Loading services/core/java/android/content/pm/PackageManagerInternal.java +9 −0 Original line number Diff line number Diff line Loading @@ -710,6 +710,15 @@ public abstract class PackageManagerInternal implements PackageSettingsSnapshotP public abstract boolean filterAppAccess( @NonNull String packageName, int callingUid, int userId); /** * Returns whether or not access to the application which belongs to the given UID should be * filtered. If the UID is part of a shared user ID, return {@code true} if all applications * belong to the shared user ID should be filtered. * * @see #filterAppAccess(AndroidPackage, int, int) */ public abstract boolean filterAppAccess(int uid, int callingUid); /** Returns whether the given package was signed by the platform */ public abstract boolean isPlatformSigned(String pkg); Loading services/core/java/com/android/server/am/ActivityManagerService.java +5 −0 Original line number Diff line number Diff line Loading @@ -5699,6 +5699,11 @@ public class ActivityManagerService extends IActivityManager.Stub if (pid == MY_PID) { return PackageManager.PERMISSION_GRANTED; } if (uid != ROOT_UID) { // bypass the root if (mPackageManagerInt.filterAppAccess(uid, Binder.getCallingUid())) { return PackageManager.PERMISSION_DENIED; } } return mUgmInternal.checkUriPermission(new GrantUri(userId, uri, modeFlags), uid, modeFlags) ? PackageManager.PERMISSION_GRANTED : PackageManager.PERMISSION_DENIED; } Loading services/core/java/com/android/server/pm/PackageManagerService.java +40 −0 Original line number Diff line number Diff line Loading @@ -2132,6 +2132,8 @@ public class PackageManagerService extends IPackageManager.Stub @LiveImplementation(override = LiveImplementation.MANDATORY) boolean filterAppAccess(String packageName, int callingUid, int userId); @LiveImplementation(override = LiveImplementation.MANDATORY) boolean filterAppAccess(int uid, int callingUid); @LiveImplementation(override = LiveImplementation.MANDATORY) void dump(int type, FileDescriptor fd, PrintWriter pw, DumpState dumpState); } Loading Loading @@ -4657,6 +4659,22 @@ public class PackageManagerService extends IPackageManager.Stub userId); } public boolean filterAppAccess(int uid, int callingUid) { final int userId = UserHandle.getUserId(uid); final int appId = UserHandle.getAppId(uid); final Object setting = mSettings.getSettingLPr(appId); if (setting instanceof SharedUserSetting) { return shouldFilterApplicationLocked( (SharedUserSetting) setting, callingUid, userId); } else if (setting == null || setting instanceof PackageSetting) { return shouldFilterApplicationLocked( (PackageSetting) setting, callingUid, userId); } return false; } public void dump(int type, FileDescriptor fd, PrintWriter pw, DumpState dumpState) { final String packageName = dumpState.getTargetPackageName(); final boolean checkin = dumpState.isCheckIn(); Loading Loading @@ -5003,6 +5021,11 @@ public class PackageManagerService extends IPackageManager.Stub return super.filterAppAccess(packageName, callingUid, userId); } } public final boolean filterAppAccess(int uid, int callingUid) { synchronized (mLock) { return super.filterAppAccess(uid, callingUid); } } public final void dump(int type, FileDescriptor fd, PrintWriter pw, DumpState dumpState) { synchronized (mLock) { super.dump(type, fd, pw, dumpState); Loading Loading @@ -5373,6 +5396,14 @@ public class PackageManagerService extends IPackageManager.Stub current.release(); } } public final boolean filterAppAccess(int uid, int callingUid) { ThreadComputer current = snapshot(); try { return current.mComputer.filterAppAccess(uid, callingUid); } finally { current.release(); } } public final boolean filterSharedLibPackageLPr(@Nullable PackageSetting ps, int uid, int userId, int flags) { ThreadComputer current = live(); Loading Loading @@ -27091,6 +27122,10 @@ public class PackageManagerService extends IPackageManager.Stub return mComputer.filterAppAccess(packageName, callingUid, userId); } private boolean filterAppAccess(int uid, int callingUid) { return mComputer.filterAppAccess(uid, callingUid); } private class PackageManagerInternalImpl extends PackageManagerInternal { @Override public List<ApplicationInfo> getInstalledApplications(int flags, int userId, Loading Loading @@ -27173,6 +27208,11 @@ public class PackageManagerService extends IPackageManager.Stub return PackageManagerService.this.filterAppAccess(packageName, callingUid, userId); } @Override public boolean filterAppAccess(int uid, int callingUid) { return PackageManagerService.this.filterAppAccess(uid, callingUid); } @Override public AndroidPackage getPackage(String packageName) { return PackageManagerService.this.getPackage(packageName); Loading
