commit 1b67b798cf89605ec417063d368198db25cc659d
author Atanas Kirilov <akirilov@google.com> Wed Jun 27 16:56:36 2018 -0700
committer android-build-merger <android-build-merger@google.com> Wed Jun 27 16:56:36 2018 -0700
tree 646da46f69dfc13696587e25b432aaa0feddb086
parent ebd047e92fe9542101bb1498760c98c4cef94411
parent f3f6e2f9ee42d5b483941e858e643732f4c1666d

Merge "Backporting of b/77821568" into oc-dev am: 9774459633
am: f3f6e2f9ee

Change-Id: I1445ecb89dba24df5e89089fbf0aff308331aea0

services/core/java/com/android/server/pm/PackageManagerService.java

diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index d6b5728..6417e24 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -4761,7 +4761,9 @@
             triaged = false;
         }
         if ((flags & PackageManager.MATCH_ANY_USER) != 0) {
-            enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false,
+            // require the permission to be held; the calling uid and given user id referring
+            // to the same user is not sufficient
+            enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, true,
                     "MATCH_ANY_USER flag requires INTERACT_ACROSS_USERS permission at "
                     + Debug.getCallers(5));
         } else if ((flags & PackageManager.MATCH_UNINSTALLED_PACKAGES) != 0 && isCallerSystemUser
@@ -5414,13 +5416,25 @@
      */
     void enforceCrossUserPermission(int callingUid, int userId, boolean requireFullPermission,
             boolean checkShell, String message) {
+        enforceCrossUserPermission(
+              callingUid,
+              userId,
+              requireFullPermission,
+              checkShell,
+              false,
+              message);
+    }
+
+    private void enforceCrossUserPermission(int callingUid, int userId,
+            boolean requireFullPermission, boolean checkShell,
+            boolean requirePermissionWhenSameUser, String message) {
         if (userId < 0) {
             throw new IllegalArgumentException("Invalid userId " + userId);
         }
         if (checkShell) {
             enforceShellRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, callingUid, userId);
         }
-        if (userId == UserHandle.getUserId(callingUid)) return;
+        if (!requirePermissionWhenSameUser && userId == UserHandle.getUserId(callingUid)) return;
         if (callingUid != Process.SYSTEM_UID && callingUid != 0) {
             if (requireFullPermission) {
                 mContext.enforceCallingOrSelfPermission(
@@ -8597,7 +8611,7 @@
         flags = updateFlagsForPackage(flags, userId, null);
         final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0;
         enforceCrossUserPermission(callingUid, userId,
-                true /* requireFullPermission */, false /* checkShell */,
+                false /* requireFullPermission */, false /* checkShell */,
                 "get installed packages");
 
         // writer
@@ -8721,6 +8735,13 @@
         flags = updateFlagsForApplication(flags, userId, null);
         final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0;
 
+        enforceCrossUserPermission(
+            callingUid,
+            userId,
+            false /* requireFullPermission */,
+            false /* checkShell */,
+            "get installed application info");
+
         // writer
         synchronized (mPackages) {
             ArrayList<ApplicationInfo> list;