Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2018 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License |
| 15 | */ |
| 16 | |
| 17 | package com.android.server.uri; |
| 18 | |
| 19 | import static android.Manifest.permission.CLEAR_APP_GRANTED_URI_PERMISSIONS; |
| 20 | import static android.Manifest.permission.FORCE_PERSISTABLE_URI_PERMISSIONS; |
| 21 | import static android.Manifest.permission.GET_APP_GRANTED_URI_PERMISSIONS; |
| 22 | import static android.Manifest.permission.INTERACT_ACROSS_USERS; |
| 23 | import static android.app.ActivityManagerInternal.ALLOW_FULL_ONLY; |
Jeff Sharkey | 51a14c0 | 2020-05-06 14:15:44 -0600 | [diff] [blame] | 24 | import static android.content.Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION; |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 25 | import static android.content.Intent.FLAG_GRANT_PREFIX_URI_PERMISSION; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 26 | import static android.content.pm.PackageManager.MATCH_ANY_USER; |
| 27 | import static android.content.pm.PackageManager.MATCH_DEBUG_TRIAGED_MISSING; |
| 28 | import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_AWARE; |
| 29 | import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_UNAWARE; |
| 30 | import static android.content.pm.PackageManager.MATCH_UNINSTALLED_PACKAGES; |
| 31 | import static android.content.pm.PackageManager.PERMISSION_GRANTED; |
| 32 | import static android.os.Process.ROOT_UID; |
| 33 | import static android.os.Process.SYSTEM_UID; |
| 34 | import static android.os.Process.myUid; |
Felipe Leme | cf02e8a | 2018-08-10 16:48:21 -0700 | [diff] [blame] | 35 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 36 | import static com.android.internal.util.XmlUtils.readBooleanAttribute; |
| 37 | import static com.android.internal.util.XmlUtils.readIntAttribute; |
| 38 | import static com.android.internal.util.XmlUtils.readLongAttribute; |
| 39 | import static com.android.internal.util.XmlUtils.writeBooleanAttribute; |
| 40 | import static com.android.internal.util.XmlUtils.writeIntAttribute; |
| 41 | import static com.android.internal.util.XmlUtils.writeLongAttribute; |
| 42 | import static com.android.server.uri.UriGrantsManagerService.H.PERSIST_URI_GRANTS_MSG; |
Felipe Leme | cf02e8a | 2018-08-10 16:48:21 -0700 | [diff] [blame] | 43 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 44 | import static org.xmlpull.v1.XmlPullParser.END_DOCUMENT; |
| 45 | import static org.xmlpull.v1.XmlPullParser.START_TAG; |
| 46 | |
| 47 | import android.annotation.Nullable; |
| 48 | import android.app.ActivityManager; |
| 49 | import android.app.ActivityManagerInternal; |
| 50 | import android.app.AppGlobals; |
| 51 | import android.app.GrantedUriPermission; |
| 52 | import android.app.IUriGrantsManager; |
| 53 | import android.content.ClipData; |
| 54 | import android.content.ContentProvider; |
| 55 | import android.content.ContentResolver; |
| 56 | import android.content.Context; |
| 57 | import android.content.Intent; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 58 | import android.content.pm.PackageManager; |
| 59 | import android.content.pm.PackageManagerInternal; |
| 60 | import android.content.pm.ParceledListSlice; |
| 61 | import android.content.pm.PathPermission; |
| 62 | import android.content.pm.ProviderInfo; |
| 63 | import android.net.Uri; |
| 64 | import android.os.Binder; |
| 65 | import android.os.Handler; |
| 66 | import android.os.IBinder; |
| 67 | import android.os.Looper; |
| 68 | import android.os.Message; |
| 69 | import android.os.RemoteException; |
| 70 | import android.os.SystemClock; |
| 71 | import android.os.UserHandle; |
| 72 | import android.provider.Downloads; |
| 73 | import android.text.format.DateUtils; |
| 74 | import android.util.ArrayMap; |
| 75 | import android.util.AtomicFile; |
| 76 | import android.util.Slog; |
| 77 | import android.util.SparseArray; |
| 78 | import android.util.Xml; |
Felipe Leme | cf02e8a | 2018-08-10 16:48:21 -0700 | [diff] [blame] | 79 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 80 | import com.android.internal.annotations.GuardedBy; |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 81 | import com.android.internal.annotations.VisibleForTesting; |
| 82 | import com.android.internal.util.ArrayUtils; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 83 | import com.android.internal.util.FastXmlSerializer; |
| 84 | import com.android.internal.util.Preconditions; |
