Loading cmds/content/src/com/android/commands/content/Content.java +1 −1 Original line number Diff line number Diff line Loading @@ -501,7 +501,7 @@ public class Content { @Override public void onExecute(IContentProvider provider) throws Exception { final ParcelFileDescriptor fd = provider.openFile(null, mUri, "r", null); final ParcelFileDescriptor fd = provider.openFile(null, mUri, "r", null, null); copy(new FileInputStream(fd.getFileDescriptor()), System.out); } Loading core/java/android/app/ActivityManagerNative.java +34 −4 Original line number Diff line number Diff line Loading @@ -1186,6 +1186,18 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM return true; } case CHECK_PERMISSION_WITH_TOKEN_TRANSACTION: { data.enforceInterface(IActivityManager.descriptor); String perm = data.readString(); int pid = data.readInt(); int uid = data.readInt(); IBinder token = data.readStrongBinder(); int res = checkPermissionWithToken(perm, pid, uid, token); reply.writeNoException(); reply.writeInt(res); return true; } case CHECK_URI_PERMISSION_TRANSACTION: { data.enforceInterface(IActivityManager.descriptor); Uri uri = Uri.CREATOR.createFromParcel(data); Loading @@ -1193,7 +1205,8 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM int uid = data.readInt(); int mode = data.readInt(); int userId = data.readInt(); int res = checkUriPermission(uri, pid, uid, mode, userId); IBinder callerToken = data.readStrongBinder(); int res = checkUriPermission(uri, pid, uid, mode, userId, callerToken); reply.writeNoException(); reply.writeInt(res); return true; Loading Loading @@ -3851,6 +3864,22 @@ class ActivityManagerProxy implements IActivityManager reply.recycle(); return res; } public int checkPermissionWithToken(String permission, int pid, int uid, IBinder callerToken) throws RemoteException { Parcel data = Parcel.obtain(); Parcel reply = Parcel.obtain(); data.writeInterfaceToken(IActivityManager.descriptor); data.writeString(permission); data.writeInt(pid); data.writeInt(uid); data.writeStrongBinder(callerToken); mRemote.transact(CHECK_PERMISSION_WITH_TOKEN_TRANSACTION, data, reply, 0); reply.readException(); int res = reply.readInt(); data.recycle(); reply.recycle(); return res; } public boolean clearApplicationUserData(final String packageName, final IPackageDataObserver observer, final int userId) throws RemoteException { Parcel data = Parcel.obtain(); Loading @@ -3866,8 +3895,8 @@ class ActivityManagerProxy implements IActivityManager reply.recycle(); return res; } public int checkUriPermission(Uri uri, int pid, int uid, int mode, int userId) throws RemoteException { public int checkUriPermission(Uri uri, int pid, int uid, int mode, int userId, IBinder callerToken) throws RemoteException { Parcel data = Parcel.obtain(); Parcel reply = Parcel.obtain(); data.writeInterfaceToken(IActivityManager.descriptor); Loading @@ -3876,6 +3905,7 @@ class ActivityManagerProxy implements IActivityManager data.writeInt(uid); data.writeInt(mode); data.writeInt(userId); data.writeStrongBinder(callerToken); mRemote.transact(CHECK_URI_PERMISSION_TRANSACTION, data, reply, 0); reply.readException(); int res = reply.readInt(); Loading core/java/android/app/ContextImpl.java +28 −1 Original line number Diff line number Diff line Loading @@ -1863,6 +1863,21 @@ class ContextImpl extends Context { } } /** @hide */ @Override public int checkPermission(String permission, int pid, int uid, IBinder callerToken) { if (permission == null) { throw new IllegalArgumentException("permission is null"); } try { return ActivityManagerNative.getDefault().checkPermissionWithToken( permission, pid, uid, callerToken); } catch (RemoteException e) { return PackageManager.PERMISSION_DENIED; } } @Override public int checkCallingPermission(String permission) { if (permission == null) { Loading Loading @@ -1951,7 +1966,19 @@ class ContextImpl extends Context { try { return ActivityManagerNative.getDefault().checkUriPermission( ContentProvider.getUriWithoutUserId(uri), pid, uid, modeFlags, resolveUserId(uri)); resolveUserId(uri), null); } catch (RemoteException e) { return PackageManager.PERMISSION_DENIED; } } /** @hide */ @Override public int checkUriPermission(Uri uri, int pid, int uid, int modeFlags, IBinder callerToken) { try { return ActivityManagerNative.getDefault().checkUriPermission( ContentProvider.getUriWithoutUserId(uri), pid, uid, modeFlags, resolveUserId(uri), callerToken); } catch (RemoteException e) { return