Merge "Restrict bindServiceAsUser to same package with _ACROSS_PROFILES"

author: Kholoud Mohamed <kholoudm@google.com> 2020-01-22 14:36:13 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2020-01-22 14:36:13 +0000
commit: 747d4adbb57dac93da9de9dfa052a1914c2fb9fc (patch)
tree: 00fd4adf361b41a4b24fa08882069203498e8cf7
parent: be36037b2e1d639dac831c7042f62933003bb195 (diff)
parent: 971e7cc56463f871ded3c257d337730d9ace04d5 (diff)
1 files changed, 15 insertions, 3 deletions
diff --git a/services/core/java/com/android/server/am/ActiveServices.java b/services/core/java/com/android/server/am/ActiveServices.java
index 3ffa5dea4d89..ac85bf57e9b0 100644
--- a/services/core/java/com/android/server/am/ActiveServices.java
+++ b/services/core/java/com/android/server/am/ActiveServices.java
@@ -31,6 +31,7 @@ import static com.android.server.am.ActivityManagerDebugConfig.POSTFIX_SERVICE_E
 import static com.android.server.am.ActivityManagerDebugConfig.TAG_AM;
 import static com.android.server.am.ActivityManagerDebugConfig.TAG_WITH_CLASS_NAME;
 
+import android.annotation.Nullable;
 import android.app.ActivityManager;
 import android.app.ActivityManagerInternal;
 import android.app.ActivityThread;
@@ -2068,9 +2069,9 @@ public final class ActiveServices {
         if (DEBUG_SERVICE) Slog.v(TAG_SERVICE, "retrieveServiceLocked: " + service
                 + " type=" + resolvedType + " callingUid=" + callingUid);
 
-        userId = mAm.mUserController.handleIncomingUser(callingPid, callingUid, userId, false,
-                ActivityManagerInternal.ALLOW_ALL_PROFILE_PERMISSIONS_IN_PROFILE, "service",
-                callingPackage);
+        userId = mAm.mUserController.handleIncomingUser(callingPid, callingUid, userId,
+                /* allowAll= */false, getAllowMode(service, callingPackage),
+                /* name= */ "service", callingPackage);
 
         ServiceMap smap = getServiceMapLocked(userId);
         final ComponentName comp;
@@ -2260,6 +2261,17 @@ public final class ActiveServices {
         return null;
     }
 
+    private int getAllowMode(Intent service, @Nullable String callingPackage) {
+        if (callingPackage == null || service.getComponent() == null) {
+            return ActivityManagerInternal.ALLOW_NON_FULL_IN_PROFILE;
+        }
+        if (callingPackage.equals(service.getComponent().getPackageName())) {
+            return ActivityManagerInternal.ALLOW_ALL_PROFILE_PERMISSIONS_IN_PROFILE;
+        } else {
+            return ActivityManagerInternal.ALLOW_NON_FULL_IN_PROFILE;
+        }
+    }
+
     private final void bumpServiceExecutingLocked(ServiceRecord r, boolean fg, String why) {
         if (DEBUG_SERVICE) Slog.v(TAG_SERVICE, ">>> EXECUTING "
                 + why + " of " + r + " in app " + r.app);
author	Kholoud Mohamed <kholoudm@google.com>	2020-01-22 14:36:13 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2020-01-22 14:36:13 +0000
commit	747d4adbb57dac93da9de9dfa052a1914c2fb9fc (patch)
tree	00fd4adf361b41a4b24fa08882069203498e8cf7
parent	be36037b2e1d639dac831c7042f62933003bb195 (diff)
parent	971e7cc56463f871ded3c257d337730d9ace04d5 (diff)