Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / b802ea19e9a48455f87e0ccac1c27bda58f2c939 / . / services / core / java / com / android / server / firewall / IntentFirewall.java
blob: 376a864e7772683ad64477ba0cb2f5475acb946a [file] [log] [blame]
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]1/*
2 * Copyright (C) 2013 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server.firewall;
18
Ben Gruver8be8df22013-04-05 19:21:19 -0700[diff] [blame]19import android.app.AppGlobals;
20import android.content.ComponentName;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]21import android.content.Intent;
22import android.content.IntentFilter;
Ben Gruverb6223792013-07-29 16:35:40 -0700[diff] [blame]23import android.content.pm.ApplicationInfo;
Ben Gruver8be8df22013-04-05 19:21:19 -0700[diff] [blame]24import android.content.pm.IPackageManager;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]25import android.content.pm.PackageManager;
26import android.os.Environment;
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]27import android.os.FileObserver;
28import android.os.Handler;
Jeff Brown6f357d32014-01-15 20:40:55 -0800[diff] [blame]29import android.os.Looper;
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]30import android.os.Message;
Ben Gruver8be8df22013-04-05 19:21:19 -0700[diff] [blame]31import android.os.RemoteException;
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]32import android.util.ArrayMap;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]33import android.util.Slog;
34import android.util.Xml;
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]35import com.android.internal.util.ArrayUtils;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]36import com.android.internal.util.XmlUtils;
Ben Gruver8be8df22013-04-05 19:21:19 -0700[diff] [blame]37import com.android.server.EventLogTags;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]38import com.android.server.IntentResolver;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]39import org.xmlpull.v1.XmlPullParser;
40import org.xmlpull.v1.XmlPullParserException;
41
42import java.io.File;
43import java.io.FileInputStream;
44import java.io.FileNotFoundException;
45import java.io.IOException;
46import java.util.ArrayList;
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]47import java.util.Arrays;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]48import java.util.HashMap;
49import java.util.List;
50
51public class IntentFirewall {
Ben Gruverdd72c9e2013-08-06 12:34:17 -0700[diff] [blame]52 static final String TAG = "IntentFirewall";
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]53
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]54 // e.g. /data/system/ifw or /data/secure/system/ifw
Jeff Sharkey8212ae02016-02-10 14:46:43 -0700[diff] [blame]55 private static final File RULES_DIR = new File(Environment.getDataSystemDirectory(), "ifw");
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]56
Ben Gruver8be8df22013-04-05 19:21:19 -0700[diff] [blame]57 private static final int LOG_PACKAGES_MAX_LENGTH = 150;
58 private static final int LOG_PACKAGES_SUFFICIENT_LENGTH = 125;
59
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]60 private static final String TAG_RULES = "rules";
61 private static final String TAG_ACTIVITY = "activity";
62 private static final String TAG_SERVICE = "service";
63 private static final String TAG_BROADCAST = "broadcast";
64
Ben Gruver8be8df22013-04-05 19:21:19 -0700[diff] [blame]65 private static final int TYPE_ACTIVITY = 0;
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]66 private static final int TYPE_BROADCAST = 1;
67 private static final int TYPE_SERVICE = 2;
Ben Gruver8be8df22013-04-05 19:21:19 -0700[diff] [blame]68
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]69 private static final HashMap<String, FilterFactory> factoryMap;
70
71 private final AMSInterface mAms;
72
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]73 private final RuleObserver mObserver;
74
75 private FirewallIntentResolver mActivityResolver = new FirewallIntentResolver();
76 private FirewallIntentResolver mBroadcastResolver = new FirewallIntentResolver();
77 private FirewallIntentResolver mServiceResolver = new FirewallIntentResolver();
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]78
79 static {
80 FilterFactory[] factories = new FilterFactory[] {
81 AndFilter.FACTORY,
82 OrFilter.FACTORY,
83 NotFilter.FACTORY,
84
85 StringFilter.ACTION,
86 StringFilter.COMPONENT,
87 StringFilter.COMPONENT_NAME,
88 StringFilter.COMPONENT_PACKAGE,
89 StringFilter.DATA,
90 StringFilter.HOST,
91 StringFilter.MIME_TYPE,
Ben Gruver57e76b42013-07-31 15:41:24 -0700[diff] [blame]92 StringFilter.SCHEME,
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]93 StringFilter.PATH,
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]94 StringFilter.SSP,
95
96 CategoryFilter.FACTORY,
97 SenderFilter.FACTORY,
Ben Gruverb2340f32014-02-11 16:37:07 -0800[diff] [blame]98 SenderPackageFilter.FACTORY,
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]99 SenderPermissionFilter.FACTORY,
100 PortFilter.FACTORY
101 };
102
103 // load factor ~= .75
104 factoryMap = new HashMap<String, FilterFactory>(factories.length * 4 / 3);
105 for (int i=0; i<factories.length; i++) {
106 FilterFactory factory = factories[i];
107 factoryMap.put(factory.getTagName(), factory);
108 }
109 }
110
Jeff Brown6f357d32014-01-15 20:40:55 -0800[diff] [blame]111 public IntentFirewall(AMSInterface ams, Handler handler) {
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]112 mAms = ams;
Jeff Brown6f357d32014-01-15 20:40:55 -0800[diff] [blame]113 mHandler = new FirewallHandler(handler.getLooper());
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]114 File rulesDir = getRulesDir();
115 rulesDir.mkdirs();
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]116
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]117 readRulesDir(rulesDir);
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]118
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]119 mObserver = new RuleObserver(rulesDir);
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]120 mObserver.startWatching();
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]121 }
122
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]123 /**
124 * This is called from ActivityManager to check if a start activity intent should be allowed.
