Fix bugs with granting permissions through onNewIntent().
It would grant the permission to the temporary ActivityRecord,
not the real one, so it never got cleaned up.
Also allow granting of permissions to services because... well,
it would be really really useful. And it introduces some
refactoring that we'll need to support cut/paste.
Change-Id: If521f509042e7baad7f5dc9bec84b6ba0d90ba09
diff --git a/services/java/com/android/server/am/ActivityManagerService.java b/services/java/com/android/server/am/ActivityManagerService.java
index 9d31502..b37cd89 100644
--- a/services/java/com/android/server/am/ActivityManagerService.java
+++ b/services/java/com/android/server/am/ActivityManagerService.java
@@ -4093,16 +4093,23 @@
}
}
- void grantUriPermissionLocked(int callingUid,
- String targetPkg, Uri uri, int modeFlags, ActivityRecord activity) {
+ /**
+ * Check if the targetPkg can be granted permission to access uri by
+ * the callingUid using the given modeFlags. Throws a security exception
+ * if callingUid is not allowed to do this. Returns the uid of the target
+ * if the URI permission grant should be performed; returns -1 if it is not
+ * needed (for example targetPkg already has permission to access the URI).
+ */
+ int checkGrantUriPermissionLocked(int callingUid, String targetPkg,
+ Uri uri, int modeFlags) {
modeFlags &= (Intent.FLAG_GRANT_READ_URI_PERMISSION
| Intent.FLAG_GRANT_WRITE_URI_PERMISSION);
if (modeFlags == 0) {
- return;
+ return -1;
}
if (DEBUG_URI_PERMISSION) Slog.v(TAG,
- "Requested grant " + targetPkg + " permission to " + uri);
+ "Checking grant " + targetPkg + " permission to " + uri);
final IPackageManager pm = AppGlobals.getPackageManager();
@@ -4110,7 +4117,7 @@
if (!ContentResolver.SCHEME_CONTENT.equals(uri.getScheme())) {
if (DEBUG_URI_PERMISSION) Slog.v(TAG,
"Can't grant URI permission for non-content URI: " + uri);
- return;
+ return -1;
}
String name = uri.getAuthority();
@@ -4127,7 +4134,7 @@
}
if (pi == null) {
Slog.w(TAG, "No content provider found for: " + name);
- return;
+ return -1;
}
int targetUid;
@@ -4136,10 +4143,10 @@
if (targetUid < 0) {
if (DEBUG_URI_PERMISSION) Slog.v(TAG,
"Can't grant URI permission no uid for: " + targetPkg);
- return;
+ return -1;
}
} catch (RemoteException ex) {
- return;
+ return -1;
}
// First... does the target actually need this permission?
@@ -4147,7 +4154,7 @@
// No need to grant the target this permission.
if (DEBUG_URI_PERMISSION) Slog.v(TAG,
"Target " + targetPkg + " already has full permission to " + uri);
- return;
+ return -1;
}
// Second... is the provider allowing granting of URI permissions?
@@ -4184,12 +4191,23 @@
}
}
- // Okay! So here we are: the caller has the assumed permission
+ return targetUid;
+ }
+
+ void grantUriPermissionUncheckedLocked(int targetUid, String targetPkg,
+ Uri uri, int modeFlags, UriPermissionOwner owner) {
+ modeFlags &= (Intent.FLAG_GRANT_READ_URI_PERMISSION
+ | Intent.FLAG_GRANT_WRITE_URI_PERMISSION);
+ if (modeFlags == 0) {
+ return;
+ }
+
+ // So here we are: the caller has the assumed permission
// to the uri, and the target doesn't. Let's now give this to
// the target.
if (DEBUG_URI_PERMISSION) Slog.v(TAG,
- "Granting " + targetPkg + " permission to " + uri);
+ "Granting " + targetPkg + "/" + targetUid + " permission to " + uri);
HashMap<Uri, UriPermission> targetUris
= mGrantedUriPermissions.get(targetUid);
@@ -4205,39 +4223,65 @@
}
perm.modeFlags |= modeFlags;
- if (activity == null) {
+ if (owner == null) {
perm.globalModeFlags |= modeFlags;
} else if ((modeFlags&Intent.FLAG_GRANT_READ_URI_PERMISSION) != 0) {
- perm.readActivities.add(activity);
- if (activity.readUriPermissions == null) {
- activity.readUriPermissions = new HashSet<UriPermission>();
- }
- activity.readUriPermissions.add(perm);
+ perm.readOwners.add(owner);
+ owner.addReadPermission(perm);
} else if ((modeFlags&Intent.FLAG_GRANT_WRITE_URI_PERMISSION) != 0) {
- perm.writeActivities.add(activity);
- if (activity.writeUriPermissions == null) {
- activity.writeUriPermissions = new HashSet<UriPermission>();
- }
- activity.writeUriPermissions.add(perm);
+ perm.writeOwners.add(owner);
+ owner.addWritePermission(perm);
}
}
- void grantUriPermissionFromIntentLocked(int callingUid,
- String targetPkg, Intent intent, ActivityRecord activity) {
+ void grantUriPermissionLocked(int callingUid,
+ String targetPkg, Uri uri, int modeFlags, UriPermissionOwner owner) {
+ int targetUid = checkGrantUriPermissionLocked(callingUid, targetPkg, uri, modeFlags);
+ if (targetUid < 0) {
+ return;
+ }
+
+ grantUriPermissionUncheckedLocked(targetUid, targetPkg, uri, modeFlags, owner);
+ }
+
+ /**
+ * Like checkGrantUriPermissionLocked, but takes an Intent.
