Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dcf6bafb authored by Todd Kennedy's avatar Todd Kennedy
Browse files

Add check for cross user permission 

Bug: 153995991
Bug: 153996872
Bug: 153996866
Bug: 155466646
Test: atest ManagedProfileCrossProfileTest
Change-Id: I9d5f8b506f796c4890352ea9d77ec80d3a9ef1da
parent 80542add

services/core/java/com/android/server/pm/PackageManagerService.java

+28 −2
Original line number Diff line number Diff line
@@ -369,6 +369,7 @@ import com.android.server.pm.permission.PermissionsState; 
import com.android.server.policy.PermissionPolicyInternal;

import com.android.server.security.VerityUtils;

import com.android.server.storage.DeviceStorageMonitorInternal;

import com.android.server.uri.UriGrantsManagerInternal;

import com.android.server.utils.TimingsTraceAndSlog;

import com.android.server.wm.ActivityTaskManagerInternal;










@@ -4429,6 +4430,11 @@ public class PackageManagerService extends IPackageManager.Stub













        if (getInstantAppPackageName(callingUid) != null) {















            throw new SecurityException("Instant applications don't have access to this method");















        }













        if (!mUserManager.exists(userId)) {













            throw new SecurityException("User doesn't exist");













        }













        mPermissionManager.enforceCrossUserPermission(













                callingUid, userId, false, false, "checkPackageStartable");















        final boolean userKeyUnlocked = StorageManager.isUserKeyUnlocked(userId);















        synchronized (mLock) {















            final PackageSetting ps = mSettings.mPackages.get(packageName);










@@ -5801,9 +5807,15 @@ public class PackageManagerService extends IPackageManager.Stub



























    @Override















    public ChangedPackages getChangedPackages(int sequenceNumber, int userId) {













        if (getInstantAppPackageName(Binder.getCallingUid()) != null) {













        final int callingUid = Binder.getCallingUid();













        if (getInstantAppPackageName(callingUid) != null) {













            return null;













        }













        if (!mUserManager.exists(userId)) {















            return null;















        }













        mPermissionManager.enforceCrossUserPermission(













                callingUid, userId, false, false, "getChangedPackages");















        synchronized (mLock) {















            if (sequenceNumber >= mChangedPackagesSequenceNumber) {















                return null;










@@ -8808,9 +8820,23 @@ public class PackageManagerService extends IPackageManager.Stub



























    private ProviderInfo resolveContentProviderInternal(String name, int flags, int userId) {















        if (!mUserManager.exists(userId)) return null;













        flags = updateFlagsForComponent(flags, userId);















        final int callingUid = Binder.getCallingUid();













        flags = updateFlagsForComponent(flags, userId);















        final ProviderInfo providerInfo = mComponentResolver.queryProvider(name, flags, userId);













        boolean checkedGrants = false;













        if (providerInfo != null) {













            // Looking for cross-user grants before enforcing the typical cross-users permissions













            if (userId != UserHandle.getUserId(callingUid)) {













                final UriGrantsManagerInternal mUgmInternal =













                        LocalServices.getService(UriGrantsManagerInternal.class);













                checkedGrants =













                        mUgmInternal.checkAuthorityGrants(callingUid, providerInfo, userId, true);













            }













        }













        if (!checkedGrants) {













            mPermissionManager.enforceCrossUserPermission(













                    callingUid, userId, false, false, "resolveContentProvider");













        }















        if (providerInfo == null) {















            return null;















        }