isSettingRestrictedForUser(setting, userId, value);
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}
		}

		/**
		* @hide
		* User that enforces a restriction.

packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java

+111 −15

Original line number	Diff line number	Diff line
		@@ -16,10 +16,6 @@

		package com.android.providers.settings;

		import static android.os.Process.ROOT_UID;
		import static android.os.Process.SHELL_UID;
		import static android.os.Process.SYSTEM_UID;

		import android.Manifest;
		import android.annotation.NonNull;
		import android.annotation.Nullable;
		@@ -64,9 +60,9 @@ import android.os.UserHandle;
		import android.os.UserManager;
		import android.os.UserManagerInternal;
		import android.provider.Settings;
		import android.provider.SettingsValidators;
		import android.provider.Settings.Global;
		import android.provider.Settings.Secure;
		import android.provider.SettingsValidators;
		import android.text.TextUtils;
		import android.util.ArrayMap;
		import android.util.ArraySet;
		@@ -100,10 +96,13 @@ import java.util.Locale;
		import java.util.Map;
		import java.util.Set;
		import java.util.regex.Pattern;

		import javax.crypto.Mac;
		import javax.crypto.spec.SecretKeySpec;

		import static android.os.Process.ROOT_UID;
		import static android.os.Process.SHELL_UID;
		import static android.os.Process.SYSTEM_UID;


		/**
		* <p>
		@@ -1018,7 +1017,8 @@ public class SettingsProvider extends ContentProvider {

		// If this is a setting that is currently restricted for this user, do not allow
		// unrestricting changes.
		if (name != null && mUserManager.isSettingRestrictedForUser(name, callingUserId, value)) {
		if (name != null && isGlobalOrSecureSettingRestrictedForUser(name, callingUserId, value,
		Binder.getCallingUid())) {
		return false;
		}

		@@ -1325,7 +1325,8 @@ public class SettingsProvider extends ContentProvider {

		// If this is a setting that is currently restricted for this user, do not allow
		// unrestricting changes.
		if (name != null && mUserManager.isSettingRestrictedForUser(name, callingUserId, value)) {
		if (name != null && isGlobalOrSecureSettingRestrictedForUser(name, callingUserId, value,
		Binder.getCallingUid())) {
		return false;
		}

		@@ -1465,10 +1466,6 @@ public class SettingsProvider extends ContentProvider {
		// Resolve the userId on whose behalf the call is made.
		final int callingUserId = resolveCallingUserIdEnforcingPermissionsLocked(runAsUserId);

		if (name != null && mUserManager.isSettingRestrictedForUser(name, callingUserId, value)) {
		return false;
		}

		// Enforce what the calling package can mutate the system settings.
		enforceRestrictedSystemSettingsMutationForCallingPackage(operation, name, callingUserId);

		@@ -1582,6 +1579,106 @@ public class SettingsProvider extends ContentProvider {
		return false;
		}

		/**
		* Checks whether changing a setting to a value is prohibited by the corresponding user
		* restriction.
		*
		* <p>See also {@link com.android.server.pm.UserRestrictionsUtils#applyUserRestriction(
		* Context, int, String, boolean)}, which should be in sync with this method.
		*
		* @return true if the change is prohibited, false if the change is allowed.
		*/
		private boolean isGlobalOrSecureSettingRestrictedForUser(String setting, int userId,
		String value, int callingUid) {
		String restriction;
		boolean checkAllUser = false;
		switch (setting) {
		case Settings.Secure.LOCATION_MODE:
		// Note LOCATION_MODE will be converted into LOCATION_PROVIDERS_ALLOWED
		// in android.provider.Settings.Secure.putStringForUser(), so we shouldn't come
		// here normally, but we still protect it here from a direct provider write.
		if (String.valueOf(Settings.Secure.LOCATION_MODE_OFF).equals(value)) return false;
		restriction = UserManager.DISALLOW_SHARE_LOCATION;
		break;

