Allow perm controller to read historical app-op data

Bug: 161007415 Test: built Change-Id: I600862708dee58f947270fa25cb0cd6e3c6a0317
author: Philip P. Moltmann <moltmann@google.com> 2020-06-30 17:33:25 -0700
committer: Philip P. Moltmann <moltmann@google.com> 2020-07-21 20:09:51 +0000
commit: dbac29e44f10148d6233ced4a0161277a71e343e (patch)
tree: 25f009a05366b90074586cfb6d1eede58756ecc8
parent: 4c17f946a34c346da29715b65c26c091c6301dc9 (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/services/core/java/com/android/server/appop/AppOpsService.java b/services/core/java/com/android/server/appop/AppOpsService.java
index 6eab0221b7ab..c5bdb9edd069 100644
--- a/services/core/java/com/android/server/appop/AppOpsService.java
+++ b/services/core/java/com/android/server/appop/AppOpsService.java
@@ -2052,6 +2052,8 @@ public class AppOpsService extends IAppOpsService.Stub {
     public void getHistoricalOps(int uid, String packageName, String attributionTag,
             List<String> opNames, int filter, long beginTimeMillis, long endTimeMillis,
             int flags, RemoteCallback callback) {
+        PackageManager pm = mContext.getPackageManager();
+
         ensureHistoricalOpRequestIsValid(uid, packageName, attributionTag, opNames, filter,
                 beginTimeMillis, endTimeMillis, flags);
         Objects.requireNonNull(callback, "callback cannot be null");
@@ -2059,8 +2061,16 @@ public class AppOpsService extends IAppOpsService.Stub {
         ActivityManagerInternal ami = LocalServices.getService(ActivityManagerInternal.class);
         boolean isCallerInstrumented = ami.isUidCurrentlyInstrumented(Binder.getCallingUid());
         boolean isCallerSystem = Binder.getCallingPid() == Process.myPid();
+        boolean isCallerPermissionController;
+        try {
+            isCallerPermissionController = pm.getPackageUid(
+                    mContext.getPackageManager().getPermissionControllerPackageName(), 0)
+                    == Binder.getCallingUid();
+        } catch (PackageManager.NameNotFoundException doesNotHappen) {
+            return;
+        }
 
-        if (!isCallerSystem && !isCallerInstrumented) {
+        if (!isCallerSystem && !isCallerInstrumented && !isCallerPermissionController) {
             mHandler.post(() -> callback.sendResult(new Bundle()));
             return;
         }
author	Philip P. Moltmann <moltmann@google.com>	2020-06-30 17:33:25 -0700
committer	Philip P. Moltmann <moltmann@google.com>	2020-07-21 20:09:51 +0000
commit	dbac29e44f10148d6233ced4a0161277a71e343e (patch)
tree	25f009a05366b90074586cfb6d1eede58756ecc8
parent	4c17f946a34c346da29715b65c26c091c6301dc9 (diff)