diff options
6 files changed, 143 insertions, 2 deletions
diff --git a/core/tests/packagemonitortests/Android.bp b/core/tests/packagemonitortests/Android.bp index 453b476edbc0..7b5d7dff0a85 100644 --- a/core/tests/packagemonitortests/Android.bp +++ b/core/tests/packagemonitortests/Android.bp @@ -24,6 +24,9 @@ package { android_test { name: "FrameworksCorePackageMonitorTests", srcs: ["src/**/*.java"], + exclude_srcs: [ + "src/com/android/internal/content/withoutpermission/PackageMonitorPermissionTest.java", + ], static_libs: [ "androidx.test.runner", "compatibility-device-util-axt", @@ -39,3 +42,19 @@ android_test { ":TestVisibilityApp", ], } + +android_test { + name: "FrameworksCorePackageMonitorWithoutPermissionTests", + srcs: ["src/com/android/internal/content/withoutpermission/PackageMonitorPermissionTest.java"], + manifest: "AndroidManifestNoPermission.xml", + static_libs: [ + "androidx.test.runner", + "compatibility-device-util-axt", + "frameworks-base-testutils", + ], + libs: ["android.test.runner"], + platform_apis: true, + certificate: "platform", + test_suites: ["device-tests"], + test_config: "AndroidTestWithoutPermission.xml", +} diff --git a/core/tests/packagemonitortests/AndroidManifestNoPermission.xml b/core/tests/packagemonitortests/AndroidManifestNoPermission.xml new file mode 100644 index 000000000000..5d6308accf00 --- /dev/null +++ b/core/tests/packagemonitortests/AndroidManifestNoPermission.xml @@ -0,0 +1,28 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- Copyright (C) 2023 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> + +<manifest xmlns:android="http://schemas.android.com/apk/res/android" + package="com.android.frameworks.packagemonitor.withoutpermission"> + + <application> + <uses-library android:name="android.test.runner" /> + </application> + + <instrumentation + android:name="androidx.test.runner.AndroidJUnitRunner" + android:targetPackage="com.android.frameworks.packagemonitor.withoutpermission" + android:label="Frameworks PackageMonitor Core without Permission Tests" /> +</manifest> diff --git a/core/tests/packagemonitortests/AndroidTestWithoutPermission.xml b/core/tests/packagemonitortests/AndroidTestWithoutPermission.xml new file mode 100644 index 000000000000..37a6a2f537d7 --- /dev/null +++ b/core/tests/packagemonitortests/AndroidTestWithoutPermission.xml @@ -0,0 +1,33 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- + ~ Copyright (C) 2023 The Android Open Source Project + ~ + ~ Licensed under the Apache License, Version 2.0 (the "License"); + ~ you may not use this file except in compliance with the License. + ~ You may obtain a copy of the License at + ~ + ~ http://www.apache.org/licenses/LICENSE-2.0 + ~ + ~ Unless required by applicable law or agreed to in writing, software + ~ distributed under the License is distributed on an "AS IS" BASIS, + ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + ~ See the License for the specific language governing permissions and + ~ limitations under the License. + --> + +<configuration description="Runs Frameworks Core Tests."> + <option name="test-suite-tag" value="apct" /> + <option name="test-suite-tag" value="apct-instrumentation" /> + + <target_preparer class="com.android.tradefed.targetprep.suite.SuiteApkInstaller"> + <option name="cleanup-apks" value="true" /> + <option name="test-file-name" value="FrameworksCorePackageMonitorWithoutPermissionTests.apk" /> + </target_preparer> + + <option name="test-tag" value="FrameworksCorePackageMonitorWithoutPermissionTests" /> + <test class="com.android.tradefed.testtype.AndroidJUnitTest" > + <option name="package" value="com.android.frameworks.packagemonitor.withoutpermission" /> + <option name="runner" value="androidx.test.runner.AndroidJUnitRunner" /> + <option name="hidden-api-checks" value="false"/> + </test> +</configuration> diff --git a/core/tests/packagemonitortests/src/com/android/internal/content/withoutpermission/PackageMonitorPermissionTest.java b/core/tests/packagemonitortests/src/com/android/internal/content/withoutpermission/PackageMonitorPermissionTest.java new file mode 100644 index 000000000000..659c0c293043 --- /dev/null +++ b/core/tests/packagemonitortests/src/com/android/internal/content/withoutpermission/PackageMonitorPermissionTest.java @@ -0,0 +1,52 @@ +/* + * Copyright (C) 2023 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.internal.content.withoutpermission; + +import static org.junit.Assert.assertThrows; + +import android.content.Context; +import android.os.Handler; +import android.os.Looper; +import android.os.UserHandle; + +import androidx.test.platform.app.InstrumentationRegistry; +import androidx.test.runner.AndroidJUnit4; + +import com.android.internal.content.PackageMonitor; + +import org.junit.Test; +import org.junit.runner.RunWith; + +/** + * A test to verify PackageMonitor implementation without INTERACT_ACROSS_USERS_FULL permission. + */ +@RunWith(AndroidJUnit4.class) +public class PackageMonitorPermissionTest { + + @Test + public void testPackageMonitorNoCrossUserPermission() throws Exception { + TestVisibilityPackageMonitor testPackageMonitor = new TestVisibilityPackageMonitor(); + + Context context = InstrumentationRegistry.getInstrumentation().getContext(); + assertThrows(SecurityException.class, + () -> testPackageMonitor.register(context, UserHandle.ALL, + new Handler(Looper.getMainLooper()))); + } + + private static class TestVisibilityPackageMonitor extends PackageMonitor { + } +} diff --git a/services/core/java/com/android/server/pm/LauncherAppsService.java b/services/core/java/com/android/server/pm/LauncherAppsService.java index 12f3aa9780ea..f75845602e56 100644 --- a/services/core/java/com/android/server/pm/LauncherAppsService.java +++ b/services/core/java/com/android/server/pm/LauncherAppsService.java @@ -372,7 +372,12 @@ public class LauncherAppsService extends SystemService { filter.addDataScheme("package"); mContext.registerReceiverAsUser(mPackageRemovedListener, UserHandle.ALL, filter, /* broadcastPermission= */ null, mCallbackHandler); - mPackageMonitor.register(mContext, UserHandle.ALL, mCallbackHandler); + final long identity = Binder.clearCallingIdentity(); + try { + mPackageMonitor.register(mContext, UserHandle.ALL, mCallbackHandler); + } finally { + Binder.restoreCallingIdentity(identity); + } mIsWatchingPackageBroadcasts = true; } } diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index 770ed8b40d2e..bc21f500ead6 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -6244,7 +6244,11 @@ public class PackageManagerService implements PackageSender, TestUtilityService @Override public void registerPackageMonitorCallback(@NonNull IRemoteCallback callback, int userId) { int uid = Binder.getCallingUid(); - mPackageMonitorCallbackHelper.registerPackageMonitorCallback(callback, userId, uid); + int targetUserId = ActivityManager.handleIncomingUser(Binder.getCallingPid(), uid, + userId, true, true, "registerPackageMonitorCallback", + mContext.getPackageName()); + mPackageMonitorCallbackHelper.registerPackageMonitorCallback(callback, targetUserId, + uid); } @Override |