Heed user shell restriction for pm calls (5ebdefd0) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/pm/PackageManagerService.java

+79 −40

Original line number	Diff line number	Diff line
		@@ -2915,7 +2915,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		@Override
		public boolean isPackageAvailable(String packageName, int userId) {
		if (!sUserManager.exists(userId)) return false;
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, "is package available");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */, "is package available");
		synchronized (mPackages) {
		PackageParser.Package p = mPackages.get(packageName);
		if (p != null) {
		@@ -2935,7 +2936,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		public PackageInfo getPackageInfo(String packageName, int flags, int userId) {
		if (!sUserManager.exists(userId)) return null;
		flags = updateFlagsForPackage(flags, userId, packageName);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, "get package info");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */, "get package info");
		// reader
		synchronized (mPackages) {
		PackageParser.Package p = mPackages.get(packageName);
		@@ -2981,7 +2983,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		public int getPackageUid(String packageName, int flags, int userId) {
		if (!sUserManager.exists(userId)) return -1;
		flags = updateFlagsForPackage(flags, userId, packageName);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, "get package uid");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */, "get package uid");

		// reader
		synchronized (mPackages) {
		@@ -3004,7 +3007,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		public int[] getPackageGids(String packageName, int flags, int userId) {
		if (!sUserManager.exists(userId)) return null;
		flags = updateFlagsForPackage(flags, userId, packageName);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */,
		"getPackageGids");

		// reader
		@@ -3144,7 +3148,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		public ApplicationInfo getApplicationInfo(String packageName, int flags, int userId) {
		if (!sUserManager.exists(userId)) return null;
		flags = updateFlagsForApplication(flags, userId, packageName);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, "get application info");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */, "get application info");
		// writer
		synchronized (mPackages) {
		PackageParser.Package p = mPackages.get(packageName);
		@@ -3359,7 +3364,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		public ActivityInfo getActivityInfo(ComponentName component, int flags, int userId) {
		if (!sUserManager.exists(userId)) return null;
		flags = updateFlagsForComponent(flags, userId, component);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, "get activity info");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */, "get activity info");
		synchronized (mPackages) {
		PackageParser.Activity a = mActivities.mActivities.get(component);

		@@ -3404,7 +3410,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		public ActivityInfo getReceiverInfo(ComponentName component, int flags, int userId) {
		if (!sUserManager.exists(userId)) return null;
		flags = updateFlagsForComponent(flags, userId, component);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, "get receiver info");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */, "get receiver info");
		synchronized (mPackages) {
		PackageParser.Activity a = mReceivers.mActivities.get(component);
		if (DEBUG_PACKAGE_INFO) Log.v(
		@@ -3423,7 +3430,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		public ServiceInfo getServiceInfo(ComponentName component, int flags, int userId) {
		if (!sUserManager.exists(userId)) return null;
		flags = updateFlagsForComponent(flags, userId, component);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, "get service info");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */, "get service info");
		synchronized (mPackages) {
		PackageParser.Service s = mServices.mServices.get(component);
		if (DEBUG_PACKAGE_INFO) Log.v(
		@@ -3442,7 +3450,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		public ProviderInfo getProviderInfo(ComponentName component, int flags, int userId) {
		if (!sUserManager.exists(userId)) return null;
		flags = updateFlagsForComponent(flags, userId, component);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, "get provider info");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */, "get provider info");
		synchronized (mPackages) {
		PackageParser.Provider p = mProviders.mProviders.get(component);
		if (DEBUG_PACKAGE_INFO) Log.v(
		@@ -3834,7 +3843,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS,
		"grantRuntimePermission");

		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, true / checkShell */,
		"grantRuntimePermission");

		final int uid;
		@@ -3945,7 +3955,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		android.Manifest.permission.REVOKE_RUNTIME_PERMISSIONS,
		"revokeRuntimePermission");

