Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fa3ba460 authored by Mill Chen's avatar Mill Chen Committed by mse1969
Browse files

Prevent SettingsSliceProvider from accessing unused packages 

DISABLE_TOPIC_PROTECTOR

Bug: 388034510
Test: adb shell cmd slice get-permissions com.android.settings.slices
      atest SettingsSliceProviderTest
Flag: EXEMPT security issue
Cherrypick-From: https://googleplex-android-review.googlesource.com/q/commit:5c904325b7db848b2897e50c278b76cb00cdcced
Merged-In: Ia655fbb9cb46f192559b82f957e3b2f0dd86946c
Change-Id: Ia655fbb9cb46f192559b82f957e3b2f0dd86946c
parent 72c3120d

res/values/config.xml

+3 −0
Original line number Diff line number Diff line
@@ -155,6 +155,9 @@ 
    <!-- List of packages that should be whitelisted for slice uri access. Do not translate -->

    <string-array name="slice_whitelist_package_names" translatable="false"/>



    <!-- List of packages that should be allowlisted for slice uri access for debugging purpose. Do not translate -->

    <string-array name="slice_whitelist_package_names_for_dev" translatable="false"/>



    <!-- Whether or not App & Notification screen should display recently used apps -->

    <bool name="config_display_recent_apps">true</bool>

src/com/android/settings/slices/SettingsSliceProvider.java

+17 −4
Original line number Diff line number Diff line
@@ -27,6 +27,7 @@ import android.content.IntentFilter; 
import android.content.pm.PackageManager;

import android.net.Uri;

import android.os.Binder;

import android.os.Build;

import android.os.StrictMode;

import android.provider.Settings;

import android.provider.SettingsSlicesContract;
@@ -352,19 +353,31 @@ public class SettingsSliceProvider extends SliceProvider { 
        if (descendants == null) {

            Log.d(TAG, "No descendants to grant permission with, skipping.");

        }

        final String[] whitelistPackages =

        final List<String> whitelist = new ArrayList<>();



        final String[] packages =

                context.getResources().getStringArray(R.array.slice_whitelist_package_names);

        if (whitelistPackages == null || whitelistPackages.length == 0) {

        if (packages != null) {

            whitelist.addAll(Arrays.asList(packages));

        }

        if (Build.IS_DEBUGGABLE) {

            final String[] devPackages = context.getResources().getStringArray(

                    R.array.slice_whitelist_package_names_for_dev);

            if (devPackages != null) {

                whitelist.addAll(Arrays.asList(devPackages));

            }

        }

        if (whitelist.size() == 0) {

            Log.d(TAG, "No packages to whitelist, skipping.");

            return;

        } else {

            Log.d(TAG, String.format(

                    "Whitelisting %d uris to %d pkgs.",

                    descendants.size(), whitelistPackages.length));

                    descendants.size(), whitelist.size()));

        }

        final SliceManager sliceManager = context.getSystemService(SliceManager.class);

        for (Uri descendant : descendants) {

            for (String toPackage : whitelistPackages) {

            for (String toPackage : whitelist) {

                sliceManager.grantSlicePermission(toPackage, descendant);

            }

        }

tests/robotests/res/values-mcc998/config.xml

+3 −0
Original line number Diff line number Diff line
@@ -17,4 +17,7 @@ 
<resources>

    <!-- List of packages that should be whitelisted for slice uri access. Do not translate -->

    <string-array name="slice_whitelist_package_names" translatable="false"/>



    <!-- List of packages that should be allowlisted for slice uri access for debugging purpose. Do not translate -->

    <string-array name="slice_whitelist_package_names_for_dev" translatable="false"/>

</resources>

tests/robotests/res/values-mcc999/config.xml

+5 −0
Original line number Diff line number Diff line
@@ -86,6 +86,11 @@ 
        <item>com.android.settings.slice_whitelist_package</item>

    </string-array>



    <!-- List of packages that should be allowlisted for slice uri access for debugging purpose. Do not translate -->

    <string-array name="slice_allowlist_package_names_for_dev" translatable="false">

        <item>com.android.settings.slice_allowlist_package_dev</item>

    </string-array>



    <!-- Email address for the homepage contextual cards feedback -->

    <string name="config_contextual_card_feedback_email" translatable="false">test@test.test</string>

tests/robotests/src/com/android/settings/slices/SettingsSliceProviderTest.java

+6 −0
Original line number Diff line number Diff line
@@ -43,6 +43,7 @@ import android.content.Context; 
import android.content.Intent;

import android.content.res.Resources.Theme;

import android.net.Uri;

import android.os.Build;

import android.os.StrictMode;

import android.provider.Settings;

import android.provider.SettingsSlicesContract;
@@ -82,6 +83,7 @@ import org.robolectric.shadow.api.Shadow; 
import org.robolectric.shadows.ShadowAccessibilityManager;

import org.robolectric.shadows.ShadowBinder;

import org.robolectric.shadows.ShadowPackageManager;

import org.robolectric.util.ReflectionHelpers;



import java.util.ArrayList;

import java.util.Arrays;
@@ -637,6 +639,7 @@ public class SettingsSliceProviderTest { 
    @Test

    @Config(qualifiers = "mcc999")

    public void grantWhitelistedPackagePermissions_hasPackageWhitelist_shouldGrant() {

        ReflectionHelpers.setStaticField(Build.class, "IS_DEBUGGABLE", false);

        final List<Uri> uris = new ArrayList<>();

        uris.add(Uri.parse("content://settings/slice"));
@@ -644,6 +647,9 @@ public class SettingsSliceProviderTest { 


        verify(mManager)

                .grantSlicePermission("com.android.settings.slice_whitelist_package", uris.get(0));

        verify(mManager, never())

                .grantSlicePermission("com.android.settings.slice_whitelist_package_dev",

                        uris.get(0));

    }



    @Test