125 * It is assumed the caller is already holding the global ActivityManagerService lock.
126 */
Ben Gruverdd72c9e2013-08-06 12:34:17 -0700[diff] [blame]127 public boolean checkStartActivity(Intent intent, int callerUid, int callerPid,
Ben Gruverb6223792013-07-29 16:35:40 -0700[diff] [blame]128 String resolvedType, ApplicationInfo resolvedApp) {
Ben Gruverf5323fe2013-07-31 15:09:51 -0700[diff] [blame]129 return checkIntent(mActivityResolver, intent.getComponent(), TYPE_ACTIVITY, intent,
Ben Gruver49660c72013-08-06 19:54:08 -0700[diff] [blame]130 callerUid, callerPid, resolvedType, resolvedApp.uid);
Ben Gruverb6223792013-07-29 16:35:40 -0700[diff] [blame]131 }
132
Ben Gruverf5323fe2013-07-31 15:09:51 -0700[diff] [blame]133 public boolean checkService(ComponentName resolvedService, Intent intent, int callerUid,
134 int callerPid, String resolvedType, ApplicationInfo resolvedApp) {
135 return checkIntent(mServiceResolver, resolvedService, TYPE_SERVICE, intent, callerUid,
Ben Gruver49660c72013-08-06 19:54:08 -0700[diff] [blame]136 callerPid, resolvedType, resolvedApp.uid);
137 }
138
139 public boolean checkBroadcast(Intent intent, int callerUid, int callerPid,
140 String resolvedType, int receivingUid) {
141 return checkIntent(mBroadcastResolver, intent.getComponent(), TYPE_BROADCAST, intent,
142 callerUid, callerPid, resolvedType, receivingUid);
Ben Gruverf5323fe2013-07-31 15:09:51 -0700[diff] [blame]143 }
144
145 public boolean checkIntent(FirewallIntentResolver resolver, ComponentName resolvedComponent,
146 int intentType, Intent intent, int callerUid, int callerPid, String resolvedType,
Ben Gruver49660c72013-08-06 19:54:08 -0700[diff] [blame]147 int receivingUid) {
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]148 boolean log = false;
149 boolean block = false;
150
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]151 // For the first pass, find all the rules that have at least one intent-filter or
152 // component-filter that matches this intent
153 List<Rule> candidateRules;
Todd Kennedybe0b8892017-02-15 14:13:52 -0800[diff] [blame]154 candidateRules = resolver.queryIntent(intent, resolvedType, false /*defaultOnly*/, 0);
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]155 if (candidateRules == null) {
156 candidateRules = new ArrayList<Rule>();
157 }
158 resolver.queryByComponent(resolvedComponent, candidateRules);
159
160 // For the second pass, try to match the potentially more specific conditions in each
161 // rule against the intent
162 for (int i=0; i<candidateRules.size(); i++) {
163 Rule rule = candidateRules.get(i);
Ben Gruverf5323fe2013-07-31 15:09:51 -0700[diff] [blame]164 if (rule.matches(this, resolvedComponent, intent, callerUid, callerPid, resolvedType,
Ben Gruver49660c72013-08-06 19:54:08 -0700[diff] [blame]165 receivingUid)) {
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]166 block |= rule.getBlock();
167 log |= rule.getLog();
168
169 // if we've already determined that we should both block and log, there's no need
170 // to continue trying rules
171 if (block && log) {
172 break;
173 }
174 }
175 }
176
177 if (log) {
Ben Gruverb6223792013-07-29 16:35:40 -0700[diff] [blame]178 logIntent(intentType, intent, callerUid, resolvedType);
