Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5b36ee3f authored by Alex Kershaw's avatar Alex Kershaw
Browse files

Make WPMS look for DOs and POs in the correct calling user 

Currently, it will always look in user 0 since it uses the DPM from
mContext, which will always be from user 0 as WPMS is in the system
server process.

Extend DPMI to provide the necessary external helper API. This is
preferable to just using createContextAsUser before getting the DPM
instance since it avoids a second binding.

Fixes: 144048540
Fixes: 172682826
Bug: 153995973
Test: atest com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testSetWallpaper_disallowed
Change-Id: I52b71000fac31ff6725ddded58206f69b263ae33
parent 5e3e2383

core/java/android/app/admin/DevicePolicyManagerInternal.java

+7 −0
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ 


package android.app.admin;



import android.annotation.Nullable;

import android.annotation.UserIdInt;

import android.content.ComponentName;

import android.content.Intent;
@@ -229,5 +230,11 @@ public abstract class DevicePolicyManagerInternal { 
    /**

     * Returns the profile owner component for the given user, or {@code null} if there is not one.

     */

    @Nullable

    public abstract ComponentName getProfileOwnerAsUser(int userHandle);



    /**

     * Returns whether the given package is a device owner or a profile owner in the calling user.

     */

    public abstract boolean isDeviceOrProfileOwnerInCallingUser(String packageName);

}

services/core/java/com/android/server/wallpaper/WallpaperManagerService.java

+3 −7
Original line number Diff line number Diff line
@@ -39,7 +39,7 @@ import android.app.WallpaperColors; 
import android.app.WallpaperInfo;

import android.app.WallpaperManager;

import android.app.WallpaperManager.SetWallpaperFlags;

import android.app.admin.DevicePolicyManager;

import android.app.admin.DevicePolicyManagerInternal;

import android.app.backup.WallpaperBackupHelper;

import android.content.BroadcastReceiver;

import android.content.ComponentName;
@@ -100,7 +100,6 @@ import com.android.internal.annotations.VisibleForTesting; 
import com.android.internal.content.PackageMonitor;

import com.android.internal.os.BackgroundThread;

import com.android.internal.util.DumpUtils;

import com.android.internal.util.FastXmlSerializer;

import com.android.internal.util.JournaledFile;

import com.android.server.EventLogTags;

import com.android.server.FgThread;
@@ -125,7 +124,6 @@ import java.io.FileOutputStream; 
import java.io.IOException;

import java.io.InputStream;

import java.io.PrintWriter;

import java.nio.charset.StandardCharsets;

import java.util.ArrayList;

import java.util.Arrays;

import java.util.List;
@@ -2848,10 +2846,8 @@ public class WallpaperManagerService extends IWallpaperManager.Stub 
        if (!uidMatchPackage) {

            return false;   // callingPackage was faked.

        }



        // TODO(b/144048540): DPM needs to take into account the userId, not just the package.

        final DevicePolicyManager dpm = mContext.getSystemService(DevicePolicyManager.class);

        if (dpm.isDeviceOwnerApp(callingPackage) || dpm.isProfileOwnerApp(callingPackage)) {

        if (LocalServices.getService(DevicePolicyManagerInternal.class)

                .isDeviceOrProfileOwnerInCallingUser(callingPackage)) {

            return true;

        }

        final int callingUserId = UserHandle.getCallingUserId();

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+21 −0
Original line number Diff line number Diff line
@@ -11524,6 +11524,27 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
        public ComponentName getProfileOwnerAsUser(int userHandle) {

            return DevicePolicyManagerService.this.getProfileOwnerAsUser(userHandle);

        }













        @Override













        public boolean isDeviceOrProfileOwnerInCallingUser(String packageName) {













            return isDeviceOwnerInCallingUser(packageName)













                    || isProfileOwnerInCallingUser(packageName);













        }

























        private boolean isDeviceOwnerInCallingUser(String packageName) {













            final ComponentName deviceOwnerInCallingUser =













                    DevicePolicyManagerService.this.getDeviceOwnerComponent(













                            /* callingUserOnly= */ true);













            return deviceOwnerInCallingUser != null













                    && packageName.equals(deviceOwnerInCallingUser.getPackageName());













        }

























        private boolean isProfileOwnerInCallingUser(String packageName) {













            final ComponentName profileOwnerInCallingUser =













                    getProfileOwnerAsUser(UserHandle.getCallingUserId());













            return profileOwnerInCallingUser != null













                    && packageName.equals(profileOwnerInCallingUser.getPackageName());













        }















    }





























    private Intent createShowAdminSupportIntent(ComponentName admin, int userId) {