PackageManager.PERMISSION_DENIED; } Loading core/java/android/app/IActivityManager.java +5 −2 Original line number Diff line number Diff line Loading @@ -219,9 +219,11 @@ public interface IActivityManager extends IInterface { public int checkPermission(String permission, int pid, int uid) throws RemoteException; public int checkUriPermission(Uri uri, int pid, int uid, int mode, int userId) public int checkPermissionWithToken(String permission, int pid, int uid, IBinder callerToken) throws RemoteException; public int checkUriPermission(Uri uri, int pid, int uid, int mode, int userId, IBinder callerToken) throws RemoteException; public void grantUriPermission(IApplicationThread caller, String targetPkg, Uri uri, int mode, int userId) throws RemoteException; public void revokeUriPermission(IApplicationThread caller, Uri uri, int mode, int userId) Loading Loading @@ -785,4 +787,5 @@ public interface IActivityManager extends IInterface { int GET_TASK_DESCRIPTION_ICON_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+238; int LAUNCH_ASSIST_INTENT_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+239; int START_IN_PLACE_ANIMATION_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+240; int CHECK_PERMISSION_WITH_TOKEN_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+241; } core/java/android/content/ContentProvider.java +43 −32 Original line number Diff line number Diff line Loading @@ -31,6 +31,7 @@ import android.os.AsyncTask; import android.os.Binder; import android.os.Bundle; import android.os.CancellationSignal; import android.os.IBinder; import android.os.ICancellationSignal; import android.os.OperationCanceledException; import android.os.ParcelFileDescriptor; Loading Loading @@ -201,7 +202,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { ICancellationSignal cancellationSignal) { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); if (enforceReadPermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return rejectQuery(uri, projection, selection, selectionArgs, sortOrder, CancellationSignal.fromTransport(cancellationSignal)); } Loading @@ -227,7 +228,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { validateIncomingUri(uri); int userId = getUserIdFromUri(uri); uri = getUriWithoutUserId(uri); if (enforceWritePermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return rejectInsert(uri, initialValues); } final String original = setCallingPackage(callingPkg); Loading @@ -242,7 +243,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { public int bulkInsert(String callingPkg, Uri uri, ContentValues[] initialValues) { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); if (enforceWritePermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return 0; } final String original = setCallingPackage(callingPkg); Loading Loading @@ -270,13 +271,13 @@ public abstract class ContentProvider implements ComponentCallbacks2 { operations.set(i, operation); } if (operation.isReadOperation()) { if (enforceReadPermission(callingPkg, uri) if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { throw new OperationApplicationException("App op not allowed", 0); } } if (operation.isWriteOperation()) { if (enforceWritePermission(callingPkg, uri) if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { throw new OperationApplicationException("App op not allowed", 0); } Loading @@ -301,7 +302,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { public int delete(String callingPkg, Uri uri, String selection, String[] selectionArgs) { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); if (enforceWritePermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return 0; } final String original = setCallingPackage(callingPkg); Loading @@ -317,7 +318,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { String[] selectionArgs) { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); if (enforceWritePermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return 0; } final String original = setCallingPackage(callingPkg); Loading @@ -330,11 +331,11 @@ public abstract class ContentProvider implements ComponentCallbacks2 { @Override public ParcelFileDescriptor openFile( String callingPkg, Uri uri, String mode, ICancellationSignal cancellationSignal) throws FileNotFoundException { String callingPkg, Uri uri, String mode, ICancellationSignal cancellationSignal, IBinder callerToken) throws FileNotFoundException { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); enforceFilePermission(callingPkg, uri, mode); enforceFilePermission(callingPkg, uri, mode, callerToken); final String original = setCallingPackage(callingPkg); try { return ContentProvider.this.openFile( Loading @@ -350,7 +351,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { throws FileNotFoundException { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); enforceFilePermission(callingPkg, uri, mode); enforceFilePermission(callingPkg, uri, mode, null); final String original = setCallingPackage(callingPkg); try { return ContentProvider.this.openAssetFile( Loading Loading @@ -382,7 +383,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { Bundle opts, ICancellationSignal cancellationSignal) throws FileNotFoundException { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); enforceFilePermission(callingPkg, uri, "r"); enforceFilePermission(callingPkg, uri, "r", null); final String original = setCallingPackage(callingPkg); try { return ContentProvider.this.openTypedAssetFile( Loading @@ -402,7 +403,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { validateIncomingUri(uri); int userId = getUserIdFromUri(uri); uri = getUriWithoutUserId(uri); if (enforceReadPermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return null; } final String original = setCallingPackage(callingPkg); Loading @@ -418,7 +419,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { validateIncomingUri(uri); int userId = getUserIdFromUri(uri); uri = getUriWithoutUserId(uri); if (enforceReadPermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return null; } final String original = setCallingPackage(callingPkg); Loading @@ -429,29 +430,33 @@ public abstract class ContentProvider implements ComponentCallbacks2 { } } private void enforceFilePermission(String callingPkg, Uri uri, String mode) throws FileNotFoundException, SecurityException { private void enforceFilePermission(String callingPkg, Uri uri, String mode, IBinder callerToken) throws FileNotFoundException, SecurityException { if (mode != null && mode.indexOf('w') != -1) { if (enforceWritePermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceWritePermission(callingPkg, uri, callerToken) != AppOpsManager.MODE_ALLOWED) { throw new FileNotFoundException("App op not allowed"); } } else { if (enforceReadPermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceReadPermission(callingPkg, uri, callerToken) != AppOpsManager.MODE_ALLOWED) { throw new FileNotFoundException("App op not allowed"); } } } private int enforceReadPermission(String callingPkg, Uri uri) throws SecurityException { enforceReadPermissionInner(uri); private int enforceReadPermission(String callingPkg, Uri uri, IBinder callerToken) throws SecurityException { enforceReadPermissionInner(uri, callerToken); if (mReadOp != AppOpsManager.OP_NONE) { return mAppOpsManager.noteOp(mReadOp, Binder.getCallingUid(), callingPkg); } return AppOpsManager.MODE_ALLOWED; } private int enforceWritePermission(String callingPkg, Uri uri) throws SecurityException { enforceWritePermissionInner(uri); private int enforceWritePermission(String callingPkg, Uri uri, IBinder callerToken) throws SecurityException { enforceWritePermissionInner(uri, callerToken); if (mWriteOp != AppOpsManager.OP_NONE) { return mAppOpsManager.noteOp(mWriteOp, Binder.getCallingUid(), callingPkg); } Loading @@ -467,7 +472,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { } /** {@hide} */ protected void enforceReadPermissionInner(Uri uri) throws SecurityException { protected void enforceReadPermissionInner(Uri uri, IBinder callerToken) throws SecurityException { final Context context = getContext(); final int pid = Binder.getCallingPid(); final int uid = Binder.getCallingUid(); Loading @@ -480,7 +486,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { if (mExported && checkUser(pid, uid, context)) { final String componentPerm = getReadPermission(); if (componentPerm != null) { if (context.checkPermission(componentPerm, pid, uid) == PERMISSION_GRANTED) { if (context.checkPermission(componentPerm, pid, uid, callerToken) == PERMISSION_GRANTED) { return; } else { missingPerm = componentPerm; Loading @@ -497,7 +504,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { for (PathPermission pp : pps) { final String pathPerm = pp.getReadPermission(); if (pathPerm != null && pp.match(path)) { if (context.checkPermission(pathPerm, pid, uid) == PERMISSION_GRANTED) { if (context.checkPermission(pathPerm, pid, uid, callerToken) == PERMISSION_GRANTED) { return; } else { // any denied <path-permission> means we lose Loading @@ -518,8 +526,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { final int callingUserId = UserHandle.getUserId(uid); final Uri userUri = (mSingleUser && !UserHandle.isSameUser(mMyUid, uid)) ? maybeAddUserId(uri, callingUserId) : uri; if (context.checkUriPermission(userUri, pid, uid, Intent.FLAG_GRANT_READ_URI_PERMISSION) == PERMISSION_GRANTED) { if (context.checkUriPermission(userUri, pid, uid, Intent.FLAG_GRANT_READ_URI_PERMISSION, callerToken) == PERMISSION_GRANTED) { return; } Loading @@ -532,7 +540,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { } /** {@hide} */ protected void enforceWritePermissionInner(Uri uri) throws SecurityException { protected void enforceWritePermissionInner(Uri uri, IBinder callerToken) throws SecurityException { final Context context = getContext(); final int pid = Binder.getCallingPid(); final int uid = Binder.getCallingUid(); Loading @@ -545,7 +554,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { if (mExported && checkUser(pid, uid, context)) { final String componentPerm = getWritePermission(); if (componentPerm != null) { if (context.checkPermission(componentPerm, pid, uid) == PERMISSION_GRANTED) { if (context.checkPermission(componentPerm, pid, uid, callerToken) == PERMISSION_GRANTED) { return; } else { missingPerm = componentPerm; Loading @@ -562,7 +572,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { for (PathPermission pp : pps) { final String pathPerm = pp.getWritePermission(); if (pathPerm != null && pp.match(path)) { if (context.checkPermission(pathPerm, pid, uid) == PERMISSION_GRANTED) { if (context.checkPermission(pathPerm, pid, uid, callerToken) == PERMISSION_GRANTED) { return; } else { // any denied <path-permission> means we lose Loading @@ -580,8 +591,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { } // last chance, check against any uri grants if (context.checkUriPermission(uri, pid, uid, Intent.FLAG_GRANT_WRITE_URI_PERMISSION) == PERMISSION_GRANTED) { if (context.checkUriPermission(uri, pid, uid, Intent.FLAG_GRANT_WRITE_URI_PERMISSION, callerToken) == PERMISSION_GRANTED) { return; } Loading Loading
cmds/content/src/com/android/commands/content/Content.java +1 −1 Original line number Diff line number Diff line Loading @@ -501,7 +501,7 @@ public class Content { @Override public void onExecute(IContentProvider provider) throws Exception { final ParcelFileDescriptor fd = provider.openFile(null, mUri, "r", null); final ParcelFileDescriptor fd = provider.openFile(null, mUri, "r", null, null); copy(new FileInputStream(fd.getFileDescriptor()), System.out); } Loading
core/java/android/app/ActivityManagerNative.java +34 −4 Original line number Diff line number Diff line Loading @@ -1186,6 +1186,18 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM return true; } case CHECK_PERMISSION_WITH_TOKEN_TRANSACTION: { data.enforceInterface(IActivityManager.descriptor); String perm = data.readString(); int pid = data.readInt(); int uid = data.readInt(); IBinder token = data.readStrongBinder(); int res = checkPermissionWithToken(perm, pid, uid, token); reply.writeNoException(); reply.writeInt(res); return true; } case CHECK_URI_PERMISSION_TRANSACTION: { data.enforceInterface(IActivityManager.descriptor); Uri uri = Uri.CREATOR.createFromParcel(data); Loading @@ -1193,7 +1205,8 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM int uid = data.readInt(); int mode = data.readInt(); int userId = data.readInt(); int res = checkUriPermission(uri, pid, uid, mode, userId); IBinder callerToken = data.readStrongBinder(); int res = checkUriPermission(uri, pid, uid, mode, userId, callerToken); reply.writeNoException(); reply.writeInt(res); return true; Loading Loading @@ -3851,6 +3864,22 @@ class ActivityManagerProxy implements IActivityManager reply.recycle(); return res; } public int checkPermissionWithToken(String permission, int pid, int uid, IBinder callerToken) throws RemoteException { Parcel data = Parcel.obtain(); Parcel reply = Parcel.obtain(); data.writeInterfaceToken(IActivityManager.descriptor); data.writeString(permission); data.writeInt(pid); data.writeInt(uid); data.writeStrongBinder(callerToken); mRemote.transact(CHECK_PERMISSION_WITH_TOKEN_TRANSACTION, data, reply, 0); reply.readException(); int res = reply.readInt(); data.recycle(); reply.recycle(); return res; } public boolean clearApplicationUserData(final