Loading apex/blobstore/framework/java/android/app/blob/BlobStoreManager.java +2 −2 Original line number Original line Diff line number Diff line Loading @@ -89,8 +89,8 @@ import java.util.function.Consumer; * <p> Before committing the session, apps can indicate which apps are allowed to access the * <p> Before committing the session, apps can indicate which apps are allowed to access the * contributed data using one or more of the following access modes: * contributed data using one or more of the following access modes: * <ul> * <ul> * <li> {@link Session#allowPackageAccess(String, byte[])} which will allow whitelisting * <li> {@link Session#allowPackageAccess(String, byte[])} which will allow specific packages * specific packages to access the blobs. * to access the blobs. * <li> {@link Session#allowSameSignatureAccess()} which will allow only apps which are signed * <li> {@link Session#allowSameSignatureAccess()} which will allow only apps which are signed * with the same certificate as the app which contributed the blob to access it. * with the same certificate as the app which contributed the blob to access it. * <li> {@link Session#allowPublicAccess()} which will allow any app on the device to access * <li> {@link Session#allowPublicAccess()} which will allow any app on the device to access Loading apex/blobstore/framework/java/android/app/blob/XmlTags.java +1 −1 Original line number Original line Diff line number Diff line Loading @@ -36,7 +36,7 @@ public final class XmlTags { // For BlobAccessMode // For BlobAccessMode public static final String TAG_ACCESS_MODE = "am"; public static final String TAG_ACCESS_MODE = "am"; public static final String ATTR_TYPE = "t"; public static final String ATTR_TYPE = "t"; public static final String TAG_WHITELISTED_PACKAGE = "wl"; public static final String TAG_ALLOWED_PACKAGE = "wl"; public static final String ATTR_CERTIFICATE = "ct"; public static final String ATTR_CERTIFICATE = "ct"; // For BlobHandle // For BlobHandle Loading apex/blobstore/service/java/com/android/server/blob/BlobAccessMode.java +24 −24 Original line number Original line Diff line number Diff line Loading @@ -18,7 +18,7 @@ package com.android.server.blob; import static android.app.blob.XmlTags.ATTR_CERTIFICATE; import static android.app.blob.XmlTags.ATTR_CERTIFICATE; import static android.app.blob.XmlTags.ATTR_PACKAGE; import static android.app.blob.XmlTags.ATTR_PACKAGE; import static android.app.blob.XmlTags.ATTR_TYPE; import static android.app.blob.XmlTags.ATTR_TYPE; import static android.app.blob.XmlTags.TAG_WHITELISTED_PACKAGE; import static android.app.blob.XmlTags.TAG_ALLOWED_PACKAGE; import android.annotation.IntDef; import android.annotation.IntDef; import android.annotation.NonNull; import android.annotation.NonNull; Loading Loading @@ -52,21 +52,21 @@ class BlobAccessMode { ACCESS_TYPE_PRIVATE, ACCESS_TYPE_PRIVATE, ACCESS_TYPE_PUBLIC, ACCESS_TYPE_PUBLIC, ACCESS_TYPE_SAME_SIGNATURE, ACCESS_TYPE_SAME_SIGNATURE, ACCESS_TYPE_WHITELIST, ACCESS_TYPE_ALLOWLIST, }) }) @interface AccessType {} @interface AccessType {} public static final int ACCESS_TYPE_PRIVATE = 1 << 0; public static final int ACCESS_TYPE_PRIVATE = 1 << 0; public static final int ACCESS_TYPE_PUBLIC = 1 << 1; public static final int ACCESS_TYPE_PUBLIC = 1 << 1; public static final int ACCESS_TYPE_SAME_SIGNATURE = 1 << 2; public static final int ACCESS_TYPE_SAME_SIGNATURE = 1 << 2; public static final int ACCESS_TYPE_WHITELIST = 1 << 3; public static final int ACCESS_TYPE_ALLOWLIST = 1 << 3; private int mAccessType = ACCESS_TYPE_PRIVATE; private int mAccessType = ACCESS_TYPE_PRIVATE; private