Loading services/core/java/com/android/server/om/OverlayActorEnforcer.java +30 −15 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ import android.os.Process; import android.text.TextUtils; import android.util.Pair; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.util.ArrayUtils; import com.android.internal.util.CollectionUtils; Loading Loading @@ -66,7 +67,7 @@ public class OverlayActorEnforcer { String actorNamespace = actorUri.getAuthority(); Map<String, String> namespace = namedActors.get(actorNamespace); if (namespace == null) { if (ArrayUtils.isEmpty(namespace)) { return Pair.create(null, ActorState.MISSING_NAMESPACE); } Loading Loading @@ -102,21 +103,32 @@ public class OverlayActorEnforcer { * See {@link OverlayActorEnforcer} class comment for actor requirements. * @return true if the actor is allowed to act on the target overlayInfo */ private ActorState isAllowedActor(String methodName, OverlayInfo overlayInfo, @VisibleForTesting(visibility = VisibleForTesting.Visibility.PRIVATE) public ActorState isAllowedActor(String methodName, OverlayInfo overlayInfo, int callingUid, int userId) { // Checked first to avoid package not found errors, which are ignored for calls from shell switch (callingUid) { case Process.ROOT_UID: case Process.SYSTEM_UID: return ActorState.ALLOWED; } final String targetPackageName = overlayInfo.targetPackageName; final PackageInfo targetPkgInfo = mPackageManager.getPackageInfo(targetPackageName, userId); if (targetPkgInfo == null) { return ActorState.TARGET_NOT_FOUND; } if ((targetPkgInfo.applicationInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0) { return ActorState.ALLOWED; } String[] callingPackageNames = mPackageManager.getPackagesForUid(callingUid); if (ArrayUtils.isEmpty(callingPackageNames)) { return ActorState.NO_PACKAGES_FOR_UID; } // A target is always an allowed actor for itself String targetPackageName = overlayInfo.targetPackageName; if (ArrayUtils.contains(callingPackageNames, targetPackageName)) { return ActorState.ALLOWED; } Loading Loading @@ -149,7 +161,7 @@ public class OverlayActorEnforcer { targetOverlayable = mPackageManager.getOverlayableForTarget(targetPackageName, targetOverlayableName, userId); } catch (IOException e) { return ActorState.UNABLE_TO_GET_TARGET; return ActorState.UNABLE_TO_GET_TARGET_OVERLAYABLE; } if (targetOverlayable == null) { Loading Loading @@ -189,7 +201,7 @@ public class OverlayActorEnforcer { } // Currently only pre-installed apps can be actors if (!appInfo.isSystemApp() && !appInfo.isUpdatedSystemApp()) { if (!appInfo.isSystemApp()) { return ActorState.ACTOR_NOT_PREINSTALLED; } Loading @@ -203,22 +215,25 @@ public class OverlayActorEnforcer { /** * For easier logging/debugging, a set of all possible failure/success states when running * enforcement. * * The ordering of this enum should be maintained in the order that cases are checked in code, * as this ordering is used inside OverlayActorEnforcerTests. */ public enum ActorState { ALLOWED, INVALID_ACTOR, MISSING_NAMESPACE, MISSING_PACKAGE, MISSING_APP_INFO, ACTOR_NOT_PREINSTALLED, TARGET_NOT_FOUND, NO_PACKAGES_FOR_UID, MISSING_ACTOR_NAME, ERROR_READING_OVERLAYABLE, MISSING_TARGET_OVERLAYABLE_NAME, MISSING_LEGACY_PERMISSION, ERROR_READING_OVERLAYABLE, UNABLE_TO_GET_TARGET_OVERLAYABLE, MISSING_OVERLAYABLE, INVALID_OVERLAYABLE_ACTOR_NAME, NO_NAMED_ACTORS, UNABLE_TO_GET_TARGET, MISSING_LEGACY_PERMISSION MISSING_NAMESPACE, MISSING_ACTOR_NAME, MISSING_APP_INFO, ACTOR_NOT_PREINSTALLED, INVALID_ACTOR, ALLOWED } } services/tests/servicestests/src/com/android/server/om/OverlayActorEnforcerTests.kt +336 −121 File changed.Preview size limit exceeded, changes collapsed. Show changes services/tests/servicestests/utils-mockito/com/android/server/testutils/MockitoUtils.kt +3 −2 Original line number Diff line number Diff line Loading @@ -62,7 +62,7 @@ fun <Type : Any?> whenever(mock: Type, block: InvocationOnMock.() -> Any?) = fun whenever(mock: Unit) = Mockito.`when`(mock).thenAnswer { } inline fun <reified T> spyThrowOnUnmocked(value: T?, block: T.() -> Unit): T { inline fun <reified T> spyThrowOnUnmocked(value: T?, block: T.() -> Unit = {}): T { val swappingAnswer = object : Answer<Any?> { var delegate: Answer<*> = Answers.RETURNS_DEFAULTS Loading @@ -79,4 +79,5 @@ inline fun <reified T> spyThrowOnUnmocked(value: T?, block: T.() -> Unit): T { } } inline fun <reified T> mockThrowOnUnmocked(block: T.() -> Unit) = spyThrowOnUnmocked<T>(null, block) inline fun <reified T> mockThrowOnUnmocked(block: T.() -> Unit = {}) = spyThrowOnUnmocked<T>(null, block) Loading
