Fix SettingsProvider resets from Rescue Party.
Allow callers of isSystemPackage to make the check for uids that are not
their own.
Test: atest FrameworksCoreTests:SettingsProviderTest
Bug: 126249082
Change-Id: Ibef4e32aef23f42982256cdbb924e9cacb0ed1f8
diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
index 4b342b3..296f7a1 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
@@ -16,6 +16,7 @@
package com.android.providers.settings;
+import static android.os.Process.INVALID_UID;
import static android.os.Process.ROOT_UID;
import static android.os.Process.SHELL_UID;
import static android.os.Process.SYSTEM_UID;
@@ -2777,7 +2778,7 @@
boolean someSettingChanged = false;
Setting setting = settingsState.getSettingLocked(name);
if (!SettingsState.isSystemPackage(getContext(),
- setting.getPackageName())) {
+ setting.getPackageName(), INVALID_UID, userId)) {
if (prefix != null && !setting.getName().startsWith(prefix)) {
continue;
}
@@ -2797,7 +2798,7 @@
boolean someSettingChanged = false;
Setting setting = settingsState.getSettingLocked(name);
if (!SettingsState.isSystemPackage(getContext(),
- setting.getPackageName())) {
+ setting.getPackageName(), INVALID_UID, userId)) {
if (prefix != null && !setting.getName().startsWith(prefix)) {
continue;
}
@@ -4410,7 +4411,7 @@
}
try {
final boolean systemSet = SettingsState.isSystemPackage(getContext(),
- setting.getPackageName(), callingUid);
+ setting.getPackageName(), callingUid, userId);
if (systemSet) {
settings.insertSettingLocked(name, setting.getValue(),
setting.getTag(), true, setting.getPackageName());
diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsState.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsState.java
index 521163f..c05c4cd 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsState.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsState.java
@@ -17,6 +17,7 @@
package com.android.providers.settings;
import static android.os.Process.FIRST_APPLICATION_UID;
+import static android.os.Process.INVALID_UID;
import android.annotation.NonNull;
import android.content.Context;
@@ -1124,11 +1125,16 @@
return sb.toString();
}
+ // Check if a specific package belonging to the caller is part of the system package.
public static boolean isSystemPackage(Context context, String packageName) {
- return isSystemPackage(context, packageName, Binder.getCallingUid());
+ final int callingUid = Binder.getCallingUid();
+ final int callingUserId = UserHandle.getUserId(callingUid);
+ return isSystemPackage(context, packageName, callingUid, callingUserId);
}
- public static boolean isSystemPackage(Context context, String packageName, int callingUid) {
+ // Check if a specific package, uid, and user ID are part of the system package.
+ public static boolean isSystemPackage(Context context, String packageName, int uid,
+ int userId) {
synchronized (sLock) {
if (SYSTEM_PACKAGE_NAME.equals(packageName)) {
return true;
@@ -1140,26 +1146,19 @@
return false;
}
- // Native services running as a special UID get a pass
- final int callingAppId = UserHandle.getAppId(callingUid);
- if (callingAppId < FIRST_APPLICATION_UID) {
- sSystemUids.put(callingAppId, callingAppId);
- return true;
+ if (uid != INVALID_UID) {
+ // Native services running as a special UID get a pass
+ final int callingAppId = UserHandle.getAppId(uid);
+ if (callingAppId < FIRST_APPLICATION_UID) {
+ sSystemUids.put(callingAppId, callingAppId);
+ return true;
+ }
}
- // While some callers may have permissions to manipulate cross user
- // settings or some settings are stored in the parent of a managed
- // profile for the purpose of determining whether the other end is a
- // system component we need to use the user id of the caller for
- // pulling information about the caller from the package manager.
- final int callingUserId = UserHandle.getUserId(callingUid);
-
final long identity = Binder.clearCallingIdentity();
try {
- final int uid;
try {
- uid = context.getPackageManager().getPackageUidAsUser(packageName, 0,
- callingUserId);
+ uid = context.getPackageManager().getPackageUidAsUser(packageName, 0, userId);
} catch (PackageManager.NameNotFoundException e) {
return false;
}
@@ -1187,7 +1186,7 @@
PackageInfo packageInfo;
try {
packageInfo = context.getPackageManager().getPackageInfoAsUser(
- packageName, PackageManager.GET_SIGNATURES, callingUserId);
+ packageName, PackageManager.GET_SIGNATURES, userId);
if ((packageInfo.applicationInfo.flags
& ApplicationInfo.FLAG_PERSISTENT) != 0
&& (packageInfo.applicationInfo.flags