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]179 }
180
181 return !block;
182 }
183
Ben Gruver8be8df22013-04-05 19:21:19 -0700[diff] [blame]184 private static void logIntent(int intentType, Intent intent, int callerUid,
185 String resolvedType) {
186 // The component shouldn't be null, but let's double check just to be safe
187 ComponentName cn = intent.getComponent();
188 String shortComponent = null;
189 if (cn != null) {
190 shortComponent = cn.flattenToShortString();
191 }
192
193 String callerPackages = null;
194 int callerPackageCount = 0;
195 IPackageManager pm = AppGlobals.getPackageManager();
196 if (pm != null) {
197 try {
198 String[] callerPackagesArray = pm.getPackagesForUid(callerUid);
199 if (callerPackagesArray != null) {
200 callerPackageCount = callerPackagesArray.length;
201 callerPackages = joinPackages(callerPackagesArray);
202 }
203 } catch (RemoteException ex) {
204 Slog.e(TAG, "Remote exception while retrieving packages", ex);
205 }
206 }
207
208 EventLogTags.writeIfwIntentMatched(intentType, shortComponent, callerUid,
209 callerPackageCount, callerPackages, intent.getAction(), resolvedType,
210 intent.getDataString(), intent.getFlags());
211 }
212
213 /**
214 * Joins a list of package names such that the resulting string is no more than
215 * LOG_PACKAGES_MAX_LENGTH.
216 *
217 * Only full package names will be added to the result, unless every package is longer than the
218 * limit, in which case one of the packages will be truncated and added. In this case, an
219 * additional '-' character will be added to the end of the string, to denote the truncation.
220 *
221 * If it encounters a package that won't fit in the remaining space, it will continue on to the
222 * next package, unless the total length of the built string so far is greater than
223 * LOG_PACKAGES_SUFFICIENT_LENGTH, in which case it will stop and return what it has.
224 */
225 private static String joinPackages(String[] packages) {
226 boolean first = true;
227 StringBuilder sb = new StringBuilder();
228 for (int i=0; i<packages.length; i++) {
229 String pkg = packages[i];
230
231 // + 1 length for the comma. This logic technically isn't correct for the first entry,
232 // but it's not critical.
233 if (sb.length() + pkg.length() + 1 < LOG_PACKAGES_MAX_LENGTH) {
234 if (!first) {
235 sb.append(',');
236 } else {
237 first = false;
238 }
239 sb.append(pkg);
240 } else if (sb.length() >= LOG_PACKAGES_SUFFICIENT_LENGTH) {
241 return sb.toString();
242 }
243 }
244 if (sb.length() == 0 && packages.length > 0) {
245 String pkg = packages[0];
246 // truncating from the end - the last part of the package name is more likely to be
247 // interesting/unique
248 return pkg.substring(pkg.length() - LOG_PACKAGES_MAX_LENGTH + 1) + '-';
249 }
250 return null;
251 }
252
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]253 public static File getRulesDir() {
254 return RULES_DIR;
Ben Gruver633dc9b2013-04-04 12:05:49 -0700[diff] [blame]255 }
256
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]257 /**
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]258 * Reads rules from all xml files (*.xml) in the given directory, and replaces our set of rules
259 * with the newly read rules.
