LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Fix the INTERNET related permissions" am: 65cef6401a am: 5289cdd37e

Browse Source 
am: 08c2484d37

Change-Id: Id14b54002f7b3496df9e7943a127f63dcf4e82b2
This commit is contained in:
Chenbo Feng
2019-03-26 20:14:10 -07:00
committed by android-build-merger
parent 63c0ac9f45 08c2484d37
commit 13730b8b9e
1 changed files with 28 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
services/core/java/com/android/server/connectivity/PermissionMonitor.java
View File

@@ -22,6 +22,7 @@ import static android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS;
import static android.Manifest.permission.INTERNET; import static android.Manifest.permission.INTERNET;
import static android.Manifest.permission.NETWORK_STACK; import static android.Manifest.permission.NETWORK_STACK;
import static android.Manifest.permission.UPDATE_DEVICE_STATS; import static android.Manifest.permission.UPDATE_DEVICE_STATS;
import static android.content.pm.PackageInfo.REQUESTED_PERMISSION_GRANTED;
import static android.content.pm.PackageManager.GET_PERMISSIONS; import static android.content.pm.PackageManager.GET_PERMISSIONS;
import static android.content.pm.PackageManager.MATCH_ANY_USER; import static android.content.pm.PackageManager.MATCH_ANY_USER;
import static android.os.Process.INVALID_UID; import static android.os.Process.INVALID_UID;
@@ -43,7 +44,6 @@ import android.os.RemoteException;
import android.os.UserHandle; import android.os.UserHandle;
import android.os.UserManager; import android.os.UserManager;
import android.util.Log; import android.util.Log;
import android.util.Slog;
import android.util.SparseIntArray; import android.util.SparseIntArray;
import com.android.internal.annotations.VisibleForTesting; import com.android.internal.annotations.VisibleForTesting;
@@ -83,41 +83,32 @@ public class PermissionMonitor {
private final Map<Integer, Boolean> mApps = new HashMap<>(); private final Map<Integer, Boolean> mApps = new HashMap<>();
private class PackageListObserver implements PackageManagerInternal.PackageListObserver { private class PackageListObserver implements PackageManagerInternal.PackageListObserver {
@Override
public void onPackageAdded(String packageName, int uid) {
final PackageInfo app = getPackageInfo(packageName);
if (app == null) {
Slog.wtf(TAG, "Failed to get information of installed package: " + packageName);
return;
}
if (uid == INVALID_UID) {
Slog.wtf(TAG, "Failed to get the uid of installed package: " + packageName
+ "uid: " + uid);
return;
}
if (app.requestedPermissions == null) {
return;
}
sendPackagePermissionsForUid(uid,
getNetdPermissionMask(app.requestedPermissions));
}
@Override private int getPermissionForUid(int uid) {
public void onPackageRemoved(String packageName, int uid) {
int permission = 0; int permission = 0;
// If there are still packages remain under the same uid, check the permission of the // Check all the packages for this UID. The UID has the permission if any of the
// remaining packages. We only remove the permission for a given uid when all packages // packages in it has the permission.
// for that uid no longer have that permission.
String[] packages = mPackageManager.getPackagesForUid(uid); String[] packages = mPackageManager.getPackagesForUid(uid);
if (packages != null && packages.length > 0) { if (packages != null && packages.length > 0) {
for (String name : packages) { for (String name : packages) {
final PackageInfo app = getPackageInfo(name); final PackageInfo app = getPackageInfo(name);
if (app != null && app.requestedPermissions != null) { if (app != null && app.requestedPermissions != null) {
permission |= getNetdPermissionMask(app.requestedPermissions); permission |= getNetdPermissionMask(app.requestedPermissions,
app.requestedPermissionsFlags);
} }
} }
} }
sendPackagePermissionsForUid(uid, permission); return permission;
}
@Override
public void onPackageAdded(String packageName, int uid) {
sendPackagePermissionsForUid(uid, getPermissionForUid(uid));
}
@Override
public void onPackageRemoved(String packageName, int uid) {
sendPackagePermissionsForUid(uid, getPermissionForUid(uid));
} }
} }
@@ -167,12 +158,9 @@ public class PermissionMonitor {
} }
//TODO: unify the management of the permissions into one codepath. //TODO: unify the management of the permissions into one codepath.
if (app.requestedPermissions != null) { int otherNetdPerms = getNetdPermissionMask(app.requestedPermissions,
int otherNetdPerms = getNetdPermissionMask(app.requestedPermissions); app.requestedPermissionsFlags);
if (otherNetdPerms != 0) { netdPermsUids.put(uid, netdPermsUids.get(uid) | otherNetdPerms);
netdPermsUids.put(uid, netdPermsUids.get(uid) | otherNetdPerms);
}
}
} }
List<UserInfo> users = mUserManager.getUsers(true); // exclude dying users List<UserInfo> users = mUserManager.getUsers(true); // exclude dying users
@@ -403,13 +391,17 @@ public class PermissionMonitor {
} }
} }
private static int getNetdPermissionMask(String[] requestedPermissions) { private static int getNetdPermissionMask(String[] requestedPermissions,
int[] requestedPermissionsFlags) {
int permissions = 0; int permissions = 0;
for (String permissionName : requestedPermissions) { if (requestedPermissions == null || requestedPermissionsFlags == null) return permissions;
if (permissionName.equals(INTERNET)) { for (int i = 0; i < requestedPermissions.length; i++) {
if (requestedPermissions[i].equals(INTERNET)
&& ((requestedPermissionsFlags[i] & REQUESTED_PERMISSION_GRANTED) != 0)) {
permissions |= INetd.PERMISSION_INTERNET; permissions |= INetd.PERMISSION_INTERNET;
} }
if (permissionName.equals(UPDATE_DEVICE_STATS)) { if (requestedPermissions[i].equals(UPDATE_DEVICE_STATS)
&& ((requestedPermissionsFlags[i] & REQUESTED_PERMISSION_GRANTED) != 0)) {
permissions |= INetd.PERMISSION_UPDATE_DEVICE_STATS; permissions |= INetd.PERMISSION_UPDATE_DEVICE_STATS;
} }
} }