summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--services/core/java/com/android/server/pm/PackageManagerService.java72
1 files changed, 55 insertions, 17 deletions
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index bc991634fb07..c524b3c38522 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -1979,6 +1979,8 @@ public class PackageManagerService extends IPackageManager.Stub
@Nullable ComponentName component, @ComponentType int componentType, int userId);
boolean shouldFilterApplicationLocked(@Nullable PackageSetting ps, int callingUid,
int userId);
+ boolean shouldFilterApplicationLocked(@NonNull SharedUserSetting sus, int callingUid,
+ int userId);
int bestDomainVerificationStatus(int status1, int status2);
int checkUidPermission(String permName, int uid);
int getPackageUidInternal(String packageName, int flags, int userId, int callingUid);
@@ -4143,6 +4145,19 @@ public class PackageManagerService extends IPackageManager.Stub
}
/**
+ * @see #shouldFilterApplicationLocked(PackageSetting, int, ComponentName, int, int)
+ */
+ public boolean shouldFilterApplicationLocked(@NonNull SharedUserSetting sus, int callingUid,
+ int userId) {
+ boolean filterApp = true;
+ for (int index = sus.packages.size() - 1; index >= 0 && filterApp; index--) {
+ filterApp &= shouldFilterApplicationLocked(sus.packages.valueAt(index),
+ callingUid, /* component */ null, TYPE_UNKNOWN, userId);
+ }
+ return filterApp;
+ }
+
+ /**
* Verification statuses are ordered from the worse to the best, except for
* INTENT_FILTER_DOMAIN_VERIFICATION_STATUS_NEVER, which is the worse.
*/
@@ -7900,6 +7915,15 @@ public class PackageManagerService extends IPackageManager.Stub
ps, callingUid, userId);
}
+ /**
+ * @see #shouldFilterApplicationLocked(PackageSetting, int, ComponentName, int, int)
+ */
+ @GuardedBy("mLock")
+ private boolean shouldFilterApplicationLocked(@NonNull SharedUserSetting sus, int callingUid,
+ int userId) {
+ return liveComputer().shouldFilterApplicationLocked(sus, callingUid, userId);
+ }
+
@GuardedBy("mLock")
private boolean filterSharedLibPackageLPr(@Nullable PackageSetting ps, int uid, int userId,
int flags) {
@@ -8966,7 +8990,6 @@ public class PackageManagerService extends IPackageManager.Stub
public int checkUidSignatures(int uid1, int uid2) {
final int callingUid = Binder.getCallingUid();
final int callingUserId = UserHandle.getUserId(callingUid);
- final boolean isCallerInstantApp = getInstantAppPackageName(callingUid) != null;
// Map to base uids.
final int appId1 = UserHandle.getAppId(uid1);
final int appId2 = UserHandle.getAppId(uid2);
@@ -8977,10 +9000,11 @@ public class PackageManagerService extends IPackageManager.Stub
Object obj = mSettings.getSettingLPr(appId1);
if (obj != null) {
if (obj instanceof SharedUserSetting) {
- if (isCallerInstantApp) {
+ final SharedUserSetting sus = (SharedUserSetting) obj;
+ if (shouldFilterApplicationLocked(sus, callingUid, callingUserId)) {
return PackageManager.SIGNATURE_UNKNOWN_PACKAGE;
}
- p1SigningDetails = ((SharedUserSetting) obj).signatures.mSigningDetails;
+ p1SigningDetails = sus.signatures.mSigningDetails;
} else if (obj instanceof PackageSetting) {
final PackageSetting ps = (PackageSetting) obj;
if (shouldFilterApplicationLocked(ps, callingUid, callingUserId)) {
@@ -8996,10 +9020,11 @@ public class PackageManagerService extends IPackageManager.Stub
obj = mSettings.getSettingLPr(appId2);
if (obj != null) {
if (obj instanceof SharedUserSetting) {
- if (isCallerInstantApp) {
+ final SharedUserSetting sus = (SharedUserSetting) obj;
+ if (shouldFilterApplicationLocked(sus, callingUid, callingUserId)) {
return PackageManager.SIGNATURE_UNKNOWN_PACKAGE;
}
- p2SigningDetails = ((SharedUserSetting) obj).signatures.mSigningDetails;
+ p2SigningDetails = sus.signatures.mSigningDetails;
} else if (obj instanceof PackageSetting) {
final PackageSetting ps = (PackageSetting) obj;
if (shouldFilterApplicationLocked(ps, callingUid, callingUserId)) {
@@ -9088,11 +9113,11 @@ public class PackageManagerService extends IPackageManager.Stub
final Object obj = mSettings.getSettingLPr(appId);
if (obj != null) {
if (obj instanceof SharedUserSetting) {