260 *
261 * We only check for files ending in ".xml", to allow for temporary files that are atomically
262 * renamed to .xml
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]263 *
264 * All calls to this method from the file observer come through a handler and are inherently
265 * serialized
266 */
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]267 private void readRulesDir(File rulesDir) {
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]268 FirewallIntentResolver[] resolvers = new FirewallIntentResolver[3];
269 for (int i=0; i<resolvers.length; i++) {
270 resolvers[i] = new FirewallIntentResolver();
271 }
272
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]273 File[] files = rulesDir.listFiles();
Ben Gruver248688a2013-09-30 17:03:34 -0700[diff] [blame]274 if (files != null) {
275 for (int i=0; i<files.length; i++) {
276 File file = files[i];
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]277
Ben Gruver248688a2013-09-30 17:03:34 -0700[diff] [blame]278 if (file.getName().endsWith(".xml")) {
279 readRules(file, resolvers);
280 }
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]281 }
282 }
283
284 Slog.i(TAG, "Read new rules (A:" + resolvers[TYPE_ACTIVITY].filterSet().size() +
285 " B:" + resolvers[TYPE_BROADCAST].filterSet().size() +
286 " S:" + resolvers[TYPE_SERVICE].filterSet().size() + ")");
287
288 synchronized (mAms.getAMSLock()) {
289 mActivityResolver = resolvers[TYPE_ACTIVITY];
290 mBroadcastResolver = resolvers[TYPE_BROADCAST];
291 mServiceResolver = resolvers[TYPE_SERVICE];
292 }
293 }
294
295 /**
296 * Reads rules from the given file and add them to the given resolvers
297 */
298 private void readRules(File rulesFile, FirewallIntentResolver[] resolvers) {
299 // some temporary lists to hold the rules while we parse the xml file, so that we can
300 // add the rules all at once, after we know there weren't any major structural problems
301 // with the xml file
302 List<List<Rule>> rulesByType = new ArrayList<List<Rule>>(3);
303 for (int i=0; i<3; i++) {
304 rulesByType.add(new ArrayList<Rule>());
305 }
306
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]307 FileInputStream fis;
308 try {
309 fis = new FileInputStream(rulesFile);
310 } catch (FileNotFoundException ex) {
311 // Nope, no rules. Nothing else to do!
312 return;
313 }
314
315 try {
316 XmlPullParser parser = Xml.newPullParser();
317
318 parser.setInput(fis, null);
319
320 XmlUtils.beginDocument(parser, TAG_RULES);
321
322 int outerDepth = parser.getDepth();
323 while (XmlUtils.nextElementWithin(parser, outerDepth)) {
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]324 int ruleType = -1;
325
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]326 String tagName = parser.getName();
327 if (tagName.equals(TAG_ACTIVITY)) {
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]328 ruleType = TYPE_ACTIVITY;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]329 } else if (tagName.equals(TAG_BROADCAST)) {
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]330 ruleType = TYPE_BROADCAST;
331 } else if (tagName.equals(TAG_SERVICE)) {
332 ruleType = TYPE_SERVICE;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]333 }
334
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]335 if (ruleType != -1) {
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]336 Rule rule = new Rule();
337
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]338 List<Rule> rules = rulesByType.get(ruleType);
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]339
340 // if we get an error while parsing a particular rule, we'll just ignore
341 // that rule and continue on with the next rule
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]342 try {
343 rule.readFromXml(parser);
344 } catch (XmlPullParserException ex) {
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]345 Slog.e(TAG, "Error reading an intent firewall rule from " + rulesFile, ex);
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]346 continue;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]347 }
348
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]349 rules.add(rule);
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]350 }
351 }
352 } catch (XmlPullParserException ex) {
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]353 // if there was an error outside of a specific rule, then there are probably
354 // structural problems with the xml file, and we should completely ignore it
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]355 Slog.e(TAG, "Error reading intent firewall rules from " + rulesFile, ex);
356 return;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]357 } catch (IOException ex) {
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]358 Slog.e(TAG, "Error reading intent firewall rules from " + rulesFile, ex);
359 return;
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]360 } finally {
361 try {
362 fis.close();
363 } catch (IOException ex) {
364 Slog.e(TAG, "Error while closing " + rulesFile, ex);
365 }
366 }
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]367
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]368 for (int ruleType=0; ruleType<rulesByType.size(); ruleType++) {
369 List<Rule> rules = rulesByType.get(ruleType);
370 FirewallIntentResolver resolver = resolvers[ruleType];
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]371
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]372 for (int ruleIndex=0; ruleIndex<rules.size(); ruleIndex++) {
373 Rule rule = rules.get(ruleIndex);
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]374 for (int i=0; i<rule.getIntentFilterCount(); i++) {
375 resolver.addFilter(rule.getIntentFilter(i));
376 }
377 for (int i=0; i<rule.getComponentFilterCount(); i++) {
378 resolver.addComponentFilter(rule.getComponentFilter(i), rule);
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]379 }
380 }
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]381 }
382 }
383
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]384 static Filter parseFilter(XmlPullParser parser) throws IOException, XmlPullParserException {
385 String elementName = parser.getName();
386
387 FilterFactory factory = factoryMap.get(elementName);
388
389 if (factory == null) {
390 throw new XmlPullParserException("Unknown element in filter list: " + elementName);
391 }
392 return factory.newFilter(parser);
393 }
394
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]395 /**
396 * Represents a single activity/service/broadcast rule within one of the xml files.
