diff options
5 files changed, 44 insertions, 42 deletions
diff --git a/services/core/java/com/android/server/pm/ComputerEngine.java b/services/core/java/com/android/server/pm/ComputerEngine.java index 094b18212580..58a609e3e370 100644 --- a/services/core/java/com/android/server/pm/ComputerEngine.java +++ b/services/core/java/com/android/server/pm/ComputerEngine.java @@ -1856,8 +1856,7 @@ public class ComputerEngine implements Computer { // Figure out which lib versions the caller can see LongSparseLongArray versionsCallerCanSee = null; final int callingAppId = UserHandle.getAppId(callingUid); - if (callingAppId != Process.SYSTEM_UID && callingAppId != Process.SHELL_UID - && callingAppId != Process.ROOT_UID) { + if (!PackageManagerServiceUtils.isSystemOrRootOrShell(callingAppId)) { versionsCallerCanSee = new LongSparseLongArray(); String libName = versionedLib.valueAt(0).getName(); String[] uidPackages = getPackagesForUidInternal(callingUid, callingUid); @@ -2034,8 +2033,7 @@ public class ComputerEngine implements Computer { if ((flags & PackageManager.MATCH_STATIC_SHARED_AND_SDK_LIBRARIES) != 0) { // System/shell/root get to see all static libs final int appId = UserHandle.getAppId(uid); - if (appId == Process.SYSTEM_UID || appId == Process.SHELL_UID - || appId == Process.ROOT_UID) { + if (PackageManagerServiceUtils.isSystemOrRootOrShell(appId)) { return false; } // Installer gets to see all static libs. @@ -2091,8 +2089,7 @@ public class ComputerEngine implements Computer { if ((flags & PackageManager.MATCH_STATIC_SHARED_AND_SDK_LIBRARIES) != 0) { // System/shell/root get to see all SDK libs. final int appId = UserHandle.getAppId(uid); - if (appId == Process.SYSTEM_UID || appId == Process.SHELL_UID - || appId == Process.ROOT_UID) { + if (PackageManagerServiceUtils.isSystemOrRootOrShell(appId)) { return false; } // Installer gets to see all SDK libs. @@ -2152,7 +2149,7 @@ public class ComputerEngine implements Computer { if (!requirePermissionWhenSameUser && userId == callingUserId) { return true; } - if (callingUid == Process.SYSTEM_UID || callingUid == Process.ROOT_UID) { + if (PackageManagerServiceUtils.isSystemOrRoot(callingUid)) { return true; } if (requireFullPermission) { @@ -3813,8 +3810,7 @@ public class ComputerEngine implements Computer { public boolean canRequestPackageInstalls(@NonNull String packageName, int callingUid, int userId, boolean throwIfPermNotDeclared) { int uid = getPackageUidInternal(packageName, 0, userId, callingUid); - if (callingUid != uid && callingUid != Process.ROOT_UID - && callingUid != Process.SYSTEM_UID) { + if (callingUid != uid && !PackageManagerServiceUtils.isSystemOrRoot(callingUid)) { throw new SecurityException( "Caller uid " + callingUid + " does not own package " + packageName); } @@ -5540,8 +5536,8 @@ public class ComputerEngine implements Computer { enforceCrossUserPermission(callingUid, userId, true /*requireFullPermission*/, true /*checkShell*/, "getHarmfulAppInfo"); - if (callingAppId != Process.SYSTEM_UID && callingAppId != Process.ROOT_UID && - checkUidPermission(SET_HARMFUL_APP_WARNINGS, callingUid) != PERMISSION_GRANTED) { + if (!PackageManagerServiceUtils.isSystemOrRoot(callingAppId) + && checkUidPermission(SET_HARMFUL_APP_WARNINGS, callingUid) != PERMISSION_GRANTED) { throw new SecurityException("Caller must have the " + SET_HARMFUL_APP_WARNINGS + " permission."); } diff --git a/services/core/java/com/android/server/pm/DeletePackageHelper.java b/services/core/java/com/android/server/pm/DeletePackageHelper.java index e0de2949ec15..225d2a4421ff 100644 --- a/services/core/java/com/android/server/pm/DeletePackageHelper.java +++ b/services/core/java/com/android/server/pm/DeletePackageHelper.java @@ -840,7 +840,7 @@ final class DeletePackageHelper { private boolean