diff options
| author | 2024-03-20 10:40:34 +0000 | |
|---|---|---|
| committer | 2024-03-20 10:40:34 +0000 | |
| commit | b1c64b523b51e8a1fc89f9c1cd0ff1610c800baa (patch) | |
| tree | 063a6166584ec35de9e35e1dfe2cb48e5b254523 | |
| parent | f3c874dbd44ece3a9e7abb3b022415f9e58c61db (diff) | |
| parent | 9c77e14b55219d0b2e958efd4e2bc3415d6ae6ee (diff) | |
Merge "Add OnDeviceIntelligence service to known list of system-services under isolated_compute_app, such that package manager returns owner package name when requested using the isolated child uid" into main
| -rw-r--r-- | services/core/java/com/android/server/pm/ComputerEngine.java | 48 |
1 files changed, 41 insertions, 7 deletions
diff --git a/services/core/java/com/android/server/pm/ComputerEngine.java b/services/core/java/com/android/server/pm/ComputerEngine.java index 9480c8e72402..2005b17e82a6 100644 --- a/services/core/java/com/android/server/pm/ComputerEngine.java +++ b/services/core/java/com/android/server/pm/ComputerEngine.java @@ -137,6 +137,7 @@ import com.android.internal.util.CollectionUtils; import com.android.internal.util.IndentingPrintWriter; import com.android.internal.util.Preconditions; import com.android.modules.utils.TypedXmlSerializer; +import com.android.server.ondeviceintelligence.OnDeviceIntelligenceManagerInternal; import com.android.server.pm.dex.DexManager; import com.android.server.pm.dex.PackageDexUsage; import com.android.server.pm.parsing.PackageInfoUtils; @@ -4353,9 +4354,8 @@ public class ComputerEngine implements Computer { if (Process.isSdkSandboxUid(uid)) { uid = getBaseSdkSandboxUid(); } - if (Process.isIsolatedUid(uid) - && mPermissionManager.getHotwordDetectionServiceProvider() != null - && uid == mPermissionManager.getHotwordDetectionServiceProvider().getUid()) { + final int callingUserId = UserHandle.getUserId(callingUid); + if (isKnownIsolatedComputeApp(uid, callingUserId)) { try { uid = getIsolatedOwner(uid); } catch (IllegalStateException e) { @@ -4363,7 +4363,6 @@ public class ComputerEngine implements Computer { Slog.wtf(TAG, "Expected isolated uid " + uid + " to have an owner", e); } } - final int callingUserId = UserHandle.getUserId(callingUid); final int appId = UserHandle.getAppId(uid); final Object obj = mSettings.getSettingBase(appId); if (obj instanceof SharedUserSetting) { @@ -4399,9 +4398,7 @@ public class ComputerEngine implements Computer { if (Process.isSdkSandboxUid(uid)) { uid = getBaseSdkSandboxUid(); } - if (Process.isIsolatedUid(uid) - && mPermissionManager.getHotwordDetectionServiceProvider() != null - && uid == mPermissionManager.getHotwordDetectionServiceProvider().getUid()) { + if (isKnownIsolatedComputeApp(uid, callingUserId)) { try { uid = getIsolatedOwner(uid); } catch (IllegalStateException e) { @@ -5802,6 +5799,43 @@ public class ComputerEngine implements Computer { return getPackage(mService.getSdkSandboxPackageName()).getUid(); } + + private boolean isKnownIsolatedComputeApp(int uid, int callingUserId) { + if (!Process.isIsolatedUid(uid)) { + return false; + } + final boolean isHotword = + mPermissionManager.getHotwordDetectionServiceProvider() != null + && uid + == mPermissionManager.getHotwordDetectionServiceProvider().getUid(); + if (isHotword) { + return true; + } + OnDeviceIntelligenceManagerInternal onDeviceIntelligenceManagerInternal = + mInjector.getLocalService(OnDeviceIntelligenceManagerInternal.class); + if (onDeviceIntelligenceManagerInternal == null) { + return false; + } + + String onDeviceIntelligencePackage = + onDeviceIntelligenceManagerInternal.getRemoteServicePackageName(); + if (onDeviceIntelligencePackage == null) { + return false; + } + + try { + if (getIsolatedOwner(uid) == getPackageUid(onDeviceIntelligencePackage, 0, + callingUserId)) { + return true; + } + } catch (IllegalStateException e) { + // If the owner uid doesn't exist, just use the current uid + Slog.wtf(TAG, "Expected isolated uid " + uid + " to have an owner", e); + } + + return false; + } + @Nullable @Override public SharedUserApi getSharedUser(int sharedUserAppId) { |