Loading services/core/java/com/android/server/pm/PackageManagerService.java +24 −3 Original line number Original line Diff line number Diff line Loading @@ -4473,7 +4473,9 @@ public class PackageManagerService extends IPackageManager.Stub triaged = false; triaged = false; } } if ((flags & PackageManager.MATCH_ANY_USER) != 0) { if ((flags & PackageManager.MATCH_ANY_USER) != 0) { enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, // require the permission to be held; the calling uid and given user id referring // to the same user is not sufficient enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, true, "MATCH_ANY_USER flag requires INTERACT_ACROSS_USERS permission at " "MATCH_ANY_USER flag requires INTERACT_ACROSS_USERS permission at " + Debug.getCallers(5)); + Debug.getCallers(5)); } else if ((flags & PackageManager.MATCH_UNINSTALLED_PACKAGES) != 0 && isCallerSystemUser } else if ((flags & PackageManager.MATCH_UNINSTALLED_PACKAGES) != 0 && isCallerSystemUser Loading Loading @@ -5126,13 +5128,25 @@ public class PackageManagerService extends IPackageManager.Stub */ */ void enforceCrossUserPermission(int callingUid, int userId, boolean requireFullPermission, void enforceCrossUserPermission(int callingUid, int userId, boolean requireFullPermission, boolean checkShell, String message) { boolean checkShell, String message) { enforceCrossUserPermission( callingUid, userId, requireFullPermission, checkShell, false, message); } private void enforceCrossUserPermission(int callingUid, int userId, boolean requireFullPermission, boolean checkShell, boolean requirePermissionWhenSameUser, String message) { if (userId < 0) { if (userId < 0) { throw new IllegalArgumentException("Invalid userId " + userId); throw new IllegalArgumentException("Invalid userId " + userId); } } if (checkShell) { if (checkShell) { enforceShellRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, callingUid, userId); enforceShellRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, callingUid, userId); } } if (userId == UserHandle.getUserId(callingUid)) return; if (!requirePermissionWhenSameUser && userId == UserHandle.getUserId(callingUid)) return; if (callingUid != Process.SYSTEM_UID && callingUid != 0) { if (callingUid != Process.SYSTEM_UID && callingUid != 0) { if (requireFullPermission) { if (requireFullPermission) { mContext.enforceCallingOrSelfPermission( mContext.enforceCallingOrSelfPermission( Loading Loading @@ -8194,7 +8208,7 @@ public class PackageManagerService extends IPackageManager.Stub flags = updateFlagsForPackage(flags, userId, null); flags = updateFlagsForPackage(flags, userId, null); final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0; final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0; enforceCrossUserPermission(callingUid, userId, enforceCrossUserPermission(callingUid, userId, true /* requireFullPermission */, false /* checkShell */, false /* requireFullPermission */, false /* checkShell */, "get installed packages"); "get installed packages"); // writer // writer Loading Loading @@ -8318,6 +8332,13 @@ public class PackageManagerService extends IPackageManager.Stub flags = updateFlagsForApplication(flags, userId, null); flags = updateFlagsForApplication(flags, userId, null); final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0; final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0; enforceCrossUserPermission( callingUid, userId, false /* requireFullPermission */, false /* checkShell */, "get installed application info"); // writer // writer synchronized (mPackages) { synchronized (mPackages) { ArrayList<ApplicationInfo> list; ArrayList<ApplicationInfo> list; Loading
services/core/java/com/android/server/pm/PackageManagerService.java +24 −3 Original line number Original line Diff line number Diff line Loading @@ -4473,7 +4473,9 @@ public class PackageManagerService extends IPackageManager.Stub triaged = false; triaged = false; } } if ((flags & PackageManager.MATCH_ANY_USER) != 0) { if ((flags & PackageManager.MATCH_ANY_USER) != 0) { enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, // require the permission to be held; the calling uid and given user id referring // to the same user is not sufficient enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, true, "MATCH_ANY_USER flag requires INTERACT_ACROSS_USERS permission at " "MATCH_ANY_USER flag requires INTERACT_ACROSS_USERS permission at " + Debug.getCallers(5)); + Debug.getCallers(5)); } else if ((flags & PackageManager.MATCH_UNINSTALLED_PACKAGES) != 0 && isCallerSystemUser } else if ((flags & PackageManager.MATCH_UNINSTALLED_PACKAGES) != 0 && isCallerSystemUser Loading Loading @@ -5126,13 +5128,25 @@ public class PackageManagerService extends IPackageManager.Stub */ */ void enforceCrossUserPermission(int callingUid, int userId, boolean requireFullPermission, void enforceCrossUserPermission(int callingUid, int userId, boolean requireFullPermission, boolean checkShell, String message) { boolean checkShell, String message) { enforceCrossUserPermission( callingUid, userId, requireFullPermission, checkShell, false, message); } private void enforceCrossUserPermission(int callingUid, int userId, boolean requireFullPermission, boolean checkShell, boolean requirePermissionWhenSameUser, String message) { if (userId < 0) { if (userId < 0) { throw new IllegalArgumentException("Invalid userId " + userId); throw new IllegalArgumentException("Invalid userId " + userId); } } if (checkShell) { if (checkShell) { enforceShellRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, callingUid, userId); enforceShellRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, callingUid, userId); } } if (userId == UserHandle.getUserId(callingUid)) return; if (!requirePermissionWhenSameUser && userId == UserHandle.getUserId(callingUid)) return; if (callingUid != Process.SYSTEM_UID && callingUid != 0) { if (callingUid != Process.SYSTEM_UID && callingUid != 0) { if (requireFullPermission) { if (requireFullPermission) { mContext.enforceCallingOrSelfPermission( mContext.enforceCallingOrSelfPermission( Loading Loading @@ -8194,7 +8208,7 @@ public class PackageManagerService extends IPackageManager.Stub flags = updateFlagsForPackage(flags, userId, null); flags = updateFlagsForPackage(flags, userId, null); final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0; final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0; enforceCrossUserPermission(callingUid, userId, enforceCrossUserPermission(callingUid, userId, true /* requireFullPermission */, false /* checkShell */, false /* requireFullPermission */, false /* checkShell */, "get installed packages"); "get installed packages"); // writer // writer Loading Loading @@ -8318,6 +8332,13 @@ public class PackageManagerService extends IPackageManager.Stub flags = updateFlagsForApplication(flags, userId, null); flags = updateFlagsForApplication(flags, userId, null); final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0; final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0; enforceCrossUserPermission( callingUid, userId, false /* requireFullPermission */, false /* checkShell */, "get installed application info"); // writer // writer synchronized (mPackages) { synchronized (mPackages) { ArrayList<ApplicationInfo> list; ArrayList<ApplicationInfo> list;
