Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bfe7ba99 authored by Jackal Guo's avatar Jackal Guo Committed by Android (Google) Code Review
Browse files

Merge "Revert "Honor app visibility when get MIME type from ContentProvider""

parents 4c4c6abe 0796251f
Loading
Loading
Loading
Loading
+26 −40
Original line number Diff line number Diff line
@@ -29,7 +29,6 @@ import static com.android.server.am.ActivityManagerDebugConfig.DEBUG_MU;
import static com.android.server.am.ActivityManagerService.TAG_MU;
import static com.android.server.am.ProcessProfileRecord.HOSTING_COMPONENT_TYPE_PROVIDER;

import android.annotation.Nullable;
import android.annotation.UserIdInt;
import android.app.ActivityManager;
import android.app.ActivityManagerInternal;
@@ -49,6 +48,7 @@ import android.content.Intent;
import android.content.pm.ApplicationInfo;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.PackageManagerInternal;
import android.content.pm.PathPermission;
import android.content.pm.ProviderInfo;
import android.content.pm.UserInfo;
@@ -960,22 +960,20 @@ public class ContentProviderHelper {
    String getProviderMimeType(Uri uri, int userId) {
        mService.enforceNotIsolatedCaller("getProviderMimeType");
        final String name = uri.getAuthority();
        final int callingUid = Binder.getCallingUid();
        final int callingPid = Binder.getCallingPid();
        final int safeUserId = mService.mUserController.unsafeConvertIncomingUser(userId);
        final long ident = canClearIdentity(callingPid, callingUid, safeUserId)
                ? Binder.clearCallingIdentity() : 0;
        final ContentProviderHolder holder;
        try {
            holder = getContentProviderExternalUnchecked(name, null, callingUid,
                    "*getmimetype*", safeUserId);
        } finally {
            if (ident != 0) {
                Binder.restoreCallingIdentity(ident);
            }
        int callingUid = Binder.getCallingUid();
        int callingPid = Binder.getCallingPid();
        long ident = 0;
        boolean clearedIdentity = false;
        userId = mService.mUserController.unsafeConvertIncomingUser(userId);
        if (canClearIdentity(callingPid, callingUid, userId)) {
            clearedIdentity = true;
            ident = Binder.clearCallingIdentity();
        }
        ContentProviderHolder holder = null;
        try {
            if (isHolderVisibleToCaller(holder, callingUid, safeUserId)) {
            holder = getContentProviderExternalUnchecked(name, null, callingUid,
                    "*getmimetype*", userId);
            if (holder != null) {
                final IBinder providerConnection = holder.connection;
                final ComponentName providerName = holder.info.getComponentName();
                // Note: creating a new Runnable instead of using a lambda here since lambdas in
@@ -1004,13 +1002,15 @@ public class ContentProviderHelper {
            return null;
        } finally {
            // We need to clear the identity to call removeContentProviderExternalUnchecked
            final long token = Binder.clearCallingIdentity();
            if (!clearedIdentity) {
                ident = Binder.clearCallingIdentity();
            }
            try {
                if (holder != null) {
                    removeContentProviderExternalUnchecked(name, null /* token */, safeUserId);
                    removeContentProviderExternalUnchecked(name, null, userId);
                }
            } finally {
                Binder.restoreCallingIdentity(token);
                Binder.restoreCallingIdentity(ident);
            }
        }

@@ -1029,20 +1029,12 @@ public class ContentProviderHelper {
        final int callingUid = Binder.getCallingUid();
        final int callingPid = Binder.getCallingPid();
        final int safeUserId = mService.mUserController.unsafeConvertIncomingUser(userId);
        final long ident = canClearIdentity(callingPid, callingUid, safeUserId)
        final long ident = canClearIdentity(callingPid, callingUid, userId)
                ? Binder.clearCallingIdentity() : 0;
        final ContentProviderHolder holder;
        try {
            holder = getContentProviderExternalUnchecked(name, null /* token */,
            final ContentProviderHolder holder = getContentProviderExternalUnchecked(name, null,
                    callingUid, "*getmimetype*", safeUserId);
        } finally {
            if (ident != 0) {
                Binder.restoreCallingIdentity(ident);
            }
        }

        try {
            if (isHolderVisibleToCaller(holder, callingUid, safeUserId)) {
            if (holder != null) {
                holder.provider.getTypeAsync(uri, new RemoteCallback(result -> {
                    final long identity = Binder.clearCallingIdentity();
                    try {
@@ -1058,6 +1050,8 @@ public class ContentProviderHelper {
        } catch (RemoteException e) {
            Log.w(TAG, "Content provider dead retrieving " + uri, e);
            resultCallback.sendResult(Bundle.EMPTY);
        } finally {
            Binder.restoreCallingIdentity(ident);
        }
    }

@@ -1073,16 +1067,6 @@ public class ContentProviderHelper {
                        callingUid, -1, true) == PackageManager.PERMISSION_GRANTED;
    }

    private boolean isHolderVisibleToCaller(@Nullable ContentProviderHolder holder, int callingUid,
            @UserIdInt int userId) {
        if (holder == null || holder.info == null) {
            return false;
        }

        return !mService.getPackageManagerInternal()
                .filterAppAccess(holder.info.packageName, callingUid, userId);
    }

    /**
     * Check if the calling UID has a possible chance at accessing the provider
     * at the given authority and user.
@@ -1151,7 +1135,9 @@ public class ContentProviderHelper {
                    "*checkContentProviderUriPermission*", userId);
            if (holder != null) {

                final AndroidPackage androidPackage = mService.getPackageManagerInternal()
                final PackageManagerInternal packageManagerInt = LocalServices.getService(
                        PackageManagerInternal.class);
                final AndroidPackage androidPackage = packageManagerInt
                        .getPackage(Binder.getCallingUid());
                if (androidPackage == null) {
                    return PackageManager.PERMISSION_DENIED;