		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, true / checkShell */,
		"revokeRuntimePermission");

		final int appId;
		@@ -4049,7 +4060,8 @@ public class PackageManagerService extends IPackageManager.Stub {

		enforceGrantRevokeRuntimePermissionPermissions("getPermissionFlags");

		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, false / checkShell */,
		"getPermissionFlags");

		synchronized (mPackages) {
		@@ -4082,7 +4094,8 @@ public class PackageManagerService extends IPackageManager.Stub {

		enforceGrantRevokeRuntimePermissionPermissions("updatePermissionFlags");

		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, true / checkShell */,
		"updatePermissionFlags");

		// Only the system can change these flags and nothing else.
		@@ -4139,7 +4152,8 @@ public class PackageManagerService extends IPackageManager.Stub {

		enforceGrantRevokeRuntimePermissionPermissions("updatePermissionFlagsForAllApps");

		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, true / checkShell */,
		"updatePermissionFlagsForAllApps");

		// Only the system can change system fixed flags.
		@@ -4572,7 +4586,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		int flags, int userId) {
		if (!sUserManager.exists(userId)) return null;
		flags = updateFlagsForResolve(flags, userId, intent);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, "resolve intent");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */, "resolve intent");
		List<ResolveInfo> query = queryIntentActivities(intent, resolvedType, flags, userId);
		final ResolveInfo bestChoice =
		chooseBestActivity(intent, resolvedType, flags, query, userId);
		@@ -5033,7 +5048,9 @@ public class PackageManagerService extends IPackageManager.Stub {
		String resolvedType, int flags, int userId) {
		if (!sUserManager.exists(userId)) return Collections.emptyList();
		flags = updateFlagsForResolve(flags, userId, intent);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, "query intent activities");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */,
		"query intent activities");
		ComponentName comp = intent.getComponent();
		if (comp == null) {
		if (intent.getSelector() != null) {
		@@ -5523,8 +5540,9 @@ public class PackageManagerService extends IPackageManager.Stub {
		String resolvedType, int flags, int userId) {
		if (!sUserManager.exists(userId)) return Collections.emptyList();
		flags = updateFlagsForResolve(flags, userId, intent);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false,
		false, "query intent activity options");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		false /* requireFullPermission /, false / checkShell */,
		"query intent activity options");
		final String resultsAction = intent.getAction();

		List<ResolveInfo> results = queryIntentActivities(intent, resolvedType, flags
		@@ -5825,7 +5843,9 @@ public class PackageManagerService extends IPackageManager.Stub {
		if (!sUserManager.exists(userId)) return ParceledListSlice.emptyList();
		flags = updateFlagsForPackage(flags, userId, null);
		final boolean listUninstalled = (flags & MATCH_UNINSTALLED_PACKAGES) != 0;
		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false, "get installed packages");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, false / checkShell */,
		"get installed packages");

		// writer
		synchronized (mPackages) {
		@@ -5977,7 +5997,8 @@ public class PackageManagerService extends IPackageManager.Stub {

		mContext.enforceCallingOrSelfPermission(Manifest.permission.ACCESS_EPHEMERAL_APPS,
		"getEphemeralApplications");
		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, false / checkShell */,
		"getEphemeralApplications");
		synchronized (mPackages) {
		List<EphemeralApplicationInfo> ephemeralApps = mEphemeralApplicationRegistry
		@@ -5991,7 +6012,8 @@ public class PackageManagerService extends IPackageManager.Stub {

		@Override
		public boolean isEphemeralApplication(String packageName, int userId) {
		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, false / checkShell */,
		"isEphemeral");
		if (DISABLE_EPHEMERAL_APPS) {
		return false;
		@@ -6015,7 +6037,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		return null;
		}

		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, false / checkShell */,
		"getCookie");
		if (!isCallerSameApp(packageName)) {
		return null;
		@@ -6032,7 +6055,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		return true;
		}

