Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d9ac1353 authored by Sumedh Sen's avatar Sumedh Sen
Browse files

[RESTRICT AUTOMERGE] Check cross user permissions for a given UID 

Instead of relying on Context#checkCallingOrSelfPermission, explicitly
check permissions against a given UID. However, to maintain legacy
behavior, replace custom UIDs with Binder.getCallingUid when enforcing
permissions from a method.

Also update tests afftected by this change - by adding methods to mocked
objects

Bug: 350456241

Test: sts-tradefed run sts-dynamic-develop -m CtsSecurityTestCases -t android.security.cts.ContentProviderMultiUserTests#testAccessFromInitialUser --user-type PRIMARY

Test: sts-tradefed run sts-dynamic-develop -m CtsSecurityTestCases -t android.security.cts.ContentProviderMultiUserTests --user-type SECONDARY

Change-Id: Ib31cabff5714500471bd397c743e127c85751a5c
(cherry picked from commit 6775f075)
parent 33c9725d

services/core/java/com/android/server/pm/PackageManagerService.java

+11 −6
Original line number Original line Diff line number Diff line
@@ -2367,11 +2367,11 @@ public class PackageManagerService extends IPackageManager.Stub 
                String resolvedType, int flags, int userId, int callingUid,

                String resolvedType, int flags, int userId, int callingUid,

                boolean includeInstantApps) {

                boolean includeInstantApps) {

            if (!mUserManager.exists(userId)) return Collections.emptyList();

            if (!mUserManager.exists(userId)) return Collections.emptyList();

            enforceCrossUserOrProfilePermission(callingUid,

            enforceCrossUserOrProfilePermission(Binder.getCallingUid(),

                    userId,

                    userId,

                    false /*requireFullPermission*/,

                    false /*requireFullPermission*/,

                    false /*checkShell*/,

                    false /*checkShell*/,

                    "query intent receivers");

                    "query intent services");

            final String instantAppPkgName = getInstantAppPackageName(callingUid);

            final String instantAppPkgName = getInstantAppPackageName(callingUid);

            flags = updateFlagsForResolve(flags, userId, callingUid, includeInstantApps,

            flags = updateFlagsForResolve(flags, userId, callingUid, includeInstantApps,

                    false /* isImplicitImageCaptureIntentAndNotSetByDpc */);

                    false /* isImplicitImageCaptureIntentAndNotSetByDpc */);
@@ -4060,10 +4060,10 @@ public class PackageManagerService extends IPackageManager.Stub 
                return true;

                return true;

            }

            }

            if (requireFullPermission) {

            if (requireFullPermission) {

                return hasPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL);

                return hasPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingUid);

            }

            }

            return hasPermission(android.Manifest.permission.INTERACT_ACROSS_USERS_FULL)

            return hasPermission(android.Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingUid)

                    || hasPermission(Manifest.permission.INTERACT_ACROSS_USERS);

                || hasPermission(Manifest.permission.INTERACT_ACROSS_USERS, callingUid);

        }

        }

















        /**







        /**









@@ -4079,6 +4079,11 @@ public class PackageManagerService extends IPackageManager.Stub









                    == PackageManager.PERMISSION_GRANTED;







                    == PackageManager.PERMISSION_GRANTED;











        }







        }






























        private boolean hasPermission(String permission, int uid) {














            return mContext.checkPermission(permission, /* pid= */ -1, uid)














                    == PackageManager.PERMISSION_GRANTED;














        }
























        public final boolean isCallerSameApp(String packageName, int uid) {







        public final boolean isCallerSameApp(String packageName, int uid) {











            AndroidPackage pkg = mPackages.get(packageName);







            AndroidPackage pkg = mPackages.get(packageName);











            return pkg != null







            return pkg != null










@@ -11532,7 +11537,7 @@ public class PackageManagerService extends IPackageManager.Stub









        final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0;







        final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0;



























        enforceCrossUserPermission(







        enforceCrossUserPermission(











            callingUid,







            Binder.getCallingUid(),











            userId,







            userId,











            false /* requireFullPermission */,







            false /* requireFullPermission */,











            false /* checkShell */,







            false /* checkShell */,

























services/tests/PackageManagerComponentOverrideTests/src/com/android/server/pm/test/override/PackageManagerComponentLabelIconOverrideTest.kt



+5
−0




























Original line number
Original line
Diff line number
Diff line








@@ -49,6 +49,7 @@ import org.junit.BeforeClass









import org.junit.Test







import org.junit.Test











import org.junit.runner.RunWith







import org.junit.runner.RunWith











import org.junit.runners.Parameterized







import org.junit.runners.Parameterized














import org.mockito.ArgumentMatchers.eq











import org.mockito.Mockito.any







import org.mockito.Mockito.any











import org.mockito.Mockito.anyInt







import org.mockito.Mockito.anyInt











import org.mockito.Mockito.clearInvocations







import org.mockito.Mockito.clearInvocations










@@ -360,6 +361,10 @@ class PackageManagerComponentLabelIconOverrideTest {









                    android.Manifest.permission.INTERACT_ACROSS_USERS_FULL)) {







                    android.Manifest.permission.INTERACT_ACROSS_USERS_FULL)) {











                PackageManager.PERMISSION_GRANTED







                PackageManager.PERMISSION_GRANTED











            }







            }














            whenever(this.checkPermission(














                eq(android.Manifest.permission.INTERACT_ACROSS_USERS_FULL), anyInt(), anyInt())) {














                PackageManager.PERMISSION_GRANTED














            }











        }







        }











        val mockInjector: PackageManagerService.Injector = mock {







        val mockInjector: PackageManagerService.Injector = mock {











            whenever(this.lock) { PackageManagerTracedLock() }







            whenever(this.lock) { PackageManagerTracedLock() }