Check cross user permissions for a given UID (6775f075) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/pm/ComputerEngine.java

+7 −7

Original line number	Diff line number	Diff line
		@@ -649,11 +649,11 @@ public class ComputerEngine implements Computer {
		int userId, int callingUid, int callingPid,
		boolean includeInstantApps, boolean resolveForStart) {
		if (!mUserManager.exists(userId)) return Collections.emptyList();
		enforceCrossUserOrProfilePermission(callingUid,
		enforceCrossUserOrProfilePermission(Binder.getCallingUid(),
		userId,
		false /requireFullPermission/,
		false /checkShell/,
		"query intent receivers");
		"query intent services");
		final String instantAppPkgName = getInstantAppPackageName(callingUid);
		flags = updateFlagsForResolve(flags, userId, callingUid, includeInstantApps,
		false /* isImplicitImageCaptureIntentAndNotSetByDpc */);
		@@ -2208,10 +2208,10 @@ public class ComputerEngine implements Computer {
		return true;
		}
		boolean permissionGranted = requireFullPermission ? hasPermission(
		Manifest.permission.INTERACT_ACROSS_USERS_FULL)
		Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingUid)
		: (hasPermission(
		android.Manifest.permission.INTERACT_ACROSS_USERS_FULL)
		\|\| hasPermission(Manifest.permission.INTERACT_ACROSS_USERS));
		android.Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingUid)
		\|\| hasPermission(Manifest.permission.INTERACT_ACROSS_USERS, callingUid));
		if (!permissionGranted) {
		if (Process.isIsolatedUid(callingUid) && isKnownIsolatedComputeApp(callingUid)) {
		return checkIsolatedOwnerHasPermission(callingUid, requireFullPermission);
		@@ -4668,7 +4668,7 @@ public class ComputerEngine implements Computer {

		if (!forceAllowCrossUser) {
		enforceCrossUserPermission(
		callingUid,
		Binder.getCallingUid(),
		userId,
		false /* requireFullPermission */,
		false /* checkShell */,
		@@ -5241,7 +5241,7 @@ public class ComputerEngine implements Computer {
		@Override
		public int getComponentEnabledSetting(@NonNull ComponentName component, int callingUid,
		@UserIdInt int userId) {
		enforceCrossUserPermission(callingUid, userId, false /requireFullPermission/,
		enforceCrossUserPermission(Binder.getCallingUid(), userId, false /requireFullPermission/,
		false /checkShell/, "getComponentEnabled");
		return getComponentEnabledSettingInternal(component, callingUid, userId);
		}

services/tests/PackageManagerComponentOverrideTests/src/com/android/server/pm/test/override/PackageManagerComponentLabelIconOverrideTest.kt

+5 −0

Original line number	Diff line number	Diff line
		@@ -57,6 +57,7 @@ import org.junit.BeforeClass
		import org.junit.Test
		import org.junit.runner.RunWith
		import org.junit.runners.Parameterized
		import org.mockito.ArgumentMatchers.eq
		import org.mockito.Mockito.any
		import org.mockito.Mockito.anyInt
		import org.mockito.Mockito.doReturn
		@@ -383,6 +384,10 @@ class PackageManagerComponentLabelIconOverrideTest {
		android.Manifest.permission.INTERACT_ACROSS_USERS_FULL)) {
		PackageManager.PERMISSION_GRANTED
		}
		whenever(this.checkPermission(
		eq(android.Manifest.permission.INTERACT_ACROSS_USERS_FULL), anyInt(), anyInt())) {
		PackageManager.PERMISSION_GRANTED
		}
		}
		val mockSharedLibrariesImpl: SharedLibrariesImpl = mock {
		whenever(this.snapshot()) { this@mock }