Merge "TEMP add more logging for SecurityExceptions in PermissionChecker" (4a19e021) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/appop/AppOpsService.java

+6 −4

Original line number	Diff line number	Diff line
		@@ -4562,8 +4562,9 @@ public class AppOpsService extends IAppOpsService.Stub {
		}
		if (pkgUid != Process.INVALID_UID) {
		if (pkgUid != UserHandle.getAppId(uid)) {
		String otherUidMessage = DEBUG ? " but it is really " + pkgUid : " but it is not";
		throw new SecurityException("Specified package " + packageName + " under uid "
		//TODO 195339480: replace true with debug
		String otherUidMessage = true ? " but it is really " + pkgUid : " but it is not";
		throw new SecurityException("Specified package \"" + packageName + "\" under uid "
		+ UserHandle.getAppId(uid) + otherUidMessage);
		}
		return new PackageVerificationResult(RestrictionBypass.UNRESTRICTED,
		@@ -4618,8 +4619,9 @@ public class AppOpsService extends IAppOpsService.Stub {
		}

		if (pkgUid != uid) {
		String otherUidMessage = DEBUG ? " but it is really " + pkgUid : " but it is not";
		throw new SecurityException("Specified package " + packageName + " under uid " + uid
		//TODO 195339480: replace true with debug
		String otherUidMessage = true ? " but it is really " + pkgUid : " but it is not";
		throw new SecurityException("Specified package \"" + packageName + "\" under uid " + uid
		+ otherUidMessage);
		}

services/core/java/com/android/server/pm/permission/PermissionManagerService.java

+33 −5

Original line number	Diff line number	Diff line
		@@ -6131,9 +6131,23 @@ public class PermissionManagerService extends IPermissionManager.Stub {
		proxyAttributionFlags, proxiedAttributionFlags, attributionChainId);
		}
		} else {
		try {
		startedOpResult = appOpsManager.startProxyOpNoThrow(startedOp,
		resolvedAttributionSource, message, skipProxyOperation,
		proxyAttributionFlags, proxiedAttributionFlags, attributionChainId);
		} catch (SecurityException e) {
		//TODO 195339480: remove
		String msg = "Security exception for op " + startedOp + " with source "
		+ attributionSource.getUid() + ":"
		+ attributionSource.getPackageName() + ", "
		+ attributionSource.getNextUid() + ":"
		+ attributionSource.getNextPackageName();
		if (attributionSource.getNext() != null) {
		AttributionSource next = attributionSource.getNext();
		msg = msg + ", " + next.getNextPackageName() + ":" + next.getNextUid();
		}
		throw new SecurityException(msg + ":" + e.getMessage());
		}
		}
		return Math.max(checkedOpResult, startedOpResult);
		} else {
		@@ -6180,8 +6194,22 @@ public class PermissionManagerService extends IPermissionManager.Stub {
		message, skipProxyOperation);
		}
		} else {
		try {
		notedOpResult = appOpsManager.noteProxyOpNoThrow(notedOp,
		resolvedAttributionSource, message, skipProxyOperation);
		} catch (SecurityException e) {
		//TODO 195339480: remove
		String msg = "Security exception for op " + notedOp + " with source "
		+ attributionSource.getUid() + ":"
		+ attributionSource.getPackageName() + ", "
		+ attributionSource.getNextUid() + ":"
		+ attributionSource.getNextPackageName();
		if (attributionSource.getNext() != null) {
		AttributionSource next = attributionSource.getNext();
		msg = msg + ", " + next.getNextPackageName() + ":" + next.getNextUid();
		}
		throw new SecurityException(msg + ":" + e.getMessage());
		}
		}
		return Math.max(checkedOpResult, notedOpResult);
		}