PDBS: add package check for getMaximumDataBlockSize()
This method is only useful to the package that writes data to the block
so this applies the same security check as the write() method.
getDataBlockSize()'s security check was only relaxed to use a permission
as it is used by other system apps to determine whether the block
contains data and hence is in use (see ag/593371).
Fix: 62348164
Test: add a Google account to the device causing gmscore to call the
method
Change-Id: I7e71ea236899bf2e4df7cb26ae285b414e9e6565
diff --git a/services/core/java/com/android/server/PersistentDataBlockService.java b/services/core/java/com/android/server/PersistentDataBlockService.java
index 1d4c3db..c32a2d1 100644
--- a/services/core/java/com/android/server/PersistentDataBlockService.java
+++ b/services/core/java/com/android/server/PersistentDataBlockService.java
@@ -380,6 +380,12 @@
}
}
+ private long doGetMaximumDataBlockSize() {
+ long actualSize = getBlockDeviceSize() - HEADER_SIZE - DIGEST_SIZE_BYTES
+ - FRP_CREDENTIAL_RESERVED_SIZE - 1;
+ return actualSize <= MAX_DATA_BLOCK_SIZE ? actualSize : MAX_DATA_BLOCK_SIZE;
+ }
+
private native long nativeGetBlockDeviceSize(String path);
private native int nativeWipe(String path);
@@ -389,7 +395,7 @@
enforceUid(Binder.getCallingUid());
// Need to ensure we don't write over the last byte
- long maxBlockSize = getMaximumDataBlockSize();
+ long maxBlockSize = doGetMaximumDataBlockSize();
if (data.length > maxBlockSize) {
// partition is ~500k so shouldn't be a problem to downcast
return (int) -maxBlockSize;
@@ -569,9 +575,8 @@
@Override
public long getMaximumDataBlockSize() {
- long actualSize = getBlockDeviceSize() - HEADER_SIZE - DIGEST_SIZE_BYTES
- - FRP_CREDENTIAL_RESERVED_SIZE - 1;
- return actualSize <= MAX_DATA_BLOCK_SIZE ? actualSize : MAX_DATA_BLOCK_SIZE;
+ enforceUid(Binder.getCallingUid());
+ return doGetMaximumDataBlockSize();
}
@Override