397 *
398 * Rules are matched against an incoming intent in two phases. The goal of the first phase
399 * is to select a subset of rules that might match a given intent.
400 *
401 * For the first phase, we use a combination of intent filters (via an IntentResolver)
402 * and component filters to select which rules to check. If a rule has multiple intent or
403 * component filters, only a single filter must match for the rule to be passed on to the
404 * second phase.
405 *
406 * In the second phase, we check the specific conditions in each rule against the values in the
407 * intent. All top level conditions (but not filters) in the rule must match for the rule as a
408 * whole to match.
409 *
410 * If the rule matches, then we block or log the intent, as specified by the rule. If multiple
411 * rules match, we combine the block/log flags from any matching rule.
412 */
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]413 private static class Rule extends AndFilter {
414 private static final String TAG_INTENT_FILTER = "intent-filter";
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]415 private static final String TAG_COMPONENT_FILTER = "component-filter";
416 private static final String ATTR_NAME = "name";
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]417
418 private static final String ATTR_BLOCK = "block";
419 private static final String ATTR_LOG = "log";
420
421 private final ArrayList<FirewallIntentFilter> mIntentFilters =
422 new ArrayList<FirewallIntentFilter>(1);
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]423 private final ArrayList<ComponentName> mComponentFilters = new ArrayList<ComponentName>(0);
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]424 private boolean block;
425 private boolean log;
426
427 @Override
428 public Rule readFromXml(XmlPullParser parser) throws IOException, XmlPullParserException {
429 block = Boolean.parseBoolean(parser.getAttributeValue(null, ATTR_BLOCK));
430 log = Boolean.parseBoolean(parser.getAttributeValue(null, ATTR_LOG));
431
432 super.readFromXml(parser);
433 return this;
434 }
435
436 @Override
437 protected void readChild(XmlPullParser parser) throws IOException, XmlPullParserException {
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]438 String currentTag = parser.getName();
439
440 if (currentTag.equals(TAG_INTENT_FILTER)) {
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]441 FirewallIntentFilter intentFilter = new FirewallIntentFilter(this);
442 intentFilter.readFromXml(parser);
443 mIntentFilters.add(intentFilter);
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]444 } else if (currentTag.equals(TAG_COMPONENT_FILTER)) {
445 String componentStr = parser.getAttributeValue(null, ATTR_NAME);
446 if (componentStr == null) {
447 throw new XmlPullParserException("Component name must be specified.",
448 parser, null);
449 }
450
451 ComponentName componentName = ComponentName.unflattenFromString(componentStr);
452 if (componentName == null) {
453 throw new XmlPullParserException("Invalid component name: " + componentStr);
454 }
455
456 mComponentFilters.add(componentName);
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]457 } else {
458 super.readChild(parser);
459 }
460 }
461
462 public int getIntentFilterCount() {
463 return mIntentFilters.size();
464 }
465
466 public FirewallIntentFilter getIntentFilter(int index) {
467 return mIntentFilters.get(index);
468 }
469
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]470 public int getComponentFilterCount() {
471 return mComponentFilters.size();
472 }
473
474 public ComponentName getComponentFilter(int index) {
475 return mComponentFilters.get(index);
476 }
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]477 public boolean getBlock() {
478 return block;
479 }
480
481 public boolean getLog() {
482 return log;
483 }
484 }
485
486 private static class FirewallIntentFilter extends IntentFilter {
487 private final Rule rule;
488
489 public FirewallIntentFilter(Rule rule) {
490 this.rule = rule;
491 }
492 }
493
494 private static class FirewallIntentResolver
495 extends IntentResolver<FirewallIntentFilter, Rule> {
496 @Override
497 protected boolean allowFilterResult(FirewallIntentFilter filter, List<Rule> dest) {
498 return !dest.contains(filter.rule);
499 }
500
501 @Override
502 protected boolean isPackageForFilter(String packageName, FirewallIntentFilter filter) {
503 return true;
504 }
505
506 @Override
507 protected FirewallIntentFilter[] newArray(int size) {
508 return new FirewallIntentFilter[size];
509 }
510
511 @Override
512 protected Rule newResult(FirewallIntentFilter filter, int match, int userId) {