String packageName, final IPackageDataObserver observer, final int userId) throws RemoteException { Parcel data = Parcel.obtain(); Loading @@ -3866,8 +3895,8 @@ class ActivityManagerProxy implements IActivityManager reply.recycle(); return res; } public int checkUriPermission(Uri uri, int pid, int uid, int mode, int userId) throws RemoteException { public int checkUriPermission(Uri uri, int pid, int uid, int mode, int userId, IBinder callerToken) throws RemoteException { Parcel data = Parcel.obtain(); Parcel reply = Parcel.obtain(); data.writeInterfaceToken(IActivityManager.descriptor); Loading @@ -3876,6 +3905,7 @@ class ActivityManagerProxy implements IActivityManager data.writeInt(uid); data.writeInt(mode); data.writeInt(userId); data.writeStrongBinder(callerToken); mRemote.transact(CHECK_URI_PERMISSION_TRANSACTION, data, reply, 0); reply.readException(); int res = reply.readInt(); Loading
core/java/android/app/ContextImpl.java +28 −1 Original line number Diff line number Diff line Loading @@ -1863,6 +1863,21 @@ class ContextImpl extends Context { } } /** @hide */ @Override public int checkPermission(String permission, int pid, int uid, IBinder callerToken) { if (permission == null) { throw new IllegalArgumentException("permission is null"); } try { return ActivityManagerNative.getDefault().checkPermissionWithToken( permission, pid, uid, callerToken); } catch (RemoteException e) { return PackageManager.PERMISSION_DENIED; } } @Override public int checkCallingPermission(String permission) { if (permission == null) { Loading Loading @@ -1951,7 +1966,19 @@ class ContextImpl extends Context { try { return ActivityManagerNative.getDefault().checkUriPermission( ContentProvider.getUriWithoutUserId(uri), pid, uid, modeFlags, resolveUserId(uri)); resolveUserId(uri), null); } catch (RemoteException e) { return PackageManager.PERMISSION_DENIED; } } /** @hide */ @Override public int checkUriPermission(Uri uri, int pid, int uid, int modeFlags, IBinder callerToken) { try { return ActivityManagerNative.getDefault().checkUriPermission( ContentProvider.getUriWithoutUserId(uri), pid, uid, modeFlags, resolveUserId(uri), callerToken); } catch (RemoteException e) { return PackageManager.PERMISSION_DENIED; } Loading
core/java/android/app/IActivityManager.java +5 −2 Original line number Diff line number Diff line Loading @@ -219,9 +219,11 @@ public interface IActivityManager extends IInterface { public int checkPermission(String permission, int pid, int uid) throws RemoteException; public int checkUriPermission(Uri uri, int pid, int uid, int mode, int userId) public int checkPermissionWithToken(String permission, int pid, int uid, IBinder callerToken) throws RemoteException; public int checkUriPermission(Uri uri, int pid, int uid, int mode, int userId, IBinder callerToken) throws RemoteException; public void grantUriPermission(IApplicationThread caller, String targetPkg, Uri uri, int mode, int userId) throws RemoteException; public void revokeUriPermission(IApplicationThread caller, Uri uri, int mode, int userId) Loading Loading @@ -785,4 +787,5 @@ public interface IActivityManager extends IInterface { int GET_TASK_DESCRIPTION_ICON_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+238; int LAUNCH_ASSIST_INTENT_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+239; int START_IN_PLACE_ANIMATION_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+240; int CHECK_PERMISSION_WITH_TOKEN_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+241; }
core/java/android/content/ContentProvider.java +43 −32 Original line number Diff line number Diff line Loading @@ -31,6 +31,7 @@ import android.os.AsyncTask; import android.os.Binder; import android.os.Bundle; import android.os.CancellationSignal; import android.os.IBinder; import android.os.ICancellationSignal; import android.os.OperationCanceledException; import android.os.ParcelFileDescriptor; Loading Loading @@ -201,7 +202,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { ICancellationSignal cancellationSignal) { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); if (enforceReadPermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return rejectQuery(uri, projection, selection, selectionArgs, sortOrder, CancellationSignal.fromTransport(cancellationSignal)); } Loading @@ -227,7 +228,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { validateIncomingUri(uri); int userId = getUserIdFromUri(uri); uri = getUriWithoutUserId(uri); if (enforceWritePermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return rejectInsert(uri, initialValues); } final String original = setCallingPackage(callingPkg); Loading @@ -242,7 +243,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { public int bulkInsert(String callingPkg, Uri uri, ContentValues[] initialValues) { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); if (enforceWritePermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return 0; } final String original = setCallingPackage(callingPkg); Loading Loading @@ -270,13 +271,13 @@ public abstract class ContentProvider implements ComponentCallbacks2 { operations.set(i, operation); } if (operation.isReadOperation()) { if (enforceReadPermission(callingPkg, uri) if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { throw new OperationApplicationException("App op not allowed", 0); } } if (operation.isWriteOperation()) { if (enforceWritePermission(callingPkg, uri) if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { throw new OperationApplicationException("App op not allowed", 0); } Loading @@ -301,7 +302,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { public int delete(String callingPkg, Uri uri, String selection, String[] selectionArgs) { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); if (enforceWritePermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return 0; } final String original = setCallingPackage(callingPkg); Loading @@ -317,7 +318,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { String[] selectionArgs) { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); if (enforceWritePermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return 0; } final String original = setCallingPackage(callingPkg); Loading @@ -330,11 +331,11 @@ public abstract class ContentProvider implements ComponentCallbacks2 { @Override public ParcelFileDescriptor openFile( String callingPkg, Uri uri, String mode, ICancellationSignal cancellationSignal) throws FileNotFoundException { String callingPkg, Uri uri, String mode, ICancellationSignal cancellationSignal, IBinder callerToken) throws FileNotFoundException { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); enforceFilePermission(callingPkg, uri, mode); enforceFilePermission(callingPkg, uri, mode, callerToken); final String original = setCallingPackage(callingPkg); try { return ContentProvider.this.openFile( Loading @@ -350,7 +351,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { throws FileNotFoundException { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); enforceFilePermission(callingPkg, uri, mode); enforceFilePermission(callingPkg, uri, mode, null); final String original = setCallingPackage(callingPkg); try { return ContentProvider.this.openAssetFile( Loading Loading @@ -382,7 +383,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { Bundle opts, ICancellationSignal cancellationSignal) throws FileNotFoundException { validateIncomingUri(uri); uri = getUriWithoutUserId(uri); enforceFilePermission(callingPkg, uri, "r"); enforceFilePermission(callingPkg, uri, "r", null); final String original = setCallingPackage(callingPkg); try { return ContentProvider.this.openTypedAssetFile( Loading @@ -402,7 +403,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { validateIncomingUri(uri); int userId = getUserIdFromUri(uri); uri = getUriWithoutUserId(uri); if (enforceReadPermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return null; } final String original = setCallingPackage(callingPkg); Loading @@ -418,7 +419,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { validateIncomingUri(uri); int userId = getUserIdFromUri(uri); uri = getUriWithoutUserId(uri); if (enforceReadPermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { return null; } final String original = setCallingPackage(callingPkg); Loading @@ -429,29 +430,33 @@ public abstract class ContentProvider implements ComponentCallbacks2 { } } private void enforceFilePermission(String callingPkg, Uri uri, String mode) throws FileNotFoundException, SecurityException { private void enforceFilePermission(String callingPkg, Uri uri, String mode, IBinder callerToken) throws FileNotFoundException, SecurityException { if (mode != null && mode.indexOf('w') != -1) { if (enforceWritePermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceWritePermission(callingPkg, uri, callerToken) != AppOpsManager.MODE_ALLOWED) { throw new FileNotFoundException("App op