Merge "Allow adopting a subset of shell permissions"

2018-11-10 01:10:31 +00:00
parent 1045456b95 5e86959d04
commit d641d64ab4
6 changed files with 81 additions and 21 deletions
--- a/core/java/android/app/IActivityManager.aidl
+++ b/core/java/android/app/IActivityManager.aidl
@@ -475,7 +475,7 @@ interface IActivityManager {
     * instrumentation at a time. An active instrumentation is one running and
     * started from the shell.
     */
-    void startDelegateShellPermissionIdentity(int uid);
+    void startDelegateShellPermissionIdentity(int uid, in String[] permissions);

    /**
     * Method for the shell UID to stop deletating its permission identity to an
--- a/core/java/android/app/IUiAutomationConnection.aidl
+++ b/core/java/android/app/IUiAutomationConnection.aidl
@@ -47,7 +47,7 @@ interface IUiAutomationConnection {
            in ParcelFileDescriptor source);
    void grantRuntimePermission(String packageName, String permission, int userId);
    void revokeRuntimePermission(String packageName, String permission, int userId);
-    void adoptShellPermissionIdentity(int uid);
+    void adoptShellPermissionIdentity(int uid, in String[] permissions);
    void dropShellPermissionIdentity();
    // Called from the system process.
    oneway void shutdown();
--- a/core/java/android/app/UiAutomation.java
+++ b/core/java/android/app/UiAutomation.java
@@ -354,12 +354,17 @@ public final class UiAutomation {
    }

    /**
-     * Adopt the permission identity of the shell UID. This allows you to call APIs protected
-     * permissions which normal apps cannot hold but are granted to the shell UID. If you
-     * already adopted the shell permission identity this method would be a no-op.
-     * Note that your permission state becomes that of the shell UID and it is not a
-     * combination of your and the shell UID permissions.
+     * Adopt the permission identity of the shell UID for all permissions. This allows
+     * you to call APIs protected permissions which normal apps cannot hold but are
+     * granted to the shell UID. If you already adopted all shell permissions by calling
+     * this method or {@link #adoptShellPermissionIdentity(String...)} a subsequent call
+     * would be a no-op. Note that your permission state becomes that of the shell UID
+     * and it is not a combination of your and the shell UID permissions.
+     * <p>
+     * <strong>Note:<strong/> Calling this method adopts all shell permissions and overrides
+     * any subset of adopted permissions via {@link #adoptShellPermissionIdentity(String...)}.
     *
+     * @see #adoptShellPermissionIdentity(String...)
     * @see #dropShellPermissionIdentity()
     */
    public void adoptShellPermissionIdentity() {
@@ -368,7 +373,33 @@ public final class UiAutomation {
        }
        try {
            // Calling out without a lock held.
-            mUiAutomationConnection.adoptShellPermissionIdentity(Process.myUid());
+            mUiAutomationConnection.adoptShellPermissionIdentity(Process.myUid(), null);
+        } catch (RemoteException re) {
+            Log.e(LOG_TAG, "Error executing adopting shell permission identity!", re);
+        }
+    }
+
+    /**
+     * Adopt the permission identity of the shell UID only for the provided permissions.
+     * This allows you to call APIs protected permissions which normal apps cannot hold
+     * but are granted to the shell UID. If you already adopted the specified shell
+     * permissions by calling this method or {@link #adoptShellPermissionIdentity()} a
+     * subsequent call would be a no-op. Note that your permission state becomes that of the
+     * shell UID and it is not a combination of your and the shell UID permissions.
+     * <p>
+     * <strong>Note:<strong/> Calling this method adopts only the specified shell permissions
+     * and overrides all adopted permissions via {@link #adoptShellPermissionIdentity()}.
+     *
+     * @see #adoptShellPermissionIdentity()
+     * @see #dropShellPermissionIdentity()
+     */
+    public void adoptShellPermissionIdentity(String... permissions) {
+        synchronized (mLock) {
+            throwIfNotConnectedLocked();
+        }
+        try {
+            // Calling out without a lock held.
+            mUiAutomationConnection.adoptShellPermissionIdentity(Process.myUid(), permissions);
        } catch (RemoteException re) {
            Log.e(LOG_TAG, "Error executing adopting shell permission identity!", re);
        }
--- a/core/java/android/app/UiAutomationConnection.java
+++ b/core/java/android/app/UiAutomationConnection.java
@@ -18,7 +18,7 @@ package android.app;

 import android.accessibilityservice.AccessibilityServiceInfo;
 import android.accessibilityservice.IAccessibilityServiceClient;
-import android.annotation.UnsupportedAppUsage;
+import android.annotation.Nullable;
 import android.content.Context;
 import android.content.pm.IPackageManager;
 import android.graphics.Bitmap;
@@ -279,7 +279,8 @@ public final class UiAutomationConnection extends IUiAutomationConnection.Stub {
    }

    @Override
-    public void adoptShellPermissionIdentity(int uid) throws RemoteException {
+    public void adoptShellPermissionIdentity(int uid, @Nullable String[] permissions)
+            throws RemoteException {
        synchronized (mLock) {
            throwIfCalledByNotTrustedUidLocked();
            throwIfShutdownLocked();
@@ -287,7 +288,7 @@ public final class UiAutomationConnection extends IUiAutomationConnection.Stub {
        }
        final long identity = Binder.clearCallingIdentity();
        try {
-            mActivityManager.startDelegateShellPermissionIdentity(uid);
+            mActivityManager.startDelegateShellPermissionIdentity(uid, permissions);
        } finally {
            Binder.restoreCallingIdentity(identity);
        }