Marks app filtering interactions correctly (de37e438) · Commits · e / os / android_frameworks_base

core/java/android/content/pm/PackageManagerInternal.java

+14 −14

Original line number	Diff line number	Diff line
		@@ -16,6 +16,7 @@

		package android.content.pm;

		import android.annotation.AppIdInt;
		import android.annotation.IntDef;
		import android.annotation.NonNull;
		import android.annotation.Nullable;
		@@ -321,25 +322,24 @@ public abstract class PackageManagerInternal {
		Bundle verificationBundle, int userId);

		/**
		* Grants access to the package metadata for an ephemeral application.
		* Grants implicit access based on an interaction between two apps. This grants the target app
		* access to the calling application's package metadata.
		* <p>
		* When an ephemeral application explicitly tries to interact with a full
		* install application [via an activity, service or provider that has been
		* exposed using the {@code visibleToInstantApp} attribute], the normal
		* application must be able to see metadata about the connecting ephemeral
		* app. If the ephemeral application uses an implicit intent [ie action VIEW,
		* category BROWSABLE], it remains hidden from the launched activity.
		* When an application explicitly tries to interact with another application [via an
		* activity, service or provider that is either declared in the caller's
		* manifest via the {@code <queries>} tag or has been exposed via the target apps manifest using
		* the {@code visibleToInstantApp} attribute], the target application must be able to see
		* metadata about the calling app. If the calling application uses an implicit intent [ie
		* action VIEW, category BROWSABLE], it remains hidden from the launched app.
		* <p>
		* If the {@code sourceUid} is not for an ephemeral app or {@code targetUid}
		* is not for a fully installed app, this method will be a no-op.
		*
		* @param userId the user
		* @param intent the intent that triggered the grant
		* @param targetAppId The app ID of the fully installed application
		* @param ephemeralAppId The app ID of the ephemeral application
		* @param callingAppId The app ID of the calling application
		* @param targetAppId The app ID of the target application
		*/
		public abstract void grantEphemeralAccess(int userId, Intent intent,
		int targetAppId, int ephemeralAppId);
		public abstract void grantImplicitAccess(
		@UserIdInt int userId, Intent intent, @AppIdInt int callingAppId,
		@AppIdInt int targetAppId);

		public abstract boolean isInstantAppInstallerComponent(ComponentName component);
		/**

services/core/java/com/android/server/am/ActiveServices.java

+5 −4

Original line number	Diff line number	Diff line
		@@ -1748,8 +1748,8 @@ public final class ActiveServices {
		s.instanceName, s.processName);
		// Once the apps have become associated, if one of them is caller is ephemeral
		// the target app should now be able to see the calling app
		mAm.grantEphemeralAccessLocked(callerApp.userId, service,
		UserHandle.getAppId(s.appInfo.uid), UserHandle.getAppId(callerApp.uid));
		mAm.grantImplicitAccess(callerApp.userId, service,
		UserHandle.getAppId(callerApp.uid), UserHandle.getAppId(s.appInfo.uid));

		AppBindRecord b = s.retrieveAppBindingLocked(service, callerApp);
		ConnectionRecord c = new ConnectionRecord(b, activity,
		@@ -2802,8 +2802,9 @@ public final class ActiveServices {
		mAm.mUgmInternal.grantUriPermissionUncheckedFromIntent(si.neededGrants,
		si.getUriPermissionsLocked());
		}
		mAm.grantEphemeralAccessLocked(r.userId, si.intent, UserHandle.getAppId(r.appInfo.uid),
		UserHandle.getAppId(si.callingId));
		mAm.grantImplicitAccess(r.userId, si.intent, UserHandle.getAppId(si.callingId),
		UserHandle.getAppId(r.appInfo.uid)
		);
		bumpServiceExecutingLocked(r, execInFg, "start");
		if (!oomAdjusted) {
		oomAdjusted = true;

services/core/java/com/android/server/am/ActivityManagerService.java

+6 −6

Original line number	Diff line number	Diff line
		@@ -6115,10 +6115,9 @@ public class ActivityManagerService extends IActivityManager.Stub
		}