		case Settings.Secure.LOCATION_PROVIDERS_ALLOWED:
		// See SettingsProvider.updateLocationProvidersAllowedLocked. "-" is to disable
		// a provider, which should be allowed even if the user restriction is set.
		if (value != null && value.startsWith("-")) return false;
		restriction = UserManager.DISALLOW_SHARE_LOCATION;
		break;

		case Settings.Secure.INSTALL_NON_MARKET_APPS:
		if ("0".equals(value)) return false;
		restriction = UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES;
		break;

		case Settings.Global.ADB_ENABLED:
		if ("0".equals(value)) return false;
		restriction = UserManager.DISALLOW_DEBUGGING_FEATURES;
		break;

		case Settings.Global.PACKAGE_VERIFIER_ENABLE:
		case Settings.Global.PACKAGE_VERIFIER_INCLUDE_ADB:
		if ("1".equals(value)) return false;
		restriction = UserManager.ENSURE_VERIFY_APPS;
		break;

		case Settings.Global.PREFERRED_NETWORK_MODE:
		restriction = UserManager.DISALLOW_CONFIG_MOBILE_NETWORKS;
		break;

		case Settings.Secure.ALWAYS_ON_VPN_APP:
		case Settings.Secure.ALWAYS_ON_VPN_LOCKDOWN:
		// Whitelist system uid (ConnectivityService) and root uid to change always-on vpn
		final int appId = UserHandle.getAppId(callingUid);
		if (appId == Process.SYSTEM_UID \|\| appId == Process.ROOT_UID) {
		return false;
		}
		restriction = UserManager.DISALLOW_CONFIG_VPN;
		break;

		case Settings.Global.SAFE_BOOT_DISALLOWED:
		if ("1".equals(value)) return false;
		restriction = UserManager.DISALLOW_SAFE_BOOT;
		break;

		case Settings.Global.AIRPLANE_MODE_ON:
		if ("0".equals(value)) return false;
		restriction = UserManager.DISALLOW_AIRPLANE_MODE;
		break;

		case Settings.Secure.DOZE_ENABLED:
		case Settings.Secure.DOZE_ALWAYS_ON:
		case Settings.Secure.DOZE_PULSE_ON_PICK_UP:
		case Settings.Secure.DOZE_PULSE_ON_LONG_PRESS:
		case Settings.Secure.DOZE_PULSE_ON_DOUBLE_TAP:
		if ("0".equals(value)) return false;
		restriction = UserManager.DISALLOW_AMBIENT_DISPLAY;
		break;

		case Global.LOCATION_GLOBAL_KILL_SWITCH:
		if ("0".equals(value)) return false;
		restriction = UserManager.DISALLOW_CONFIG_LOCATION;
		checkAllUser = true;
		break;

		default:
		if (setting != null && setting.startsWith(Settings.Global.DATA_ROAMING)) {
		if ("0".equals(value)) return false;
		restriction = UserManager.DISALLOW_DATA_ROAMING;
		break;
		}
		return false;
		}

		if (checkAllUser) {
		return mUserManager.hasUserRestrictionOnAnyUser(restriction);
		} else {
		return mUserManager.hasUserRestriction(restriction, UserHandle.of(userId));
		}
		}

		private int resolveOwningUserIdForSecureSettingLocked(int userId, String setting) {
		return resolveOwningUserIdLocked(userId, sSecureCloneToManagedSettings, setting);
		}
		@@ -1781,9 +1878,8 @@ public class SettingsProvider extends ContentProvider {
		* But helper functions in android.providers.Settings can enable or disable
		* a single provider by using a "+" or "-" prefix before the provider name.
		*
		* <p>See also {@link UserManager#isSettingRestrictedForUser()}.
		* If DISALLOW_SHARE_LOCATION is set, the said method will only allow values with
		* the "-" prefix.
		* <p>See also {@link #isGlobalOrSecureSettingRestrictedForUser()}. If DISALLOW_SHARE_LOCATION
		* is set, the said method will only allow values with the "-" prefix.
		*
		* @returns whether the enabled location providers changed.
		*/

