Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7124a63e authored by Shuo Qian's avatar Shuo Qian
Browse files

Add callingPackage checking with uid in getPhoneAccount method in Telecom 

Test: manual verified with test app; unit test
Bug: 196406138
Change-Id: I2cfa653e619f522fecdcd01cd080078f6a1ab1f3
Merged-In: I2cfa653e619f522fecdcd01cd080078f6a1ab1f3
parent 66408c7d

src/com/android/server/telecom/TelecomServiceImpl.java

+28 −6
Original line number Diff line number Diff line
@@ -284,7 +284,7 @@ public class TelecomServiceImpl { 
        public List<PhoneAccountHandle> getPhoneAccountsForPackage(String packageName) {

            //TODO: Deprecate this in S

            try {

                enforceCallingPackage(packageName);

                enforceCallingPackage(packageName, "getPhoneAccountsForPackage");

            } catch (SecurityException se1) {

                EventLog.writeEvent(0x534e4554, "153995334", Binder.getCallingUid(),

                        "getPhoneAccountsForPackage: invalid calling package");
@@ -319,6 +319,14 @@ public class TelecomServiceImpl { 
        @Override

        public PhoneAccount getPhoneAccount(PhoneAccountHandle accountHandle,

                String callingPackage) {

            try {

                enforceCallingPackage(callingPackage, "getPhoneAccount");

            } catch (SecurityException se) {

                EventLog.writeEvent(0x534e4554, "196406138", Binder.getCallingUid(),

                        "getPhoneAccount: invalid calling package");

                throw se;

            }



            synchronized (mLock) {

                final UserHandle callingUserHandle = Binder.getCallingUserHandle();

                if (CompatChanges.isChangeEnabled(
@@ -852,7 +860,7 @@ public class TelecomServiceImpl { 
        public boolean hasManageOngoingCallsPermission(String callingPackage) {

            try {

                Log.startSession("TSI.hMOCP");

                enforceCallingPackage(callingPackage);

                enforceCallingPackage(callingPackage, "hasManageOngoingCallsPermission");

                return PermissionChecker.checkPermissionForDataDeliveryFromDataSource(

                        mContext, Manifest.permission.MANAGE_ONGOING_CALLS,

                        Binder.getCallingPid(),
@@ -1464,7 +1472,7 @@ public class TelecomServiceImpl { 
                String callingFeatureId) {

            try {

                Log.startSession("TSI.pC", Log.getPackageAbbreviation(callingPackage));

                enforceCallingPackage(callingPackage);

                enforceCallingPackage(callingPackage, "placeCall");



                PhoneAccountHandle phoneAccountHandle = null;

                boolean clearPhoneAccountHandleExtra = false;
@@ -2229,7 +2237,7 @@ public class TelecomServiceImpl { 
            // feature is enabled ...

            enforceConnectionServiceFeature();

            // ... and the PhoneAccounts they refer to are for their own package.

            enforceCallingPackage(packageName);

            enforceCallingPackage(packageName, "enforcePhoneAccountModificationForPackage");

        }

    }
@@ -2245,8 +2253,22 @@ public class TelecomServiceImpl { 
        }

    }



    private void enforceCallingPackage(String packageName) {

        mAppOpsManager.checkPackage(Binder.getCallingUid(), packageName);

    private void enforceCallingPackage(String packageName, String message) {

        int packageUid = -1;

        int callingUid = Binder.getCallingUid();

        PackageManager pm = mContext.createContextAsUser(

            UserHandle.getUserHandleForUid(callingUid), 0).getPackageManager();

        if (pm != null) {

            try {

                packageUid = pm.getPackageUid(packageName, 0);

            } catch (PackageManager.NameNotFoundException e) {

                // packageUid is -1

            }

        }

        if (packageUid != callingUid && callingUid != Process.ROOT_UID) {

            throw new SecurityException(message + ": Package " + packageName

                + " does not belong to " + callingUid);