- final boolean isCallerInstantApp = getInstantAppPackageName(callingUid) != null;
- if (isCallerInstantApp) {
+ final SharedUserSetting sus = (SharedUserSetting) obj;
+ if (shouldFilterApplicationLocked(sus, callingUid, callingUserId)) {
return false;
}
- signingDetails = ((SharedUserSetting)obj).signatures.mSigningDetails;
+ signingDetails = sus.signatures.mSigningDetails;
} else if (obj instanceof PackageSetting) {
final PackageSetting ps = (PackageSetting) obj;
if (shouldFilterApplicationLocked(ps, callingUid, callingUserId)) {
@@ -9217,16 +9242,19 @@ public class PackageManagerService extends IPackageManager.Stub
if (getInstantAppPackageName(callingUid) != null) {
return null;
}
+ final int callingUserId = UserHandle.getUserId(callingUid);
final int appId = UserHandle.getAppId(uid);
synchronized (mLock) {
final Object obj = mSettings.getSettingLPr(appId);
if (obj instanceof SharedUserSetting) {
final SharedUserSetting sus = (SharedUserSetting) obj;
+ if (shouldFilterApplicationLocked(sus, callingUid, callingUserId)) {
+ return null;
+ }
return sus.name + ":" + sus.userId;
} else if (obj instanceof PackageSetting) {
final PackageSetting ps = (PackageSetting) obj;
- if (shouldFilterApplicationLocked(
- ps, callingUid, UserHandle.getUserId(callingUid))) {
+ if (shouldFilterApplicationLocked(ps, callingUid, callingUserId)) {
return null;
}
return ps.name;
@@ -9244,6 +9272,7 @@ public class PackageManagerService extends IPackageManager.Stub
if (getInstantAppPackageName(callingUid) != null) {
return null;
}
+ final int callingUserId = UserHandle.getUserId(callingUid);
final String[] names = new String[uids.length];
synchronized (mLock) {
for (int i = uids.length - 1; i >= 0; i--) {
@@ -9251,11 +9280,14 @@ public class PackageManagerService extends IPackageManager.Stub
final Object obj = mSettings.getSettingLPr(appId);
if (obj instanceof SharedUserSetting) {
final SharedUserSetting sus = (SharedUserSetting) obj;
- names[i] = "shared:" + sus.name;
+ if (shouldFilterApplicationLocked(sus, callingUid, callingUserId)) {
+ names[i] = null;
+ } else {
+ names[i] = "shared:" + sus.name;
+ }
} else if (obj instanceof PackageSetting) {
final PackageSetting ps = (PackageSetting) obj;
- if (shouldFilterApplicationLocked(
- ps, callingUid, UserHandle.getUserId(callingUid))) {
+ if (shouldFilterApplicationLocked(ps, callingUid, callingUserId)) {
names[i] = null;
} else {
names[i] = ps.name;
@@ -9297,16 +9329,19 @@ public class PackageManagerService extends IPackageManager.Stub
if (getInstantAppPackageName(callingUid) != null) {
return 0;
}
+ final int callingUserId = UserHandle.getUserId(callingUid);
final int appId = UserHandle.getAppId(uid);
synchronized (mLock) {
final Object obj = mSettings.getSettingLPr(appId);
if (obj instanceof SharedUserSetting) {
final SharedUserSetting sus = (SharedUserSetting) obj;
+ if (shouldFilterApplicationLocked(sus, callingUid, callingUserId)) {
+ return 0;
+ }
return sus.pkgFlags;
} else if (obj instanceof PackageSetting) {
final PackageSetting ps = (PackageSetting) obj;
- if (shouldFilterApplicationLocked(
- ps, callingUid, UserHandle.getUserId(callingUid))) {
+ if (shouldFilterApplicationLocked(ps, callingUid, callingUserId)) {
return 0;
}
return ps.pkgFlags;
@@ -9321,16 +9356,19 @@ public class PackageManagerService extends IPackageManager.Stub
if (getInstantAppPackageName(callingUid) != null) {
return 0;
}
+ final int callingUserId = UserHandle.getUserId(callingUid);
final int appId = UserHandle.getAppId(uid);
synchronized (mLock) {
final Object obj = mSettings.getSettingLPr(appId);
if (obj instanceof SharedUserSetting) {
final SharedUserSetting sus = (SharedUserSetting) obj;
+ if (shouldFilterApplicationLocked(sus, callingUid, callingUserId)) {
+ return 0;
+ }
return sus.pkgPrivateFlags;
} else if (obj instanceof PackageSetting) {
final PackageSetting ps = (PackageSetting) obj;
- if (shouldFilterApplicationLocked(
- ps, callingUid, UserHandle.getUserId(callingUid))) {
+ if (shouldFilterApplicationLocked(ps, callingUid, callingUserId)) {
return 0;
}
return ps.pkgPrivateFlags;
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-16 01:49:02 +0000