Merge "DO NOT MERGE Backporting potential usb tapjacking precaution." into mnc-dr-dev
diff --git a/services/core/java/com/android/server/clipboard/ClipboardService.java b/services/core/java/com/android/server/clipboard/ClipboardService.java
index 1c26846..a94a524 100644
--- a/services/core/java/com/android/server/clipboard/ClipboardService.java
+++ b/services/core/java/com/android/server/clipboard/ClipboardService.java
@@ -20,6 +20,7 @@
import android.app.AppGlobals;
import android.app.AppOpsManager;
import android.app.IActivityManager;
+import android.app.KeyguardManager;
import android.content.BroadcastReceiver;
import android.content.ClipData;
import android.content.ClipDescription;
@@ -247,7 +248,7 @@
public ClipData getPrimaryClip(String pkg) {
synchronized (this) {
if (mAppOps.noteOp(AppOpsManager.OP_READ_CLIPBOARD, Binder.getCallingUid(),
- pkg) != AppOpsManager.MODE_ALLOWED) {
+ pkg) != AppOpsManager.MODE_ALLOWED || isDeviceLocked()) {
return null;
}
addActiveOwnerLocked(Binder.getCallingUid(), pkg);
@@ -258,7 +259,7 @@
public ClipDescription getPrimaryClipDescription(String callingPackage) {
synchronized (this) {
if (mAppOps.checkOp(AppOpsManager.OP_READ_CLIPBOARD, Binder.getCallingUid(),
- callingPackage) != AppOpsManager.MODE_ALLOWED) {
+ callingPackage) != AppOpsManager.MODE_ALLOWED || isDeviceLocked()) {
return null;
}
PerUserClipboard clipboard = getClipboard();
@@ -269,7 +270,7 @@
public boolean hasPrimaryClip(String callingPackage) {
synchronized (this) {
if (mAppOps.checkOp(AppOpsManager.OP_READ_CLIPBOARD, Binder.getCallingUid(),
- callingPackage) != AppOpsManager.MODE_ALLOWED) {
+ callingPackage) != AppOpsManager.MODE_ALLOWED || isDeviceLocked()) {
return false;
}
return getClipboard().primaryClip != null;
@@ -293,7 +294,7 @@
public boolean hasClipboardText(String callingPackage) {
synchronized (this) {
if (mAppOps.checkOp(AppOpsManager.OP_READ_CLIPBOARD, Binder.getCallingUid(),
- callingPackage) != AppOpsManager.MODE_ALLOWED) {
+ callingPackage) != AppOpsManager.MODE_ALLOWED || isDeviceLocked()) {
return false;
}
PerUserClipboard clipboard = getClipboard();
@@ -305,6 +306,11 @@
}
}
+ private boolean isDeviceLocked() {
+ final KeyguardManager keyguardManager = mContext.getSystemService(KeyguardManager.class);
+ return keyguardManager != null && keyguardManager.isDeviceLocked();
+ }
+
private final void checkUriOwnerLocked(Uri uri, int uid) {
if (!"content".equals(uri.getScheme())) {
return;
diff --git a/services/core/java/com/android/server/content/SyncStorageEngine.java b/services/core/java/com/android/server/content/SyncStorageEngine.java
index 96a7bb4..ad4a819 100644
--- a/services/core/java/com/android/server/content/SyncStorageEngine.java
+++ b/services/core/java/com/android/server/content/SyncStorageEngine.java
@@ -18,6 +18,7 @@
import android.accounts.Account;
import android.accounts.AccountAndUser;
+import android.accounts.AccountManager;
import android.app.backup.BackupManager;
import android.content.ComponentName;
import android.content.ContentResolver;
@@ -27,6 +28,7 @@
import android.content.SyncInfo;
import android.content.SyncRequest;
import android.content.SyncStatusInfo;
+import android.content.pm.PackageManager;
import android.database.Cursor;
import android.database.sqlite.SQLiteDatabase;
import android.database.sqlite.SQLiteException;
@@ -429,6 +431,49 @@
public void onSyncRequest(EndPoint info, int reason, Bundle extras);
}
+ /**
+ * Validator that maintains a lazy cache of accounts and providers to tell if an authority or
+ * account is valid.
