Pass in the ComponentName of the resolved service for service intents
Change-Id: I893035d5f2dba470d19a091c7a5945b13d9c9b67
diff --git a/services/java/com/android/server/am/ActiveServices.java b/services/java/com/android/server/am/ActiveServices.java
index 3548e8c..b96cf92 100644
--- a/services/java/com/android/server/am/ActiveServices.java
+++ b/services/java/com/android/server/am/ActiveServices.java
@@ -832,8 +832,8 @@
+ " requires " + r.permission);
return new ServiceLookupResult(null, r.permission);
}
- if (!mAm.mIntentFirewall.checkService(service, callingUid, callingPid, resolvedType,
- r.appInfo)) {
+ if (!mAm.mIntentFirewall.checkService(r.name, service, callingUid, callingPid,
+ resolvedType, r.appInfo)) {
return null;
}
return new ServiceLookupResult(r, null);
diff --git a/services/java/com/android/server/firewall/AndFilter.java b/services/java/com/android/server/firewall/AndFilter.java
index 8894951..fa53945 100644
--- a/services/java/com/android/server/firewall/AndFilter.java
+++ b/services/java/com/android/server/firewall/AndFilter.java
@@ -16,6 +16,7 @@
package com.android.server.firewall;
+import android.content.ComponentName;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
import org.xmlpull.v1.XmlPullParser;
@@ -25,11 +26,11 @@
class AndFilter extends FilterList {
@Override
- public boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp) {
+ public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
for (int i=0; i<children.size(); i++) {
- if (!children.get(i).matches(ifw, intent, callerUid, callerPid, resolvedType,
- resolvedApp)) {
+ if (!children.get(i).matches(ifw, resolvedComponent, intent, callerUid, callerPid,
+ resolvedType, resolvedApp)) {
return false;
}
}
diff --git a/services/java/com/android/server/firewall/CategoryFilter.java b/services/java/com/android/server/firewall/CategoryFilter.java
index e609b1e..022dc9a 100644
--- a/services/java/com/android/server/firewall/CategoryFilter.java
+++ b/services/java/com/android/server/firewall/CategoryFilter.java
@@ -16,6 +16,7 @@
package com.android.server.firewall;
+import android.content.ComponentName;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
import org.xmlpull.v1.XmlPullParser;
@@ -34,8 +35,8 @@
}
@Override
- public boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp) {
+ public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
Set<String> categories = intent.getCategories();
if (categories == null) {
return false;
diff --git a/services/java/com/android/server/firewall/Filter.java b/services/java/com/android/server/firewall/Filter.java
index 740cbe97..25105e1 100644
--- a/services/java/com/android/server/firewall/Filter.java
+++ b/services/java/com/android/server/firewall/Filter.java
@@ -16,6 +16,7 @@
package com.android.server.firewall;
+import android.content.ComponentName;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
@@ -24,12 +25,13 @@
* Does the given intent + context info match this filter?
