Merge "Prevent SettingsSliceProvider from accessing unused packages" into security-aosp-25Q2-staging
This commit is contained in:
Treehugger Robot
committed by
Android (Google) Code Review
Android (Google) Code Review
commit
145b4a0870
@@ -201,6 +201,9 @@
|
|||||||
<!-- List of packages that should be allowlisted for slice uri access. Do not translate -->
|
<!-- List of packages that should be allowlisted for slice uri access. Do not translate -->
|
||||||
<string-array name="slice_allowlist_package_names" translatable="false"/>
|
<string-array name="slice_allowlist_package_names" translatable="false"/>
|
||||||
|
|
||||||
|
<!-- List of packages that should be allowlisted for slice uri access for debugging purpose. Do not translate -->
|
||||||
|
<string-array name="slice_allowlist_package_names_for_dev" translatable="false"/>
|
||||||
|
|
||||||
<!-- Whether to use a UI variant that minimizes the number of UI elements on screen. This is
|
<!-- Whether to use a UI variant that minimizes the number of UI elements on screen. This is
|
||||||
typically used when there is not enough space to display everything, because pattern view
|
typically used when there is not enough space to display everything, because pattern view
|
||||||
doesn't interact well with scroll view -->
|
doesn't interact well with scroll view -->
|
||||||
|
|||||||
@@ -29,6 +29,7 @@ import android.content.IntentFilter;
|
|||||||
import android.content.pm.PackageManager;
|
import android.content.pm.PackageManager;
|
||||||
import android.net.Uri;
|
import android.net.Uri;
|
||||||
import android.os.Binder;
|
import android.os.Binder;
|
||||||
|
import android.os.Build;
|
||||||
import android.os.StrictMode;
|
import android.os.StrictMode;
|
||||||
import android.os.UserManager;
|
import android.os.UserManager;
|
||||||
import android.provider.Settings;
|
import android.provider.Settings;
|
||||||
@@ -388,19 +389,30 @@ public class SettingsSliceProvider extends SliceProvider {
|
|||||||
if (descendants == null) {
|
if (descendants == null) {
|
||||||
Log.d(TAG, "No descendants to grant permission with, skipping.");
|
Log.d(TAG, "No descendants to grant permission with, skipping.");
|
||||||
}
|
}
|
||||||
final String[] allowlistPackages =
|
final List<String> allowlist = new ArrayList<>();
|
||||||
|
final String[] packages =
|
||||||
context.getResources().getStringArray(R.array.slice_allowlist_package_names);
|
context.getResources().getStringArray(R.array.slice_allowlist_package_names);
|
||||||
if (allowlistPackages == null || allowlistPackages.length == 0) {
|
if (packages != null) {
|
||||||
|
allowlist.addAll(Arrays.asList(packages));
|
||||||
|
}
|
||||||
|
if (Build.IS_DEBUGGABLE) {
|
||||||
|
final String[] devPackages = context.getResources().getStringArray(
|
||||||
|
R.array.slice_allowlist_package_names_for_dev);
|
||||||
|
if (devPackages != null) {
|
||||||
|
allowlist.addAll(Arrays.asList(devPackages));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (allowlist.size() == 0) {
|
||||||
Log.d(TAG, "No packages to allowlist, skipping.");
|
Log.d(TAG, "No packages to allowlist, skipping.");
|
||||||
return;
|
return;
|
||||||
} else {
|
} else {
|
||||||
Log.d(TAG, String.format(
|
Log.d(TAG, String.format(
|
||||||
"Allowlisting %d uris to %d pkgs.",
|
"Allowlisting %d uris to %d pkgs.",
|
||||||
descendants.size(), allowlistPackages.length));
|
descendants.size(), allowlist.size()));
|
||||||
}
|
}
|
||||||
final SliceManager sliceManager = context.getSystemService(SliceManager.class);
|
final SliceManager sliceManager = context.getSystemService(SliceManager.class);
|
||||||
for (Uri descendant : descendants) {
|
for (Uri descendant : descendants) {
|
||||||
for (String toPackage : allowlistPackages) {
|
for (String toPackage : allowlist) {
|
||||||
sliceManager.grantSlicePermission(toPackage, descendant);
|
sliceManager.grantSlicePermission(toPackage, descendant);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -17,4 +17,7 @@