final ArraySet<PackageIdentifier> mWhitelistedPackages = new ArraySet<>(); private final ArraySet<PackageIdentifier> mAllowedPackages = new ArraySet<>(); void allow(BlobAccessMode other) { void allow(BlobAccessMode other) { if ((other.mAccessType & ACCESS_TYPE_WHITELIST) != 0) { if ((other.mAccessType & ACCESS_TYPE_ALLOWLIST) != 0) { mWhitelistedPackages.addAll(other.mWhitelistedPackages); mAllowedPackages.addAll(other.mAllowedPackages); } } mAccessType |= other.mAccessType; mAccessType |= other.mAccessType; } } Loading @@ -80,8 +80,8 @@ class BlobAccessMode { } } void allowPackageAccess(@NonNull String packageName, @NonNull byte[] certificate) { void allowPackageAccess(@NonNull String packageName, @NonNull byte[] certificate) { mAccessType |= ACCESS_TYPE_WHITELIST; mAccessType |= ACCESS_TYPE_ALLOWLIST; mWhitelistedPackages.add(PackageIdentifier.create(packageName, certificate)); mAllowedPackages.add(PackageIdentifier.create(packageName, certificate)); } } boolean isPublicAccessAllowed() { boolean isPublicAccessAllowed() { Loading @@ -93,10 +93,10 @@ class BlobAccessMode { } } boolean isPackageAccessAllowed(@NonNull String packageName, @NonNull byte[] certificate) { boolean isPackageAccessAllowed(@NonNull String packageName, @NonNull byte[] certificate) { if ((mAccessType & ACCESS_TYPE_WHITELIST) == 0) { if ((mAccessType & ACCESS_TYPE_ALLOWLIST) == 0) { return false; return false; } } return mWhitelistedPackages.contains(PackageIdentifier.create(packageName, certificate)); return mAllowedPackages.contains(PackageIdentifier.create(packageName, certificate)); } } boolean isAccessAllowedForCaller(Context context, boolean isAccessAllowedForCaller(Context context, Loading @@ -113,9 +113,9 @@ class BlobAccessMode { } } } } if ((mAccessType & ACCESS_TYPE_WHITELIST) != 0) { if ((mAccessType & ACCESS_TYPE_ALLOWLIST) != 0) { for (int i = 0; i < mWhitelistedPackages.size(); ++i) { for (int i = 0; i < mAllowedPackages.size(); ++i) { final PackageIdentifier packageIdentifier = mWhitelistedPackages.valueAt(i); final PackageIdentifier packageIdentifier = mAllowedPackages.valueAt(i); if (packageIdentifier.packageName.equals(callingPackage) if (packageIdentifier.packageName.equals(callingPackage) && pm.hasSigningCertificate(callingPackage, packageIdentifier.certificate, && pm.hasSigningCertificate(callingPackage, packageIdentifier.certificate, PackageManager.CERT_INPUT_SHA256)) { PackageManager.CERT_INPUT_SHA256)) { Loading @@ -131,20 +131,20 @@ class BlobAccessMode { return mAccessType; return mAccessType; } } int getNumWhitelistedPackages() { int getAllowedPackagesCount() { return mWhitelistedPackages.size(); return mAllowedPackages.size(); } } void dump(IndentingPrintWriter fout) { void dump(IndentingPrintWriter fout) { fout.println("accessType: " + DebugUtils.flagsToString( fout.println("accessType: " + DebugUtils.flagsToString( BlobAccessMode.class, "ACCESS_TYPE_", mAccessType)); BlobAccessMode.class, "ACCESS_TYPE_", mAccessType)); fout.print("Whitelisted pkgs:"); fout.print("Explicitly allowed pkgs:"); if (mWhitelistedPackages.isEmpty()) { if (mAllowedPackages.isEmpty()) { fout.println(" (Empty)"); fout.println(" (Empty)"); } else { } else { fout.increaseIndent(); fout.increaseIndent(); for (int i = 0, count = mWhitelistedPackages.size(); i < count; ++i) { for (int i = 0, count = mAllowedPackages.size(); i < count; ++i) { fout.println(mWhitelistedPackages.valueAt(i).toString()); fout.println(mAllowedPackages.valueAt(i).toString()); } } fout.decreaseIndent(); fout.decreaseIndent(); } } Loading @@ -152,12 +152,12 @@ class BlobAccessMode { void writeToXml(@NonNull XmlSerializer