Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Relax permission requirement for sending broadcasts to other users

Browse Source 
Also handle USER_CURRENT for broadcasts

Change-Id: I2df5616ac22b7c670a7d007b8d505d4d4d99a24e
This commit is contained in:
Amith Yamasani
2012-08-27 19:30:30 -07:00
parent 81efbb30f0
commit 8bf06edac2
3 changed files with 22 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
services/java/com/android/server/am/ActivityManagerService.java
View File

@@ -10988,7 +10988,7 @@ public final class ActivityManagerService extends ActivityManagerNative
BroadcastQueue queue = broadcastQueueForIntent(intent);
BroadcastRecord r = new BroadcastRecord(queue, intent, null,
null, -1, -1, null, receivers, null, 0, null, null,
false, true, true, false, -1);
false, true, true, -1);
queue.enqueueParallelBroadcastLocked(r);
queue.scheduleBroadcastsLocked();
}
@@ -11081,29 +11081,27 @@ public final class ActivityManagerService extends ActivityManagerNative
Slog.w(TAG, "Broadcast " + intent + " not ordered but result callback requested!");
}
boolean onlySendToCaller = false;
// If the caller is trying to send this broadcast to a different
// user, verify that is allowed.
if (UserHandle.getUserId(callingUid) != userId) {
if (checkComponentPermission(
android.Manifest.permission.INTERACT_ACROSS_USERS_FULL,
callingPid, callingUid, -1, true)
!= PackageManager.PERMISSION_GRANTED) {
if (checkComponentPermission(
android.Manifest.permission.INTERACT_ACROSS_USERS,
callingPid, callingUid, -1, true)
== PackageManager.PERMISSION_GRANTED) {
onlySendToCaller = true;
} else {
String msg = "Permission Denial: " + intent.getAction()
+ " broadcast from " + callerPackage
+ " asks to send as user " + userId
+ " but is calling from user " + UserHandle.getUserId(callingUid)
+ "; this requires "
+ android.Manifest.permission.INTERACT_ACROSS_USERS;
Slog.w(TAG, msg);
throw new SecurityException(msg);
android.Manifest.permission.INTERACT_ACROSS_USERS,
callingPid, callingUid, -1, true) != PackageManager.PERMISSION_GRANTED
&& checkComponentPermission(
android.Manifest.permission.INTERACT_ACROSS_USERS_FULL,
callingPid, callingUid, -1, true)
!= PackageManager.PERMISSION_GRANTED) {
String msg = "Permission Denial: " + intent.getAction()
+ " broadcast from " + callerPackage
+ " asks to send as user " + userId
+ " but is calling from user " + UserHandle.getUserId(callingUid)
+ "; this requires "
+ android.Manifest.permission.INTERACT_ACROSS_USERS;
Slog.w(TAG, msg);
throw new SecurityException(msg);
} else {
if (userId == UserHandle.USER_CURRENT) {
userId = mCurrentUserId;
}
}
}
@@ -11294,7 +11292,7 @@ public final class ActivityManagerService extends ActivityManagerNative
BroadcastRecord r = new BroadcastRecord(queue, intent, callerApp,
callerPackage, callingPid, callingUid, requiredPermission,
registeredReceivers, resultTo, resultCode, resultData, map,
ordered, sticky, false, onlySendToCaller, userId);
ordered, sticky, false, userId);
if (DEBUG_BROADCAST) Slog.v(
TAG, "Enqueueing parallel broadcast " + r);
final boolean replaced = replacePending && queue.replaceParallelBroadcastLocked(r);
@@ -11384,7 +11382,7 @@ public final class ActivityManagerService extends ActivityManagerNative
BroadcastRecord r = new BroadcastRecord(queue, intent, callerApp,
callerPackage, callingPid, callingUid, requiredPermission,
receivers, resultTo, resultCode, resultData, map, ordered,
sticky, false, onlySendToCaller, userId);
sticky, false, userId);
if (DEBUG_BROADCAST) Slog.v(
TAG, "Enqueueing ordered broadcast " + r
+ ": prev had " + queue.mOrderedBroadcasts.size());

24
services/java/com/android/server/am/BroadcastQueue.java
View File

@@ -372,17 +372,7 @@ public class BroadcastQueue {
private final void deliverToRegisteredReceiverLocked(BroadcastRecord r,
BroadcastFilter filter, boolean ordered) {
boolean skip = false;
if (r.onlySendToCaller) {
if (!UserHandle.isSameApp(r.callingUid, filter.owningUid)) {
Slog.w(TAG, "Permission Denial: broadcasting "
+ r.intent.toString()
+ " from " + r.callerPackage + " (pid="
+ r.callingPid + ", uid=" + r.callingUid + ")"
+ " not allowed to go to different app " + filter.owningUid);
skip = true;
}
}
if (!skip && filter.requiredPermission != null) {
if (filter.requiredPermission != null) {
int perm = mService.checkComponentPermission(filter.requiredPermission,
r.callingPid, r.callingUid, -1, true);
if (perm != PackageManager.PERMISSION_GRANTED) {
@@ -667,18 +657,6 @@ public class BroadcastQueue {
info.activityInfo.name);
boolean skip = false;
if (r.onlySendToCaller) {
if (!UserHandle.isSameApp(r.callingUid, info.activityInfo.applicationInfo.uid)) {
Slog.w(TAG, "Permission Denial: broadcasting "
+ r.intent.toString()
+ " from " + r.callerPackage + " (pid="
+ r.callingPid + ", uid=" + r.callingUid + ")"
+ " to " + component.flattenToShortString()
+ " not allowed to go to different app "
+ info.activityInfo.applicationInfo.uid);
skip = true;
}
}
int perm = mService.checkComponentPermission(info.activityInfo.permission,
r.callingPid, r.callingUid, info.activityInfo.applicationInfo.uid,
info.activityInfo.exported);

4
services/java/com/android/server/am/BroadcastRecord.java
View File

@@ -44,7 +44,6 @@ class BroadcastRecord extends Binder {
final boolean ordered; // serialize the send to receivers?
final boolean sticky; // originated from existing sticky data?
final boolean initialSticky; // initial broadcast from register to sticky?
final boolean onlySendToCaller; // only allow receipt by sender's components?
final int userId; // user id this broadcast was for
final String requiredPermission; // a permission the caller has required
final List receivers; // contains BroadcastFilter and ResolveInfo
@@ -170,7 +169,7 @@ class BroadcastRecord extends Binder {
int _callingPid, int _callingUid, String _requiredPermission,
List _receivers, IIntentReceiver _resultTo, int _resultCode,
String _resultData, Bundle _resultExtras, boolean _serialized,
boolean _sticky, boolean _initialSticky, boolean _onlySendToCaller,
boolean _sticky, boolean _initialSticky,
int _userId) {
queue = _queue;
intent = _intent;
@@ -187,7 +186,6 @@ class BroadcastRecord extends Binder {
ordered = _serialized;
sticky = _sticky;
initialSticky = _initialSticky;
onlySendToCaller = _onlySendToCaller;
userId = _userId;
nextReceiver = 0;
state = IDLE;