isCallerAllowedToSilentlyUninstall(@NonNull Computer snapshot, int callingUid, String pkgName, int userId) { - if (callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID + if (PackageManagerServiceUtils.isRootOrShell(callingUid) || UserHandle.getAppId(callingUid) == Process.SYSTEM_UID) { return true; } diff --git a/services/core/java/com/android/server/pm/PackageInstallerService.java b/services/core/java/com/android/server/pm/PackageInstallerService.java index d23ea169e1cc..6546f6af4552 100644 --- a/services/core/java/com/android/server/pm/PackageInstallerService.java +++ b/services/core/java/com/android/server/pm/PackageInstallerService.java @@ -663,7 +663,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements && params.installerPackageName.length() < SessionParams.MAX_PACKAGE_NAME_LENGTH) ? params.installerPackageName : installerPackageName; - if ((callingUid == Process.SHELL_UID) || (callingUid == Process.ROOT_UID) + if (PackageManagerServiceUtils.isRootOrShell(callingUid) || PackageInstallerSession.isSystemDataLoaderInstallation(params)) { params.installFlags |= PackageManager.INSTALL_FROM_ADB; // adb installs can override the installingPackageName, but not the @@ -706,7 +706,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements } } - if (Build.IS_DEBUGGABLE || isCalledBySystem(callingUid)) { + if (Build.IS_DEBUGGABLE || PackageManagerServiceUtils.isSystemOrRoot(callingUid)) { params.installFlags |= PackageManager.INSTALL_ALLOW_DOWNGRADE; } else { params.installFlags &= ~PackageManager.INSTALL_ALLOW_DOWNGRADE; @@ -748,7 +748,8 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements if (params.isMultiPackage) { throw new IllegalArgumentException("A multi-session can't be set as APEX."); } - if (isCalledBySystemOrShell(callingUid) || mBypassNextAllowedApexUpdateCheck) { + if (PackageManagerServiceUtils.isSystemOrRootOrShell(callingUid) + || mBypassNextAllowedApexUpdateCheck) { params.installFlags |= PackageManager.INSTALL_DISABLE_ALLOWED_APEX_UPDATE_CHECK; } else { // Only specific APEX updates (installed through ADB, or for CTS tests) can disable @@ -758,20 +759,20 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements } if ((params.installFlags & PackageManager.INSTALL_INSTANT_APP) != 0 - && !isCalledBySystemOrShell(callingUid) + && !PackageManagerServiceUtils.isSystemOrRootOrShell(callingUid) && (snapshot.getFlagsForUid(callingUid) & ApplicationInfo.FLAG_SYSTEM) == 0) { throw new SecurityException( "Only system apps could use the PackageManager.INSTALL_INSTANT_APP flag."); } - if (params.isStaged && !isCalledBySystemOrShell(callingUid)) { + if (params.isStaged && !PackageManagerServiceUtils.isSystemOrRootOrShell(callingUid)) { if (!mBypassNextStagedInstallerCheck && !isStagedInstallerAllowed(requestedInstallerPackageName)) { throw new SecurityException("Installer not allowed to commit staged install"); } } - if (isApex && !isCalledBySystemOrShell(callingUid)) { + if (isApex && !PackageManagerServiceUtils.isSystemOrRootOrShell(callingUid)) { if (!mBypassNextStagedInstallerCheck && !isStagedInstallerAllowed(requestedInstallerPackageName)) { throw new SecurityException( @@ -874,7 +875,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements // reset the force queryable param if it's not called by an approved caller. if (params.forceQueryableOverride) { - if (callingUid != Process.SHELL_UID && callingUid != Process.ROOT_UID) { + if (!PackageManagerServiceUtils.isRootOrShell(callingUid)) { params.forceQueryableOverride = false; } } @@ -916,15 +917,6 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements return sessionId; } - private static boolean isCalledBySystem(int callingUid) { - return callingUid == Process.SYSTEM_UID || callingUid == Process.ROOT_UID; - } - - private boolean