Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Report permission flags for all protections based on SDK am: adb8c522a8 am: fc862c9f86" into oc-dr1-dev-plus-aosp

Browse Source
This commit is contained in:
Android Build Merger (Role)
2017-07-28 16:55:48 +00:00
committed by Android (Google) Code Review
parent 45122be763 70ec94fd12
commit bccc7625ec
4 changed files with 54 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
core/java/android/app/ApplicationPackageManager.java
View File

@@ -285,7 +285,8 @@ public class ApplicationPackageManager extends PackageManager {
public PermissionInfo getPermissionInfo(String name, int flags) public PermissionInfo getPermissionInfo(String name, int flags)
throws NameNotFoundException { throws NameNotFoundException {
try { try {
PermissionInfo pi = mPM.getPermissionInfo(name, flags); PermissionInfo pi = mPM.getPermissionInfo(name,
mContext.getOpPackageName(), flags);
if (pi != null) { if (pi != null) {
return pi; return pi;
} }

2
core/java/android/content/pm/IPackageManager.aidl
View File

@@ -72,7 +72,7 @@ interface IPackageManager {
String[] currentToCanonicalPackageNames(in String[] names); String[] currentToCanonicalPackageNames(in String[] names);
String[] canonicalToCurrentPackageNames(in String[] names); String[] canonicalToCurrentPackageNames(in String[] names);
PermissionInfo getPermissionInfo(String name, int flags); PermissionInfo getPermissionInfo(String name, String packageName, int flags);
ParceledListSlice queryPermissionsByGroup(String group, int flags); ParceledListSlice queryPermissionsByGroup(String group, int flags);

2
services/core/java/com/android/server/am/BroadcastQueue.java
View File

@@ -802,7 +802,7 @@ public final class BroadcastQueue {
IPackageManager pm = AppGlobals.getPackageManager(); IPackageManager pm = AppGlobals.getPackageManager();
for (int i = perms.length-1; i >= 0; i--) { for (int i = perms.length-1; i >= 0; i--) {
try { try {
PermissionInfo pi = pm.getPermissionInfo(perms[i], 0); PermissionInfo pi = pm.getPermissionInfo(perms[i], "android", 0);
if ((pi.protectionLevel & (PermissionInfo.PROTECTION_MASK_BASE if ((pi.protectionLevel & (PermissionInfo.PROTECTION_MASK_BASE
| PermissionInfo.PROTECTION_FLAG_PRIVILEGED)) | PermissionInfo.PROTECTION_FLAG_PRIVILEGED))
!= PermissionInfo.PROTECTION_SIGNATURE) { != PermissionInfo.PROTECTION_SIGNATURE) {

56
services/core/java/com/android/server/pm/PackageManagerService.java
View File

@@ -3997,20 +3997,64 @@ public class PackageManagerService extends IPackageManager.Stub
} }
@Override @Override
public PermissionInfo getPermissionInfo(String name, int flags) { public PermissionInfo getPermissionInfo(String name, String packageName, int flags) {
if (getInstantAppPackageName(Binder.getCallingUid()) != null) { final int callingUid = Binder.getCallingUid();
if (getInstantAppPackageName(callingUid) != null) {
return null; return null;
} }
// reader // reader
synchronized (mPackages) { synchronized (mPackages) {
final BasePermission p = mSettings.mPermissions.get(name); final BasePermission p = mSettings.mPermissions.get(name);
if (p != null) { // If the caller is an app that targets pre 26 SDK drop protection flags.
return generatePermissionInfo(p, flags); final PermissionInfo permissionInfo = generatePermissionInfo(p, flags);
} permissionInfo.protectionLevel = adjustPermissionProtectionFlagsLPr(
return null; permissionInfo.protectionLevel, packageName, callingUid);
return permissionInfo;
} }
} }
private int adjustPermissionProtectionFlagsLPr(int protectionLevel,
String packageName, int uid) {
// Signature permission flags area always reported
final int protectionLevelMasked = protectionLevel
& (PermissionInfo.PROTECTION_NORMAL
| PermissionInfo.PROTECTION_DANGEROUS
| PermissionInfo.PROTECTION_SIGNATURE);
if (protectionLevelMasked == PermissionInfo.PROTECTION_SIGNATURE) {
return protectionLevel;
}
// System sees all flags.
final int appId = UserHandle.getAppId(uid);
if (appId == Process.SYSTEM_UID || appId == Process.ROOT_UID
|| appId == Process.SHELL_UID) {
return protectionLevel;
}
// Normalize package name to handle renamed packages and static libs
packageName = resolveInternalPackageNameLPr(packageName,
PackageManager.VERSION_CODE_HIGHEST);
// Apps that target O see flags for all protection levels.
final PackageSetting ps = mSettings.mPackages.get(packageName);
if (ps == null) {
return protectionLevel;
}
if (ps.appId != appId) {
return protectionLevel;
}
final PackageParser.Package pkg = mPackages.get(packageName);
if (pkg == null) {
return protectionLevel;
}
if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.O) {
return protectionLevelMasked;
}
return protectionLevel;
}
@Override @Override
public @Nullable ParceledListSlice<PermissionInfo> queryPermissionsByGroup(String group, public @Nullable ParceledListSlice<PermissionInfo> queryPermissionsByGroup(String group,
int flags) { int flags) {