Merge "Allow apps with MANAGE_USB_STATE permission access to all USB accessories." into tm-dev

author: TreeHugger Robot <treehugger-gerrit@google.com> 2022-03-01 03:54:05 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2022-03-01 03:54:05 +0000
commit: 04e3e536d93a2e7ba0d97a0cf888b46da5a14c20 (patch)
tree: 983875522d775debb9c74423aa57a1845e6e35b5
parent: 1a6203e030927e3b9ba4865be312885e025278ff (diff)
parent: ea89c0e71da689efe45c79cb68cb3b61d5644093 (diff)
4 files changed, 19 insertions, 12 deletions
diff --git a/services/usb/java/com/android/server/usb/UsbDeviceManager.java b/services/usb/java/com/android/server/usb/UsbDeviceManager.java
index 7f70301735d9..1999cfc706b4 100644
--- a/services/usb/java/com/android/server/usb/UsbDeviceManager.java
+++ b/services/usb/java/com/android/server/usb/UsbDeviceManager.java
@@ -2187,7 +2187,7 @@ public class UsbDeviceManager implements ActivityTaskManagerInternal.ScreenObser
      * @param uid Uid of the caller
      */
     public ParcelFileDescriptor openAccessory(UsbAccessory accessory,
-            UsbUserPermissionManager permissions, int uid) {
+            UsbUserPermissionManager permissions, int pid, int uid) {
         UsbAccessory currentAccessory = mHandler.getCurrentAccessory();
         if (currentAccessory == null) {
             throw new IllegalArgumentException("no accessory attached");
@@ -2198,7 +2198,7 @@ public class UsbDeviceManager implements ActivityTaskManagerInternal.ScreenObser
                     + currentAccessory;
             throw new IllegalArgumentException(error);
         }
-        permissions.checkPermission(accessory, uid);
+        permissions.checkPermission(accessory, pid, uid);
         return nativeOpenAccessory();
     }
 
diff --git a/services/usb/java/com/android/server/usb/UsbSerialReader.java b/services/usb/java/com/android/server/usb/UsbSerialReader.java
index f241e65ba755..9dda0e778394 100644
--- a/services/usb/java/com/android/server/usb/UsbSerialReader.java
+++ b/services/usb/java/com/android/server/usb/UsbSerialReader.java
@@ -98,7 +98,7 @@ class UsbSerialReader extends IUsbSerialReader.Stub {
                                     .checkPermission((UsbDevice) mDevice, packageName, pid, uid);
                         } else {
                             mPermissionManager.getPermissionsForUser(userId)
-                                    .checkPermission((UsbAccessory) mDevice, uid);
+                                    .checkPermission((UsbAccessory) mDevice, pid, uid);
                         }
                     }
                 }
diff --git a/services/usb/java/com/android/server/usb/UsbService.java b/services/usb/java/com/android/server/usb/UsbService.java
index c0ecf58087fa..e06ab022688f 100644
--- a/services/usb/java/com/android/server/usb/UsbService.java
+++ b/services/usb/java/com/android/server/usb/UsbService.java
@@ -321,6 +321,7 @@ public class UsbService extends IUsbManager.Stub {
     public ParcelFileDescriptor openAccessory(UsbAccessory accessory) {
         if (mDeviceManager != null) {
             int uid = Binder.getCallingUid();
+            int pid = Binder.getCallingPid();
             int user = UserHandle.getUserId(uid);
 
             final long ident = clearCallingIdentity();
@@ -328,7 +329,7 @@ public class UsbService extends IUsbManager.Stub {
                 synchronized (mLock) {
                     if (mUserManager.isSameProfileGroup(user, mCurrentUserId)) {
                         return mDeviceManager.openAccessory(accessory, getPermissionsForUser(user),
-                                uid);
+                                pid, uid);
                     } else {
                         Slog.w(TAG, "Cannot open " + accessory + " for user " + user
                                 + " as user is not active.");
@@ -505,11 +506,12 @@ public class UsbService extends IUsbManager.Stub {
     @Override
     public boolean hasAccessoryPermission(UsbAccessory accessory) {
         final int uid = Binder.getCallingUid();
+        final int pid = Binder.getCallingPid();
         final int userId = UserHandle.getUserId(uid);
 
