Merge "Add cross user permission checks" into oc-mr1-dev

am: 2a896e9074 Change-Id: I56cd3efc0d06af3ce877aff23a22d17f7e7a2e0d
2017-07-27 20:59:04 +00:00
parent 509f44d791 2a896e9074
commit 5b98a40d73
2 changed files with 25 additions and 1 deletions
--- a/core/java/android/content/pm/PackageManager.java
+++ b/core/java/android/content/pm/PackageManager.java
@@ -4021,6 +4021,7 @@ public abstract class PackageManager {
     * @hide
     */
    @SystemApi
+    @RequiresPermission(Manifest.permission.INTERACT_ACROSS_USERS)
    public List<ResolveInfo> queryBroadcastReceiversAsUser(Intent intent,
            @ResolveInfoFlags int flags, UserHandle userHandle) {
        return queryBroadcastReceiversAsUser(intent, flags, userHandle.getIdentifier());
@@ -4809,6 +4810,7 @@ public abstract class PackageManager {
     * @hide
     */
    @SystemApi
+    @RequiresPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL)
    public abstract int getIntentVerificationStatusAsUser(String packageName, @UserIdInt int userId);

    /**
@@ -4878,6 +4880,7 @@ public abstract class PackageManager {
     */
    @TestApi
    @SystemApi
+    @RequiresPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL)
    public abstract String getDefaultBrowserPackageNameAsUser(@UserIdInt int userId);

    /**
@@ -4893,7 +4896,9 @@ public abstract class PackageManager {
     * @hide
     */
    @SystemApi
-    @RequiresPermission(android.Manifest.permission.SET_PREFERRED_APPLICATIONS)
+    @RequiresPermission(allOf = {
+            Manifest.permission.SET_PREFERRED_APPLICATIONS,
+            Manifest.permission.INTERACT_ACROSS_USERS_FULL})
    public abstract boolean setDefaultBrowserPackageNameAsUser(String packageName,
            @UserIdInt int userId);

--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -7943,6 +7943,9 @@ public class PackageManagerService extends IPackageManager.Stub
            String resolvedType, int flags, int userId) {
        if (!sUserManager.exists(userId)) return Collections.emptyList();
        final int callingUid = Binder.getCallingUid();
+        enforceCrossUserPermission(callingUid, userId,
+                false /*requireFullPermission*/, false /*checkShell*/,
+                "query intent receivers");
        final String instantAppPkgName = getInstantAppPackageName(callingUid);
        flags = updateFlagsForResolve(flags, userId, intent, callingUid,
                false /*includeInstantApps*/);
@@ -8049,6 +8052,9 @@ public class PackageManagerService extends IPackageManager.Stub
            String resolvedType, int flags, int userId, int callingUid,
            boolean includeInstantApps) {
        if (!sUserManager.exists(userId)) return Collections.emptyList();
+        enforceCrossUserPermission(callingUid, userId,
+                false /*requireFullPermission*/, false /*checkShell*/,
+                "query intent receivers");
        final String instantAppPkgName = getInstantAppPackageName(callingUid);
        flags = updateFlagsForResolve(flags, userId, intent, callingUid, includeInstantApps);
        ComponentName comp = intent.getComponent();
@@ -15273,6 +15279,11 @@ public class PackageManagerService extends IPackageManager.Stub
    @Override
    public int getIntentVerificationStatus(String packageName, int userId) {
        final int callingUid = Binder.getCallingUid();
+        if (UserHandle.getUserId(callingUid) != userId) {
+            mContext.enforceCallingOrSelfPermission(
+                    android.Manifest.permission.INTERACT_ACROSS_USERS_FULL,
+                    "getIntentVerificationStatus" + userId);
+        }
        if (getInstantAppPackageName(callingUid) != null) {
            return INTENT_FILTER_DOMAIN_VERIFICATION_STATUS_UNDEFINED;
        }
@@ -15356,6 +15367,10 @@ public class PackageManagerService extends IPackageManager.Stub
    public boolean setDefaultBrowserPackageName(String packageName, int userId) {
        mContext.enforceCallingOrSelfPermission(
                android.Manifest.permission.SET_PREFERRED_APPLICATIONS, null);
+        if (UserHandle.getCallingUserId() != userId) {
+            mContext.enforceCallingOrSelfPermission(
+                    android.Manifest.permission.INTERACT_ACROSS_USERS_FULL, null);
+        }

        synchronized (mPackages) {
            boolean result = mSettings.setDefaultBrowserPackageNameLPw(packageName, userId);
@@ -15369,6 +15384,10 @@ public class PackageManagerService extends IPackageManager.Stub

    @Override
    public String getDefaultBrowserPackageName(int userId) {
+        if (UserHandle.getCallingUserId() != userId) {
+            mContext.enforceCallingOrSelfPermission(
+                    android.Manifest.permission.INTERACT_ACROSS_USERS_FULL, null);
+        }
        if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
            return null;
        }