Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 48afc444 authored by Patrick Baumann's avatar Patrick Baumann
Browse files

Expose grantImplicitAccess in IPackageManager 

This change exposes the method to grant implicit visibility access via
IPackageManager and as a hidden API in PackageManager. This variant of
the method takes a recipient UID and the authority that it should see
and limits access to only the contacts provider on device.

Bug: 158688602
Test: PackageManagerTests
Change-Id: I0050593e4aa734af1a69a40a60746f7cf0ea72df
Merged-In: I0050593e4aa734af1a69a40a60746f7cf0ea72df
Merged-In: I2c80513a5dffa7ad92963e376ea85217f127f39a
parent 27b40fc2

core/java/android/content/pm/IPackageManager.aidl

+2 −0
Original line number Diff line number Diff line
@@ -785,4 +785,6 @@ interface IPackageManager { 
    List<String> getMimeGroup(String packageName, String group);



    boolean isAutoRevokeWhitelisted(String packageName);



    void grantImplicitAccess(int queryingUid, String visibleAuthority);

}

core/java/android/content/pm/PackageManager.java

+14 −0
Original line number Diff line number Diff line
@@ -8018,6 +8018,20 @@ public abstract class PackageManager { 
                "getMimeGroup not implemented in subclass");

    }



    /**

     * Grants implicit visibility of the package that provides an authority to a querying UID.

     *

     * @throws SecurityException when called by a package other than the contacts provider

     * @hide

     */

    public void grantImplicitAccess(int queryingUid, String visibleAuthority) {

        try {

            ActivityThread.getPackageManager().grantImplicitAccess(queryingUid, visibleAuthority);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

    }



    // Some of the flags don't affect the query result, but let's be conservative and cache

    // each combination of flags separately.

services/core/java/com/android/server/pm/PackageManagerService.java

+27 −0
Original line number Diff line number Diff line
@@ -280,6 +280,7 @@ import android.os.storage.StorageManagerInternal; 
import android.os.storage.VolumeInfo;

import android.os.storage.VolumeRecord;

import android.permission.IPermissionManager;

import android.provider.ContactsContract;

import android.provider.DeviceConfig;

import android.provider.Settings.Global;

import android.provider.Settings.Secure;
@@ -25400,6 +25401,32 @@ public class PackageManagerService extends IPackageManager.Stub 
        }

    }













    @Override













    public void grantImplicitAccess(int recipientUid, String visibleAuthority) {













        // This API is exposed temporarily to only the contacts provider. (b/158688602)













        final int callingUid = Binder.getCallingUid();













        ProviderInfo contactsProvider = resolveContentProviderInternal(













                        ContactsContract.AUTHORITY, 0, UserHandle.getUserId(callingUid));













        if (contactsProvider == null || contactsProvider.applicationInfo == null













                || !UserHandle.isSameApp(contactsProvider.applicationInfo.uid, callingUid)) {













            throw new SecurityException(callingUid + " is not allow to call grantImplicitAccess");













        }













        final int userId = UserHandle.getUserId(recipientUid);













        final long token = Binder.clearCallingIdentity();













        final ProviderInfo providerInfo;













        try {













            providerInfo = resolveContentProvider(visibleAuthority, 0 /*flags*/, userId);













        } finally {













            Binder.restoreCallingIdentity(token);













        }













        if (providerInfo == null) {













            return;













        }













        int visibleUid = providerInfo.applicationInfo.uid;













        mPmInternal.grantImplicitAccess(userId, null /*Intent*/, UserHandle.getAppId(recipientUid),













                visibleUid, false);













    }



























    boolean canHaveOatDir(String packageName) {















        synchronized (mLock) {















            AndroidPackage p = mPackages.get(packageName);