Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fcd87716 authored by Martijn Coenen's avatar Martijn Coenen
Browse files

Deny supplemental processes access to blob store. 

They have no need for it.

Bug: 217538016
Test: atest --test-mapping apex/blobstore
Change-Id: I195333480d5b221ef349b9e5b5606c42e6df8db4
parent 41466ea4

apex/blobstore/service/java/com/android/server/blob/BlobStoreManagerService.java

+10 −10
Original line number Diff line number Diff line
@@ -1376,6 +1376,11 @@ public class BlobStoreManagerService extends SystemService { 
        }

    }



    private boolean isAllowedBlobAccess(int uid, String packageName) {

        return (!Process.isSupplemental(uid) && !Process.isIsolated(uid)

                && !mPackageManagerInternal.isInstantApp(packageName, UserHandle.getUserId(uid)));

    }



    private class PackageChangedReceiver extends BroadcastReceiver {

        @Override

        public void onReceive(Context context, Intent intent) {
@@ -1437,8 +1442,7 @@ public class BlobStoreManagerService extends SystemService { 
            final int callingUid = Binder.getCallingUid();

            verifyCallingPackage(callingUid, packageName);



            if (Process.isIsolated(callingUid) || mPackageManagerInternal.isInstantApp(

                    packageName, UserHandle.getUserId(callingUid))) {

            if (!isAllowedBlobAccess(callingUid, packageName)) {

                throw new SecurityException("Caller not allowed to create session; "

                        + "callingUid=" + callingUid + ", callingPackage=" + packageName);

            }
@@ -1487,8 +1491,7 @@ public class BlobStoreManagerService extends SystemService { 
            final int callingUid = Binder.getCallingUid();

            verifyCallingPackage(callingUid, packageName);



            if (Process.isIsolated(callingUid) || mPackageManagerInternal.isInstantApp(

                    packageName, UserHandle.getUserId(callingUid))) {

            if (!isAllowedBlobAccess(callingUid, packageName)) {

                throw new SecurityException("Caller not allowed to open blob; "

                        + "callingUid=" + callingUid + ", callingPackage=" + packageName);

            }
@@ -1519,8 +1522,7 @@ public class BlobStoreManagerService extends SystemService { 
            final int callingUid = Binder.getCallingUid();

            verifyCallingPackage(callingUid, packageName);



            if (Process.isIsolated(callingUid) || mPackageManagerInternal.isInstantApp(

                    packageName, UserHandle.getUserId(callingUid))) {

            if (!isAllowedBlobAccess(callingUid, packageName)) {

                throw new SecurityException("Caller not allowed to open blob; "

                        + "callingUid=" + callingUid + ", callingPackage=" + packageName);

            }
@@ -1544,8 +1546,7 @@ public class BlobStoreManagerService extends SystemService { 
            final int callingUid = Binder.getCallingUid();

            verifyCallingPackage(callingUid, packageName);



            if (Process.isIsolated(callingUid) || mPackageManagerInternal.isInstantApp(

                    packageName, UserHandle.getUserId(callingUid))) {

            if (!isAllowedBlobAccess(callingUid, packageName)) {

                throw new SecurityException("Caller not allowed to open blob; "

                        + "callingUid=" + callingUid + ", callingPackage=" + packageName);

            }
@@ -1628,8 +1629,7 @@ public class BlobStoreManagerService extends SystemService { 
            final int callingUid = Binder.getCallingUid();

            verifyCallingPackage(callingUid, packageName);



            if (Process.isIsolated(callingUid) || mPackageManagerInternal.isInstantApp(

                    packageName, UserHandle.getUserId(callingUid))) {

            if (!isAllowedBlobAccess(callingUid, packageName)) {

                throw new SecurityException("Caller not allowed to open blob; "

                        + "callingUid=" + callingUid + ", callingPackage=" + packageName);

            }