Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Get ApplicationInfo using usr id

Browse Source 
Use ApplicationInfoAsUser() to get the application information by
user id to make sure we have correct permission, othewise we will
get the SecurityException due to lack of INTERACT_ACROSS_USERS.

Bug: 176313819
Test: atest CtsVoiceRecognitionTestCases
Test: manual.
      1.create profile user
      2.Install sample recognizer app
      3.Function works fine and no security exception occurred after
      apply the change

Change-Id: I6958dbf661373606fb9dba55e386aaea4399a146
Merged-In: Iaf485537b8082d2109d2134ff987dc7244e31218
This commit is contained in:
Joanne Chung
2020-12-30 19:25:39 +08:00
parent 348c6f01e6
commit d96bcfcdf2
2 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
core/java/android/app/AppOpsManager.java
View File

@@ -7623,8 +7623,8 @@ public class AppOpsManager {
} else if (collectionMode == COLLECT_SYNC
// Only collect app-ops when the proxy is trusted
&& (mContext.checkPermission(Manifest.permission.UPDATE_APP_OPS_STATS, -1,
myUid) == PackageManager.PERMISSION_GRANTED
|| isTrustedVoiceServiceProxy(mContext, mContext.getOpPackageName(), op))) {
myUid) == PackageManager.PERMISSION_GRANTED || isTrustedVoiceServiceProxy(
mContext, mContext.getOpPackageName(), op, mContext.getUserId()))) {
collectNotedOpSync(op, proxiedAttributionTag);
}
}
@@ -7642,7 +7642,7 @@ public class AppOpsManager {
* @hide
*/
public static boolean isTrustedVoiceServiceProxy(Context context, String packageName,
int code) {
int code, int userId) {
// This is a workaround for R QPR, new API change is not allowed. We only allow the current
// voice recognizer is also the voice interactor to noteproxy op.
if (code != OP_RECORD_AUDIO) {
@@ -7654,7 +7654,7 @@ public class AppOpsManager {
final String voiceRecognitionServicePackageName =
getComponentPackageNameFromString(voiceRecognitionComponent);
return (Objects.equals(packageName, voiceRecognitionServicePackageName))
&& isPackagePreInstalled(context, packageName);
&& isPackagePreInstalled(context, packageName, userId);
}
private static String getComponentPackageNameFromString(String from) {
@@ -7662,10 +7662,10 @@ public class AppOpsManager {
return componentName != null ? componentName.getPackageName() : "";
}
private static boolean isPackagePreInstalled(Context context, String packageName) {
private static boolean isPackagePreInstalled(Context context, String packageName, int userId) {
try {
final PackageManager pm = context.getPackageManager();
final ApplicationInfo info = pm.getApplicationInfo(packageName, 0);
final ApplicationInfo info = pm.getApplicationInfoAsUser(packageName, 0, userId);
return ((info.flags & ApplicationInfo.FLAG_SYSTEM) != 0);
} catch (PackageManager.NameNotFoundException e) {
return false;

4
services/core/java/com/android/server/appop/AppOpsService.java
View File

@@ -3014,8 +3014,8 @@ public class AppOpsService extends IAppOpsService.Stub {
// This is a workaround for R QPR, new API change is not allowed. We only allow the current
// voice recognizer is also the voice interactor to noteproxy op.
final boolean isTrustVoiceServiceProxy =
AppOpsManager.isTrustedVoiceServiceProxy(mContext, proxyPackageName, code);
final boolean isTrustVoiceServiceProxy = AppOpsManager.isTrustedVoiceServiceProxy(mContext,
proxyPackageName, code, UserHandle.getUserId(proxyUid));
final boolean isSelfBlame = Binder.getCallingUid() == proxiedUid;
final boolean isProxyTrusted = mContext.checkPermission(
Manifest.permission.UPDATE_APP_OPS_STATS, -1, proxyUid)