+ */
+ private static class AccountAuthorityValidator {
+ final private AccountManager mAccountManager;
+ final private PackageManager mPackageManager;
+ final private SparseArray<Account[]> mAccountsCache;
+ final private SparseArray<ArrayMap<String, Boolean>> mProvidersPerUserCache;
+
+ AccountAuthorityValidator(Context context) {
+ mAccountManager = context.getSystemService(AccountManager.class);
+ mPackageManager = context.getPackageManager();
+ mAccountsCache = new SparseArray<>();
+ mProvidersPerUserCache = new SparseArray<>();
+ }
+
+ // An account is valid if an installed authenticator has previously created that account
+ // on the device
+ boolean isAccountValid(Account account, int userId) {
+ Account[] accountsForUser = mAccountsCache.get(userId);
+ if (accountsForUser == null) {
+ accountsForUser = mAccountManager.getAccountsAsUser(userId);
+ mAccountsCache.put(userId, accountsForUser);
+ }
+ return ArrayUtils.contains(accountsForUser, account);
+ }
+
+ // An authority is only valid if it has a content provider installed on the system
+ boolean isAuthorityValid(String authority, int userId) {
+ ArrayMap<String, Boolean> authorityMap = mProvidersPerUserCache.get(userId);
+ if (authorityMap == null) {
+ authorityMap = new ArrayMap<>();
+ mProvidersPerUserCache.put(userId, authorityMap);
+ }
+ if (!authorityMap.containsKey(authority)) {
+ authorityMap.put(authority,
+ mPackageManager.resolveContentProviderAsUser(authority, 0, userId) != null);
+ }
+ return authorityMap.get(authority);
+ }
+ }
+
// Primary list of all syncable authorities. Also our global lock.
private final SparseArray<AuthorityInfo> mAuthorities =
new SparseArray<AuthorityInfo>();
@@ -1894,12 +1939,13 @@
eventType = parser.next();
AuthorityInfo authority = null;
PeriodicSync periodicSync = null;
+ AccountAuthorityValidator validator = new AccountAuthorityValidator(mContext);
do {
if (eventType == XmlPullParser.START_TAG) {
tagName = parser.getName();
if (parser.getDepth() == 2) {
if ("authority".equals(tagName)) {
- authority = parseAuthority(parser, version);
+ authority = parseAuthority(parser, version, validator);
periodicSync = null;
if (authority != null) {
if (authority.ident > highestAuthorityId) {
@@ -2032,7 +2078,8 @@
mMasterSyncAutomatically.put(userId, listen);
}
- private AuthorityInfo parseAuthority(XmlPullParser parser, int version) {
+ private AuthorityInfo parseAuthority(XmlPullParser parser, int version,
+ AccountAuthorityValidator validator) {
AuthorityInfo authority = null;
int id = -1;
try {
@@ -2077,12 +2124,22 @@
info = new EndPoint(
new Account(accountName, accountType),
authorityName, userId);
+ if (validator.isAccountValid(info.account, userId)
+ && validator.isAuthorityValid(authorityName, userId)) {
+ authority = getOrCreateAuthorityLocked(info, id, false);
+ } else {
+ EventLog.writeEvent(0x534e4554, "35028827", -1,
+ "account:" + info.account + " provider:" + authorityName + " user:"
+ + userId);
+ }
} else {
info = new EndPoint(
new ComponentName(packageName, className),
userId);
+ authority = getOrCreateAuthorityLocked(info, id, false);
}
- authority = getOrCreateAuthorityLocked(info, id, false);
+ }
+ if (authority != null) {
// If the version is 0 then we are upgrading from a file format that did not
// know about periodic syncs. In that case don't clear the list since we
// want the default, which is a daily periodic sync.
@@ -2091,8 +2148,6 @@
if (version > 0) {
authority.periodicSyncs.clear();
}
- }
- if (authority != null) {
authority.enabled = enabled == null || Boolean.parseBoolean(enabled);
try {
authority.syncable = (syncable == null) ?
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 5461018..083d132 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -57,6 +57,7 @@
import android.content.pm.IPackageManager;
import android.content.pm.PackageManager;
import android.content.pm.PackageManager.NameNotFoundException;
+import android.content.pm.PermissionInfo;
import android.content.pm.ResolveInfo;
import android.content.pm.ServiceInfo;
import android.content.pm.UserInfo;
@@ -97,6 +98,7 @@
import android.security.KeyChain.KeyChainConnection;
import android.service.persistentdata.PersistentDataBlockManager;
import android.text.TextUtils;
+import android.util.EventLog;
import android.util.Log;
import android.util.PrintWriterPrinter;
import android.util.Printer;
@@ -6448,6 +6450,10 @@
if (targetSdkVersion < android.os.Build.VERSION_CODES.M) {
return false;
}
+ if (!isRuntimePermission(permission)) {
+ EventLog.writeEvent(0x534e4554, "62623498", user.getIdentifier(), "");
+ return false;
+ }
final PackageManager packageManager = mContext.getPackageManager();
switch (grantState) {
case DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED: {
@@ -6473,12 +6479,21 @@
return true;
} catch (SecurityException se) {
return false;
+ } catch (NameNotFoundException e) {
+ return false;
} finally {
Binder.restoreCallingIdentity(ident);
}
}
}
+ public boolean isRuntimePermission(String permissionName) throws NameNotFoundException {
+ final PackageManager packageManager = mContext.getPackageManager();
+ PermissionInfo permissionInfo = packageManager.getPermissionInfo(permissionName, 0);
+ return (permissionInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE)
+ == PermissionInfo.PROTECTION_DANGEROUS;
+ }
+
@Override
public int getPermissionGrantState(ComponentName admin, String packageName,
String permission) throws RemoteException {