services/core/java/android/content/pm/PackageManagerInternal.java +9 −0 Original line number Diff line number Diff line Loading @@ -710,6 +710,15 @@ public abstract class PackageManagerInternal implements PackageSettingsSnapshotP public abstract boolean filterAppAccess( @NonNull String packageName, int callingUid, int userId); /** * Returns whether or not access to the application which belongs to the given UID should be * filtered. If the UID is part of a shared user ID, return {@code true} if all applications * belong to the shared user ID should be filtered. * * @see #filterAppAccess(AndroidPackage, int, int) */ public abstract boolean filterAppAccess(int uid, int callingUid); /** Returns whether the given package was signed by the platform */ public abstract boolean isPlatformSigned(String pkg); Loading
services/core/java/com/android/server/am/ActivityManagerService.java +5 −0 Original line number Diff line number Diff line Loading @@ -5699,6 +5699,11 @@ public class ActivityManagerService extends IActivityManager.Stub if (pid == MY_PID) { return PackageManager.PERMISSION_GRANTED; } if (uid != ROOT_UID) { // bypass the root if (mPackageManagerInt.filterAppAccess(uid, Binder.getCallingUid())) { return PackageManager.PERMISSION_DENIED; } } return mUgmInternal.checkUriPermission(new GrantUri(userId, uri, modeFlags), uid, modeFlags) ? PackageManager.PERMISSION_GRANTED : PackageManager.PERMISSION_DENIED; } Loading
services/core/java/com/android/server/pm/PackageManagerService.java +40 −0 Original line number Diff line number Diff line Loading @@ -2132,6 +2132,8 @@ public class PackageManagerService extends IPackageManager.Stub @LiveImplementation(override = LiveImplementation.MANDATORY) boolean filterAppAccess(String packageName, int callingUid, int userId); @LiveImplementation(override = LiveImplementation.MANDATORY) boolean filterAppAccess(int uid, int callingUid); @LiveImplementation(override = LiveImplementation.MANDATORY) void dump(int type, FileDescriptor fd, PrintWriter pw, DumpState dumpState); } Loading Loading @@ -4657,6 +4659,22 @@ public class PackageManagerService extends IPackageManager.Stub userId); } public boolean filterAppAccess(int uid, int callingUid) { final int userId = UserHandle.getUserId(uid); final int appId = UserHandle.getAppId(uid); final Object setting = mSettings.getSettingLPr(appId); if (setting instanceof SharedUserSetting) { return shouldFilterApplicationLocked( (SharedUserSetting) setting, callingUid, userId); } else if (setting == null || setting instanceof PackageSetting) { return shouldFilterApplicationLocked( (PackageSetting) setting, callingUid, userId); } return false; } public void dump(int type, FileDescriptor fd, PrintWriter pw, DumpState dumpState) { final String packageName = dumpState.getTargetPackageName(); final boolean checkin = dumpState.isCheckIn(); Loading Loading @@ -5003,6 +5021,11 @@ public class PackageManagerService extends IPackageManager.Stub return super.filterAppAccess(packageName, callingUid, userId); } } public final boolean filterAppAccess(int uid, int callingUid) { synchronized (mLock) { return super.filterAppAccess(uid, callingUid); } } public final void dump(int type, FileDescriptor fd, PrintWriter pw, DumpState dumpState) { synchronized (mLock) { super.dump(type, fd, pw, dumpState); Loading Loading @@ -5373,6 +5396,14 @@ public class PackageManagerService extends IPackageManager.Stub current.release(); } } public final boolean filterAppAccess(int uid, int callingUid) { ThreadComputer current = snapshot(); try { return current.mComputer.filterAppAccess(uid, callingUid); } finally { current.release(); } } public final boolean filterSharedLibPackageLPr(@Nullable PackageSetting ps, int uid, int userId, int flags) { ThreadComputer current = live(); Loading Loading @@ -27091,6 +27122,10 @@ public class PackageManagerService extends IPackageManager.Stub return mComputer.filterAppAccess(packageName, callingUid, userId); } private boolean filterAppAccess(int uid, int callingUid) { return mComputer.filterAppAccess(uid, callingUid); } private class PackageManagerInternalImpl extends PackageManagerInternal { @Override public List<ApplicationInfo> getInstalledApplications(int flags, int userId, Loading Loading @@ -27173,6 +27208,11 @@ public class PackageManagerService extends IPackageManager.Stub return PackageManagerService.this.filterAppAccess(packageName, callingUid, userId); } @Override public boolean filterAppAccess(int uid, int callingUid) { return PackageManagerService.this.filterAppAccess(uid, callingUid); } @Override public AndroidPackage getPackage(String packageName) { return PackageManagerService.this.getPackage(packageName);