+ */
+ int checkGrantUriPermissionFromIntentLocked(int callingUid,
+ String targetPkg, Intent intent) {
if (DEBUG_URI_PERMISSION) Slog.v(TAG,
- "Grant URI perm to " + (intent != null ? intent.getData() : null)
+ "Checking URI perm to " + (intent != null ? intent.getData() : null)
+ " from " + intent + "; flags=0x"
+ Integer.toHexString(intent != null ? intent.getFlags() : 0));
if (intent == null) {
- return;
+ return -1;
}
Uri data = intent.getData();
if (data == null) {
+ return -1;
+ }
+ return checkGrantUriPermissionLocked(callingUid, targetPkg, data,
+ intent.getFlags());
+ }
+
+ /**
+ * Like grantUriPermissionUncheckedLocked, but takes an Intent.
+ */
+ void grantUriPermissionUncheckedFromIntentLocked(int targetUid,
+ String targetPkg, Intent intent, UriPermissionOwner owner) {
+ grantUriPermissionUncheckedLocked(targetUid, targetPkg, intent.getData(),
+ intent.getFlags(), owner);
+ }
+
+ void grantUriPermissionFromIntentLocked(int callingUid,
+ String targetPkg, Intent intent, UriPermissionOwner owner) {
+ int targetUid = checkGrantUriPermissionFromIntentLocked(callingUid, targetPkg, intent);
+ if (targetUid < 0) {
return;
}
- grantUriPermissionLocked(callingUid, targetPkg, data,
- intent.getFlags(), activity);
+
+ grantUriPermissionUncheckedFromIntentLocked(targetUid, targetPkg, intent, owner);
}
public void grantUriPermission(IApplicationThread caller, String targetPkg,
@@ -8187,18 +8231,23 @@
return;
}
- int i = 0;
- while (i < N) {
+ while (r.pendingStarts.size() > 0) {
try {
- ServiceRecord.StartItem si = r.pendingStarts.get(i);
+ ServiceRecord.StartItem si = r.pendingStarts.remove(0);
if (DEBUG_SERVICE) Slog.v(TAG, "Sending arguments to service: "
+ r.name + " " + r.intent + " args=" + si.intent);
- if (si.intent == null && N > 1) {
+ if (si.intent == null) {
// If somehow we got a dummy start at the front, then
// just drop it here.
- i++;
continue;
}
+ si.deliveredTime = SystemClock.uptimeMillis();
+ r.deliveredStarts.add(si);
+ si.deliveryCount++;
+ if (si.targetPermissionUid >= 0) {
+ grantUriPermissionUncheckedFromIntentLocked(si.targetPermissionUid,
+ r.packageName, si.intent, si);
+ }
bumpServiceExecutingLocked(r);
if (!oomAdjusted) {
oomAdjusted = true;
@@ -8212,10 +8261,6 @@
flags |= Service.START_FLAG_REDELIVERY;
}
r.app.thread.scheduleServiceArgs(r, si.id, flags, si.intent);
- si.deliveredTime = SystemClock.uptimeMillis();
- r.deliveredStarts.add(si);
- si.deliveryCount++;
- i++;
} catch (RemoteException e) {
// Remote process gone... we'll let the normal cleanup take
// care of this.
@@ -8225,14 +8270,6 @@
break;
}
}
- if (i == N) {
- r.pendingStarts.clear();
- } else {
- while (i > 0) {
- i--;
- r.pendingStarts.remove(i);
- }
- }
}
private final boolean requestServiceBindingLocked(ServiceRecord r,
@@ -8315,7 +8352,7 @@
if (r.lastStartId < 1) {
r.lastStartId = 1;
}
- r.pendingStarts.add(new ServiceRecord.StartItem(r.lastStartId, null));
+ r.pendingStarts.add(new ServiceRecord.StartItem(r, r.lastStartId, null, -1));
}
sendServiceArgsLocked(r, true);
@@ -8335,6 +8372,7 @@
if (N > 0) {
for (int i=N-1; i>=0; i--) {
ServiceRecord.StartItem si = r.deliveredStarts.get(i);
+ si.removeUriPermissionsLocked();
if (si.intent == null) {
// We'll generate this again if needed.
} else if (!allowCancel || (si.deliveryCount < ServiceRecord.MAX_DELIVERY_COUNT
@@ -8574,7 +8612,7 @@
r.foregroundNoti = null;
// Clear start entries.
- r.deliveredStarts.clear();
+ r.clearDeliveredStartsLocked();
r.pendingStarts.clear();
if (r.app != null) {
@@ -8634,6 +8672,8 @@
? res.permission : "private to package");
}
ServiceRecord r = res.record;
+ int targetPermissionUid = checkGrantUriPermissionFromIntentLocked(
+ callingUid, r.packageName, service);
if (unscheduleServiceRestartLocked(r)) {
if (DEBUG_SERVICE) Slog.v(TAG, "START SERVICE WHILE RESTART PENDING: "
+ r.shortName);
@@ -8644,7 +8684,8 @@
if (r.lastStartId < 1) {
r.lastStartId = 1;
}
- r.pendingStarts.add(new ServiceRecord.StartItem(r.lastStartId, service));
+ r.pendingStarts.add(new ServiceRecord.StartItem(r, r.lastStartId,
+ service, targetPermissionUid));
r.lastActivity = SystemClock.uptimeMillis();
synchronized (r.stats.getBatteryStats()) {
r.stats.startRunningLocked();
@@ -8769,7 +8810,9 @@
ServiceRecord.StartItem si = r.findDeliveredStart(startId, false);
if (si != null) {
while (r.deliveredStarts.size() > 0) {
- if (r.deliveredStarts.remove(0) == si) {
+ ServiceRecord.StartItem cur = r.deliveredStarts.remove(0);
+ cur.removeUriPermissionsLocked();
+ if (cur == si) {
break;
}
}