not allowed"); } } else { if (enforceReadPermission(callingPkg, uri) != AppOpsManager.MODE_ALLOWED) { if (enforceReadPermission(callingPkg, uri, callerToken) != AppOpsManager.MODE_ALLOWED) { throw new FileNotFoundException("App op not allowed"); } } } private int enforceReadPermission(String callingPkg, Uri uri) throws SecurityException { enforceReadPermissionInner(uri); private int enforceReadPermission(String callingPkg, Uri uri, IBinder callerToken) throws SecurityException { enforceReadPermissionInner(uri, callerToken); if (mReadOp != AppOpsManager.OP_NONE) { return mAppOpsManager.noteOp(mReadOp, Binder.getCallingUid(), callingPkg); } return AppOpsManager.MODE_ALLOWED; } private int enforceWritePermission(String callingPkg, Uri uri) throws SecurityException { enforceWritePermissionInner(uri); private int enforceWritePermission(String callingPkg, Uri uri, IBinder callerToken) throws SecurityException { enforceWritePermissionInner(uri, callerToken); if (mWriteOp != AppOpsManager.OP_NONE) { return mAppOpsManager.noteOp(mWriteOp, Binder.getCallingUid(), callingPkg); } Loading @@ -467,7 +472,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { } /** {@hide} */ protected void enforceReadPermissionInner(Uri uri) throws SecurityException { protected void enforceReadPermissionInner(Uri uri, IBinder callerToken) throws SecurityException { final Context context = getContext(); final int pid = Binder.getCallingPid(); final int uid = Binder.getCallingUid(); Loading @@ -480,7 +486,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { if (mExported && checkUser(pid, uid, context)) { final String componentPerm = getReadPermission(); if (componentPerm != null) { if (context.checkPermission(componentPerm, pid, uid) == PERMISSION_GRANTED) { if (context.checkPermission(componentPerm, pid, uid, callerToken) == PERMISSION_GRANTED) { return; } else { missingPerm = componentPerm; Loading @@ -497,7 +504,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { for (PathPermission pp : pps) { final String pathPerm = pp.getReadPermission(); if (pathPerm != null && pp.match(path)) { if (context.checkPermission(pathPerm, pid, uid) == PERMISSION_GRANTED) { if (context.checkPermission(pathPerm, pid, uid, callerToken) == PERMISSION_GRANTED) { return; } else { // any denied <path-permission> means we lose Loading @@ -518,8 +526,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { final int callingUserId = UserHandle.getUserId(uid); final Uri userUri = (mSingleUser && !UserHandle.isSameUser(mMyUid, uid)) ? maybeAddUserId(uri, callingUserId) : uri; if (context.checkUriPermission(userUri, pid, uid, Intent.FLAG_GRANT_READ_URI_PERMISSION) == PERMISSION_GRANTED) { if (context.checkUriPermission(userUri, pid, uid, Intent.FLAG_GRANT_READ_URI_PERMISSION, callerToken) == PERMISSION_GRANTED) { return; } Loading @@ -532,7 +540,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { } /** {@hide} */ protected void enforceWritePermissionInner(Uri uri) throws SecurityException { protected void enforceWritePermissionInner(Uri uri, IBinder callerToken) throws SecurityException { final Context context = getContext(); final int pid = Binder.getCallingPid(); final int uid = Binder.getCallingUid(); Loading @@ -545,7 +554,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { if (mExported && checkUser(pid, uid, context)) { final String componentPerm = getWritePermission(); if (componentPerm != null) { if (context.checkPermission(componentPerm, pid, uid) == PERMISSION_GRANTED) { if (context.checkPermission(componentPerm, pid, uid, callerToken) == PERMISSION_GRANTED) { return; } else { missingPerm = componentPerm; Loading @@ -562,7 +572,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { for (PathPermission pp : pps) { final String pathPerm = pp.getWritePermission(); if (pathPerm != null && pp.match(path)) { if (context.checkPermission(pathPerm, pid, uid) == PERMISSION_GRANTED) { if (context.checkPermission(pathPerm, pid, uid, callerToken) == PERMISSION_GRANTED) { return; } else { // any denied <path-permission> means we lose Loading @@ -580,8 +591,8 @@ public abstract class ContentProvider implements ComponentCallbacks2 { } // last chance, check against any uri grants if (context.checkUriPermission(uri, pid, uid, Intent.FLAG_GRANT_WRITE_URI_PERMISSION) == PERMISSION_GRANTED) { if (context.checkUriPermission(uri, pid, uid, Intent.FLAG_GRANT_WRITE_URI_PERMISSION, callerToken) == PERMISSION_GRANTED) { return; } Loading