513 return filter.rule;
514 }
515
516 @Override
517 protected void sortResults(List<Rule> results) {
518 // there's no need to sort the results
519 return;
520 }
Ben Gruverf157b482013-08-06 15:57:01 -0700[diff] [blame]521
522 public void queryByComponent(ComponentName componentName, List<Rule> candidateRules) {
523 Rule[] rules = mRulesByComponent.get(componentName);
524 if (rules != null) {
525 candidateRules.addAll(Arrays.asList(rules));
526 }
527 }
528
529 public void addComponentFilter(ComponentName componentName, Rule rule) {
530 Rule[] rules = mRulesByComponent.get(componentName);
531 rules = ArrayUtils.appendElement(Rule.class, rules, rule);
532 mRulesByComponent.put(componentName, rules);
533 }
534
535 private final ArrayMap<ComponentName, Rule[]> mRulesByComponent =
536 new ArrayMap<ComponentName, Rule[]>(0);
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]537 }
538
Jeff Brown6f357d32014-01-15 20:40:55 -0800[diff] [blame]539 final FirewallHandler mHandler;
540
541 private final class FirewallHandler extends Handler {
542 public FirewallHandler(Looper looper) {
543 super(looper, null, true);
544 }
545
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]546 @Override
547 public void handleMessage(Message msg) {
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]548 readRulesDir(getRulesDir());
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]549 }
550 };
551
552 /**
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]553 * Monitors for the creation/deletion/modification of any .xml files in the rule directory
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]554 */
555 private class RuleObserver extends FileObserver {
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]556 private static final int MONITORED_EVENTS = FileObserver.CREATE|FileObserver.MOVED_TO|
557 FileObserver.CLOSE_WRITE|FileObserver.DELETE|FileObserver.MOVED_FROM;
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]558
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]559 public RuleObserver(File monitoredDir) {
560 super(monitoredDir.getAbsolutePath(), MONITORED_EVENTS);
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]561 }
562
563 @Override
564 public void onEvent(int event, String path) {
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]565 if (path.endsWith(".xml")) {
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]566 // we wait 250ms before taking any action on an event, in order to dedup multiple
567 // events. E.g. a delete event followed by a create event followed by a subsequent
Ben Gruverb7c1a172013-07-23 15:05:28 -0700[diff] [blame]568 // write+close event
569 mHandler.removeMessages(0);
570 mHandler.sendEmptyMessageDelayed(0, 250);
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]571 }
572 }
573 }
574
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]575 /**
576 * This interface contains the methods we need from ActivityManagerService. This allows AMS to
577 * export these methods to us without making them public, and also makes it easier to test this
578 * component.
579 */
580 public interface AMSInterface {
581 int checkComponentPermission(String permission, int pid, int uid,
582 int owningUid, boolean exported);
Ben Gruvera4879c32013-04-08 14:27:37 -0700[diff] [blame]583 Object getAMSLock();
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]584 }
585
586 /**
587 * Checks if the caller has access to a component
588 *
589 * @param permission If present, the caller must have this permission
590 * @param pid The pid of the caller
591 * @param uid The uid of the caller
592 * @param owningUid The uid of the application that owns the component
593 * @param exported Whether the component is exported
594 * @return True if the caller can access the described component
595 */
596 boolean checkComponentPermission(String permission, int pid, int uid, int owningUid,
597 boolean exported) {
598 return mAms.checkComponentPermission(permission, pid, uid, owningUid, exported) ==
599 PackageManager.PERMISSION_GRANTED;
600 }
601
602 boolean signaturesMatch(int uid1, int uid2) {
Ben Gruver8be8df22013-04-05 19:21:19 -0700[diff] [blame]603 try {
604 IPackageManager pm = AppGlobals.getPackageManager();
605 return pm.checkUidSignatures(uid1, uid2) == PackageManager.SIGNATURE_MATCH;
606 } catch (RemoteException ex) {
607 Slog.e(TAG, "Remote exception while checking signatures", ex);
608 return false;
609 }
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]610 }
Ben Gruverdd72c9e2013-08-06 12:34:17 -0700[diff] [blame]611
Ben Gruver4efe9402013-04-02 21:18:41 -0700[diff] [blame]612}