        }

    }



    private void enforceConnectionServiceFeature() {

tests/src/com/android/server/telecom/tests/TelecomServiceImplTest.java

+18 −7
Original line number Diff line number Diff line
@@ -102,6 +102,7 @@ import static org.mockito.Mockito.when; 
public class TelecomServiceImplTest extends TelecomTestCase {



    public static final String TEST_PACKAGE = "com.test";

    public static final String PACKAGE_NAME = "test";



    public static class CallIntentProcessAdapterFake implements CallIntentProcessor.Adapter {

        @Override
@@ -180,15 +181,17 @@ public class TelecomServiceImplTest extends TelecomTestCase { 
    private static final UserHandle USER_HANDLE_16 = new UserHandle(16);

    private static final UserHandle USER_HANDLE_17 = new UserHandle(17);

    private static final PhoneAccountHandle TEL_PA_HANDLE_16 = new PhoneAccountHandle(

            new ComponentName("test", "telComponentName"), "0", USER_HANDLE_16);

            new ComponentName(PACKAGE_NAME, "telComponentName"), "0", USER_HANDLE_16);

    private static final PhoneAccountHandle SIP_PA_HANDLE_17 = new PhoneAccountHandle(

            new ComponentName("test", "sipComponentName"), "1", USER_HANDLE_17);

            new ComponentName(PACKAGE_NAME, "sipComponentName"), "1", USER_HANDLE_17);

    private static final PhoneAccountHandle TEL_PA_HANDLE_CURRENT = new PhoneAccountHandle(

            new ComponentName("test", "telComponentName"), "2", Binder.getCallingUserHandle());

            new ComponentName(PACKAGE_NAME, "telComponentName"), "2",

                    Binder.getCallingUserHandle());

    private static final PhoneAccountHandle SIP_PA_HANDLE_CURRENT = new PhoneAccountHandle(

            new ComponentName("test", "sipComponentName"), "3", Binder.getCallingUserHandle());

    private static final ComponentName THIRD_PARTY_CALL_SCREENING = new ComponentName("com.android" +

            ".thirdparty", "com.android.thirdparty.callscreeningserviceimpl");

            new ComponentName(PACKAGE_NAME, "sipComponentName"), "3",

                    Binder.getCallingUserHandle());

    private static final ComponentName THIRD_PARTY_CALL_SCREENING = new ComponentName(

            "com.android.thirdparty", "com.android.thirdparty.callscreeningserviceimpl");



    @Override

    @Before
@@ -201,6 +204,7 @@ public class TelecomServiceImplTest extends TelecomTestCase { 
        when(mockTelephonyManager.isVoiceCapable()).thenReturn(true);



        doReturn(mContext).when(mContext).getApplicationContext();

        doReturn(mContext).when(mContext).createContextAsUser(any(UserHandle.class), anyInt());

        doNothing().when(mContext).sendBroadcastAsUser(any(Intent.class), any(UserHandle.class),

                anyString());

        doAnswer(invocation -> {
@@ -458,12 +462,19 @@ public class TelecomServiceImplTest extends TelecomTestCase { 


    @SmallTest

    @Test

    public void testGetPhoneAccount() throws RemoteException {

    public void testGetPhoneAccount() throws Exception {

        when(mPackageManager.getPackageUid(anyString(), eq(0))).thenReturn(Binder.getCallingUid());

        makeAccountsVisibleToAllUsers(TEL_PA_HANDLE_16, SIP_PA_HANDLE_17);

        assertEquals(TEL_PA_HANDLE_16, mTSIBinder.getPhoneAccount(TEL_PA_HANDLE_16,

                mContext.getPackageName()).getAccountHandle());

        assertEquals(SIP_PA_HANDLE_17, mTSIBinder.getPhoneAccount(SIP_PA_HANDLE_17,

                mContext.getPackageName()).getAccountHandle());

        try {

            // Try to call the method without using the caller's package name

            mTSIBinder.getPhoneAccount(TEL_PA_HANDLE_16, null);

            fail("Should have thrown a SecurityException");

        } catch (SecurityException expected) {

        }

    }



    @SmallTest