Revert "Verify the incoming package first."

This reverts commit 8423dd15ff7b12687d6726ce555f7a0717ae7f14. Reason for revert: b/216248574 Change-Id: I3e0c2d4b453d50f773bdf55d26886f2df8accf2a
author: Jackal Guo <jackalguo@google.com> 2022-01-26 12:20:21 +0000
committer: Jackal Guo <jackalguo@google.com> 2022-01-26 12:20:21 +0000
commit: 70737fcd233e9c721509d85adb82fec3a1642a6d (patch)
tree: 412f139e60a0ac78ce686aac39b58fbc1d19fb13
parent: 8423dd15ff7b12687d6726ce555f7a0717ae7f14 (diff)
3 files changed, 27 insertions, 58 deletions
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index 96594d5ea4e1..70bd734a9ccd 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -2870,51 +2870,13 @@ public class ActivityManagerService extends IActivityManager.Stub
         return mode == AppOpsManager.MODE_ALLOWED;
     }
 
-    /**
-     * Checks whether the calling package is trusted.
-     *
-     * The calling package is trusted if it's from system or the supposed package name matches the
-     * UID making the call.
-     *
-     * @throws SecurityException if the package name and UID don't match.
-     */
-    private void verifyCallingPackage(String callingPackage) {
-        final int callingUid = Binder.getCallingUid();
-        // The caller is System or Shell.
-        if (callingUid == SYSTEM_UID || isCallerShell()) {
-            return;
-        }
-
-        // Handle the special UIDs that don't have real package (audioserver, cameraserver, etc).
-        final String resolvedPackage = AppOpsManager.resolvePackageName(callingUid,
-                null /* packageName */);
-        if (resolvedPackage != null && resolvedPackage.equals(callingPackage)) {
-            return;
-        }
-
-        final int claimedUid = getPackageManagerInternal().getPackageUid(callingPackage,
-                0 /* flags */, UserHandle.getUserId(callingUid));
-        if (callingUid == claimedUid) {
-            return;
-        }
-
-        throw new SecurityException(
-                "Claimed calling package " + callingPackage + " does not match the calling UID "
-                        + Binder.getCallingUid());
-    }
-
-    private void enforceUsageStatsPermission(String callingPackage, String func) {
-        verifyCallingPackage(callingPackage);
-        // Since the protection level of PACKAGE_USAGE_STATS has 'appop', apps may grant this
-        // permission via that way. We need to check both app-ops and permission.
+    @Override
+    public int getPackageProcessState(String packageName, String callingPackage) {
         if (!hasUsageStatsPermission(callingPackage)) {
-            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS, func);
+            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS,
+                    "getPackageProcessState");
         }
-    }
 
-    @Override
-    public int getPackageProcessState(String packageName, String callingPackage) {
-        enforceUsageStatsPermission(callingPackage, "getPackageProcessState");
         final int[] procState = {PROCESS_STATE_NONEXISTENT};
         synchronized (mProcLock) {
             mProcessList.forEachLruProcessesLOSP(false, proc -> {
@@ -6975,7 +6937,11 @@ public class ActivityManagerService extends IActivityManager.Stub
 
     @Override
     public int getUidProcessState(int uid, String callingPackage) {
-        enforceUsageStatsPermission(callingPackage, "getUidProcessState");
+        if (!hasUsageStatsPermission(callingPackage)) {
+            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS,
+                    "getUidProcessState");
+        }
+
         synchronized (mProcLock) {
             return mProcessList.getUidProcStateLOSP(uid);
         }
@@ -6983,7 +6949,11 @@ public class ActivityManagerService extends IActivityManager.Stub
 
     @Override
     public @ProcessCapability int getUidProcessCapabilities(int uid, String callingPackage) {
-        enforceUsageStatsPermission(callingPackage, "getUidProcessCapabilities");
+        if (!hasUsageStatsPermission(callingPackage)) {
+            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS,
+                    "getUidProcessState");
+        }
+
         synchronized (mProcLock) {
             return mProcessList.getUidProcessCapabilityLOSP(uid);
         }
@@ -6992,7 +6962,10 @@ public class ActivityManagerService extends IActivityManager.Stub
     @Override
     public void registerUidObserver(IUidObserver observer, int which, int cutpoint,
             String callingPackage) {
-        enforceUsageStatsPermission(callingPackage, "registerUidObserver");
+        if (!hasUsageStatsPermission(callingPackage)) {
+            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS,
+                    "registerUidObserver");
+        }
         mUidObserverController.register(observer, which, cutpoint, callingPackage,
                 Binder.getCallingUid());
     }
@@ -7004,7 +6977,10 @@ public class ActivityManagerService extends IActivityManager.Stub
 
