Loading services/usb/java/com/android/server/usb/UsbHostManager.java +2 −2 Original line number Diff line number Diff line Loading @@ -486,7 +486,7 @@ public class UsbHostManager { /* Opens the specified USB device */ public ParcelFileDescriptor openDevice(String deviceAddress, UsbUserSettingsManager settings, String packageName, int uid) { String packageName, int pid, int uid) { synchronized (mLock) { if (isBlackListed(deviceAddress)) { throw new SecurityException("USB device is on a restricted bus"); Loading @@ -498,7 +498,7 @@ public class UsbHostManager { "device " + deviceAddress + " does not exist or is restricted"); } settings.checkPermission(device, packageName, uid); settings.checkPermission(device, packageName, pid, uid); return nativeOpenDevice(deviceAddress); } } Loading services/usb/java/com/android/server/usb/UsbSerialReader.java +1 −1 Original line number Diff line number Diff line Loading @@ -93,7 +93,7 @@ class UsbSerialReader extends IUsbSerialReader.Stub { UserHandle.getUserId(uid)); if (mDevice instanceof UsbDevice) { settings.checkPermission((UsbDevice) mDevice, packageName, uid); settings.checkPermission((UsbDevice) mDevice, packageName, pid, uid); } else { settings.checkPermission((UsbAccessory) mDevice, uid); } Loading services/usb/java/com/android/server/usb/UsbService.java +6 −3 Original line number Diff line number Diff line Loading @@ -249,6 +249,7 @@ public class UsbService extends IUsbManager.Stub { if (mHostManager != null) { if (deviceName != null) { int uid = Binder.getCallingUid(); int pid = Binder.getCallingPid(); int user = UserHandle.getUserId(uid); long ident = clearCallingIdentity(); Loading @@ -256,7 +257,7 @@ public class UsbService extends IUsbManager.Stub { synchronized (mLock) { if (mUserManager.isSameProfileGroup(user, mCurrentUserId)) { fd = mHostManager.openDevice(deviceName, getSettingsForUser(user), packageName, uid); packageName, pid, uid); } else { Slog.w(TAG, "Cannot open " + deviceName + " for user " + user + " as user is not active."); Loading Loading @@ -350,11 +351,12 @@ public class UsbService extends IUsbManager.Stub { @Override public boolean hasDevicePermission(UsbDevice device, String packageName) { final int uid = Binder.getCallingUid(); final int pid = Binder.getCallingPid(); final int userId = UserHandle.getUserId(uid); final long token = Binder.clearCallingIdentity(); try { return getSettingsForUser(userId).hasPermission(device, packageName, uid); return getSettingsForUser(userId).hasPermission(device, packageName, pid, uid); } finally { Binder.restoreCallingIdentity(token); } Loading @@ -376,11 +378,12 @@ public class UsbService extends IUsbManager.Stub { @Override public void requestDevicePermission(UsbDevice device, String packageName, PendingIntent pi) { final int uid = Binder.getCallingUid(); final int pid = Binder.getCallingPid(); final int userId = UserHandle.getUserId(uid); final long token = Binder.clearCallingIdentity(); try { getSettingsForUser(userId).requestPermission(device, packageName, pi, uid); getSettingsForUser(userId).requestPermission(device, packageName, pi, pid, uid); } finally { Binder.restoreCallingIdentity(token); } Loading services/usb/java/com/android/server/usb/UsbUserSettingsManager.java +12 −9 Original line number Diff line number Diff line Loading @@ -127,11 +127,12 @@ class UsbUserSettingsManager { * Check for camera permission of the calling process. * * @param packageName Package name of the caller. * @param pid Linux pid of the calling process. * @param uid Linux uid of the calling process. * * @return True in case camera permission is available, False otherwise. */ private boolean isCameraPermissionGranted(String packageName, int uid) { private boolean isCameraPermissionGranted(String packageName, int pid, int uid) { int targetSdkVersion = android.os.Build.VERSION_CODES.P; try { ApplicationInfo aInfo = mPackageManager.getApplicationInfo(packageName, 0); Loading @@ -147,7 +148,8 @@ class UsbUserSettingsManager { } if (targetSdkVersion >= android.os.Build.VERSION_CODES.P) { int allowed = mUserContext.checkCallingPermission(android.Manifest.permission.CAMERA); int allowed = mUserContext.checkPermission(android.Manifest.permission.CAMERA, pid, uid); if (android.content.pm.PackageManager.PERMISSION_DENIED == allowed) { Slog.i(TAG, "Camera permission required for USB video class devices"); return false; Loading @@ -157,9 +159,9 @@ class UsbUserSettingsManager { return true; } public boolean hasPermission(UsbDevice device, String packageName, int uid) { public boolean hasPermission(UsbDevice device, String packageName, int pid, int uid) { if (isCameraDevicePresent(device)) { if (!isCameraPermissionGranted(packageName, uid)) { if (!isCameraPermissionGranted(packageName, pid, uid)) { return false; } } Loading @@ -171,8 +173,8 @@ class UsbUserSettingsManager { return mUsbPermissionManager.hasPermission(accessory, uid); } public void checkPermission(UsbDevice device, String packageName, int uid) { if (!hasPermission(device, packageName, uid)) { public void checkPermission(UsbDevice device, String packageName, int pid, int uid) { if (!hasPermission(device, packageName, pid, uid)) { throw new SecurityException("User has not given " + uid + "/" + packageName + " permission to access device " + device.getDeviceName()); } Loading Loading @@ -206,11 +208,12 @@ class UsbUserSettingsManager { accessory, canBeDefault, packageName, uid, mUserContext, pi); } public void requestPermission(UsbDevice device, String packageName, PendingIntent pi, int uid) { public void requestPermission(UsbDevice device, String packageName, PendingIntent pi, int pid, int uid) { Intent intent = new Intent(); // respond immediately if permission has already been granted if (hasPermission(device, packageName, uid)) { if (hasPermission(device, packageName, pid, uid)) { intent.putExtra(UsbManager.EXTRA_DEVICE, device); intent.putExtra(UsbManager.EXTRA_PERMISSION_GRANTED, true); try { Loading @@ -221,7 +224,7 @@ class UsbUserSettingsManager { return; } if (isCameraDevicePresent(device)) { if (!isCameraPermissionGranted(packageName, uid)) { if (!isCameraPermissionGranted(packageName, pid, uid)) { intent.putExtra(UsbManager.EXTRA_DEVICE, device); intent.putExtra(UsbManager.EXTRA_PERMISSION_GRANTED, false); try { Loading Loading
services/usb/java/com/android/server/usb/UsbHostManager.java +2 −2 Original line number Diff line number Diff line Loading @@ -486,7 +486,7 @@ public class UsbHostManager { /* Opens the specified USB device */ public ParcelFileDescriptor openDevice(String deviceAddress, UsbUserSettingsManager settings, String packageName, int uid) { String packageName, int pid, int uid) { synchronized (mLock) { if (isBlackListed(deviceAddress)) { throw new SecurityException("USB device is on a restricted bus"); Loading @@ -498,7 +498,7 @@ public class UsbHostManager { "device " + deviceAddress + " does not exist or is restricted"); } settings.checkPermission(device, packageName, uid); settings.checkPermission(device, packageName, pid, uid); return nativeOpenDevice(deviceAddress); } } Loading
services/usb/java/com/android/server/usb/UsbSerialReader.java +1 −1 Original line number Diff line number Diff line Loading @@ -93,7 +93,7 @@ class UsbSerialReader extends IUsbSerialReader.Stub { UserHandle.getUserId(uid)); if (mDevice instanceof UsbDevice) { settings.checkPermission((UsbDevice) mDevice, packageName, uid); settings.checkPermission((UsbDevice) mDevice, packageName, pid, uid); } else { settings.checkPermission((UsbAccessory) mDevice, uid); } Loading
services/usb/java/com/android/server/usb/UsbService.java +6 −3 Original line number Diff line number Diff line Loading @@ -249,6 +249,7 @@ public class UsbService extends IUsbManager.Stub { if (mHostManager != null) { if (deviceName != null) { int uid = Binder.getCallingUid(); int pid = Binder.getCallingPid(); int user = UserHandle.getUserId(uid); long ident = clearCallingIdentity(); Loading @@ -256,7 +257,7 @@ public class UsbService extends IUsbManager.Stub { synchronized (mLock) { if (mUserManager.isSameProfileGroup(user, mCurrentUserId)) { fd = mHostManager.openDevice(deviceName, getSettingsForUser(user), packageName, uid); packageName, pid, uid); } else { Slog.w(TAG, "Cannot open " + deviceName + " for user " + user + " as user is not active."); Loading Loading @@ -350,11 +351,12 @@ public class UsbService extends