out) throws IOException { void writeToXml(@NonNull XmlSerializer out) throws IOException { XmlUtils.writeIntAttribute(out, ATTR_TYPE, mAccessType); XmlUtils.writeIntAttribute(out, ATTR_TYPE, mAccessType); for (int i = 0, count = mWhitelistedPackages.size(); i < count; ++i) { for (int i = 0, count = mAllowedPackages.size(); i < count; ++i) { out.startTag(null, TAG_WHITELISTED_PACKAGE); out.startTag(null, TAG_ALLOWED_PACKAGE); final PackageIdentifier packageIdentifier = mWhitelistedPackages.valueAt(i); final PackageIdentifier packageIdentifier = mAllowedPackages.valueAt(i); XmlUtils.writeStringAttribute(out, ATTR_PACKAGE, packageIdentifier.packageName); XmlUtils.writeStringAttribute(out, ATTR_PACKAGE, packageIdentifier.packageName); XmlUtils.writeByteArrayAttribute(out, ATTR_CERTIFICATE, packageIdentifier.certificate); XmlUtils.writeByteArrayAttribute(out, ATTR_CERTIFICATE, packageIdentifier.certificate); out.endTag(null, TAG_WHITELISTED_PACKAGE); out.endTag(null, TAG_ALLOWED_PACKAGE); } } } } Loading @@ -171,7 +171,7 @@ class BlobAccessMode { final int depth = in.getDepth(); final int depth = in.getDepth(); while (XmlUtils.nextElementWithin(in, depth)) { while (XmlUtils.nextElementWithin(in, depth)) { if (TAG_WHITELISTED_PACKAGE.equals(in.getName())) { if (TAG_ALLOWED_PACKAGE.equals(in.getName())) { final String packageName = XmlUtils.readStringAttribute(in, ATTR_PACKAGE); final String packageName = XmlUtils.readStringAttribute(in, ATTR_PACKAGE); final byte[] certificate = XmlUtils.readByteArrayAttribute(in, ATTR_CERTIFICATE); final byte[] certificate = XmlUtils.readByteArrayAttribute(in, ATTR_CERTIFICATE); blobAccessMode.allowPackageAccess(packageName, certificate); blobAccessMode.allowPackageAccess(packageName, certificate); Loading apex/blobstore/service/java/com/android/server/blob/BlobMetadata.java +1 −1 Original line number Original line Diff line number Diff line Loading @@ -478,7 +478,7 @@ class BlobMetadata { proto.write(BlobStatsEventProto.BlobCommitterProto.ACCESS_MODE, proto.write(BlobStatsEventProto.BlobCommitterProto.ACCESS_MODE, committer.blobAccessMode.getAccessType()); committer.blobAccessMode.getAccessType()); proto.write(BlobStatsEventProto.BlobCommitterProto.NUM_WHITELISTED_PACKAGE, proto.write(BlobStatsEventProto.BlobCommitterProto.NUM_WHITELISTED_PACKAGE, committer.blobAccessMode.getNumWhitelistedPackages()); committer.blobAccessMode.getAllowedPackagesCount()); proto.end(token); proto.end(token); } } final byte[] committersBytes = proto.getBytes(); final byte[] committersBytes = proto.getBytes(); Loading apex/blobstore/service/java/com/android/server/blob/BlobStoreSession.java +2 −2 Original line number Original line Diff line number Diff line Loading @@ -332,10 +332,10 @@ class BlobStoreSession extends IBlobStoreSession.Stub { throw new IllegalStateException("Not allowed to change access type in state: " throw new IllegalStateException("Not allowed to change access type in state: " + stateToString(mState)); + stateToString(mState)); } } if (mBlobAccessMode.getNumWhitelistedPackages() >= getMaxPermittedPackages()) { if (mBlobAccessMode.getAllowedPackagesCount() >= getMaxPermittedPackages()) { throw new ParcelableException(new LimitExceededException( throw new ParcelableException(new LimitExceededException( "Too many packages permitted to access the blob: " "Too many packages permitted to access the blob: " + mBlobAccessMode.getNumWhitelistedPackages())); + mBlobAccessMode.getAllowedPackagesCount())); } } mBlobAccessMode.allowPackageAccess(packageName, certificate); mBlobAccessMode.allowPackageAccess(packageName, certificate); } } Loading Loading
