Check permission of the calling process (e0b41996) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/pm/PackageArchiver.java

+3 −1

Original line number	Diff line number	Diff line
		@@ -191,6 +191,7 @@ public class PackageArchiver {
		Computer snapshot = mPm.snapshotComputer();
		int userId = userHandle.getIdentifier();
		int binderUid = Binder.getCallingUid();
		int binderPid = Binder.getCallingPid();
		if (!PackageManagerServiceUtils.isSystemOrRootOrShell(binderUid)) {
		verifyCaller(snapshot.getPackageUid(callerPackageName, 0, userId), binderUid);
		}
		@@ -225,7 +226,8 @@ public class PackageArchiver {
		DELETE_ARCHIVE \| DELETE_KEEP_DATA,
		intentSender,
		userId,
		binderUid);
		binderUid,
		binderPid);
		})
		.exceptionally(
		e -> {

services/core/java/com/android/server/pm/PackageInstallerService.java

+6 −5

Original line number	Diff line number	Diff line
		@@ -1387,11 +1387,12 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements
		flags,
		statusReceiver,
		userId,
		Binder.getCallingUid());
		Binder.getCallingUid(),
		Binder.getCallingPid());
		}

		void uninstall(VersionedPackage versionedPackage, String callerPackageName, int flags,
		IntentSender statusReceiver, int userId, int callingUid) {
		IntentSender statusReceiver, int userId, int callingUid, int callingPid) {
		final Computer snapshot = mPm.snapshotComputer();
		snapshot.enforceCrossUserPermission(callingUid, userId, true, true, "uninstall");
		if (!PackageManagerServiceUtils.isRootOrShell(callingUid)) {
		@@ -1408,7 +1409,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements
		final PackageDeleteObserverAdapter adapter = new PackageDeleteObserverAdapter(mContext,
		statusReceiver, versionedPackage.getPackageName(),
		canSilentlyInstallPackage, userId, mPackageArchiver, flags);
		if (mContext.checkCallingOrSelfPermission(Manifest.permission.DELETE_PACKAGES)
		if (mContext.checkPermission(Manifest.permission.DELETE_PACKAGES, callingPid, callingUid)
		== PackageManager.PERMISSION_GRANTED) {
		// Sweet, call straight through!
		mPm.deletePackageVersioned(versionedPackage, adapter.getBinder(), userId, flags);
		@@ -1428,8 +1429,8 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements
		} else {
		ApplicationInfo appInfo = snapshot.getApplicationInfo(callerPackageName, 0, userId);
		if (appInfo.targetSdkVersion >= Build.VERSION_CODES.P) {
		mContext.enforceCallingOrSelfPermission(Manifest.permission.REQUEST_DELETE_PACKAGES,
		null);
		mContext.enforcePermission(Manifest.permission.REQUEST_DELETE_PACKAGES, callingPid,
		callingUid, null);
		}

		// Take a short detour to confirm with user

services/tests/mockingservicestests/src/com/android/server/pm/PackageArchiverTest.java

+2 −2

Original line number	Diff line number	Diff line
		@@ -367,7 +367,7 @@ public class PackageArchiverTest {
		verify(mInstallerService).uninstall(
		eq(new VersionedPackage(PACKAGE, PackageManager.VERSION_CODE_HIGHEST)),
		eq(CALLER_PACKAGE), eq(DELETE_ARCHIVE \| DELETE_KEEP_DATA), eq(mIntentSender),
		eq(UserHandle.CURRENT.getIdentifier()), anyInt());
		eq(UserHandle.CURRENT.getIdentifier()), anyInt(), anyInt());

		ArchiveState expectedArchiveState = createArchiveState();
		ArchiveState actualArchiveState = mPackageSetting.readUserState(
		@@ -391,7 +391,7 @@ public class PackageArchiverTest {
		eq(CALLER_PACKAGE),
		eq(DELETE_ARCHIVE \| DELETE_KEEP_DATA),
		eq(mIntentSender),
		eq(UserHandle.CURRENT.getIdentifier()), anyInt());
		eq(UserHandle.CURRENT.getIdentifier()), anyInt(), anyInt());

		ArchiveState expectedArchiveState = createArchiveState();
		ArchiveState actualArchiveState = mPackageSetting.readUserState(