isCalledBySystemOrShell(int callingUid) { - return callingUid == Process.SYSTEM_UID || callingUid == Process.ROOT_UID - || callingUid == Process.SHELL_UID; - } - private boolean isStagedInstallerAllowed(String installerName) { return SystemConfig.getInstance().getWhitelistedStagedInstallers().contains(installerName); } @@ -1189,7 +1181,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements final Computer snapshot = mPm.snapshotComputer(); final int callingUid = Binder.getCallingUid(); snapshot.enforceCrossUserPermission(callingUid, userId, true, true, "uninstall"); - if ((callingUid != Process.SHELL_UID) && (callingUid != Process.ROOT_UID)) { + if (!PackageManagerServiceUtils.isRootOrShell(callingUid)) { mAppOps.checkPackage(callingUid, callerPackageName); } @@ -1243,7 +1235,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements mContext.enforceCallingOrSelfPermission(Manifest.permission.DELETE_PACKAGES, null); final Computer snapshot = mPm.snapshotComputer(); snapshot.enforceCrossUserPermission(callingUid, userId, true, true, "uninstall"); - if ((callingUid != Process.SHELL_UID) && (callingUid != Process.ROOT_UID)) { + if (!PackageManagerServiceUtils.isRootOrShell(callingUid)) { mAppOps.checkPackage(callingUid, callerPackageName); } @@ -1280,7 +1272,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements final var snapshot = mPm.snapshotComputer(); final int callingUid = Binder.getCallingUid(); - if (!isCalledBySystemOrShell(callingUid)) { + if (!PackageManagerServiceUtils.isSystemOrRootOrShell(callingUid)) { for (var packageName : packageNames) { var ps = snapshot.getPackageStateInternal(packageName); if (ps == null || !TextUtils.equals( @@ -1367,7 +1359,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements @Override public void bypassNextStagedInstallerCheck(boolean value) { - if (!isCalledBySystemOrShell(Binder.getCallingUid())) { + if (!PackageManagerServiceUtils.isSystemOrRootOrShell(Binder.getCallingUid())) { throw new SecurityException("Caller not allowed to bypass staged installer check"); } mBypassNextStagedInstallerCheck = value; @@ -1375,7 +1367,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements @Override public void bypassNextAllowedApexUpdateCheck(boolean value) { - if (!isCalledBySystemOrShell(Binder.getCallingUid())) { + if (!PackageManagerServiceUtils.isSystemOrRootOrShell(Binder.getCallingUid())) { throw new SecurityException("Caller not allowed to bypass allowed apex update check"); } mBypassNextAllowedApexUpdateCheck = value; @@ -1383,7 +1375,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements @Override public void disableVerificationForUid(int uid) { - if (!isCalledBySystemOrShell(Binder.getCallingUid())) { + if (!PackageManagerServiceUtils.isSystemOrRootOrShell(Binder.getCallingUid())) { throw new SecurityException("Operation not allowed for caller"); } mDisableVerificationForUid = uid; @@ -1394,7 +1386,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements */ @Override public void setAllowUnlimitedSilentUpdates(@Nullable String installerPackageName) { - if (!isCalledBySystemOrShell(Binder.getCallingUid())) { + if (!PackageManagerServiceUtils.isSystemOrRootOrShell(Binder.getCallingUid())) { throw new SecurityException("Caller not allowed to unlimite silent updates"); } mSilentUpdatePolicy.setAllowUnlimitedSilentUpdates(installerPackageName); @@ -1405,7 +1397,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements */ @Override public void setSilentUpdatesThrottleTime(long throttleTimeInSeconds) { - if (!isCalledBySystemOrShell(Binder.getCallingUid())) { + if (!PackageManagerServiceUtils.isSystemOrRootOrShell(Binder.getCallingUid())) { throw new SecurityException("Caller not allowed to set silent updates throttle