Check permission of the calling process (e0b41996) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/pm/PackageArchiver.java

+3 −1

Original line number	Original line	Diff line number	Diff line
	@@ -191,6 +191,7 @@ public class PackageArchiver {
	Computer snapshot = mPm.snapshotComputer();		Computer snapshot = mPm.snapshotComputer();
	int userId = userHandle.getIdentifier();		int userId = userHandle.getIdentifier();
	int binderUid = Binder.getCallingUid();		int binderUid = Binder.getCallingUid();
			int binderPid = Binder.getCallingPid();
	if (!PackageManagerServiceUtils.isSystemOrRootOrShell(binderUid)) {		if (!PackageManagerServiceUtils.isSystemOrRootOrShell(binderUid)) {
	verifyCaller(snapshot.getPackageUid(callerPackageName, 0, userId), binderUid);		verifyCaller(snapshot.getPackageUid(callerPackageName, 0, userId), binderUid);
	}		}
	@@ -225,7 +226,8 @@ public class PackageArchiver {
	DELETE_ARCHIVE \| DELETE_KEEP_DATA,		DELETE_ARCHIVE \| DELETE_KEEP_DATA,
	intentSender,		intentSender,
	userId,		userId,
	binderUid);		binderUid,
			binderPid);
	})		})
	.exceptionally(		.exceptionally(
	e -> {		e -> {

services/core/java/com/android/server/pm/PackageInstallerService.java

+6 −5

Original line number	Original line	Diff line number	Diff line
	@@ -1387,11 +1387,12 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements
	flags,		flags,
	statusReceiver,		statusReceiver,
	userId,		userId,
	Binder.getCallingUid());		Binder.getCallingUid(),
			Binder.getCallingPid());
	}		}

	void uninstall(VersionedPackage versionedPackage, String callerPackageName, int flags,		void uninstall(VersionedPackage versionedPackage, String callerPackageName, int flags,
	IntentSender statusReceiver, int userId, int callingUid) {		IntentSender statusReceiver, int userId, int callingUid, int callingPid) {
	final Computer snapshot = mPm.snapshotComputer();		final Computer snapshot = mPm.snapshotComputer();
	snapshot.enforceCrossUserPermission(callingUid, userId, true, true, "uninstall");		snapshot.enforceCrossUserPermission(callingUid, userId, true, true, "uninstall");
	if (!PackageManagerServiceUtils.isRootOrShell(callingUid)) {		if (!PackageManagerServiceUtils.isRootOrShell(callingUid)) {
	@@ -1408,7 +1409,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements
	final PackageDeleteObserverAdapter adapter = new PackageDeleteObserverAdapter(mContext,		final PackageDeleteObserverAdapter adapter = new PackageDeleteObserverAdapter(mContext,
	statusReceiver, versionedPackage.getPackageName(),		statusReceiver, versionedPackage.getPackageName(),
	canSilentlyInstallPackage, userId, mPackageArchiver, flags);		canSilentlyInstallPackage, userId, mPackageArchiver, flags);
	if (mContext.checkCallingOrSelfPermission(Manifest.permission.DELETE_PACKAGES)		if (mContext.checkPermission(Manifest.permission.DELETE_PACKAGES, callingPid, callingUid)
	== PackageManager.PERMISSION_GRANTED) {		== PackageManager.PERMISSION_GRANTED) {
	// Sweet, call straight through!		// Sweet, call straight through!
	mPm.deletePackageVersioned(versionedPackage, adapter.getBinder(), userId, flags);		mPm.deletePackageVersioned(versionedPackage, adapter.getBinder(), userId, flags);
	@@ -1428,8 +1429,8 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements
	} else {		} else {
	ApplicationInfo appInfo = snapshot.getApplicationInfo(callerPackageName, 0, userId);		ApplicationInfo appInfo = snapshot.getApplicationInfo(callerPackageName, 0, userId);
	if (appInfo.targetSdkVersion >= Build.VERSION_CODES.P) {		if (appInfo.targetSdkVersion >= Build.VERSION_CODES.P) {
	mContext.enforceCallingOrSelfPermission(Manifest.permission.REQUEST_DELETE_PACKAGES,		mContext.enforcePermission(Manifest.permission.REQUEST_DELETE_PACKAGES, callingPid,
	null);		callingUid, null);
	}		}

	// Take a short detour to confirm with user		// Take a short detour to confirm with user

services/tests/mockingservicestests/src/com/android/server/pm/PackageArchiverTest.java

+2 −2

Original line number	Original line	Diff line number	Diff line
	@@ -367,7 +367,7 @@ public class PackageArchiverTest {
	verify(mInstallerService).uninstall(		verify(mInstallerService).uninstall(
	eq(new VersionedPackage(PACKAGE, PackageManager.VERSION_CODE_HIGHEST)),		eq(new VersionedPackage(PACKAGE, PackageManager.VERSION_CODE_HIGHEST)),
	eq(CALLER_PACKAGE), eq(DELETE_ARCHIVE \| DELETE_KEEP_DATA), eq(mIntentSender),		eq(CALLER_PACKAGE), eq(DELETE_ARCHIVE \| DELETE_KEEP_DATA), eq(mIntentSender),
	eq(UserHandle.CURRENT.getIdentifier()), anyInt());		eq(UserHandle.CURRENT.getIdentifier()), anyInt(), anyInt());

	ArchiveState expectedArchiveState = createArchiveState();		ArchiveState expectedArchiveState = createArchiveState();
	ArchiveState actualArchiveState = mPackageSetting.readUserState(		ArchiveState actualArchiveState = mPackageSetting.readUserState(
	@@ -391,7 +391,7 @@ public class PackageArchiverTest {
	eq(CALLER_PACKAGE),		eq(CALLER_PACKAGE),
	eq(DELETE_ARCHIVE \| DELETE_KEEP_DATA),		eq(DELETE_ARCHIVE \| DELETE_KEEP_DATA),
	eq(mIntentSender),		eq(mIntentSender),
	eq(UserHandle.CURRENT.getIdentifier()), anyInt());		eq(UserHandle.CURRENT.getIdentifier()), anyInt(), anyInt());

	ArchiveState expectedArchiveState = createArchiveState();		ArchiveState expectedArchiveState = createArchiveState();
	ArchiveState actualArchiveState = mPackageSetting.readUserState(		ArchiveState actualArchiveState = mPackageSetting.readUserState(