apex/blobstore/framework/java/android/app/blob/BlobStoreManager.java +2 −2 Original line number Original line Diff line number Diff line Loading @@ -89,8 +89,8 @@ import java.util.function.Consumer; * <p> Before committing the session, apps can indicate which apps are allowed to access the * <p> Before committing the session, apps can indicate which apps are allowed to access the * contributed data using one or more of the following access modes: * contributed data using one or more of the following access modes: * <ul> * <ul> * <li> {@link Session#allowPackageAccess(String, byte[])} which will allow whitelisting * <li> {@link Session#allowPackageAccess(String, byte[])} which will allow specific packages * specific packages to access the blobs. * to access the blobs. * <li> {@link Session#allowSameSignatureAccess()} which will allow only apps which are signed * <li> {@link Session#allowSameSignatureAccess()} which will allow only apps which are signed * with the same certificate as the app which contributed the blob to access it. * with the same certificate as the app which contributed the blob to access it. * <li> {@link Session#allowPublicAccess()} which will allow any app on the device to access * <li> {@link Session#allowPublicAccess()} which will allow any app on the device to access Loading
apex/blobstore/framework/java/android/app/blob/XmlTags.java +1 −1 Original line number Original line Diff line number Diff line Loading @@ -36,7 +36,7 @@ public final class XmlTags { // For BlobAccessMode // For BlobAccessMode public static final String TAG_ACCESS_MODE = "am"; public static final String TAG_ACCESS_MODE = "am"; public static final String ATTR_TYPE = "t"; public static final String ATTR_TYPE = "t"; public static final String TAG_WHITELISTED_PACKAGE = "wl"; public static final String TAG_ALLOWED_PACKAGE = "wl"; public static final String ATTR_CERTIFICATE = "ct"; public static final String ATTR_CERTIFICATE = "ct"; // For BlobHandle // For BlobHandle Loading
apex/blobstore/service/java/com/android/server/blob/BlobAccessMode.java +24 −24 Original line number Original line Diff line number Diff line Loading @@ -18,7 +18,7 @@ package com.android.server.blob; import static android.app.blob.XmlTags.ATTR_CERTIFICATE; import static android.app.blob.XmlTags.ATTR_CERTIFICATE; import static android.app.blob.XmlTags.ATTR_PACKAGE; import static android.app.blob.XmlTags.ATTR_PACKAGE; import static android.app.blob.XmlTags.ATTR_TYPE; import static android.app.blob.XmlTags.ATTR_TYPE; import static android.app.blob.XmlTags.TAG_WHITELISTED_PACKAGE; import static android.app.blob.XmlTags.TAG_ALLOWED_PACKAGE; import android.annotation.IntDef; import android.annotation.IntDef; import android.annotation.NonNull; import android.annotation.NonNull; Loading Loading @@ -52,21 +52,21 @@ class BlobAccessMode { ACCESS_TYPE_PRIVATE, ACCESS_TYPE_PRIVATE, ACCESS_TYPE_PUBLIC, ACCESS_TYPE_PUBLIC, ACCESS_TYPE_SAME_SIGNATURE, ACCESS_TYPE_SAME_SIGNATURE, ACCESS_TYPE_WHITELIST, ACCESS_TYPE_ALLOWLIST, }) }) @interface AccessType {} @interface AccessType {} public static final int ACCESS_TYPE_PRIVATE = 1 << 0; public static final int ACCESS_TYPE_PRIVATE = 1 << 0; public static final int ACCESS_TYPE_PUBLIC = 1 << 1; public static final int ACCESS_TYPE_PUBLIC = 1 << 1; public static final int ACCESS_TYPE_SAME_SIGNATURE = 1 << 2; public static final int ACCESS_TYPE_SAME_SIGNATURE = 1 << 2; public static final int ACCESS_TYPE_WHITELIST = 1 << 3; public static final int ACCESS_TYPE_ALLOWLIST = 1 << 3; private int mAccessType = ACCESS_TYPE_PRIVATE; private int mAccessType = ACCESS_TYPE_PRIVATE; private