| 85 | import com.android.server.IoThread; |
| 86 | import com.android.server.LocalServices; |
| 87 | import com.android.server.SystemService; |
| 88 | import com.android.server.SystemServiceManager; |
Felipe Leme | cf02e8a | 2018-08-10 16:48:21 -0700 | [diff] [blame] | 89 | |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 90 | import libcore.io.IoUtils; |
| 91 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 92 | import com.google.android.collect.Lists; |
| 93 | import com.google.android.collect.Maps; |
| 94 | |
| 95 | import org.xmlpull.v1.XmlPullParser; |
| 96 | import org.xmlpull.v1.XmlPullParserException; |
| 97 | import org.xmlpull.v1.XmlSerializer; |
| 98 | |
| 99 | import java.io.File; |
| 100 | import java.io.FileInputStream; |
| 101 | import java.io.FileNotFoundException; |
| 102 | import java.io.FileOutputStream; |
| 103 | import java.io.IOException; |
| 104 | import java.io.PrintWriter; |
| 105 | import java.nio.charset.StandardCharsets; |
| 106 | import java.util.ArrayList; |
| 107 | import java.util.Collections; |
| 108 | import java.util.Iterator; |
| 109 | import java.util.List; |
Daulet Zhanguzin | ee9d224 | 2020-01-02 17:19:16 +0000 | [diff] [blame] | 110 | import java.util.Objects; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 111 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 112 | /** Manages uri grants. */ |
| 113 | public class UriGrantsManagerService extends IUriGrantsManager.Stub { |
| 114 | private static final boolean DEBUG = false; |
| 115 | private static final String TAG = "UriGrantsManagerService"; |
| 116 | // Maximum number of persisted Uri grants a package is allowed |
| 117 | private static final int MAX_PERSISTED_URI_GRANTS = 128; |
Jeff Sharkey | 5dad7cd | 2020-06-10 17:17:04 -0600 | [diff] [blame] | 118 | private static final boolean ENABLE_DYNAMIC_PERMISSIONS = true; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 119 | |
| 120 | private final Object mLock = new Object(); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 121 | private final H mH; |
| 122 | ActivityManagerInternal mAmInternal; |
| 123 | PackageManagerInternal mPmInternal; |
| 124 | |
| 125 | /** File storing persisted {@link #mGrantedUriPermissions}. */ |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 126 | @GuardedBy("mLock") |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 127 | private final AtomicFile mGrantFile; |
| 128 | |
| 129 | /** XML constants used in {@link #mGrantFile} */ |
| 130 | private static final String TAG_URI_GRANTS = "uri-grants"; |
| 131 | private static final String TAG_URI_GRANT = "uri-grant"; |
| 132 | private static final String ATTR_USER_HANDLE = "userHandle"; |
| 133 | private static final String ATTR_SOURCE_USER_ID = "sourceUserId"; |
| 134 | private static final String ATTR_TARGET_USER_ID = "targetUserId"; |
| 135 | private static final String ATTR_SOURCE_PKG = "sourcePkg"; |
| 136 | private static final String ATTR_TARGET_PKG = "targetPkg"; |
| 137 | private static final String ATTR_URI = "uri"; |
| 138 | private static final String ATTR_MODE_FLAGS = "modeFlags"; |
| 139 | private static final String ATTR_CREATED_TIME = "createdTime"; |
| 140 | private static final String ATTR_PREFIX = "prefix"; |
| 141 | |
| 142 | /** |
| 143 | * Global set of specific {@link Uri} permissions that have been granted. |
| 144 | * This optimized lookup structure maps from {@link UriPermission#targetUid} |
| 145 | * to {@link UriPermission#uri} to {@link UriPermission}. |
| 146 | */ |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 147 | @GuardedBy("mLock") |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 148 | private final SparseArray<ArrayMap<GrantUri, UriPermission>> |
| 149 | mGrantedUriPermissions = new SparseArray<>(); |
| 150 | |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 151 | private UriGrantsManagerService() { |
| 152 | this(SystemServiceManager.ensureSystemDir()); |
| 153 | } |
| 154 | |
| 155 | private UriGrantsManagerService(File systemDir) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 156 | mH = new H(IoThread.get().getLooper()); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 157 | mGrantFile = new AtomicFile(new File(systemDir, "urigrants.xml"), "uri-grants"); |
| 158 | } |
| 159 | |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 160 | @VisibleForTesting |
| 161 | static UriGrantsManagerService createForTest(File systemDir) { |
| 162 | final UriGrantsManagerService service = new UriGrantsManagerService(systemDir); |