*
* @param ifw The IntentFirewall instance
+ * @param resolvedComponent The actual component that the intent was resolved to
* @param intent The intent being started/bound/broadcast
* @param callerUid The uid of the caller
* @param callerPid The pid of the caller
* @param resolvedType The resolved mime type of the intent
* @param resolvedApp The application that contains the resolved component that the intent is
*/
- boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp);
+ boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp);
}
diff --git a/services/java/com/android/server/firewall/IntentFirewall.java b/services/java/com/android/server/firewall/IntentFirewall.java
index dfe89dd..b3cbe8b 100644
--- a/services/java/com/android/server/firewall/IntentFirewall.java
+++ b/services/java/com/android/server/firewall/IntentFirewall.java
@@ -120,25 +120,27 @@
*/
public boolean checkStartActivity(Intent intent, int callerUid, int callerPid,
String resolvedType, ApplicationInfo resolvedApp) {
- return checkIntent(mActivityResolver, TYPE_ACTIVITY, intent, callerUid, callerPid,
- resolvedType, resolvedApp);
+ return checkIntent(mActivityResolver, intent.getComponent(), TYPE_ACTIVITY, intent,
+ callerUid, callerPid, resolvedType, resolvedApp);
}
- public boolean checkService(Intent intent, int callerUid, int callerPid, String resolvedType,
+ public boolean checkService(ComponentName resolvedService, Intent intent, int callerUid,
+ int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
+ return checkIntent(mServiceResolver, resolvedService, TYPE_SERVICE, intent, callerUid,
+ callerPid, resolvedType, resolvedApp);
+ }
+
+ public boolean checkIntent(FirewallIntentResolver resolver, ComponentName resolvedComponent,
+ int intentType, Intent intent, int callerUid, int callerPid, String resolvedType,
ApplicationInfo resolvedApp) {
- return checkIntent(mServiceResolver, TYPE_SERVICE, intent, callerUid, callerPid,
- resolvedType, resolvedApp);
- }
-
- public boolean checkIntent(FirewallIntentResolver resolver, int intentType, Intent intent,
- int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
List<Rule> matchingRules = resolver.queryIntent(intent, resolvedType, false, 0);
boolean log = false;
boolean block = false;
for (int i=0; i< matchingRules.size(); i++) {
Rule rule = matchingRules.get(i);
- if (rule.matches(this, intent, callerUid, callerPid, resolvedType, resolvedApp)) {
+ if (rule.matches(this, resolvedComponent, intent, callerUid, callerPid, resolvedType,
+ resolvedApp)) {
block |= rule.getBlock();
log |= rule.getLog();
diff --git a/services/java/com/android/server/firewall/NotFilter.java b/services/java/com/android/server/firewall/NotFilter.java
index 327eb59..5f3d516 100644
--- a/services/java/com/android/server/firewall/NotFilter.java
+++ b/services/java/com/android/server/firewall/NotFilter.java
@@ -16,6 +16,7 @@
package com.android.server.firewall;
+import android.content.ComponentName;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
import com.android.internal.util.XmlUtils;
@@ -32,9 +33,10 @@
}
@Override
- public boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp) {
- return !mChild.matches(ifw, intent, callerUid, callerPid, resolvedType, resolvedApp);
+ public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
+ return !mChild.matches(ifw, resolvedComponent, intent, callerUid, callerPid, resolvedType,
+ resolvedApp);
}
public static final FilterFactory FACTORY = new FilterFactory("not") {
diff --git a/services/java/com/android/server/firewall/OrFilter.java b/services/java/com/android/server/firewall/OrFilter.java
index 23c0fe0..e3811eb 100644
--- a/services/java/com/android/server/firewall/OrFilter.java
+++ b/services/java/com/android/server/firewall/OrFilter.java
@@ -16,6 +16,7 @@
package com.android.server.firewall;
+import android.content.ComponentName;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
import org.xmlpull.v1.XmlPullParser;
@@ -25,11 +26,11 @@
class OrFilter extends FilterList {
@Override
- public boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp) {
+ public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
for (int i=0; i<children.size(); i++) {
- if (children.get(i).matches(ifw, intent, callerUid, callerPid, resolvedType,
- resolvedApp)) {
+ if (children.get(i).matches(ifw, resolvedComponent, intent, callerUid, callerPid,
+ resolvedType, resolvedApp)) {
return true;
}
}
