From 852cf98cb8a4b9b56da84a96708c087996e119d2 Mon Sep 17 00:00:00 2001 From: Svetoslav Ganov Date: Thu, 27 Jul 2017 12:53:18 -0700 Subject: Report permission flags for all protections based on SDK We added a couple of protection flags that also apply to normal and dangerous permissions. These flags are folded in the protection level breaking apps that directly and compare against the protection constants. Apps that target older than O SDK don't get protection flags folded into the protection level. Test: All permission tests pass Added a new test to ensure no protection flags reproted for normal and dangerous permissions bug:62755026 Change-Id: I72547b0146e6b6919803e33ff64b7208c4a255ad --- .../android/app/ApplicationPackageManager.java | 3 +- core/java/android/content/pm/IPackageManager.aidl | 2 +- .../java/com/android/server/am/BroadcastQueue.java | 2 +- .../android/server/pm/PackageManagerService.java | 56 +++++++++++++++++++--- 4 files changed, 54 insertions(+), 9 deletions(-) diff --git a/core/java/android/app/ApplicationPackageManager.java b/core/java/android/app/ApplicationPackageManager.java index e5c420876c8a..4df633fabf3c 100644 --- a/core/java/android/app/ApplicationPackageManager.java +++ b/core/java/android/app/ApplicationPackageManager.java @@ -281,7 +281,8 @@ public class ApplicationPackageManager extends PackageManager { public PermissionInfo getPermissionInfo(String name, int flags) throws NameNotFoundException { try { - PermissionInfo pi = mPM.getPermissionInfo(name, flags); + PermissionInfo pi = mPM.getPermissionInfo(name, + mContext.getOpPackageName(), flags); if (pi != null) { return pi; } diff --git a/core/java/android/content/pm/IPackageManager.aidl b/core/java/android/content/pm/IPackageManager.aidl index 2ebfa8fb3ac2..6e258c1ee475 100644 --- a/core/java/android/content/pm/IPackageManager.aidl +++ b/core/java/android/content/pm/IPackageManager.aidl @@ -71,7 +71,7 @@ interface IPackageManager { String[] currentToCanonicalPackageNames(in String[] names); String[] canonicalToCurrentPackageNames(in String[] names); - PermissionInfo getPermissionInfo(String name, int flags); + PermissionInfo getPermissionInfo(String name, String packageName, int flags); ParceledListSlice queryPermissionsByGroup(String group, int flags); diff --git a/services/core/java/com/android/server/am/BroadcastQueue.java b/services/core/java/com/android/server/am/BroadcastQueue.java index b3a2c291760c..2142c9467293 100644 --- a/services/core/java/com/android/server/am/BroadcastQueue.java +++ b/services/core/java/com/android/server/am/BroadcastQueue.java @@ -802,7 +802,7 @@ public final class BroadcastQueue { IPackageManager pm = AppGlobals.getPackageManager(); for (int i = perms.length-1; i >= 0; i--) { try { - PermissionInfo pi = pm.getPermissionInfo(perms[i], 0); + PermissionInfo pi = pm.getPermissionInfo(perms[i], "android", 0); if ((pi.protectionLevel & (PermissionInfo.PROTECTION_MASK_BASE | PermissionInfo.PROTECTION_FLAG_PRIVILEGED)) != PermissionInfo.PROTECTION_SIGNATURE) { diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index 9e4ba8b41445..c1b98f59566d 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -3996,18 +3996,62 @@ public class PackageManagerService extends IPackageManager.Stub } @Override - public PermissionInfo getPermissionInfo(String name, int flags) { - if (getInstantAppPackageName(Binder.getCallingUid()) != null) { + public PermissionInfo getPermissionInfo(String name, String packageName, int flags) { + final int callingUid = Binder.getCallingUid(); + if (getInstantAppPackageName(callingUid) != null) { return null; } // reader synchronized (mPackages) { final BasePermission p = mSettings.mPermissions.get(name); - if (p != null) { - return generatePermissionInfo(p, flags); - } - return null; + // If the caller is an app that targets pre 26 SDK drop protection flags. + final PermissionInfo permissionInfo = generatePermissionInfo(p, flags); + permissionInfo.protectionLevel = adjustPermissionProtectionFlagsLPr( + permissionInfo.protectionLevel, packageName, callingUid); + return permissionInfo; + } + } + + private int adjustPermissionProtectionFlagsLPr(int protectionLevel, + String packageName, int uid) { + // Signature permission flags area always reported + final int protectionLevelMasked = protectionLevel + & (PermissionInfo.PROTECTION_NORMAL + | PermissionInfo.PROTECTION_DANGEROUS + | PermissionInfo.PROTECTION_SIGNATURE); + if (protectionLevelMasked == PermissionInfo.PROTECTION_SIGNATURE) { + return protectionLevel; + } + + // System sees all flags. + final int appId = UserHandle.getAppId(uid); + if (appId == Process.SYSTEM_UID || appId == Process.ROOT_UID + || appId == Process.SHELL_UID) { + return protectionLevel; } + + // Normalize package name to handle renamed packages and static libs + packageName = resolveInternalPackageNameLPr(packageName, + PackageManager.VERSION_CODE_HIGHEST); + + // Apps that target O see flags for all protection levels. + final PackageSetting ps = mSettings.mPackages.get(packageName); + if (ps == null) { + return protectionLevel; + } + if (ps.appId != appId) { + return protectionLevel; + } + + final PackageParser.Package pkg = mPackages.get(packageName); + if (pkg == null) { + return protectionLevel; + } + if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.O) { + return protectionLevelMasked; + } + + return protectionLevel; } @Override -- cgit v1.2.3-59-g8ed1b