Loading services/core/java/com/android/server/am/ContentProviderHelper.java +26 −40 Original line number Diff line number Diff line Loading @@ -29,7 +29,6 @@ import static com.android.server.am.ActivityManagerDebugConfig.DEBUG_MU; import static com.android.server.am.ActivityManagerService.TAG_MU; import static com.android.server.am.ProcessProfileRecord.HOSTING_COMPONENT_TYPE_PROVIDER; import android.annotation.Nullable; import android.annotation.UserIdInt; import android.app.ActivityManager; import android.app.ActivityManagerInternal; Loading @@ -49,6 +48,7 @@ import android.content.Intent; import android.content.pm.ApplicationInfo; import android.content.pm.PackageInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManagerInternal; import android.content.pm.PathPermission; import android.content.pm.ProviderInfo; import android.content.pm.UserInfo; Loading Loading @@ -960,22 +960,20 @@ public class ContentProviderHelper { String getProviderMimeType(Uri uri, int userId) { mService.enforceNotIsolatedCaller("getProviderMimeType"); final String name = uri.getAuthority(); final int callingUid = Binder.getCallingUid(); final int callingPid = Binder.getCallingPid(); final int safeUserId = mService.mUserController.unsafeConvertIncomingUser(userId); final long ident = canClearIdentity(callingPid, callingUid, safeUserId) ? Binder.clearCallingIdentity() : 0; final ContentProviderHolder holder; try { holder = getContentProviderExternalUnchecked(name, null, callingUid, "*getmimetype*", safeUserId); } finally { if (ident != 0) { Binder.restoreCallingIdentity(ident); } int callingUid = Binder.getCallingUid(); int callingPid = Binder.getCallingPid(); long ident = 0; boolean clearedIdentity = false; userId = mService.mUserController.unsafeConvertIncomingUser(userId); if (canClearIdentity(callingPid, callingUid, userId)) { clearedIdentity = true; ident = Binder.clearCallingIdentity(); } ContentProviderHolder holder = null; try { if (isHolderVisibleToCaller(holder, callingUid, safeUserId)) { holder = getContentProviderExternalUnchecked(name, null, callingUid, "*getmimetype*", userId); if (holder != null) { final IBinder providerConnection = holder.connection; final ComponentName providerName = holder.info.getComponentName(); // Note: creating a new Runnable instead of using a lambda here since lambdas in Loading Loading @@ -1004,13 +1002,15 @@ public class ContentProviderHelper { return null; } finally { // We need to clear the identity to call removeContentProviderExternalUnchecked final long token = Binder.clearCallingIdentity(); if (!clearedIdentity) { ident = Binder.clearCallingIdentity(); } try { if (holder != null) { removeContentProviderExternalUnchecked(name, null /* token */, safeUserId); removeContentProviderExternalUnchecked(name, null, userId); } } finally { Binder.restoreCallingIdentity(token); Binder.restoreCallingIdentity(ident); } } Loading @@ -1029,20 +1029,12 @@ public class ContentProviderHelper { final int callingUid = Binder.getCallingUid(); final int callingPid = Binder.getCallingPid(); final int safeUserId = mService.mUserController.unsafeConvertIncomingUser(userId); final long ident = canClearIdentity(callingPid, callingUid, safeUserId) final long ident = canClearIdentity(callingPid, callingUid, userId) ? Binder.clearCallingIdentity() : 0; final ContentProviderHolder holder; try { holder = getContentProviderExternalUnchecked(name, null /* token */, final ContentProviderHolder holder = getContentProviderExternalUnchecked(name, null, callingUid, "*getmimetype*", safeUserId); } finally { if (ident != 0) { Binder.restoreCallingIdentity(ident); } } try { if (isHolderVisibleToCaller(holder, callingUid, safeUserId)) { if (holder != null) { holder.provider.getTypeAsync(uri, new RemoteCallback(result -> { final long identity = Binder.clearCallingIdentity(); try { Loading @@ -1058,6 +1050,8 @@ public class ContentProviderHelper { } catch (RemoteException e) { Log.w(TAG, "Content provider dead retrieving " + uri, e); resultCallback.sendResult(Bundle.EMPTY); } finally { Binder.restoreCallingIdentity(ident); } } Loading @@ -1073,16 +1067,6 @@ public class ContentProviderHelper { callingUid, -1, true) == PackageManager.PERMISSION_GRANTED; } private boolean isHolderVisibleToCaller(@Nullable ContentProviderHolder holder, int callingUid, @UserIdInt int userId) { if (holder == null || holder.info == null) { return false; } return !mService.getPackageManagerInternal() .filterAppAccess(holder.info.packageName, callingUid, userId); } /** * Check if the calling UID has a possible chance at accessing the provider * at the given authority and user. Loading Loading @@ -1151,7 +1135,9 @@ public class ContentProviderHelper { "*checkContentProviderUriPermission*", userId); if (holder != null) { final AndroidPackage androidPackage = mService.getPackageManagerInternal() final PackageManagerInternal packageManagerInt = LocalServices.getService( PackageManagerInternal.class); final AndroidPackage androidPackage = packageManagerInt .getPackage(Binder.getCallingUid()); if (androidPackage == null) { return PackageManager.PERMISSION_DENIED; Loading Loading
