Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d465a492 authored by Joanne Chung's avatar Joanne Chung
Browse files

Enforce permission for cross-user access for registerPackageMonitorCallback 

1. Enforce permission for registerPackageMonitorCallback
2. Fix LauncherAppsService#startWatchingPackageBroadcasts() doesn't
clearCallingIdentity which causes the PMS get the wrong callinguid.

Bug: 289567218
Test: atest FrameworksCorePackageMonitorTests
Test: atest FrameworksCorePackageMonitorWithoutPermissionTests
Change-Id: I62fbfba6fb7041f63bc35c526dca9a82382be3f0
parent 5811ac6b

core/tests/packagemonitortests/Android.bp

+19 −0
Original line number Diff line number Diff line
@@ -24,6 +24,9 @@ package { 
android_test {

    name: "FrameworksCorePackageMonitorTests",

    srcs: ["src/**/*.java"],

    exclude_srcs: [

        "src/com/android/internal/content/withoutpermission/PackageMonitorPermissionTest.java",

    ],

    static_libs: [

        "androidx.test.runner",

        "compatibility-device-util-axt",
@@ -39,3 +42,19 @@ android_test { 
        ":TestVisibilityApp",

    ],

}



android_test {

    name: "FrameworksCorePackageMonitorWithoutPermissionTests",

    srcs: ["src/com/android/internal/content/withoutpermission/PackageMonitorPermissionTest.java"],

    manifest: "AndroidManifestNoPermission.xml",

    static_libs: [

        "androidx.test.runner",

        "compatibility-device-util-axt",

        "frameworks-base-testutils",

    ],

    libs: ["android.test.runner"],

    platform_apis: true,

    certificate: "platform",

    test_suites: ["device-tests"],

    test_config: "AndroidTestWithoutPermission.xml",

}

core/tests/packagemonitortests/AndroidManifestNoPermission.xml

0 → 100644
+28 −0
Original line number Diff line number Diff line 
<?xml version="1.0" encoding="utf-8"?>

<!-- Copyright (C) 2023 The Android Open Source Project



     Licensed under the Apache License, Version 2.0 (the "License");

     you may not use this file except in compliance with the License.

     You may obtain a copy of the License at



          http://www.apache.org/licenses/LICENSE-2.0



     Unless required by applicable law or agreed to in writing, software

     distributed under the License is distributed on an "AS IS" BASIS,

     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

     See the License for the specific language governing permissions and

     limitations under the License.

-->



<manifest xmlns:android="http://schemas.android.com/apk/res/android"

          package="com.android.frameworks.packagemonitor.withoutpermission">



    <application>

        <uses-library android:name="android.test.runner" />

    </application>



    <instrumentation

            android:name="androidx.test.runner.AndroidJUnitRunner"

            android:targetPackage="com.android.frameworks.packagemonitor.withoutpermission"

            android:label="Frameworks PackageMonitor Core without Permission Tests" />

</manifest>

core/tests/packagemonitortests/AndroidTestWithoutPermission.xml

0 → 100644
+33 −0
Original line number Diff line number Diff line 
<?xml version="1.0" encoding="utf-8"?>

<!--

  ~ Copyright (C) 2023 The Android Open Source Project

  ~

  ~ Licensed under the Apache License, Version 2.0 (the "License");

  ~ you may not use this file except in compliance with the License.

  ~ You may obtain a copy of the License at

  ~

  ~      http://www.apache.org/licenses/LICENSE-2.0

  ~

  ~ Unless required by applicable law or agreed to in writing, software

  ~ distributed under the License is distributed on an "AS IS" BASIS,

  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  ~ See the License for the specific language governing permissions and

  ~ limitations under the License.

  -->



<configuration description="Runs Frameworks Core Tests.">

    <option name="test-suite-tag" value="apct" />

    <option name="test-suite-tag" value="apct-instrumentation" />



    <target_preparer class="com.android.tradefed.targetprep.suite.SuiteApkInstaller">

        <option name="cleanup-apks" value="true" />

        <option name="test-file-name" value="FrameworksCorePackageMonitorWithoutPermissionTests.apk" />

    </target_preparer>



    <option name="test-tag" value="FrameworksCorePackageMonitorWithoutPermissionTests" />

    <test class="com.android.tradefed.testtype.AndroidJUnitTest" >

        <option name="package" value="com.android.frameworks.packagemonitor.withoutpermission" />

        <option name="runner" value="androidx.test.runner.AndroidJUnitRunner" />

        <option name="hidden-api-checks" value="false"/>

    </test>

</configuration>

core/tests/packagemonitortests/src/com/android/internal/content/withoutpermission/PackageMonitorPermissionTest.java

0 → 100644
+52 −0
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2023 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */



package com.android.internal.content.withoutpermission;



import static org.junit.Assert.assertThrows;



import android.content.Context;

import android.os.Handler;

import android.os.Looper;

import android.os.UserHandle;



import androidx.test.platform.app.InstrumentationRegistry;

import androidx.test.runner.AndroidJUnit4;



import com.android.internal.content.PackageMonitor;



import org.junit.Test;

import org.junit.runner.RunWith;



/**

 * A test to verify PackageMonitor implementation without INTERACT_ACROSS_USERS_FULL permission.

 */

@RunWith(AndroidJUnit4.class)

public class PackageMonitorPermissionTest {



    @Test

    public void testPackageMonitorNoCrossUserPermission() throws Exception {

        TestVisibilityPackageMonitor testPackageMonitor = new TestVisibilityPackageMonitor();



        Context context = InstrumentationRegistry.getInstrumentation().getContext();

        assertThrows(SecurityException.class,

                () -> testPackageMonitor.register(context, UserHandle.ALL,

                        new Handler(Looper.getMainLooper())));

    }



    private static class TestVisibilityPackageMonitor extends PackageMonitor {

    }

}

services/core/java/com/android/server/pm/LauncherAppsService.java

+6 −1
Original line number Diff line number Diff line
@@ -372,7 +372,12 @@ public class LauncherAppsService extends SystemService { 
                filter.addDataScheme("package");

                mContext.registerReceiverAsUser(mPackageRemovedListener, UserHandle.ALL, filter,

                        /* broadcastPermission= */ null, mCallbackHandler);

                final long identity = Binder.clearCallingIdentity();

                try {

                    mPackageMonitor.register(mContext, UserHandle.ALL, mCallbackHandler);

                } finally {

                    Binder.restoreCallingIdentity(identity);

                }

                mIsWatchingPackageBroadcasts = true;

            }

        }