Appops permission monitoring for GET_USAGE_STATS.

This makes sure DataLoader won't be able to obtain read logs once user denies access. Bug: b/152633648 Test: atest PackageManagerShellCommandTest PackageManagerShellCommandIncrementalTest IncrementalServiceTest Test: adb shell appops set 1000 GET_USAGE_STATS deny Change-Id: Ibbb74933b4ef0dd8f5fe27732743e5820b8ee4dc
author: Alex Buynytskyy <alexbuy@google.com> 2020-04-03 23:00:19 -0700
committer: Alex Buynytskyy <alexbuy@google.com> 2020-04-06 12:22:49 -0700
commit: 1d89216eac8d5c122056165d77322151cc26a70c (patch)
tree: bad152666c0b2e0b2e4728b83418b19f1d73e498 /services/incremental/IncrementalServiceValidation.h
parent: 3fc58ee5d501fc4a87455b690762207d8de52a32 (diff)
1 files changed, 10 insertions, 9 deletions
diff --git a/services/incremental/IncrementalServiceValidation.h b/services/incremental/IncrementalServiceValidation.h
index 24f9f7f94dfd..48894c6926c8 100644
--- a/services/incremental/IncrementalServiceValidation.h
+++ b/services/incremental/IncrementalServiceValidation.h
@@ -41,7 +41,8 @@ inline int fromBinderStatus(const binder::Status& status) {
             : -EIO;
 }
 
-inline binder::Status CheckPermissionForDataDelivery(const char* permission, const char* operation) {
+inline binder::Status CheckPermissionForDataDelivery(const char* permission, const char* operation,
+                                                     const char* package) {
     using android::base::StringPrintf;
 
     int32_t pid;
@@ -52,23 +53,23 @@ inline binder::Status CheckPermissionForDataDelivery(const char* permission, con
                          StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission));
     }
 
+    String16 packageName{package};
+
     // Caller must also have op granted.
     PermissionController pc;
-    // Package is a required parameter. Need to obtain one.
-    Vector<String16> packages;
-    pc.getPackagesForUid(uid, packages);
-    if (packages.empty()) {
+    if (auto packageUid = pc.getPackageUid(packageName, 0); packageUid != uid) {
         return Exception(binder::Status::EX_SECURITY,
-                         StringPrintf("UID %d / PID %d has no packages", uid, pid));
+                         StringPrintf("UID %d / PID %d does not own package %s", uid, pid,
+                                      package));
     }
-    switch (auto result = pc.noteOp(String16(operation), uid, packages[0]); result) {
+    switch (auto result = pc.noteOp(String16(operation), uid, packageName); result) {
         case PermissionController::MODE_ALLOWED:
         case PermissionController::MODE_DEFAULT:
             return binder::Status::ok();
         default:
             return Exception(binder::Status::EX_SECURITY,
-                             StringPrintf("UID %d / PID %d lacks app-op %s, error %d", uid, pid,
-                                          operation, result));
+                             StringPrintf("UID %d / PID %d / package %s lacks app-op %s, error %d",
+                                          uid, pid, package, operation, result));
     }
 }
author	Alex Buynytskyy <alexbuy@google.com>	2020-04-03 23:00:19 -0700
committer	Alex Buynytskyy <alexbuy@google.com>	2020-04-06 12:22:49 -0700
commit	1d89216eac8d5c122056165d77322151cc26a70c (patch)
tree	bad152666c0b2e0b2e4728b83418b19f1d73e498 /services/incremental/IncrementalServiceValidation.h
parent	3fc58ee5d501fc4a87455b690762207d8de52a32 (diff)