Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 57e57e3c authored by Vaibhav Singhal's avatar Vaibhav Singhal Committed by Android (Google) Code Review
Browse files

Merge "Additional ACL Check in AppFunctionManagerService" into main

parents 8265ce74 eaa3df89

services/appfunctions/java/com/android/server/appfunctions/AppFunctionManagerServiceImpl.java

+1 −1
Original line number Diff line number Diff line
@@ -155,7 +155,7 @@ public class AppFunctionManagerServiceImpl extends IAppFunctionManager.Stub { 
                context,

                new RemoteServiceCallerImpl<>(

                        context, IAppFunctionService.Stub::asInterface, THREAD_POOL_EXECUTOR),

                new CallerValidatorImpl(context),

                new CallerValidatorImpl(context, appFunctionAccessServiceInterface),

                new ServiceHelperImpl(context),

                new ServiceConfigImpl(),

                new AppFunctionsLoggerWrapper(context),

services/appfunctions/java/com/android/server/appfunctions/CallerValidatorImpl.java

+59 −5
Original line number Diff line number Diff line
@@ -22,6 +22,8 @@ import android.annotation.NonNull; 
import android.annotation.RequiresPermission;

import android.app.admin.DevicePolicyManager;

import android.app.admin.DevicePolicyManager.AppFunctionsPolicy;

import android.app.appfunctions.AppFunctionAccessServiceInterface;

import android.app.appfunctions.AppFunctionManager;

import android.content.Context;

import android.content.pm.PackageManager;

import android.os.Binder;
@@ -36,9 +38,13 @@ import java.util.Objects; 
/* Validates that caller has the correct privilege to call an AppFunctionManager Api. */

class CallerValidatorImpl implements CallerValidator {

    private final Context mContext;

    private final AppFunctionAccessServiceInterface mAppFunctionAccessService;



    CallerValidatorImpl(@NonNull Context context) {

    CallerValidatorImpl(

            @NonNull Context context,

            @NonNull AppFunctionAccessServiceInterface appFunctionAccessService) {

        mContext = Objects.requireNonNull(context);

        mAppFunctionAccessService = Objects.requireNonNull(appFunctionAccessService);

    }



    @Override
@@ -75,16 +81,45 @@ class CallerValidatorImpl implements CallerValidator { 
        }

    }



    @Override

    @RequiresPermission(Manifest.permission.EXECUTE_APP_FUNCTIONS)

    @CanExecuteAppFunctionResult

    public AndroidFuture<Integer> verifyCallerCanExecuteAppFunction(

    private AndroidFuture<Integer> verifyCallerCanExecuteAppFunctionWithAccessService(

            int callingUid,

            int callingPid,

            @NonNull UserHandle targetUser,

            @NonNull String callerPackageName,

            @NonNull String targetPackageName,

            @NonNull String functionId) {

            @NonNull String targetPackageName) {



        boolean hasExecutionPermission =

                mContext.checkPermission(

                        Manifest.permission.EXECUTE_APP_FUNCTIONS, callingPid, callingUid)

                        == PackageManager.PERMISSION_GRANTED;



        boolean isSamePackage = callerPackageName.equals(targetPackageName);

        int requestState =

                mAppFunctionAccessService.getAccessRequestState(

                        callerPackageName,

                        UserHandle.getUserId(callingUid),

                        targetPackageName,

                        targetUser.getIdentifier());

        boolean hasAccessPermission =

                requestState == AppFunctionManager.ACCESS_REQUEST_STATE_GRANTED;

        if (hasExecutionPermission && hasAccessPermission) {

            return AndroidFuture.completedFuture(CAN_EXECUTE_APP_FUNCTIONS_ALLOWED_HAS_PERMISSION);

        }

        if (isSamePackage) {

            return AndroidFuture.completedFuture(CAN_EXECUTE_APP_FUNCTIONS_ALLOWED_SAME_PACKAGE);

        }

        return AndroidFuture.completedFuture(CAN_EXECUTE_APP_FUNCTIONS_DENIED);

    }



    @RequiresPermission(Manifest.permission.EXECUTE_APP_FUNCTIONS)

    @CanExecuteAppFunctionResult

    private AndroidFuture<Integer> verifyCallerCanExecuteAppFunctionHelper(

            int callingUid,

            int callingPid,

            @NonNull String callerPackageName,

            @NonNull String targetPackageName) {

        boolean hasExecutionPermission =

                mContext.checkPermission(

                                Manifest.permission.EXECUTE_APP_FUNCTIONS, callingPid, callingUid)
@@ -98,6 +133,25 @@ class CallerValidatorImpl implements CallerValidator { 
        return AndroidFuture.completedFuture(CAN_EXECUTE_APP_FUNCTIONS_DENIED);

    }



    @Override

    @RequiresPermission(Manifest.permission.EXECUTE_APP_FUNCTIONS)

    @CanExecuteAppFunctionResult

    public AndroidFuture<Integer> verifyCallerCanExecuteAppFunction(

            int callingUid,

            int callingPid,

            @NonNull UserHandle targetUser,

            @NonNull String callerPackageName,

            @NonNull String targetPackageName,

            @NonNull String functionId) {



        if (Flags.appFunctionAccessApiEnabled() && Flags.appFunctionAccessServiceEnabled()) {

            return verifyCallerCanExecuteAppFunctionWithAccessService(

                    callingUid, callingPid, targetUser, callerPackageName, targetPackageName);

        }

        return verifyCallerCanExecuteAppFunctionHelper(

                callingUid, callingPid, callerPackageName, targetPackageName);

    }



    @Override

    public boolean verifyEnterprisePolicyIsAllowed(

            @NonNull UserHandle callingUser, @NonNull UserHandle targetUser) {