Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit abe984f5 authored by Emilian Peev's avatar Emilian Peev
Browse files

Use correct calling identity during camera permission check 

UVC clients need to acquire the CAMERA permission
before trying to call open. The permission check is
currently done via calls to "checkCallingPermission".
In case the calling identity gets cleared, the check
will always fail. To resolve this, use "checkPermission"
with appropriate identity arguments.

Bug: 144433314
Test: Manual using application,
CtsVerifier USB Device test

Change-Id: I5318fbb4426bec1448ecc398c86ea96500bb3189
Merged-In: I5318fbb4426bec1448ecc398c86ea96500bb3189
parent 903cd4ce

services/usb/java/com/android/server/usb/UsbHostManager.java

+2 −2
Original line number Diff line number Diff line
@@ -486,7 +486,7 @@ public class UsbHostManager { 


    /* Opens the specified USB device */

    public ParcelFileDescriptor openDevice(String deviceAddress, UsbUserSettingsManager settings,

            String packageName, int uid) {

            String packageName, int pid, int uid) {

        synchronized (mLock) {

            if (isBlackListed(deviceAddress)) {

                throw new SecurityException("USB device is on a restricted bus");
@@ -498,7 +498,7 @@ public class UsbHostManager { 
                        "device " + deviceAddress + " does not exist or is restricted");

            }



            settings.checkPermission(device, packageName, uid);

            settings.checkPermission(device, packageName, pid, uid);

            return nativeOpenDevice(deviceAddress);

        }

    }

services/usb/java/com/android/server/usb/UsbSerialReader.java

+1 −1
Original line number Diff line number Diff line
@@ -93,7 +93,7 @@ class UsbSerialReader extends IUsbSerialReader.Stub { 
                                UserHandle.getUserId(uid));



                        if (mDevice instanceof UsbDevice) {

                            settings.checkPermission((UsbDevice) mDevice, packageName, uid);

                            settings.checkPermission((UsbDevice) mDevice, packageName, pid, uid);

                        } else {

                            settings.checkPermission((UsbAccessory) mDevice, uid);

                        }

services/usb/java/com/android/server/usb/UsbService.java

+6 −3
Original line number Diff line number Diff line
@@ -249,6 +249,7 @@ public class UsbService extends IUsbManager.Stub { 
        if (mHostManager != null) {

            if (deviceName != null) {

                int uid = Binder.getCallingUid();

                int pid = Binder.getCallingPid();

                int user = UserHandle.getUserId(uid);



                long ident = clearCallingIdentity();
@@ -256,7 +257,7 @@ public class UsbService extends IUsbManager.Stub { 
                    synchronized (mLock) {

                        if (mUserManager.isSameProfileGroup(user, mCurrentUserId)) {

                            fd = mHostManager.openDevice(deviceName, getSettingsForUser(user),

                                    packageName, uid);

                                    packageName, pid, uid);

                        } else {

                            Slog.w(TAG, "Cannot open " + deviceName + " for user " + user

                                    + " as user is not active.");
@@ -350,11 +351,12 @@ public class UsbService extends IUsbManager.Stub { 
    @Override

    public boolean hasDevicePermission(UsbDevice device, String packageName) {

        final int uid = Binder.getCallingUid();

        final int pid = Binder.getCallingPid();

        final int userId = UserHandle.getUserId(uid);



        final long token = Binder.clearCallingIdentity();

        try {

            return getSettingsForUser(userId).hasPermission(device, packageName, uid);

            return getSettingsForUser(userId).hasPermission(device, packageName, pid, uid);

        } finally {

            Binder.restoreCallingIdentity(token);

