From ecc1b57f708f454dfc6a6c3ac0ffe60fd071ef0a Mon Sep 17 00:00:00 2001 From: Julia Reynolds Date: Mon, 1 Oct 2018 16:19:24 -0400 Subject: Fix crashes running android.appsecurity.cts.EphemeralTest - test whether the caller is an instant app, not the target app of the notification (if they are different) - Allow apps that share an app id to post as one another Test: runtest systemui-notification Test: android.appsecurity.cts.EphemeralTest Change-Id: I6bf7d42adb821ef22455d01f27e00276c0483220 Fixes: 116799402 Fixes: 116637376 --- .../server/notification/NotificationManagerService.java | 8 +++++--- .../server/notification/NotificationManagerServiceTest.java | 13 +++++-------- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/services/core/java/com/android/server/notification/NotificationManagerService.java b/services/core/java/com/android/server/notification/NotificationManagerService.java index cade07cfb821..26ace6613732 100644 --- a/services/core/java/com/android/server/notification/NotificationManagerService.java +++ b/services/core/java/com/android/server/notification/NotificationManagerService.java @@ -4289,7 +4289,8 @@ public class NotificationManagerService extends SystemService { } // posted from app A on behalf of app A if (isCallerSameApp(targetPkg, callingUid, userId) - && TextUtils.equals(callingPkg, targetPkg)) { + && (TextUtils.equals(callingPkg, targetPkg) + || isCallerSameApp(callingPkg, callingUid, userId))) { return callingUid; } @@ -4306,7 +4307,8 @@ public class NotificationManagerService extends SystemService { return targetUid; } - throw new SecurityException("Caller " + callingUid + " cannot post for pkg " + targetPkg); + throw new SecurityException("Caller " + callingPkg + ":" + callingUid + + " cannot post for pkg " + targetPkg + " in user " + userId); } /** @@ -4326,7 +4328,7 @@ public class NotificationManagerService extends SystemService { if (!isSystemNotification && !isNotificationFromListener) { synchronized (mNotificationLock) { if (mNotificationsByKey.get(r.sbn.getKey()) == null - && isCallerInstantApp(pkg, callingUid, r.getUserId())) { + && isCallerInstantApp(pkg, Binder.getCallingUid(), userId)) { // Ephemeral apps have some special constraints for notifications. // They are not allowed to create new notifications however they are allowed to // update notifications created by the system (e.g. a foreground service diff --git a/services/tests/uiservicestests/src/com/android/server/notification/NotificationManagerServiceTest.java b/services/tests/uiservicestests/src/com/android/server/notification/NotificationManagerServiceTest.java index 45d2fa2d16a4..be10163e79e9 100644 --- a/services/tests/uiservicestests/src/com/android/server/notification/NotificationManagerServiceTest.java +++ b/services/tests/uiservicestests/src/com/android/server/notification/NotificationManagerServiceTest.java @@ -3428,17 +3428,14 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { } @Test - public void testResolveNotificationUid_sameAppWrongPkg() throws Exception { + public void testResolveNotificationUid_sameAppDiffPackage() throws Exception { ApplicationInfo info = new ApplicationInfo(); info.uid = Binder.getCallingUid(); - when(mPackageManager.getApplicationInfo(anyString(), anyInt(), anyInt())).thenReturn(info); + when(mPackageManager.getApplicationInfo(anyString(), anyInt(), eq(0))).thenReturn(info); - try { - mService.resolveNotificationUid("caller", "other", info.uid, 0); - fail("Incorrect pkg didn't throw security exception"); - } catch (SecurityException e) { - // yay - } + int actualUid = mService.resolveNotificationUid("caller", "callerAlso", info.uid, 0); + + assertEquals(info.uid, actualUid); } @Test -- cgit v1.2.3-59-g8ed1b