Merge "Restrict readability of uid state changes so that uid states of other... (cc1aa40e) · Commits · e / os / android_frameworks_base

data/etc/platform.xml

+2 −1

Original line number	Diff line number	Diff line
		@@ -171,10 +171,11 @@
		<assign-permission name="android.permission.UPDATE_DEVICE_STATS" uid="audioserver" />
		<assign-permission name="android.permission.UPDATE_APP_OPS_STATS" uid="audioserver" />
		<assign-permission name="android.permission.PACKAGE_USAGE_STATS" uid="audioserver" />
		<assign-permission name="android.permission.INTERACT_ACROSS_USERS" uid="audioserver" />
		<assign-permission name="android.permission.INTERACT_ACROSS_USERS_FULL" uid="audioserver" />
		<assign-permission name="android.permission.OBSERVE_SENSOR_PRIVACY" uid="audioserver" />

		<assign-permission name="android.permission.MODIFY_AUDIO_SETTINGS" uid="cameraserver" />
		<assign-permission name="android.permission.INTERACT_ACROSS_USERS_FULL" uid="cameraserver" />
		<assign-permission name="android.permission.ACCESS_SURFACE_FLINGER" uid="cameraserver" />
		<assign-permission name="android.permission.WAKE_LOCK" uid="cameraserver" />
		<assign-permission name="android.permission.UPDATE_DEVICE_STATS" uid="cameraserver" />

services/core/java/com/android/server/am/UidObserverController.java

+14 −2

Original line number	Diff line number	Diff line
		@@ -15,6 +15,7 @@
		*/
		package com.android.server.am;

		import static android.Manifest.permission.INTERACT_ACROSS_USERS_FULL;
		import static android.app.ActivityManager.PROCESS_STATE_NONEXISTENT;

		import static com.android.server.am.ActivityManagerDebugConfig.DEBUG_UID_OBSERVERS;
		@@ -25,6 +26,7 @@ import android.annotation.Nullable;
		import android.app.ActivityManager;
		import android.app.ActivityManagerProto;
		import android.app.IUidObserver;
		import android.content.pm.PackageManager;
		import android.os.Handler;
		import android.os.RemoteCallbackList;
		import android.os.RemoteException;
		@@ -81,7 +83,9 @@ public class UidObserverController {
		@NonNull String callingPackage, int callingUid) {
		synchronized (mLock) {
		mUidObservers.register(observer, new UidObserverRegistration(callingUid,
		callingPackage, which, cutpoint));
		callingPackage, which, cutpoint,
		ActivityManager.checkUidPermission(INTERACT_ACROSS_USERS_FULL, callingUid)
		== PackageManager.PERMISSION_GRANTED));
		}
		}

		@@ -252,6 +256,11 @@ public class UidObserverController {
		final ChangeRecord item = mActiveUidChanges[j];
		final long start = SystemClock.uptimeMillis();
		final int change = item.change;
		// Does the user have permission? Don't send a non user UID change otherwise
		if (UserHandle.getUserId(item.uid) != UserHandle.getUserId(reg.mUid)
		&& !reg.mCanInteractAcrossUsers) {
		continue;
		}
		if (change == UidRecord.CHANGE_PROCSTATE
		&& (reg.mWhich & ActivityManager.UID_OBSERVER_PROCSTATE) == 0) {
		// No-op common case: no significant change, the observer is not
		@@ -437,6 +446,7 @@ public class UidObserverController {
		private final String mPkg;
		private final int mWhich;
		private final int mCutpoint;
		private final boolean mCanInteractAcrossUsers;

		/**
		* Total # of callback calls that took more than {@link #SLOW_UID_OBSERVER_THRESHOLD_MS}.
		@@ -467,11 +477,13 @@ public class UidObserverController {
		ActivityManagerProto.UID_OBSERVER_FLAG_PROC_OOM_ADJ,
		};

		UidObserverRegistration(int uid, @NonNull String pkg, int which, int cutpoint) {
		UidObserverRegistration(int uid, @NonNull String pkg, int which, int cutpoint,
		boolean canInteractAcrossUsers) {
		this.mUid = uid;
		this.mPkg = pkg;
		this.mWhich = which;
		this.mCutpoint = cutpoint;
		this.mCanInteractAcrossUsers = canInteractAcrossUsers;
		mLastProcStates = cutpoint >= ActivityManager.MIN_PROCESS_STATE
		? new SparseIntArray() : null;
		}