        }
@@ -376,11 +378,12 @@ public class UsbService extends IUsbManager.Stub { 
    @Override

    public void requestDevicePermission(UsbDevice device, String packageName, PendingIntent pi) {

        final int uid = Binder.getCallingUid();

        final int pid = Binder.getCallingPid();

        final int userId = UserHandle.getUserId(uid);



        final long token = Binder.clearCallingIdentity();

        try {

            getSettingsForUser(userId).requestPermission(device, packageName, pi, uid);

            getSettingsForUser(userId).requestPermission(device, packageName, pi, pid, uid);

        } finally {

            Binder.restoreCallingIdentity(token);

        }

services/usb/java/com/android/server/usb/UsbUserSettingsManager.java

+12 −9
Original line number Diff line number Diff line
@@ -127,11 +127,12 @@ class UsbUserSettingsManager { 
     * Check for camera permission of the calling process.

     *

     * @param packageName Package name of the caller.

     * @param pid Linux pid of the calling process.

     * @param uid Linux uid of the calling process.

     *

     * @return True in case camera permission is available, False otherwise.

     */

    private boolean isCameraPermissionGranted(String packageName, int uid) {

    private boolean isCameraPermissionGranted(String packageName, int pid, int uid) {

        int targetSdkVersion = android.os.Build.VERSION_CODES.P;

        try {

            ApplicationInfo aInfo = mPackageManager.getApplicationInfo(packageName, 0);
@@ -147,7 +148,8 @@ class UsbUserSettingsManager { 
        }



        if (targetSdkVersion >= android.os.Build.VERSION_CODES.P) {

            int allowed = mUserContext.checkCallingPermission(android.Manifest.permission.CAMERA);

            int allowed = mUserContext.checkPermission(android.Manifest.permission.CAMERA, pid,

                    uid);

            if (android.content.pm.PackageManager.PERMISSION_DENIED == allowed) {

                Slog.i(TAG, "Camera permission required for USB video class devices");

                return false;
@@ -157,9 +159,9 @@ class UsbUserSettingsManager { 
        return true;

    }



    public boolean hasPermission(UsbDevice device, String packageName, int uid) {

    public boolean hasPermission(UsbDevice device, String packageName, int pid, int uid) {

        if (isCameraDevicePresent(device)) {

            if (!isCameraPermissionGranted(packageName, uid)) {

            if (!isCameraPermissionGranted(packageName, pid, uid)) {

                return false;

            }

        }
@@ -171,8 +173,8 @@ class UsbUserSettingsManager { 
        return mUsbPermissionManager.hasPermission(accessory, uid);

    }



    public void checkPermission(UsbDevice device, String packageName, int uid) {

        if (!hasPermission(device, packageName, uid)) {

    public void checkPermission(UsbDevice device, String packageName, int pid, int uid) {

        if (!hasPermission(device, packageName, pid, uid)) {

            throw new SecurityException("User has not given " + uid + "/" + packageName

                    + " permission to access device " + device.getDeviceName());

        }
@@ -206,11 +208,12 @@ class UsbUserSettingsManager { 
                accessory, canBeDefault, packageName, uid, mUserContext, pi);

    }



    public void requestPermission(UsbDevice device, String packageName, PendingIntent pi, int uid) {

    public void requestPermission(UsbDevice device, String packageName, PendingIntent pi, int pid,

            int uid) {

        Intent intent = new Intent();



        // respond immediately if permission has already been granted

        if (hasPermission(device, packageName, uid)) {

        if (hasPermission(device, packageName, pid, uid)) {

            intent.putExtra(UsbManager.EXTRA_DEVICE, device);

            intent.putExtra(UsbManager.EXTRA_PERMISSION_GRANTED, true);

            try {
@@ -221,7 +224,7 @@ class UsbUserSettingsManager { 
            return;

        }

        if (isCameraDevicePresent(device)) {

            if (!isCameraPermissionGranted(packageName, uid)) {

            if (!isCameraPermissionGranted(packageName, pid, uid)) {

                intent.putExtra(UsbManager.EXTRA_DEVICE, device);

                intent.putExtra(UsbManager.EXTRA_PERMISSION_GRANTED, false);

                try {