time"); } mSilentUpdatePolicy.setSilentUpdatesThrottleTime(throttleTimeInSeconds); diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index c6a157968134..5d41b4cba5be 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -3212,7 +3212,7 @@ public class PackageManagerService implements PackageSender, TestUtilityService mContext.enforceCallingOrSelfPermission(Manifest.permission.SUSPEND_APPS, callingMethod); - if (callingUid != Process.ROOT_UID && callingUid != Process.SYSTEM_UID + if (!PackageManagerServiceUtils.isSystemOrRoot(callingUid) && UserHandle.getUserId(callingUid) != userId) { throw new SecurityException("Calling uid " + callingUid + " cannot call for user " + userId); @@ -5323,7 +5323,7 @@ public class PackageManagerService implements PackageSender, TestUtilityService snapshot.enforceCrossUserPermission(callingUid, userId, false /*requireFullPermission*/, true /*checkShell*/, "isPackageStateProtected"); - if (callingAppId != Process.SYSTEM_UID && callingAppId != Process.ROOT_UID + if (!PackageManagerServiceUtils.isSystemOrRoot(callingAppId) && snapshot.checkUidPermission(MANAGE_DEVICE_ADMINS, callingUid) != PERMISSION_GRANTED) { throw new SecurityException("Caller must have the " @@ -5858,8 +5858,8 @@ public class PackageManagerService implements PackageSender, TestUtilityService snapshot.enforceCrossUserPermission(callingUid, userId, true /*requireFullPermission*/, true /*checkShell*/, "setHarmfulAppInfo"); - if (callingAppId != Process.SYSTEM_UID && callingAppId != Process.ROOT_UID && - snapshot.checkUidPermission(SET_HARMFUL_APP_WARNINGS, callingUid) + if (!PackageManagerServiceUtils.isSystemOrRoot(callingAppId) + && snapshot.checkUidPermission(SET_HARMFUL_APP_WARNINGS, callingUid) != PERMISSION_GRANTED) { throw new SecurityException("Caller must have the " + SET_HARMFUL_APP_WARNINGS + " permission."); @@ -6613,7 +6613,7 @@ public class PackageManagerService implements PackageSender, TestUtilityService public void uninstallApex(String packageName, long versionCode, int userId, IntentSender intentSender, int flags) { final int callerUid = Binder.getCallingUid(); - if (callerUid != Process.ROOT_UID && callerUid != Process.SHELL_UID) { + if (!PackageManagerServiceUtils.isRootOrShell(callerUid)) { throw new SecurityException("Not allowed to uninstall apexes"); } PackageInstallerService.PackageDeleteObserverAdapter adapter = @@ -6658,7 +6658,7 @@ public class PackageManagerService implements PackageSender, TestUtilityService final int callingUid = Binder.getCallingUid(); final Computer snapshot = snapshotComputer(); final String[] callerPackageNames = snapshot.getPackagesForUid(callingUid); - if (callingUid != Process.SHELL_UID && callingUid != Process.ROOT_UID + if (!PackageManagerServiceUtils.isRootOrShell(callingUid) && !ArrayUtils.contains(callerPackageNames, packageName)) { throw new SecurityException("dumpProfiles"); } diff --git a/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java b/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java index b91933073970..928ffa718c6f 100644 --- a/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java +++ b/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java @@ -1372,10 +1372,24 @@ public class PackageManagerServiceUtils { */ public static boolean isSystemOrRoot() { final int uid = Binder.getCallingUid(); + return isSystemOrRoot(uid); + } + + /** + * Check if a UID is system UID or root's UID. + */ + public static boolean isSystemOrRoot(int uid) { return uid == Process.SYSTEM_UID || uid == Process.ROOT_UID; } /** + * Check if a UID is system UID or shell's UID. + */ + public static boolean isRootOrShell(int uid) { + return uid == Process.ROOT_UID || uid == Process.SHELL_UID; + } + + /** * Enforces that only the system UID or root's UID can call a method exposed * via Binder. * |