		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, true / checkShell */,
		"setCookie");
		if (!isCallerSameApp(packageName)) {
		return false;
		@@ -6051,7 +6075,8 @@ public class PackageManagerService extends IPackageManager.Stub {

		mContext.enforceCallingOrSelfPermission(Manifest.permission.ACCESS_EPHEMERAL_APPS,
		"getEphemeralApplicationIcon");
		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, false / checkShell */,
		"getEphemeralApplicationIcon");
		synchronized (mPackages) {
		return mEphemeralApplicationRegistry.getEphemeralApplicationIconLPw(
		@@ -10417,7 +10442,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		mContext.enforceCallingOrSelfPermission(android.Manifest.permission.INSTALL_PACKAGES, null);

		final int callingUid = Binder.getCallingUid();
		enforceCrossUserPermission(callingUid, userId, true, true, "installPackageAsUser");
		enforceCrossUserPermission(callingUid, userId,
		true /* requireFullPermission /, true / checkShell */, "installPackageAsUser");

		if (isUserRestricted(userId, UserManager.DISALLOW_INSTALL_APPS)) {
		try {
		@@ -10548,7 +10574,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		mContext.enforceCallingOrSelfPermission(android.Manifest.permission.MANAGE_USERS, null);
		PackageSetting pkgSetting;
		final int uid = Binder.getCallingUid();
		enforceCrossUserPermission(uid, userId, true, true,
		enforceCrossUserPermission(uid, userId,
		true /* requireFullPermission /, true / checkShell */,
		"setApplicationHiddenSetting for user " + userId);

		if (hidden && isPackageDeviceAdmin(packageName, userId)) {
		@@ -10621,8 +10648,9 @@ public class PackageManagerService extends IPackageManager.Stub {
		@Override
		public boolean getApplicationHiddenSettingAsUser(String packageName, int userId) {
		mContext.enforceCallingOrSelfPermission(android.Manifest.permission.MANAGE_USERS, null);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, true,
		false, "getApplicationHidden for user " + userId);
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, false / checkShell */,
		"getApplicationHidden for user " + userId);
		PackageSetting pkgSetting;
		long callingId = Binder.clearCallingIdentity();
		try {
		@@ -10648,8 +10676,9 @@ public class PackageManagerService extends IPackageManager.Stub {
		null);
		PackageSetting pkgSetting;
		final int uid = Binder.getCallingUid();
		enforceCrossUserPermission(uid, userId, true, true, "installExistingPackage for user "
		+ userId);
		enforceCrossUserPermission(uid, userId,
		true /* requireFullPermission /, true / checkShell */,
		"installExistingPackage for user " + userId);
		if (isUserRestricted(userId, UserManager.DISALLOW_INSTALL_APPS)) {
		return PackageManager.INSTALL_FAILED_USER_RESTRICTED;
		}
		@@ -10698,7 +10727,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		public String[] setPackagesSuspendedAsUser(String[] packageNames, boolean suspended,
		int userId) {
		mContext.enforceCallingOrSelfPermission(android.Manifest.permission.MANAGE_USERS, null);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, true,
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, true / checkShell */,
		"setPackagesSuspended for user " + userId);

		if (ArrayUtils.isEmpty(packageNames)) {
		@@ -10756,8 +10786,9 @@ public class PackageManagerService extends IPackageManager.Stub {