diff --git a/services/java/com/android/server/firewall/PortFilter.java b/services/java/com/android/server/firewall/PortFilter.java
index ac4504f..d0cd17f 100644
--- a/services/java/com/android/server/firewall/PortFilter.java
+++ b/services/java/com/android/server/firewall/PortFilter.java
@@ -16,6 +16,7 @@
package com.android.server.firewall;
+import android.content.ComponentName;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
import android.net.Uri;
@@ -41,8 +42,8 @@
}
@Override
- public boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp) {
+ public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
int port = -1;
Uri uri = intent.getData();
if (uri != null) {
diff --git a/services/java/com/android/server/firewall/SenderFilter.java b/services/java/com/android/server/firewall/SenderFilter.java
index 3d7b450..7306dbde 100644
--- a/services/java/com/android/server/firewall/SenderFilter.java
+++ b/services/java/com/android/server/firewall/SenderFilter.java
@@ -17,6 +17,7 @@
package com.android.server.firewall;
import android.app.AppGlobals;
+import android.content.ComponentName;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
import android.content.pm.IPackageManager;
@@ -77,24 +78,24 @@
private static final Filter SIGNATURE = new Filter() {
@Override
- public boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp) {
+ public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
return ifw.signaturesMatch(callerUid, resolvedApp.uid);
}
};
private static final Filter SYSTEM = new Filter() {
@Override
- public boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp) {
+ public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
return isPrivilegedApp(callerUid, callerPid);
}
};
private static final Filter SYSTEM_OR_SIGNATURE = new Filter() {
@Override
- public boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp) {
+ public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
return isPrivilegedApp(callerUid, callerPid) ||
ifw.signaturesMatch(callerUid, resolvedApp.uid);
}
@@ -102,8 +103,8 @@
private static final Filter USER_ID = new Filter() {
@Override
- public boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp) {
+ public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
// This checks whether the caller is either the system process, or has the same user id
// I.e. the same app, or an app that uses the same shared user id.
// This is the same set of applications that would be able to access the component if
diff --git a/services/java/com/android/server/firewall/SenderPermissionFilter.java b/services/java/com/android/server/firewall/SenderPermissionFilter.java
index a88ceaf..60225a3 100644
--- a/services/java/com/android/server/firewall/SenderPermissionFilter.java
+++ b/services/java/com/android/server/firewall/SenderPermissionFilter.java
@@ -16,6 +16,7 @@
package com.android.server.firewall;
+import android.content.ComponentName;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
import org.xmlpull.v1.XmlPullParser;
@@ -33,8 +34,8 @@
}
@Override
- public boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp) {
+ public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
// We assume the component is exported here. If the component is not exported, then
// ActivityManager would only resolve to this component for callers from the same uid.
// In this case, it doesn't matter whether the component is exported or not.
diff --git a/services/java/com/android/server/firewall/StringFilter.java b/services/java/com/android/server/firewall/StringFilter.java
index 3fa09f3..fa8105f 100644
--- a/services/java/com/android/server/firewall/StringFilter.java
+++ b/services/java/com/android/server/firewall/StringFilter.java
@@ -119,9 +119,10 @@
protected abstract boolean matchesValue(String value);
@Override
- public boolean matches(IntentFirewall ifw, Intent intent, int callerUid, int callerPid,
- String resolvedType, ApplicationInfo resolvedApp) {
- String value = mValueProvider.getValue(intent, resolvedType, resolvedApp);
+ public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
+ int callerUid, int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
+ String value = mValueProvider.getValue(resolvedComponent, intent, resolvedType,
+ resolvedApp);
return matchesValue(value);
}
@@ -135,8 +136,8 @@
return StringFilter.readFromXml(this, parser);
}
- public abstract String getValue(Intent intent, String resolvedType,
- ApplicationInfo resolvedApp);