final ArraySet<PackageIdentifier> mWhitelistedPackages = new ArraySet<>(); private final ArraySet<PackageIdentifier> mAllowedPackages = new ArraySet<>(); void allow(BlobAccessMode other) { void allow(BlobAccessMode other) { if ((other.mAccessType & ACCESS_TYPE_WHITELIST) != 0) { if ((other.mAccessType & ACCESS_TYPE_ALLOWLIST) != 0) { mWhitelistedPackages.addAll(other.mWhitelistedPackages); mAllowedPackages.addAll(other.mAllowedPackages); } } mAccessType |= other.mAccessType; mAccessType |= other.mAccessType; } } Loading @@ -80,8 +80,8 @@ class BlobAccessMode { } } void allowPackageAccess(@NonNull String packageName, @NonNull byte[] certificate) { void allowPackageAccess(@NonNull String packageName, @NonNull byte[] certificate) { mAccessType |= ACCESS_TYPE_WHITELIST; mAccessType |= ACCESS_TYPE_ALLOWLIST; mWhitelistedPackages.add(PackageIdentifier.create(packageName, certificate)); mAllowedPackages.add(PackageIdentifier.create(packageName, certificate)); } } boolean isPublicAccessAllowed() { boolean isPublicAccessAllowed() { Loading @@ -93,10 +93,10 @@ class BlobAccessMode { } } boolean isPackageAccessAllowed(@NonNull String packageName, @NonNull byte[] certificate) { boolean isPackageAccessAllowed(@NonNull String packageName, @NonNull byte[] certificate) { if ((mAccessType & ACCESS_TYPE_WHITELIST) == 0) { if ((mAccessType & ACCESS_TYPE_ALLOWLIST) == 0) { return false; return false; } } return mWhitelistedPackages.contains(PackageIdentifier.create(packageName, certificate)); return mAllowedPackages.contains(PackageIdentifier.create(packageName, certificate)); } } boolean isAccessAllowedForCaller(Context context, boolean isAccessAllowedForCaller(Context context, Loading @@ -113,9 +113,9 @@ class BlobAccessMode { } } } } if ((mAccessType & ACCESS_TYPE_WHITELIST) != 0) { if ((mAccessType & ACCESS_TYPE_ALLOWLIST) != 0) { for (int i = 0; i < mWhitelistedPackages.size(); ++i) { for (int i = 0; i < mAllowedPackages.size(); ++i) { final PackageIdentifier packageIdentifier = mWhitelistedPackages.valueAt(i); final PackageIdentifier packageIdentifier = mAllowedPackages.valueAt(i); if (packageIdentifier.packageName.equals(callingPackage) if (packageIdentifier.packageName.equals(callingPackage) && pm.hasSigningCertificate(callingPackage, packageIdentifier.certificate, && pm.hasSigningCertificate(callingPackage, packageIdentifier.certificate, PackageManager.CERT_INPUT_SHA256)) { PackageManager.CERT_INPUT_SHA256)) { Loading @@ -131,20 +131,20 @@ class BlobAccessMode { return mAccessType; return mAccessType; } } int getNumWhitelistedPackages() { int getAllowedPackagesCount() { return mWhitelistedPackages.size(); return mAllowedPackages.size(); } } void dump(IndentingPrintWriter fout) { void dump(IndentingPrintWriter fout) { fout.println("accessType: " + DebugUtils.flagsToString( fout.println("accessType: " + DebugUtils.flagsToString( BlobAccessMode.class, "ACCESS_TYPE_", mAccessType)); BlobAccessMode.class, "ACCESS_TYPE_", mAccessType)); fout.print("Whitelisted pkgs:"); fout.print("Explicitly allowed pkgs:"); if (mWhitelistedPackages.isEmpty()) { if (mAllowedPackages.isEmpty()) { fout.println(" (Empty)"); fout.println(" (Empty)"); } else { } else { fout.increaseIndent(); fout.increaseIndent(); for (int i = 0, count = mWhitelistedPackages.size(); i < count; ++i) { for (int i = 0, count = mAllowedPackages.size(); i < count; ++i) { fout.println(mWhitelistedPackages.valueAt(i).toString()); fout.println(mAllowedPackages.valueAt(i).toString()); } } fout.decreaseIndent(); fout.decreaseIndent(); } } Loading @@ -152,12 +152,12 @@ class BlobAccessMode { void writeToXml(@NonNull XmlSerializer