Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bc17b896 authored by Hao Ke's avatar Hao Ke Committed by Android (Google) Code Review
Browse files

Merge "Fix READ/WRITE operation access issues on Restricted appOps." into udc-dev

parents 22e1d593 e31c33ea

core/java/android/app/AppOpInfo.java

+1 −1
Original line number Diff line number Diff line
@@ -88,7 +88,7 @@ class AppOpInfo { 


    /**

     * This specifies whether each option is only allowed to be read

     * by apps with manage appops permission.

     * by apps with privileged appops permission.

     */

    public final boolean restrictRead;

core/java/android/app/AppOpsManager.java

+1 −1
Original line number Diff line number Diff line
@@ -2985,7 +2985,7 @@ public class AppOpsManager { 
    }



    /**

     * Retrieve whether the op can be read by apps with manage appops permission.

     * Retrieve whether the op can be read by apps with privileged appops permission.

     * @hide

     */

    public static boolean opRestrictsRead(int op) {

services/core/java/com/android/server/appop/AppOpsService.java

+26 −5
Original line number Diff line number Diff line
@@ -1430,16 +1430,26 @@ public class AppOpsService extends IAppOpsService.Stub { 


    private ArrayList<AppOpsManager.OpEntry> collectOps(Ops pkgOps, int[] ops) {

        ArrayList<AppOpsManager.OpEntry> resOps = null;

        boolean shouldReturnRestrictedAppOps = mContext.checkPermission(

                Manifest.permission.GET_APP_OPS_STATS,

                Binder.getCallingPid(), Binder.getCallingUid())

                == PackageManager.PERMISSION_GRANTED;

        if (ops == null) {

            resOps = new ArrayList<>();

            for (int j = 0; j < pkgOps.size(); j++) {

                Op curOp = pkgOps.valueAt(j);

                if (opRestrictsRead(curOp.op) && !shouldReturnRestrictedAppOps) {

                    continue;

                }

                resOps.add(getOpEntryForResult(curOp));

            }

        } else {

            for (int j = 0; j < ops.length; j++) {

                Op curOp = pkgOps.get(ops[j]);

                if (curOp != null) {

                    if (opRestrictsRead(curOp.op) && !shouldReturnRestrictedAppOps) {

                        continue;

                    }

                    if (resOps == null) {

                        resOps = new ArrayList<>();

                    }
@@ -3615,10 +3625,21 @@ public class AppOpsService extends IAppOpsService.Stub { 


    private void verifyIncomingOp(int op) {

        if (op >= 0 && op < AppOpsManager._NUM_OP) {

            // Enforce manage appops permission if it's a restricted read op.

            // Enforce privileged appops permission if it's a restricted read op.

            if (opRestrictsRead(op)) {

                mContext.enforcePermission(Manifest.permission.MANAGE_APPOPS,

                        Binder.getCallingPid(), Binder.getCallingUid(), "verifyIncomingOp");

                if (!(mContext.checkPermission(Manifest.permission.MANAGE_APPOPS,

                        Binder.getCallingPid(), Binder.getCallingUid())

                        == PackageManager.PERMISSION_GRANTED || mContext.checkPermission(

                        Manifest.permission.GET_APP_OPS_STATS,

                        Binder.getCallingPid(), Binder.getCallingUid())

                        == PackageManager.PERMISSION_GRANTED || mContext.checkPermission(

                        Manifest.permission.MANAGE_APP_OPS_MODES,

                        Binder.getCallingPid(), Binder.getCallingUid())

                        == PackageManager.PERMISSION_GRANTED)) {

                    throw new SecurityException("verifyIncomingOp: uid " + Binder.getCallingUid()

                            + " does not have any of {MANAGE_APPOPS, GET_APP_OPS_STATS, "

                            + "MANAGE_APP_OPS_MODES}");

                }

            }

            return;

        }