+ public abstract String getValue(ComponentName resolvedComponent, Intent intent,
+ String resolvedType, ApplicationInfo resolvedApp);
}
private static class EqualsFilter extends StringFilter {
@@ -230,10 +231,10 @@
public static final ValueProvider COMPONENT = new ValueProvider("component") {
@Override
- public String getValue(Intent intent, String resolvedType, ApplicationInfo resolvedApp) {
- ComponentName cn = intent.getComponent();
- if (cn != null) {
- return cn.flattenToString();
+ public String getValue(ComponentName resolvedComponent, Intent intent, String resolvedType,
+ ApplicationInfo resolvedApp) {
+ if (resolvedComponent != null) {
+ return resolvedComponent.flattenToString();
}
return null;
}
@@ -241,10 +242,10 @@
public static final ValueProvider COMPONENT_NAME = new ValueProvider("component-name") {
@Override
- public String getValue(Intent intent, String resolvedType, ApplicationInfo resolvedApp) {
- ComponentName cn = intent.getComponent();
- if (cn != null) {
- return cn.getClassName();
+ public String getValue(ComponentName resolvedComponent, Intent intent, String resolvedType,
+ ApplicationInfo resolvedApp) {
+ if (resolvedComponent != null) {
+ return resolvedComponent.getClassName();
}
return null;
}
@@ -252,10 +253,10 @@
public static final ValueProvider COMPONENT_PACKAGE = new ValueProvider("component-package") {
@Override
- public String getValue(Intent intent, String resolvedType, ApplicationInfo resolvedApp) {
- ComponentName cn = intent.getComponent();
- if (cn != null) {
- return cn.getPackageName();
+ public String getValue(ComponentName resolvedComponent, Intent intent, String resolvedType,
+ ApplicationInfo resolvedApp) {
+ if (resolvedComponent != null) {
+ return resolvedComponent.getPackageName();
}
return null;
}
@@ -263,14 +264,16 @@
public static final FilterFactory ACTION = new ValueProvider("action") {
@Override
- public String getValue(Intent intent, String resolvedType, ApplicationInfo resolvedApp) {
+ public String getValue(ComponentName resolvedComponent, Intent intent, String resolvedType,
+ ApplicationInfo resolvedApp) {
return intent.getAction();
}
};
public static final ValueProvider DATA = new ValueProvider("data") {
@Override
- public String getValue(Intent intent, String resolvedType, ApplicationInfo resolvedApp) {
+ public String getValue(ComponentName resolvedComponent, Intent intent, String resolvedType,
+ ApplicationInfo resolvedApp) {
Uri data = intent.getData();
if (data != null) {
return data.toString();
@@ -281,14 +284,16 @@
public static final ValueProvider MIME_TYPE = new ValueProvider("mime-type") {
@Override
- public String getValue(Intent intent, String resolvedType, ApplicationInfo resolvedApp) {
+ public String getValue(ComponentName resolvedComponent, Intent intent, String resolvedType,
+ ApplicationInfo resolvedApp) {
return resolvedType;
}
};
public static final ValueProvider SCHEME = new ValueProvider("scheme") {
@Override
- public String getValue(Intent intent, String resolvedType, ApplicationInfo resolvedApp) {
+ public String getValue(ComponentName resolvedComponent, Intent intent, String resolvedType,
+ ApplicationInfo resolvedApp) {
Uri data = intent.getData();
if (data != null) {
return data.getScheme();
@@ -299,7 +304,8 @@
public static final ValueProvider SSP = new ValueProvider("scheme-specific-part") {
@Override
- public String getValue(Intent intent, String resolvedType, ApplicationInfo resolvedApp) {
+ public String getValue(ComponentName resolvedComponent, Intent intent, String resolvedType,
+ ApplicationInfo resolvedApp) {
Uri data = intent.getData();
if (data != null) {
return data.getSchemeSpecificPart();
@@ -310,7 +316,8 @@
public static final ValueProvider HOST = new ValueProvider("host") {
@Override
- public String getValue(Intent intent, String resolvedType, ApplicationInfo resolvedApp) {
+ public String getValue(ComponentName resolvedComponent, Intent intent, String resolvedType,
+ ApplicationInfo resolvedApp) {
Uri data = intent.getData();
if (data != null) {
return data.getHost();
@@ -321,7 +328,8 @@
public static final ValueProvider PATH = new ValueProvider("path") {
@Override
- public String getValue(Intent intent, String resolvedType, ApplicationInfo resolvedApp) {
+ public String getValue(ComponentName resolvedComponent, Intent intent, String resolvedType,
+ ApplicationInfo resolvedApp) {
Uri data = intent.getData();
if (data != null) {
return data.getPath();