|
|||||||
<resources>
|
<resources>
|
||||||
<!-- List of packages that should be allowlisted for slice uri access. Do not translate -->
|
<!-- List of packages that should be allowlisted for slice uri access. Do not translate -->
|
||||||
<string-array name="slice_allowlist_package_names" translatable="false"/>
|
<string-array name="slice_allowlist_package_names" translatable="false"/>
|
||||||
|
|
||||||
|
<!-- List of packages that should be allowlisted for slice uri access for debugging purpose. Do not translate -->
|
||||||
|
<string-array name="slice_allowlist_package_names_for_dev" translatable="false"/>
|
||||||
</resources>
|
</resources>
|
||||||
|
|||||||
@@ -86,6 +86,11 @@
|
|||||||
<item>com.android.settings.slice_allowlist_package</item>
|
<item>com.android.settings.slice_allowlist_package</item>
|
||||||
</string-array>
|
</string-array>
|
||||||
|
|
||||||
|
<!-- List of packages that should be allowlisted for slice uri access for debugging purpose. Do not translate -->
|
||||||
|
<string-array name="slice_allowlist_package_names_for_dev" translatable="false">
|
||||||
|
<item>com.android.settings.slice_allowlist_package_dev</item>
|
||||||
|
</string-array>
|
||||||
|
|
||||||
<!-- Email address for the homepage contextual cards feedback -->
|
<!-- Email address for the homepage contextual cards feedback -->
|
||||||
<string name="config_contextual_card_feedback_email" translatable="false">test@test.test</string>
|
<string name="config_contextual_card_feedback_email" translatable="false">test@test.test</string>
|
||||||
|
|
||||||
|
|||||||
@@ -80,6 +80,7 @@ import org.robolectric.annotation.Resetter;
|
|||||||
import org.robolectric.shadow.api.Shadow;
|
import org.robolectric.shadow.api.Shadow;
|
||||||
import org.robolectric.shadows.ShadowAccessibilityManager;
|
import org.robolectric.shadows.ShadowAccessibilityManager;
|
||||||
import org.robolectric.shadows.ShadowBinder;
|
import org.robolectric.shadows.ShadowBinder;
|
||||||
|
import org.robolectric.shadows.ShadowBuild;
|
||||||
import org.robolectric.shadows.ShadowPackageManager;
|
import org.robolectric.shadows.ShadowPackageManager;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
@@ -647,6 +648,7 @@ public class SettingsSliceProviderTest {
|
|||||||
@Test
|
@Test
|
||||||
@Config(qualifiers = "mcc999")
|
@Config(qualifiers = "mcc999")
|
||||||
public void grantAllowlistedPackagePermissions_hasPackageAllowlist_shouldGrant() {
|
public void grantAllowlistedPackagePermissions_hasPackageAllowlist_shouldGrant() {
|
||||||
|
ShadowBuild.setDebuggable(false);
|
||||||
final List<Uri> uris = new ArrayList<>();
|
final List<Uri> uris = new ArrayList<>();
|
||||||
uris.add(Uri.parse("content://settings/slice"));
|
uris.add(Uri.parse("content://settings/slice"));
|
||||||
|
|
||||||
@@ -654,6 +656,23 @@ public class SettingsSliceProviderTest {
|
|||||||
|
|
||||||
verify(mManager)
|
verify(mManager)
|
||||||
.grantSlicePermission("com.android.settings.slice_allowlist_package", uris.get(0));
|
.grantSlicePermission("com.android.settings.slice_allowlist_package", uris.get(0));
|
||||||
|
verify(mManager, never())
|
||||||
|
.grantSlicePermission("com.android.settings.slice_allowlist_package_dev",
|
||||||
|
uris.get(0));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Config(qualifiers = "mcc999")
|
||||||
|
public void grantAllowlistedPackagePermissions_hasPackageAllowlistAndDebuggable_shouldGrant() {
|
||||||
|
ShadowBuild.setDebuggable(true);
|
||||||
|
final List<Uri> uris = new ArrayList<>();
|
||||||
|
uris.add(Uri.parse("content://settings/slice"));
|
||||||
|
|
||||||
|
SettingsSliceProvider.grantAllowlistedPackagePermissions(mContext, uris);
|
||||||
|
|
||||||
|
verify(mManager)
|
||||||
|
.grantSlicePermission("com.android.settings.slice_allowlist_package_dev",
|
||||||
|
uris.get(0));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|||||||
Reference in New Issue
Block a user