services/core/java/com/android/server/am/ContentProviderHelper.java +26 −40 Original line number Diff line number Diff line Loading @@ -29,7 +29,6 @@ import static com.android.server.am.ActivityManagerDebugConfig.DEBUG_MU; import static com.android.server.am.ActivityManagerService.TAG_MU; import static com.android.server.am.ProcessProfileRecord.HOSTING_COMPONENT_TYPE_PROVIDER; import android.annotation.Nullable; import android.annotation.UserIdInt; import android.app.ActivityManager; import android.app.ActivityManagerInternal; Loading @@ -49,6 +48,7 @@ import android.content.Intent; import android.content.pm.ApplicationInfo; import android.content.pm.PackageInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManagerInternal; import android.content.pm.PathPermission; import android.content.pm.ProviderInfo; import android.content.pm.UserInfo; Loading Loading @@ -960,22 +960,20 @@ public class ContentProviderHelper { String getProviderMimeType(Uri uri, int userId) { mService.enforceNotIsolatedCaller("getProviderMimeType"); final String name = uri.getAuthority(); final int callingUid = Binder.getCallingUid(); final int callingPid = Binder.getCallingPid(); final int safeUserId = mService.mUserController.unsafeConvertIncomingUser(userId); final long ident = canClearIdentity(callingPid, callingUid, safeUserId) ? Binder.clearCallingIdentity() : 0; final ContentProviderHolder holder; try { holder = getContentProviderExternalUnchecked(name, null, callingUid, "*getmimetype*", safeUserId); } finally { if (ident != 0) { Binder.restoreCallingIdentity(ident); } int callingUid = Binder.getCallingUid(); int callingPid = Binder.getCallingPid(); long ident = 0; boolean clearedIdentity = false; userId = mService.mUserController.unsafeConvertIncomingUser(userId); if (canClearIdentity(callingPid, callingUid, userId)) { clearedIdentity = true; ident = Binder.clearCallingIdentity(); } ContentProviderHolder holder = null; try { if (isHolderVisibleToCaller(holder, callingUid, safeUserId)) { holder = getContentProviderExternalUnchecked(name, null, callingUid, "*getmimetype*", userId); if (holder != null) { final IBinder providerConnection = holder.connection; final ComponentName providerName = holder.info.getComponentName(); // Note: creating a new Runnable instead of using a lambda here since lambdas in Loading Loading @@ -1004,13 +1002,15 @@ public class ContentProviderHelper { return null; } finally { // We need to clear the identity to call removeContentProviderExternalUnchecked final long token = Binder.clearCallingIdentity(); if (!clearedIdentity) { ident = Binder.clearCallingIdentity(); } try { if (holder != null) { removeContentProviderExternalUnchecked(name, null /* token */, safeUserId); removeContentProviderExternalUnchecked(name, null, userId); } } finally { Binder.restoreCallingIdentity(token); Binder.restoreCallingIdentity(ident); } } Loading @@ -1029,20 +1029,12 @@ public class ContentProviderHelper { final int callingUid = Binder.getCallingUid(); final int callingPid = Binder.getCallingPid(); final int safeUserId = mService.mUserController.unsafeConvertIncomingUser(userId); final long ident = canClearIdentity(callingPid, callingUid, safeUserId) final long ident = canClearIdentity(callingPid, callingUid, userId) ? Binder.clearCallingIdentity() : 0; final ContentProviderHolder holder; try { holder = getContentProviderExternalUnchecked(name, null /* token */, final ContentProviderHolder holder = getContentProviderExternalUnchecked(name, null, callingUid, "*getmimetype*", safeUserId); } finally { if (ident != 0) { Binder.restoreCallingIdentity(ident); } } try { if (isHolderVisibleToCaller(holder, callingUid, safeUserId)) { if (holder != null) { holder.provider.getTypeAsync(uri, new RemoteCallback(result -> { final long identity = Binder.clearCallingIdentity(); try { Loading @@ -1058,6 +1050,8 @@ public class ContentProviderHelper { } catch (RemoteException e) { Log.w(TAG, "Content provider dead retrieving " + uri, e); resultCallback.sendResult(Bundle.EMPTY); } finally { Binder.restoreCallingIdentity(ident); } } Loading @@ -1073,16 +1067,6 @@ public class ContentProviderHelper { callingUid, -1, true) == PackageManager.PERMISSION_GRANTED; } private boolean isHolderVisibleToCaller(@Nullable ContentProviderHolder holder, int callingUid, @UserIdInt int userId) { if (holder == null || holder.info == null) { return false; } return !mService.getPackageManagerInternal() .filterAppAccess(holder.info.packageName, callingUid, userId); } /** * Check if the calling UID has a possible chance at accessing the provider * at the given authority and user. Loading Loading @@ -1151,7 +1135,9 @@ public class ContentProviderHelper { "*checkContentProviderUriPermission*", userId); if (holder != null) { final AndroidPackage androidPackage = mService.getPackageManagerInternal() final PackageManagerInternal packageManagerInt = LocalServices.getService( PackageManagerInternal.class); final AndroidPackage androidPackage = packageManagerInt .getPackage(Binder.getCallingUid()); if (androidPackage == null) { return PackageManager.PERMISSION_DENIED; Loading
