Allow apps with MANAGE_USB_STATE permission access to all USB (e22c826c) · Commits · e / os / android_frameworks_base

services/usb/java/com/android/server/usb/UsbDeviceManager.java

+2 −2

Original line number	Diff line number	Diff line
		@@ -2187,7 +2187,7 @@ public class UsbDeviceManager implements ActivityTaskManagerInternal.ScreenObser
		* @param uid Uid of the caller
		*/
		public ParcelFileDescriptor openAccessory(UsbAccessory accessory,
		UsbUserPermissionManager permissions, int uid) {
		UsbUserPermissionManager permissions, int pid, int uid) {
		UsbAccessory currentAccessory = mHandler.getCurrentAccessory();
		if (currentAccessory == null) {
		throw new IllegalArgumentException("no accessory attached");
		@@ -2198,7 +2198,7 @@ public class UsbDeviceManager implements ActivityTaskManagerInternal.ScreenObser
		+ currentAccessory;
		throw new IllegalArgumentException(error);
		}
		permissions.checkPermission(accessory, uid);
		permissions.checkPermission(accessory, pid, uid);
		return nativeOpenAccessory();
		}

services/usb/java/com/android/server/usb/UsbSerialReader.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -98,7 +98,7 @@ class UsbSerialReader extends IUsbSerialReader.Stub {
		.checkPermission((UsbDevice) mDevice, packageName, pid, uid);
		} else {
		mPermissionManager.getPermissionsForUser(userId)
		.checkPermission((UsbAccessory) mDevice, uid);
		.checkPermission((UsbAccessory) mDevice, pid, uid);
		}
		}
		}

services/usb/java/com/android/server/usb/UsbService.java

+6 −3

Original line number	Diff line number	Diff line
		@@ -321,6 +321,7 @@ public class UsbService extends IUsbManager.Stub {
		public ParcelFileDescriptor openAccessory(UsbAccessory accessory) {
		if (mDeviceManager != null) {
		int uid = Binder.getCallingUid();
		int pid = Binder.getCallingPid();
		int user = UserHandle.getUserId(uid);

		final long ident = clearCallingIdentity();
		@@ -328,7 +329,7 @@ public class UsbService extends IUsbManager.Stub {
		synchronized (mLock) {
		if (mUserManager.isSameProfileGroup(user, mCurrentUserId)) {
		return mDeviceManager.openAccessory(accessory, getPermissionsForUser(user),
		uid);
		pid, uid);
		} else {
		Slog.w(TAG, "Cannot open " + accessory + " for user " + user
		+ " as user is not active.");
		@@ -505,11 +506,12 @@ public class UsbService extends IUsbManager.Stub {
		@Override
		public boolean hasAccessoryPermission(UsbAccessory accessory) {
		final int uid = Binder.getCallingUid();
		final int pid = Binder.getCallingPid();
		final int userId = UserHandle.getUserId(uid);

		final long token = Binder.clearCallingIdentity();
		try {
		return getPermissionsForUser(userId).hasPermission(accessory, uid);
		return getPermissionsForUser(userId).hasPermission(accessory, pid, uid);
		} finally {
		Binder.restoreCallingIdentity(token);
		}
		@@ -533,11 +535,12 @@ public class UsbService extends IUsbManager.Stub {
		public void requestAccessoryPermission(
		UsbAccessory accessory, String packageName, PendingIntent pi) {
		final int uid = Binder.getCallingUid();
		final int pid = Binder.getCallingPid();
		final int userId = UserHandle.getUserId(uid);

		final long token = Binder.clearCallingIdentity();
		try {
		getPermissionsForUser(userId).requestPermission(accessory, packageName, pi, uid);
		getPermissionsForUser(userId).requestPermission(accessory, packageName, pi, pid, uid);
		} finally {
		Binder.restoreCallingIdentity(token);
		}

services/usb/java/com/android/server/usb/UsbUserPermissionManager.java

+10 −6

Original line number	Diff line number	Diff line
		@@ -246,9 +246,13 @@ class UsbUserPermissionManager {
		* @param uid to check permission for
		* @return {@code true} if caller has permssion
		*/
		boolean hasPermission(@NonNull UsbAccessory accessory, int uid) {
		boolean hasPermission(@NonNull UsbAccessory accessory, int pid, int uid) {
		synchronized (mLock) {
		if (uid == Process.SYSTEM_UID \|\| mDisablePermissionDialogs) {
		if (uid == Process.SYSTEM_UID
		\|\| mDisablePermissionDialogs
		\|\| mContext.checkPermission(
		android.Manifest.permission.MANAGE_USB, pid, uid)
		== android.content.pm.PackageManager.PERMISSION_GRANTED) {
		return true;
		}
		AccessoryFilter filter = new AccessoryFilter(accessory);
		@@ -675,8 +679,8 @@ class UsbUserPermissionManager {
		}
		}

		public void checkPermission(UsbAccessory accessory, int uid) {
		if (!hasPermission(accessory, uid)) {
		public void checkPermission(UsbAccessory accessory, int pid, int uid) {
		if (!hasPermission(accessory, pid, uid)) {
		throw new SecurityException("User has not given " + uid + " permission to accessory "
		+ accessory);
		}
		@@ -745,9 +749,9 @@ class UsbUserPermissionManager {
		}

		public void requestPermission(UsbAccessory accessory, String packageName, PendingIntent pi,
		int uid) {
		int pid, int uid) {
		// respond immediately if permission has already been granted
		if (hasPermission(accessory, uid)) {
		if (hasPermission(accessory, pid, uid)) {
		Intent intent = new Intent();
		intent.putExtra(UsbManager.EXTRA_ACCESSORY, accessory);
		intent.putExtra(UsbManager.EXTRA_PERMISSION_GRANTED, true);