services/core/java/com/android/server/pm/UserManagerService.java

+0 −156

Original line number	Diff line number	Diff line
		@@ -31,7 +31,6 @@ import android.app.IActivityManager;
		import android.app.IStopUserCallback;
		import android.app.KeyguardManager;
		import android.app.PendingIntent;
		import android.app.admin.DevicePolicyManager;
		import android.content.BroadcastReceiver;
		import android.content.Context;
		import android.content.Intent;
		@@ -72,7 +71,6 @@ import android.os.UserManager.EnforcingUser;
		import android.os.UserManagerInternal;
		import android.os.UserManagerInternal.UserRestrictionsListener;
		import android.os.storage.StorageManager;
		import android.provider.Settings;
		import android.security.GateKeeper;
		import android.service.gatekeeper.IGateKeeperService;
		import android.util.AtomicFile;
		@@ -4040,158 +4038,4 @@ public class UserManagerService extends IUserManager.Stub {
		+ " does not match the calling uid " + callingUid);
		}
		}

		@Override
		public boolean isSettingRestrictedForUser(String setting, int userId, String value) {
		final int callingUid = Binder.getCallingUid();
		if (setting == null) {
		return false;
		}
		String restriction;
		boolean checkAllUser = false;
		switch (setting) {
		case android.provider.Settings.Secure.LOCATION_MODE:
		if (hasUserRestriction(UserManager.DISALLOW_CONFIG_LOCATION, userId)
		&& callingUid != Process.SYSTEM_UID) {
		return true;
		} else if (String.valueOf(Settings.Secure.LOCATION_MODE_OFF).equals(value)) {
		// Note LOCATION_MODE will be converted into LOCATION_PROVIDERS_ALLOWED
		// in android.provider.Settings.Secure.putStringForUser(), so we shouldn't come
		// here normally, but we still protect it here from a direct provider write.
		return false;
		}
		restriction = UserManager.DISALLOW_SHARE_LOCATION;
		break;

		case android.provider.Settings.Secure.LOCATION_PROVIDERS_ALLOWED:
		if (hasUserRestriction(UserManager.DISALLOW_CONFIG_LOCATION, userId)
		&& callingUid != Process.SYSTEM_UID) {
		return true;
		} else if (value != null && value.startsWith("-")) {
		// See SettingsProvider.updateLocationProvidersAllowedLocked. "-" is to disable
		// a provider, which should be allowed even if the user restriction is set.
		return false;
		}
		restriction = UserManager.DISALLOW_SHARE_LOCATION;
		break;

		case android.provider.Settings.Secure.INSTALL_NON_MARKET_APPS:
		if ("0".equals(value)) {
		return false;
		}
		restriction = UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES;
		break;

		case android.provider.Settings.Global.ADB_ENABLED:
		if ("0".equals(value)) {
		return false;
		}
		restriction = UserManager.DISALLOW_DEBUGGING_FEATURES;
		break;

		case android.provider.Settings.Global.PACKAGE_VERIFIER_ENABLE:
		case android.provider.Settings.Global.PACKAGE_VERIFIER_INCLUDE_ADB:
		if ("1".equals(value)) {
		return false;
		}
		restriction = UserManager.ENSURE_VERIFY_APPS;
		break;

		case android.provider.Settings.Global.PREFERRED_NETWORK_MODE:
		restriction = UserManager.DISALLOW_CONFIG_MOBILE_NETWORKS;
		break;