out) throws IOException { void writeToXml(@NonNull XmlSerializer out) throws IOException { XmlUtils.writeIntAttribute(out, ATTR_TYPE, mAccessType); XmlUtils.writeIntAttribute(out, ATTR_TYPE, mAccessType); for (int i = 0, count = mWhitelistedPackages.size(); i < count; ++i) { for (int i = 0, count = mAllowedPackages.size(); i < count; ++i) { out.startTag(null, TAG_WHITELISTED_PACKAGE); out.startTag(null, TAG_ALLOWED_PACKAGE); final PackageIdentifier packageIdentifier = mWhitelistedPackages.valueAt(i); final PackageIdentifier packageIdentifier = mAllowedPackages.valueAt(i); XmlUtils.writeStringAttribute(out, ATTR_PACKAGE, packageIdentifier.packageName); XmlUtils.writeStringAttribute(out, ATTR_PACKAGE, packageIdentifier.packageName); XmlUtils.writeByteArrayAttribute(out, ATTR_CERTIFICATE, packageIdentifier.certificate); XmlUtils.writeByteArrayAttribute(out, ATTR_CERTIFICATE, packageIdentifier.certificate); out.endTag(null, TAG_WHITELISTED_PACKAGE); out.endTag(null, TAG_ALLOWED_PACKAGE); } } } } Loading @@ -171,7 +171,7 @@ class BlobAccessMode { final int depth = in.getDepth(); final int depth = in.getDepth(); while (XmlUtils.nextElementWithin(in, depth)) { while (XmlUtils.nextElementWithin(in, depth)) { if (TAG_WHITELISTED_PACKAGE.equals(in.getName())) { if (TAG_ALLOWED_PACKAGE.equals(in.getName())) { final String packageName = XmlUtils.readStringAttribute(in, ATTR_PACKAGE); final String packageName = XmlUtils.readStringAttribute(in, ATTR_PACKAGE); final byte[] certificate = XmlUtils.readByteArrayAttribute(in, ATTR_CERTIFICATE); final byte[] certificate = XmlUtils.readByteArrayAttribute(in, ATTR_CERTIFICATE); blobAccessMode.allowPackageAccess(packageName, certificate); blobAccessMode.allowPackageAccess(packageName, certificate); Loading
apex/blobstore/service/java/com/android/server/blob/BlobMetadata.java +1 −1 Original line number Original line Diff line number Diff line Loading @@ -478,7 +478,7 @@ class BlobMetadata { proto.write(BlobStatsEventProto.BlobCommitterProto.ACCESS_MODE, proto.write(BlobStatsEventProto.BlobCommitterProto.ACCESS_MODE, committer.blobAccessMode.getAccessType()); committer.blobAccessMode.getAccessType()); proto.write(BlobStatsEventProto.BlobCommitterProto.NUM_WHITELISTED_PACKAGE, proto.write(BlobStatsEventProto.BlobCommitterProto.NUM_WHITELISTED_PACKAGE, committer.blobAccessMode.getNumWhitelistedPackages()); committer.blobAccessMode.getAllowedPackagesCount()); proto.end(token); proto.end(token); } } final byte[] committersBytes = proto.getBytes(); final byte[] committersBytes = proto.getBytes(); Loading
apex/blobstore/service/java/com/android/server/blob/BlobStoreSession.java +2 −2 Original line number Original line Diff line number Diff line Loading @@ -332,10 +332,10 @@ class BlobStoreSession extends IBlobStoreSession.Stub { throw new IllegalStateException("Not allowed to change access type in state: " throw new IllegalStateException("Not allowed to change access type in state: " + stateToString(mState)); + stateToString(mState)); } } if (mBlobAccessMode.getNumWhitelistedPackages() >= getMaxPermittedPackages()) { if (mBlobAccessMode.getAllowedPackagesCount() >= getMaxPermittedPackages()) { throw new ParcelableException(new LimitExceededException( throw new ParcelableException(new LimitExceededException( "Too many packages permitted to access the blob: " "Too many packages permitted to access the blob: " + mBlobAccessMode.getNumWhitelistedPackages())); + mBlobAccessMode.getAllowedPackagesCount())); } } mBlobAccessMode.allowPackageAccess(packageName, certificate); mBlobAccessMode.allowPackageAccess(packageName, certificate); } } Loading