IUsbManager.Stub { @Override public boolean hasDevicePermission(UsbDevice device, String packageName) { final int uid = Binder.getCallingUid(); final int pid = Binder.getCallingPid(); final int userId = UserHandle.getUserId(uid); final long token = Binder.clearCallingIdentity(); try { return getSettingsForUser(userId).hasPermission(device, packageName, uid); return getSettingsForUser(userId).hasPermission(device, packageName, pid, uid); } finally { Binder.restoreCallingIdentity(token); } Loading @@ -376,11 +378,12 @@ public class UsbService extends IUsbManager.Stub { @Override public void requestDevicePermission(UsbDevice device, String packageName, PendingIntent pi) { final int uid = Binder.getCallingUid(); final int pid = Binder.getCallingPid(); final int userId = UserHandle.getUserId(uid); final long token = Binder.clearCallingIdentity(); try { getSettingsForUser(userId).requestPermission(device, packageName, pi, uid); getSettingsForUser(userId).requestPermission(device, packageName, pi, pid, uid); } finally { Binder.restoreCallingIdentity(token); } Loading
services/usb/java/com/android/server/usb/UsbUserSettingsManager.java +12 −9 Original line number Diff line number Diff line Loading @@ -127,11 +127,12 @@ class UsbUserSettingsManager { * Check for camera permission of the calling process. * * @param packageName Package name of the caller. * @param pid Linux pid of the calling process. * @param uid Linux uid of the calling process. * * @return True in case camera permission is available, False otherwise. */ private boolean isCameraPermissionGranted(String packageName, int uid) { private boolean isCameraPermissionGranted(String packageName, int pid, int uid) { int targetSdkVersion = android.os.Build.VERSION_CODES.P; try { ApplicationInfo aInfo = mPackageManager.getApplicationInfo(packageName, 0); Loading @@ -147,7 +148,8 @@ class UsbUserSettingsManager { } if (targetSdkVersion >= android.os.Build.VERSION_CODES.P) { int allowed = mUserContext.checkCallingPermission(android.Manifest.permission.CAMERA); int allowed = mUserContext.checkPermission(android.Manifest.permission.CAMERA, pid, uid); if (android.content.pm.PackageManager.PERMISSION_DENIED == allowed) { Slog.i(TAG, "Camera permission required for USB video class devices"); return false; Loading @@ -157,9 +159,9 @@ class UsbUserSettingsManager { return true; } public boolean hasPermission(UsbDevice device, String packageName, int uid) { public boolean hasPermission(UsbDevice device, String packageName, int pid, int uid) { if (isCameraDevicePresent(device)) { if (!isCameraPermissionGranted(packageName, uid)) { if (!isCameraPermissionGranted(packageName, pid, uid)) { return false; } } Loading @@ -171,8 +173,8 @@ class UsbUserSettingsManager { return mUsbPermissionManager.hasPermission(accessory, uid); } public void checkPermission(UsbDevice device, String packageName, int uid) { if (!hasPermission(device, packageName, uid)) { public void checkPermission(UsbDevice device, String packageName, int pid, int uid) { if (!hasPermission(device, packageName, pid, uid)) { throw new SecurityException("User has not given " + uid + "/" + packageName + " permission to access device " + device.getDeviceName()); } Loading Loading @@ -206,11 +208,12 @@ class UsbUserSettingsManager { accessory, canBeDefault, packageName, uid, mUserContext, pi); } public void requestPermission(UsbDevice device, String packageName, PendingIntent pi, int uid) { public void requestPermission(UsbDevice device, String packageName, PendingIntent pi, int pid, int uid) { Intent intent = new Intent(); // respond immediately if permission has already been granted if (hasPermission(device, packageName, uid)) { if (hasPermission(device, packageName, pid, uid)) { intent.putExtra(UsbManager.EXTRA_DEVICE, device); intent.putExtra(UsbManager.EXTRA_PERMISSION_GRANTED, true); try { Loading @@ -221,7 +224,7 @@ class UsbUserSettingsManager { return; } if (isCameraDevicePresent(device)) { if (!isCameraPermissionGranted(packageName, uid)) { if (!isCameraPermissionGranted(packageName, pid, uid)) { intent.putExtra(UsbManager.EXTRA_DEVICE, device); intent.putExtra(UsbManager.EXTRA_PERMISSION_GRANTED, false); try { Loading
