summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--apex/blobstore/service/java/com/android/server/blob/BlobAccessMode.java24
-rw-r--r--apex/blobstore/service/java/com/android/server/blob/BlobMetadata.java4
2 files changed, 22 insertions, 6 deletions
diff --git a/apex/blobstore/service/java/com/android/server/blob/BlobAccessMode.java b/apex/blobstore/service/java/com/android/server/blob/BlobAccessMode.java
index 0d17bbc7bbff..83ef21e7528b 100644
--- a/apex/blobstore/service/java/com/android/server/blob/BlobAccessMode.java
+++ b/apex/blobstore/service/java/com/android/server/blob/BlobAccessMode.java
@@ -24,6 +24,8 @@ import android.annotation.IntDef;
import android.annotation.NonNull;
import android.content.Context;
import android.content.pm.PackageManager;
+import android.os.Binder;
+import android.os.UserHandle;
import android.util.ArraySet;
import android.util.Base64;
import android.util.DebugUtils;
@@ -100,20 +102,21 @@ class BlobAccessMode {
}
boolean isAccessAllowedForCaller(Context context,
- @NonNull String callingPackage, @NonNull String committerPackage) {
+ @NonNull String callingPackage, int callingUid, int committerUid) {
if ((mAccessType & ACCESS_TYPE_PUBLIC) != 0) {
return true;
}
- final PackageManager pm = context.getPackageManager();
if ((mAccessType & ACCESS_TYPE_SAME_SIGNATURE) != 0) {
- if (pm.checkSignatures(committerPackage, callingPackage)
- == PackageManager.SIGNATURE_MATCH) {
+ if (checkSignatures(context, callingUid, committerUid)) {
return true;
}
}
if ((mAccessType & ACCESS_TYPE_ALLOWLIST) != 0) {
+ final UserHandle callingUser = UserHandle.of(UserHandle.getUserId(callingUid));
+ final PackageManager pm =
+ context.createContextAsUser(callingUser, 0 /* flags */).getPackageManager();
for (int i = 0; i < mAllowedPackages.size(); ++i) {
final PackageIdentifier packageIdentifier = mAllowedPackages.valueAt(i);
if (packageIdentifier.packageName.equals(callingPackage)
@@ -127,6 +130,19 @@ class BlobAccessMode {
return false;
}
+ /**
+ * Compare signatures for two packages of different users.
+ */
+ private boolean checkSignatures(Context context, int uid1, int uid2) {
+ final long token = Binder.clearCallingIdentity();
+ try {
+ return context.getPackageManager().checkSignatures(uid1, uid2)
+ == PackageManager.SIGNATURE_MATCH;
+ } finally {
+ Binder.restoreCallingIdentity(token);
+ }
+ }
+
int getAccessType() {
return mAccessType;
}
diff --git a/apex/blobstore/service/java/com/android/server/blob/BlobMetadata.java b/apex/blobstore/service/java/com/android/server/blob/BlobMetadata.java
index 7638f059b47e..d5315daec11a 100644
--- a/apex/blobstore/service/java/com/android/server/blob/BlobMetadata.java
+++ b/apex/blobstore/service/java/com/android/server/blob/BlobMetadata.java
@@ -293,7 +293,7 @@ class BlobMetadata {
// Check if the caller is allowed access as per the access mode specified
// by the committer.
if (committer.blobAccessMode.isAccessAllowedForCaller(mContext,
- callingPackage, committer.packageName)) {
+ callingPackage, callingUid, committer.uid)) {
return true;
}
}
@@ -316,7 +316,7 @@ class BlobMetadata {
// Check if the caller is allowed access as per the access mode specified
// by the committer.
if (committer.blobAccessMode.isAccessAllowedForCaller(mContext,
- callingPackage, committer.packageName)) {
+ callingPackage, callingUid, committer.uid)) {
return true;
}
}
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-10-21 01:04:09 +0000