		@VisibleForTesting
		public void grantEphemeralAccessLocked(int userId, Intent intent,
		int targetAppId, int ephemeralAppId) {
		public void grantImplicitAccess(int userId, Intent intent, int callingAppId, int targetAppId) {
		getPackageManagerInternalLocked().
		grantEphemeralAccess(userId, intent, targetAppId, ephemeralAppId);
		grantImplicitAccess(userId, intent, callingAppId, targetAppId);
		}

		/**
		@@ -7088,9 +7087,10 @@ public class ActivityManagerService extends IActivityManager.Stub
		}
		checkTime(startTime, "getContentProviderImpl: done!");

		grantEphemeralAccessLocked(userId, null /intent/,
		UserHandle.getAppId(cpi.applicationInfo.uid),
		UserHandle.getAppId(Binder.getCallingUid()));
		grantImplicitAccess(userId, null /intent/,
		UserHandle.getAppId(Binder.getCallingUid()),
		UserHandle.getAppId(cpi.applicationInfo.uid)
		);
		}

		// Wait for the provider to be published...

services/core/java/com/android/server/pm/AppsFilter.java

+8 −12

Original line number	Diff line number	Diff line
		@@ -246,25 +246,25 @@ class AppsFilter {
		}

		/**
		* Marks that a package initiated an interaction with another package, granting visibility of
		* the prior from the former.
		* Grants access based on an interaction between a calling and target package, granting
		* visibility of the caller from the target.
		*
		* @param initiatingPackage the package initiating the interaction
		* @param callingPackage the package initiating the interaction
		* @param targetPackage the package being interacted with and thus gaining visibility of the
		* initiating package.
		* @param userId the user in which this interaction was taking place
		*/
		private void markAppInteraction(
		PackageSetting initiatingPackage, PackageSetting targetPackage, int userId) {
		public void grantImplicitAccess(
		String callingPackage, String targetPackage, int userId) {
		HashMap<String, Set<String>> currentUser = mImplicitlyQueryable.get(userId);
		if (currentUser == null) {
		currentUser = new HashMap<>();
		mImplicitlyQueryable.put(userId, currentUser);
		}
		if (!currentUser.containsKey(targetPackage.pkg.packageName)) {
		currentUser.put(targetPackage.pkg.packageName, new HashSet<>());
		if (!currentUser.containsKey(targetPackage)) {
		currentUser.put(targetPackage, new HashSet<>());
		}
		currentUser.get(targetPackage.pkg.packageName).add(initiatingPackage.pkg.packageName);
		currentUser.get(targetPackage).add(callingPackage);
		}

		public void onSystemReady() {
		@@ -374,8 +374,6 @@ class AppsFilter {
		callingPkgSetting = (PackageSetting) callingSetting;
		if (!shouldFilterApplicationInternal(callingPkgSetting, targetPkgSetting,
		userId)) {
		// TODO: actually base this on a start / launch (not just a query)
		markAppInteraction(callingPkgSetting, targetPkgSetting, userId);
		return false;
		}
		} else if (callingSetting instanceof SharedUserSetting) {
		@@ -386,8 +384,6 @@ class AppsFilter {
		final PackageSetting packageSetting = packageSettings.valueAt(i);
		if (!shouldFilterApplicationInternal(packageSetting, targetPkgSetting,
		userId)) {
		// TODO: actually base this on a start / launch (not just a query)
		markAppInteraction(packageSetting, targetPkgSetting, userId);
		return false;
		}
		if (callingPkgSetting == null && packageSetting.pkg != null) {

services/core/java/com/android/server/pm/InstantAppRegistry.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -401,7 +401,7 @@ class InstantAppRegistry {

		@GuardedBy("mService.mLock")
		public void grantInstantAccessLPw(@UserIdInt int userId, @Nullable Intent intent,
		int targetAppId, int instantAppId) {
		int instantAppId, int targetAppId) {
		if (mInstalledInstantAppUids == null) {
		return; // no instant apps installed; no need to grant
		}