Merge "Detailed ContentProvider permissions checks." (ee50d808) · Commits · e / os / android_frameworks_base

core/java/android/app/ActivityManagerInternal.java

+7 −0

Original line number	Diff line number	Diff line
		@@ -26,6 +26,7 @@ import android.content.pm.ActivityInfo;
		import android.content.pm.ActivityPresentationInfo;
		import android.content.pm.ApplicationInfo;
		import android.content.pm.UserInfo;
		import android.net.Uri;
		import android.os.Bundle;
		import android.os.IBinder;
		import android.os.TransactionTooLargeException;
		@@ -52,6 +53,12 @@ public abstract class ActivityManagerInternal {
		*/
		public abstract String checkContentProviderAccess(String authority, int userId);

		/**
		* Verify that calling UID has access to the given provider.
		*/
		public abstract int checkContentProviderUriPermission(Uri uri, int userId,
		int callingUid, int modeFlags);

		// Called by the power manager.
		public abstract void onWakefulnessChanged(int wakefulness);

core/java/android/content/ContentInterface.java

+3 −0

Original line number	Diff line number	Diff line
		@@ -56,6 +56,9 @@ public interface ContentInterface {
		public boolean refresh(@NonNull Uri uri, @Nullable Bundle args,
		@Nullable CancellationSignal cancellationSignal) throws RemoteException;

		public int checkUriPermission(@NonNull Uri uri, int uid, @Intent.AccessUriMode int modeFlags)
		throws RemoteException;

		public @Nullable Uri insert(@NonNull Uri uri, @Nullable ContentValues initialValues)
		throws RemoteException;

core/java/android/content/ContentProvider.java

+23 −0

Original line number	Diff line number	Diff line
		@@ -28,6 +28,7 @@ import android.annotation.NonNull;
		import android.annotation.Nullable;
		import android.annotation.UnsupportedAppUsage;
		import android.app.AppOpsManager;
		import android.content.pm.PackageManager;
		import android.content.pm.PathPermission;
		import android.content.pm.ProviderInfo;
		import android.content.res.AssetFileDescriptor;
		@@ -582,6 +583,22 @@ public abstract class ContentProvider implements ContentInterface, ComponentCall
		}
		}

		@Override
		public int checkUriPermission(String callingPkg, Uri uri, int uid, int modeFlags) {
		uri = validateIncomingUri(uri);
		uri = maybeGetUriWithoutUserId(uri);
		Trace.traceBegin(TRACE_TAG_DATABASE, "checkUriPermission");
		final String original = setCallingPackage(callingPkg);
		try {
		return mInterface.checkUriPermission(uri, uid, modeFlags);
		} catch (RemoteException e) {
		throw e.rethrowAsRuntimeException();
		} finally {
		setCallingPackage(original);
		Trace.traceEnd(TRACE_TAG_DATABASE);
		}
		}

		private void enforceFilePermission(String callingPkg, Uri uri, String mode,
		IBinder callerToken) throws FileNotFoundException, SecurityException {
		if (mode != null && mode.indexOf('w') != -1) {
		@@ -1416,6 +1433,12 @@ public abstract class ContentProvider implements ContentInterface, ComponentCall
		return false;
		}

		/** {@hide} */
		@Override
		public int checkUriPermission(@NonNull Uri uri, int uid, @Intent.AccessUriMode int modeFlags) {
		return PackageManager.PERMISSION_DENIED;
		}

		/**
		* @hide
		* Implementation when a caller has performed an insert on the content

core/java/android/content/ContentProviderClient.java

+19 −0

Original line number	Diff line number	Diff line
		@@ -307,6 +307,25 @@ public class ContentProviderClient implements ContentInterface, AutoCloseable {
		}
		}

		/** {@hide} */
		@Override
		public int checkUriPermission(@NonNull Uri uri, int uid, @Intent.AccessUriMode int modeFlags)
		throws RemoteException {
		Preconditions.checkNotNull(uri, "uri");

		beforeRemote();
		try {
		return mContentProvider.checkUriPermission(mPackageName, uri, uid, modeFlags);
		} catch (DeadObjectException e) {
		if (!mStable) {
		mContentResolver.unstableProviderDied(mContentProvider);
		}
		throw e;
		} finally {
		afterRemote();
		}
		}

		/** See {@link ContentProvider#insert ContentProvider.insert} */
		@Override
		public @Nullable Uri insert(@NonNull Uri url, @Nullable ContentValues initialValues)

core/java/android/content/ContentProviderNative.java

+36 −0

Original line number	Diff line number	Diff line
		@@ -363,6 +363,19 @@ abstract public class ContentProviderNative extends Binder implements IContentPr
		reply.writeInt(out ? 0 : -1);
		return true;
		}

		case CHECK_URI_PERMISSION_TRANSACTION: {
		data.enforceInterface(IContentProvider.descriptor);
		String callingPkg = data.readString();
		Uri uri = Uri.CREATOR.createFromParcel(data);
		int uid = data.readInt();
		int modeFlags = data.readInt();

		int out = checkUriPermission(callingPkg, uri, uid, modeFlags);
		reply.writeNoException();
		reply.writeInt(out);
		return true;
		}
		}
		} catch (Exception e) {
		DatabaseUtils.writeExceptionToParcel(reply, e);
		@@ -800,6 +813,29 @@ final class ContentProviderProxy implements IContentProvider
		}
		}

		@Override
		public int checkUriPermission(String callingPkg, Uri url, int uid, int modeFlags)
		throws RemoteException {
		Parcel data = Parcel.obtain();
		Parcel reply = Parcel.obtain();
		try {
		data.writeInterfaceToken(IContentProvider.descriptor);

		data.writeString(callingPkg);
		url.writeToParcel(data, 0);
		data.writeInt(uid);
		data.writeInt(modeFlags);

		mRemote.transact(IContentProvider.CHECK_URI_PERMISSION_TRANSACTION, data, reply, 0);

		DatabaseUtils.readExceptionFromParcel(reply);
		return reply.readInt();
		} finally {
		data.recycle();
		reply.recycle();
		}
		}

		@UnsupportedAppUsage
		private IBinder mRemote;
		}