		case android.provider.Settings.Secure.ALWAYS_ON_VPN_APP:
		case android.provider.Settings.Secure.ALWAYS_ON_VPN_LOCKDOWN:
		// Whitelist system uid (ConnectivityService) and root uid to change always-on vpn
		final int appId = UserHandle.getAppId(callingUid);
		if (appId == Process.SYSTEM_UID \|\| appId == Process.ROOT_UID) {
		return false;
		}
		restriction = UserManager.DISALLOW_CONFIG_VPN;
		break;

		case android.provider.Settings.Global.SAFE_BOOT_DISALLOWED:
		if ("1".equals(value)) {
		return false;
		}
		restriction = UserManager.DISALLOW_SAFE_BOOT;
		break;

		case android.provider.Settings.Global.AIRPLANE_MODE_ON:
		if ("0".equals(value)) {
		return false;
		}
		restriction = UserManager.DISALLOW_AIRPLANE_MODE;
		break;

		case android.provider.Settings.Secure.DOZE_ENABLED:
		case android.provider.Settings.Secure.DOZE_ALWAYS_ON:
		case android.provider.Settings.Secure.DOZE_PULSE_ON_PICK_UP:
		case android.provider.Settings.Secure.DOZE_PULSE_ON_LONG_PRESS:
		case android.provider.Settings.Secure.DOZE_PULSE_ON_DOUBLE_TAP:
		if ("0".equals(value)) {
		return false;
		}
		restriction = UserManager.DISALLOW_AMBIENT_DISPLAY;
		break;

		case android.provider.Settings.Global.LOCATION_GLOBAL_KILL_SWITCH:
		if ("0".equals(value)) {
		return false;
		}
		restriction = UserManager.DISALLOW_CONFIG_LOCATION;
		checkAllUser = true;
		break;

		case android.provider.Settings.System.SCREEN_BRIGHTNESS:
		case android.provider.Settings.System.SCREEN_BRIGHTNESS_MODE:
		if (callingUid == Process.SYSTEM_UID) {
		return false;
		}
		restriction = UserManager.DISALLOW_CONFIG_BRIGHTNESS;
		break;

		case android.provider.Settings.Global.AUTO_TIME:
		DevicePolicyManager dpm = mContext.getSystemService(DevicePolicyManager.class);
		if (dpm != null && dpm.getAutoTimeRequired()
		&& "0".equals(value)) {
		return true;
		} else if (callingUid == Process.SYSTEM_UID) {
		return false;
		}
		restriction = UserManager.DISALLOW_CONFIG_DATE_TIME;
		break;

		case android.provider.Settings.Global.AUTO_TIME_ZONE:
		if (callingUid == Process.SYSTEM_UID) {
		return false;
		}
		restriction = UserManager.DISALLOW_CONFIG_DATE_TIME;
		break;

		case android.provider.Settings.System.SCREEN_OFF_TIMEOUT:
		if (callingUid == Process.SYSTEM_UID) {
		return false;
		}
		restriction = UserManager.DISALLOW_CONFIG_SCREEN_TIMEOUT;
		break;

		default:
		if (setting.startsWith(Settings.Global.DATA_ROAMING)) {
		if ("0".equals(value)) {
		return false;
		}
		restriction = UserManager.DISALLOW_DATA_ROAMING;
		break;
		}
		return false;
		}

		if (checkAllUser) {
		return hasUserRestrictionOnAnyUser(restriction);
		} else {
		return hasUserRestriction(restriction, userId);
		}
		}
		}

services/core/java/com/android/server/pm/UserRestrictionsUtils.java

+2 −1

Original line number	Diff line number	Diff line
		@@ -439,7 +439,8 @@ public class UserRestrictionsUtils {
		/**
		* Apply each user restriction.
		*
		* <p>See also {@link android.os.UserManager#isSettingRestrictedForUser()},
		* <p>See also {@link
		* com.android.providers.settings.SettingsProvider#isGlobalOrSecureSettingRestrictedForUser},
		* which should be in sync with this method.
		*/
		private static void applyUserRestriction(Context context, int userId, String key,