Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 911d7f411f36f2279aae44c89ff1d33a29140046^! / . / services
commit911d7f411f36f2279aae44c89ff1d33a29140046[log] [tgz]
authorJeff Sharkey <jsharkey@android.com>Thu Sep 05 18:11:45 2013 -0700
committerJeff Sharkey <jsharkey@android.com>Fri Sep 06 08:08:18 2013 -0700
tree98cdcb6ae4f9720b2096f252c8c0fe1d0726f56a
parenta61dc8e03e6e863005b3a4629ca8f3801d33d3c4 [diff]
Provide calling package to ContentProviders.

The calling package is important for ContentProviders that want to
grant Uri permissions as a side effect of operations, so offer it
through a new API.  Validates the provided package against the
calling UID before returning.

Bug: 10626527
Change-Id: I7277880eebbd48444c024bcf5f69199133cd59e4

diff --git a/services/java/com/android/server/AppOpsService.java b/services/java/com/android/server/AppOpsService.java
index 7af95f3..c6c4a94 100644
--- a/services/java/com/android/server/AppOpsService.java
+++ b/services/java/com/android/server/AppOpsService.java

@@ -552,6 +552,17 @@
     }
 
     @Override
+    public int checkPackage(int uid, String packageName) {
+        synchronized (this) {
+            if (getOpsLocked(uid, packageName, true) != null) {
+                return AppOpsManager.MODE_ALLOWED;
+            } else {
+                return AppOpsManager.MODE_ERRORED;
+            }
+        }
+    }
+
+    @Override
     public int noteOperation(int code, int uid, String packageName) {
         verifyIncomingUid(uid);
         verifyIncomingOp(code);
@@ -560,7 +571,7 @@
             if (ops == null) {
                 if (DEBUG) Log.d(TAG, "noteOperation: no op for code " + code + " uid " + uid
                         + " package " + packageName);
-                return AppOpsManager.MODE_IGNORED;
+                return AppOpsManager.MODE_ERRORED;
             }
             Op op = getOpLocked(ops, code, true);
             if (op.duration == -1) {
@@ -594,7 +605,7 @@
             if (ops == null) {
                 if (DEBUG) Log.d(TAG, "startOperation: no op for code " + code + " uid " + uid
                         + " package " + packageName);
-                return AppOpsManager.MODE_IGNORED;
+                return AppOpsManager.MODE_ERRORED;
             }
             Op op = getOpLocked(ops, code, true);
             final int switchCode = AppOpsManager.opToSwitch(code);

diff --git a/services/java/com/android/server/DropBoxManagerService.java b/services/java/com/android/server/DropBoxManagerService.java
index 5008270..29b04da 100644
--- a/services/java/com/android/server/DropBoxManagerService.java
+++ b/services/java/com/android/server/DropBoxManagerService.java

@@ -24,6 +24,7 @@
 import android.content.pm.PackageManager;
 import android.database.ContentObserver;
 import android.net.Uri;
+import android.os.Binder;
 import android.os.Debug;
 import android.os.DropBoxManager;
 import android.os.FileUtils;
@@ -265,8 +266,13 @@
     }
 
     public boolean isTagEnabled(String tag) {
-        return !"disabled".equals(Settings.Global.getString(
-                mContentResolver, Settings.Global.DROPBOX_TAG_PREFIX + tag));
+        final long token = Binder.clearCallingIdentity();
+        try {
+            return !"disabled".equals(Settings.Global.getString(
+                    mContentResolver, Settings.Global.DROPBOX_TAG_PREFIX + tag));
+        } finally {
+            Binder.restoreCallingIdentity(token);
+        }
     }
 
     public synchronized DropBoxManager.Entry getNextEntry(String tag, long millis) {