     @Override
     public boolean isUidActive(int uid, String callingPackage) {
-        enforceUsageStatsPermission(callingPackage, "isUidActive");
+        if (!hasUsageStatsPermission(callingPackage)) {
+            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS,
+                    "isUidActive");
+        }
         synchronized (mProcLock) {
             if (isUidActiveLOSP(uid)) {
                 return true;
diff --git a/services/core/java/com/android/server/vibrator/VibrationSettings.java b/services/core/java/com/android/server/vibrator/VibrationSettings.java
index 0cc625d203ad..df6ffa2bd009 100644
--- a/services/core/java/com/android/server/vibrator/VibrationSettings.java
+++ b/services/core/java/com/android/server/vibrator/VibrationSettings.java
@@ -168,7 +168,7 @@ final class VibrationSettings {
         try {
             ActivityManager.getService().registerUidObserver(mUidObserver,
                     ActivityManager.UID_OBSERVER_PROCSTATE | ActivityManager.UID_OBSERVER_GONE,
-                    ActivityManager.PROCESS_STATE_UNKNOWN, mContext.getOpPackageName());
+                    ActivityManager.PROCESS_STATE_UNKNOWN, null);
         } catch (RemoteException e) {
             // ignored; both services live in system_server
         }
diff --git a/services/tests/servicestests/src/com/android/server/am/ActivityManagerServiceTest.java b/services/tests/servicestests/src/com/android/server/am/ActivityManagerServiceTest.java
index 677f0f642e6e..36c37c4dbf2a 100644
--- a/services/tests/servicestests/src/com/android/server/am/ActivityManagerServiceTest.java
+++ b/services/tests/servicestests/src/com/android/server/am/ActivityManagerServiceTest.java
@@ -541,14 +541,11 @@ public class ActivityManagerServiceTest {
                     | ActivityManager.UID_OBSERVER_CAPABILITY
         };
         final IUidObserver[] observers = new IUidObserver.Stub[changesToObserve.length];
-        doReturn(Process.myUid()).when(sPackageManagerInternal)
-                .getPackageUid(mContext.getOpPackageName(), 0 /* flags */, mContext.getUserId());
         for (int i = 0; i < observers.length; ++i) {
             observers[i] = mock(IUidObserver.Stub.class);
             when(observers[i].asBinder()).thenReturn((IBinder) observers[i]);
             mAms.registerUidObserver(observers[i], changesToObserve[i] /* which */,
-                    ActivityManager.PROCESS_STATE_UNKNOWN /* cutpoint */,
-                    mContext.getOpPackageName());
+                    ActivityManager.PROCESS_STATE_UNKNOWN /* cutpoint */, null /* caller */);
 
             // When we invoke AMS.registerUidObserver, there are some interactions with observers[i]
             // mock in RemoteCallbackList class. We don't want to test those interactions and
@@ -677,12 +674,10 @@ public class ActivityManagerServiceTest {
         mockNoteOperation();
 
         final IUidObserver observer = mock(IUidObserver.Stub.class);
+
         when(observer.asBinder()).thenReturn((IBinder) observer);
-        doReturn(Process.myUid()).when(sPackageManagerInternal)
-                .getPackageUid(mContext.getOpPackageName(), 0 /* flags */, mContext.getUserId());
         mAms.registerUidObserver(observer, ActivityManager.UID_OBSERVER_PROCSTATE /* which */,
-                ActivityManager.PROCESS_STATE_SERVICE /* cutpoint */,
-                mContext.getOpPackageName());
+                ActivityManager.PROCESS_STATE_SERVICE /* cutpoint */, null /* callingPackage */);
         // When we invoke AMS.registerUidObserver, there are some interactions with observer
         // mock in RemoteCallbackList class. We don't want to test those interactions and
         // at the same time, we don't want those to interfere with verifyNoMoreInteractions.
@@ -776,9 +771,7 @@ public class ActivityManagerServiceTest {
 
         final IUidObserver observer = mock(IUidObserver.Stub.class);
         when(observer.asBinder()).thenReturn((IBinder) observer);
-        doReturn(Process.myUid()).when(sPackageManagerInternal)
-                .getPackageUid(mContext.getOpPackageName(), 0 /* flags */, mContext.getUserId());
-        mAms.registerUidObserver(observer, 0, 0, mContext.getOpPackageName());
+        mAms.registerUidObserver(observer, 0, 0, null);
         // Verify that when observers are registered, then validateUids is correctly updated.
         addPendingUidChanges(pendingItemsForUids);
         mAms.mUidObserverController.dispatchUidsChanged();
author	Jackal Guo <jackalguo@google.com>	2022-01-26 12:20:21 +0000
committer	Jackal Guo <jackalguo@google.com>	2022-01-26 12:20:21 +0000
commit	70737fcd233e9c721509d85adb82fec3a1642a6d (patch)
tree	412f139e60a0ac78ce686aac39b58fbc1d19fb13
parent	8423dd15ff7b12687d6726ce555f7a0717ae7f14 (diff)