		@Override
		public boolean isPackageSuspendedForUser(String packageName, int userId) {
		enforceCrossUserPermission(Binder.getCallingUid(), userId, true,
		false, "isPackageSuspendedForUser for user " + userId);
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, false / checkShell */,
		"isPackageSuspendedForUser for user " + userId);
		synchronized (mPackages) {
		final PackageSetting pkgSetting = mSettings.mPackages.get(packageName);
		return pkgSetting != null && pkgSetting.getSuspended(userId);
		@@ -15016,7 +15047,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		final IPackageDataObserver observer, final int userId) {
		mContext.enforceCallingOrSelfPermission(
		android.Manifest.permission.CLEAR_APP_USER_DATA, null);
		enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false, "clear application data");
		enforceCrossUserPermission(Binder.getCallingUid(), userId,
		true /* requireFullPermission /, false / checkShell */, "clear application data");
		// Queue up an async operation since the package deletion may take a little while.
		mHandler.post(new Runnable() {
		public void run() {
		@@ -15479,7 +15511,8 @@ public class PackageManagerService extends IPackageManager.Stub {
		String opname) {
		// writer
		int callingUid = Binder.getCallingUid();
		enforceCrossUserPermission(callingUid, userId, true, false, "add preferred activity");
		enforceCrossUserPermission(callingUid, userId,
		true /* requireFullPermission /, false / checkShell */, "add preferred activity");
		if (filter.countActions() == 0) {
		Slog.w(TAG, "Cannot set a preferred activity with no filter actions");
		return;
		@@ -15524,7 +15557,9 @@ public class PackageManagerService extends IPackageManager.Stub {
		}

		final int callingUid = Binder.getCallingUid();
		enforceCrossUserPermission(callingUid, userId, true, false, "replace preferred activity");
		enforceCrossUserPermission(callingUid, userId,
		true /* requireFullPermission /, false / checkShell */,
		"replace preferred activity");
		synchronized (mPackages) {
		if (mContext.checkCallingOrSelfPermission(
		android.Manifest.permission.SET_PREFERRED_APPLICATIONS)
		@@ -16342,7 +16377,8 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
		final int uid = Binder.getCallingUid();
		final int permission = mContext.checkCallingOrSelfPermission(
		android.Manifest.permission.CHANGE_COMPONENT_ENABLED_STATE);
		enforceCrossUserPermission(uid, userId, false, true, "set enabled");
		enforceCrossUserPermission(uid, userId,
		false /* requireFullPermission /, true / checkShell */, "set enabled");
		final boolean allowedByPermission = (permission == PackageManager.PERMISSION_GRANTED);
		boolean sendNow = false;
		boolean isApp = (className == null);
		@@ -16481,7 +16517,8 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
		final int permission = mContext.checkCallingOrSelfPermission(
		android.Manifest.permission.CHANGE_COMPONENT_ENABLED_STATE);
		final boolean allowedByPermission = (permission == PackageManager.PERMISSION_GRANTED);
		enforceCrossUserPermission(uid, userId, true, true, "stop package");
		enforceCrossUserPermission(uid, userId,
		true /* requireFullPermission /, true / checkShell */, "stop package");
		// writer
		synchronized (mPackages) {
		if (mSettings.setPackageStoppedStateLPw(this, packageName, stopped,
		@@ -16503,7 +16540,8 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
		public int getApplicationEnabledSetting(String packageName, int userId) {
		if (!sUserManager.exists(userId)) return COMPONENT_ENABLED_STATE_DISABLED;
		int uid = Binder.getCallingUid();
		enforceCrossUserPermission(uid, userId, false, false, "get enabled");
		enforceCrossUserPermission(uid, userId,
		false /* requireFullPermission /, false / checkShell */, "get enabled");
		// reader
		synchronized (mPackages) {
		return mSettings.getApplicationEnabledSettingLPr(packageName, userId);
		@@ -16514,7 +16552,8 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
		public int getComponentEnabledSetting(ComponentName componentName, int userId) {
		if (!sUserManager.exists(userId)) return COMPONENT_ENABLED_STATE_DISABLED;
		int uid = Binder.getCallingUid();
		enforceCrossUserPermission(uid, userId, false, false, "get component enabled");
		enforceCrossUserPermission(uid, userId,
		false /* requireFullPermission /, false / checkShell */, "get component enabled");
		// reader
		synchronized (mPackages) {
		return mSettings.getComponentEnabledSettingLPr(componentName, userId);