Merge "Allows system uid to access application across users"

author: Rhed Jao <rhedjao@google.com> 2022-06-20 09:47:52 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2022-06-20 09:47:52 +0000
commit: 4bc98cb6e4c843a925bf19d4926d3d3f17791828 (patch)
tree: 66c1ea59b834ddb0dc4b325347d38709fb3dae89
parent: ef0fa1054a30e361eef42c426ff259a8749e8560 (diff)
parent: a4fb7ea1712400c82357a411dccfe00f0b5ea7a3 (diff)
3 files changed, 20 insertions, 5 deletions
diff --git a/services/core/java/com/android/server/pm/Computer.java b/services/core/java/com/android/server/pm/Computer.java
index ad149d343490..a878bfd46a54 100644
--- a/services/core/java/com/android/server/pm/Computer.java
+++ b/services/core/java/com/android/server/pm/Computer.java
@@ -236,7 +236,8 @@ public interface Computer extends PackageDataSnapshot {
      * existence.
      * <p>
      * Package with {@link PackageManager#SYSTEM_APP_STATE_HIDDEN_UNTIL_INSTALLED_HIDDEN} is not
-     * treated as an uninstalled package for the carrier apps customization.
+     * treated as an uninstalled package for the carrier apps customization. Bypassing the
+     * uninstalled package check if the caller is system, shell or root uid.
      */
     boolean shouldFilterApplicationIncludingUninstalled(@Nullable PackageStateInternal ps,
             int callingUid, int userId);
diff --git a/services/core/java/com/android/server/pm/ComputerEngine.java b/services/core/java/com/android/server/pm/ComputerEngine.java
index 9489dc8de593..b7d241e5867c 100644
--- a/services/core/java/com/android/server/pm/ComputerEngine.java
+++ b/services/core/java/com/android/server/pm/ComputerEngine.java
@@ -58,6 +58,7 @@ import static com.android.server.pm.PackageManagerService.EMPTY_INT_ARRAY;
 import static com.android.server.pm.PackageManagerService.HIDE_EPHEMERAL_APIS;
 import static com.android.server.pm.PackageManagerService.TAG;
 import static com.android.server.pm.PackageManagerServiceUtils.compareSignatures;
+import static com.android.server.pm.PackageManagerServiceUtils.isSystemOrRootOrShell;
 import static com.android.server.pm.resolution.ComponentResolver.RESOLVE_PRIORITY_SORTER;
 
 import android.Manifest;
@@ -2737,9 +2738,13 @@ public class ComputerEngine implements Computer {
         final String instantAppPkgName = getInstantAppPackageName(callingUid);
         final boolean callerIsInstantApp = instantAppPkgName != null;
         // Don't treat hiddenUntilInstalled as an uninstalled state, phone app needs to access
-        // these hidden application details to customize carrier apps.
-        if (ps == null || (filterUninstall && !ps.isHiddenUntilInstalled()
-                && !ps.getUserStateOrDefault(userId).isInstalled())) {
+        // these hidden application details to customize carrier apps. Also, allowing the system
+        // caller accessing to application across users.
+        if (ps == null
+                || (filterUninstall
+                        && !isSystemOrRootOrShell(callingUid)
+                        && !ps.isHiddenUntilInstalled()
+                        && !ps.getUserStateOrDefault(userId).isInstalled())) {
             // If caller is instant app or sdk sandbox and ps is null, pretend the application
             // exists, but, needs to be filtered
             return (callerIsInstantApp || filterUninstall || Process.isSdkSandboxUid(callingUid));
@@ -2837,6 +2842,9 @@ public class ComputerEngine implements Computer {
         if (shouldFilterApplication(sus, callingUid, userId)) {
             return true;
         }
+        if (isSystemOrRootOrShell(callingUid)) {
+            return false;
+        }
         final ArraySet<PackageStateInternal> packageStates =
                 (ArraySet<PackageStateInternal>) sus.getPackageStates();
         for (int index = 0; index < packageStates.size(); index++) {
diff --git a/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java b/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
index 629ac71b9824..b7ab381a08b5 100644
--- a/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
+++ b/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
@@ -1271,7 +1271,13 @@ public class PackageManagerServiceUtils {
      * Check if the Binder caller is system UID, root's UID, or shell's UID.
      */
     public static boolean isSystemOrRootOrShell() {
-        final int uid = Binder.getCallingUid();
+        return isSystemOrRootOrShell(Binder.getCallingUid());
+    }
+
+    /**
+     * @see #isSystemOrRoot()
+     */
+    public static boolean isSystemOrRootOrShell(int uid) {
         return uid == Process.SYSTEM_UID || uid == Process.ROOT_UID || uid == Process.SHELL_UID;
     }
author	Rhed Jao <rhedjao@google.com>	2022-06-20 09:47:52 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2022-06-20 09:47:52 +0000
commit	4bc98cb6e4c843a925bf19d4926d3d3f17791828 (patch)
tree	66c1ea59b834ddb0dc4b325347d38709fb3dae89
parent	ef0fa1054a30e361eef42c426ff259a8749e8560 (diff)
parent	a4fb7ea1712400c82357a411dccfe00f0b5ea7a3 (diff)