         final long token = Binder.clearCallingIdentity();
         try {
-            return getPermissionsForUser(userId).hasPermission(accessory, uid);
+            return getPermissionsForUser(userId).hasPermission(accessory, pid, uid);
         } finally {
             Binder.restoreCallingIdentity(token);
         }
@@ -533,11 +535,12 @@ public class UsbService extends IUsbManager.Stub {
     public void requestAccessoryPermission(
             UsbAccessory accessory, String packageName, PendingIntent pi) {
         final int uid = Binder.getCallingUid();
+        final int pid = Binder.getCallingPid();
         final int userId = UserHandle.getUserId(uid);
 
         final long token = Binder.clearCallingIdentity();
         try {
-            getPermissionsForUser(userId).requestPermission(accessory, packageName, pi, uid);
+            getPermissionsForUser(userId).requestPermission(accessory, packageName, pi, pid, uid);
         } finally {
             Binder.restoreCallingIdentity(token);
         }
diff --git a/services/usb/java/com/android/server/usb/UsbUserPermissionManager.java b/services/usb/java/com/android/server/usb/UsbUserPermissionManager.java
index 286cff90daab..dd5f153b2518 100644
--- a/services/usb/java/com/android/server/usb/UsbUserPermissionManager.java
+++ b/services/usb/java/com/android/server/usb/UsbUserPermissionManager.java
@@ -246,9 +246,13 @@ class UsbUserPermissionManager {
      * @param uid to check permission for
      * @return {@code true} if caller has permssion
      */
-    boolean hasPermission(@NonNull UsbAccessory accessory, int uid) {
+    boolean hasPermission(@NonNull UsbAccessory accessory, int pid, int uid) {
         synchronized (mLock) {
-            if (uid == Process.SYSTEM_UID || mDisablePermissionDialogs) {
+            if (uid == Process.SYSTEM_UID
+                    || mDisablePermissionDialogs
+                    || mContext.checkPermission(
+                        android.Manifest.permission.MANAGE_USB, pid, uid)
+                         == android.content.pm.PackageManager.PERMISSION_GRANTED) {
                 return true;
             }
             AccessoryFilter filter = new AccessoryFilter(accessory);
@@ -675,8 +679,8 @@ class UsbUserPermissionManager {
         }
     }
 
-    public void checkPermission(UsbAccessory accessory, int uid) {
-        if (!hasPermission(accessory, uid)) {
+    public void checkPermission(UsbAccessory accessory, int pid, int uid) {
+        if (!hasPermission(accessory, pid, uid)) {
             throw new SecurityException("User has not given " + uid + " permission to accessory "
                     + accessory);
         }
@@ -745,9 +749,9 @@ class UsbUserPermissionManager {
     }
 
     public void requestPermission(UsbAccessory accessory, String packageName, PendingIntent pi,
-            int uid) {
+            int pid, int uid) {
         // respond immediately if permission has already been granted
-        if (hasPermission(accessory, uid)) {
+        if (hasPermission(accessory, pid, uid)) {
             Intent intent = new Intent();
             intent.putExtra(UsbManager.EXTRA_ACCESSORY, accessory);
             intent.putExtra(UsbManager.EXTRA_PERMISSION_GRANTED, true);
author	TreeHugger Robot <treehugger-gerrit@google.com>	2022-03-01 03:54:05 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2022-03-01 03:54:05 +0000
commit	04e3e536d93a2e7ba0d97a0cf888b46da5a14c20 (patch)
tree	983875522d775debb9c74423aa57a1845e6e35b5
parent	1a6203e030927e3b9ba4865be312885e025278ff (diff)
parent	ea89c0e71da689efe45c79cb68cb3b61d5644093 (diff)