services/core/java/com/android/server/om/OverlayActorEnforcer.java +30 −15 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ import android.os.Process; import android.text.TextUtils; import android.util.Pair; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.util.ArrayUtils; import com.android.internal.util.CollectionUtils; Loading Loading @@ -66,7 +67,7 @@ public class OverlayActorEnforcer { String actorNamespace = actorUri.getAuthority(); Map<String, String> namespace = namedActors.get(actorNamespace); if (namespace == null) { if (ArrayUtils.isEmpty(namespace)) { return Pair.create(null, ActorState.MISSING_NAMESPACE); } Loading Loading @@ -102,21 +103,32 @@ public class OverlayActorEnforcer { * See {@link OverlayActorEnforcer} class comment for actor requirements. * @return true if the actor is allowed to act on the target overlayInfo */ private ActorState isAllowedActor(String methodName, OverlayInfo overlayInfo, @VisibleForTesting(visibility = VisibleForTesting.Visibility.PRIVATE) public ActorState isAllowedActor(String methodName, OverlayInfo overlayInfo, int callingUid, int userId) { // Checked first to avoid package not found errors, which are ignored for calls from shell switch (callingUid) { case Process.ROOT_UID: case Process.SYSTEM_UID: return ActorState.ALLOWED; } final String targetPackageName = overlayInfo.targetPackageName; final PackageInfo targetPkgInfo = mPackageManager.getPackageInfo(targetPackageName, userId); if (targetPkgInfo == null) { return ActorState.TARGET_NOT_FOUND; } if ((targetPkgInfo.applicationInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0) { return ActorState.ALLOWED; } String[] callingPackageNames = mPackageManager.getPackagesForUid(callingUid); if (ArrayUtils.isEmpty(callingPackageNames)) { return ActorState.NO_PACKAGES_FOR_UID; } // A target is always an allowed actor for itself String targetPackageName = overlayInfo.targetPackageName; if (ArrayUtils.contains(callingPackageNames, targetPackageName)) { return ActorState.ALLOWED; } Loading Loading @@ -149,7 +161,7 @@ public class OverlayActorEnforcer { targetOverlayable = mPackageManager.getOverlayableForTarget(targetPackageName, targetOverlayableName, userId); } catch (IOException e) { return ActorState.UNABLE_TO_GET_TARGET; return ActorState.UNABLE_TO_GET_TARGET_OVERLAYABLE; } if (targetOverlayable == null) { Loading Loading @@ -189,7 +201,7 @@ public class OverlayActorEnforcer { } // Currently only pre-installed apps can be actors if (!appInfo.isSystemApp() && !appInfo.isUpdatedSystemApp()) { if (!appInfo.isSystemApp()) { return ActorState.ACTOR_NOT_PREINSTALLED; } Loading @@ -203,22 +215,25 @@ public class OverlayActorEnforcer { /** * For easier logging/debugging, a set of all possible failure/success states when running * enforcement. * * The ordering of this enum should be maintained in the order that cases are checked in code, * as this ordering is used inside OverlayActorEnforcerTests. */ public enum ActorState { ALLOWED, INVALID_ACTOR, MISSING_NAMESPACE, MISSING_PACKAGE, MISSING_APP_INFO, ACTOR_NOT_PREINSTALLED, TARGET_NOT_FOUND, NO_PACKAGES_FOR_UID, MISSING_ACTOR_NAME, ERROR_READING_OVERLAYABLE, MISSING_TARGET_OVERLAYABLE_NAME, MISSING_LEGACY_PERMISSION, ERROR_READING_OVERLAYABLE, UNABLE_TO_GET_TARGET_OVERLAYABLE, MISSING_OVERLAYABLE, INVALID_OVERLAYABLE_ACTOR_NAME, NO_NAMED_ACTORS, UNABLE_TO_GET_TARGET, MISSING_LEGACY_PERMISSION MISSING_NAMESPACE, MISSING_ACTOR_NAME, MISSING_APP_INFO, ACTOR_NOT_PREINSTALLED, INVALID_ACTOR, ALLOWED } }
services/tests/servicestests/src/com/android/server/om/OverlayActorEnforcerTests.kt +336 −121 File changed.Preview size limit exceeded, changes collapsed. Show changes
services/tests/servicestests/utils-mockito/com/android/server/testutils/MockitoUtils.kt +3 −2 Original line number Diff line number Diff line Loading @@ -62,7 +62,7 @@ fun <Type : Any?> whenever(mock: Type, block: InvocationOnMock.() -> Any?) = fun whenever(mock: Unit) = Mockito.`when`(mock).thenAnswer { } inline fun <reified T> spyThrowOnUnmocked(value: T?, block: T.() -> Unit): T { inline fun <reified T> spyThrowOnUnmocked(value: T?, block: T.() -> Unit = {}): T { val swappingAnswer = object : Answer<Any?> { var delegate: Answer<*> = Answers.RETURNS_DEFAULTS Loading @@ -79,4 +79,5 @@ inline fun <reified T> spyThrowOnUnmocked(value: T?, block: T.() -> Unit): T { } } inline fun <reified T> mockThrowOnUnmocked(block: T.() -> Unit) = spyThrowOnUnmocked<T>(null, block) inline fun <reified T> mockThrowOnUnmocked(block: T.() -> Unit = {}) = spyThrowOnUnmocked<T>(null, block)
