Add visibility special casing for sdk sandbox (c06ace7a) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/pm/AppsFilterBase.java

+3 −0

Original line number	Diff line number	Diff line
		@@ -321,6 +321,9 @@ public abstract class AppsFilterBase implements AppsFilterSnapshot {
		\|\| targetPkgSetting.getAppId() < Process.FIRST_APPLICATION_UID
		\|\| callingAppId == targetPkgSetting.getAppId()) {
		return false;
		} else if (Process.isSdkSandboxUid(callingAppId)) {
		// we only allow sdk sandbox processes access to forcequeryable packages
		return !isForceQueryable(targetPkgSetting.getAppId());
		}
		if (mCacheReady) { // use cache
		if (!shouldFilterApplicationUsingCache(callingUid,

+40 −0

Original line number	Diff line number	Diff line
		@@ -1336,6 +1336,46 @@ public class AppsFilterImplTest {

		}

		@Test
		public void testSdkSandbox_canSeeForceQueryable() throws Exception {
		final AppsFilterImpl appsFilter =
		new AppsFilterImpl(mFeatureConfigMock, new String[]{}, false, null,
		mMockHandler);
		simulateAddBasicAndroid(appsFilter);
		appsFilter.onSystemReady(mPmInternal);

		PackageSetting target = simulateAddPackage(appsFilter,
		pkg("com.some.package").setForceQueryable(true), DUMMY_TARGET_APPID,
		setting -> setting.setPkgFlags(ApplicationInfo.FLAG_SYSTEM));

		int callingUid = 20123;
		assertTrue(Process.isSdkSandboxUid(callingUid));

		assertFalse(
		appsFilter.shouldFilterApplication(mSnapshot, callingUid,
		null /* callingSetting */, target, SYSTEM_USER));
		}

		@Test
		public void testSdkSandbox_cannotSeeNonForceQueryable() throws Exception {
		final AppsFilterImpl appsFilter =
		new AppsFilterImpl(mFeatureConfigMock, new String[]{}, false, null,
		mMockHandler);
		simulateAddBasicAndroid(appsFilter);
		appsFilter.onSystemReady(mPmInternal);

		PackageSetting target = simulateAddPackage(appsFilter,
		pkg("com.some.package"), DUMMY_TARGET_APPID,
		setting -> setting.setPkgFlags(ApplicationInfo.FLAG_SYSTEM));

		int callingUid = 20123;
		assertTrue(Process.isSdkSandboxUid(callingUid));

		assertTrue(
		appsFilter.shouldFilterApplication(mSnapshot, callingUid,
		null /* callingSetting */, target, SYSTEM_USER));
		}

		private List<Integer> toList(int[] array) {
		ArrayList<Integer> ret = new ArrayList<>(array.length);
		for (int i = 0; i < array.length; i++) {