| 163 | service.mAmInternal = LocalServices.getService(ActivityManagerInternal.class); |
| 164 | service.mPmInternal = LocalServices.getService(PackageManagerInternal.class); |
| 165 | return service; |
| 166 | } |
| 167 | |
| 168 | @VisibleForTesting |
| 169 | UriGrantsManagerInternal getLocalService() { |
| 170 | return new LocalService(); |
| 171 | } |
| 172 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 173 | private void start() { |
| 174 | LocalServices.addService(UriGrantsManagerInternal.class, new LocalService()); |
| 175 | } |
| 176 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 177 | public static final class Lifecycle extends SystemService { |
| 178 | private final UriGrantsManagerService mService; |
| 179 | |
| 180 | public Lifecycle(Context context) { |
| 181 | super(context); |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 182 | mService = new UriGrantsManagerService(); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 183 | } |
| 184 | |
| 185 | @Override |
| 186 | public void onStart() { |
| 187 | publishBinderService(Context.URI_GRANTS_SERVICE, mService); |
| 188 | mService.start(); |
| 189 | } |
| 190 | |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 191 | @Override |
| 192 | public void onBootPhase(int phase) { |
| 193 | if (phase == PHASE_SYSTEM_SERVICES_READY) { |
| 194 | mService.mAmInternal = LocalServices.getService(ActivityManagerInternal.class); |
| 195 | mService.mPmInternal = LocalServices.getService(PackageManagerInternal.class); |
| 196 | } |
| 197 | } |
| 198 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 199 | public UriGrantsManagerService getService() { |
| 200 | return mService; |
| 201 | } |
| 202 | } |
| 203 | |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 204 | private int checkUidPermission(String permission, int uid) { |
| 205 | try { |
| 206 | return AppGlobals.getPackageManager().checkUidPermission(permission, uid); |
| 207 | } catch (RemoteException e) { |
| 208 | throw e.rethrowFromSystemServer(); |
| 209 | } |
| 210 | } |
| 211 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 212 | @Override |
| 213 | public void grantUriPermissionFromOwner(IBinder token, int fromUid, String targetPkg, |
| 214 | Uri uri, final int modeFlags, int sourceUserId, int targetUserId) { |
| 215 | grantUriPermissionFromOwnerUnlocked(token, fromUid, targetPkg, uri, modeFlags, sourceUserId, |
| 216 | targetUserId); |
| 217 | } |
| 218 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 219 | /** |
| 220 | * @param uri This uri must NOT contain an embedded userId. |
| 221 | * @param sourceUserId The userId in which the uri is to be resolved. |
| 222 | * @param targetUserId The userId of the app that receives the grant. |
| 223 | */ |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 224 | private void grantUriPermissionFromOwnerUnlocked(IBinder token, int fromUid, String targetPkg, |
| 225 | Uri uri, final int modeFlags, int sourceUserId, int targetUserId) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 226 | targetUserId = mAmInternal.handleIncomingUser(Binder.getCallingPid(), |
| 227 | Binder.getCallingUid(), targetUserId, false, ALLOW_FULL_ONLY, |
| 228 | "grantUriPermissionFromOwner", null); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 229 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 230 | UriPermissionOwner owner = UriPermissionOwner.fromExternalToken(token); |
| 231 | if (owner == null) { |
| 232 | throw new IllegalArgumentException("Unknown owner: " + token); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 233 | } |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 234 | if (fromUid != Binder.getCallingUid()) { |
| 235 | if (Binder.getCallingUid() != myUid()) { |
| 236 | // Only system code can grant URI permissions on behalf |
| 237 | // of other users. |
| 238 | throw new SecurityException("nice try"); |
| 239 | } |
| 240 | } |
| 241 | if (targetPkg == null) { |
| 242 | throw new IllegalArgumentException("null target"); |
| 243 | } |
| 244 | if (uri == null) { |
| 245 | throw new IllegalArgumentException("null uri"); |
| 246 | } |
| 247 | |
| 248 | grantUriPermissionUnlocked(fromUid, targetPkg, new GrantUri(sourceUserId, uri, modeFlags), |
| 249 | modeFlags, owner, targetUserId); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 250 | } |
| 251 | |
| 252 | @Override |
Sudheer Shanka | 1b817f6 | 2019-05-20 16:54:59 -0700 | [diff] [blame] | 253 | public ParceledListSlice<android.content.UriPermission> getUriPermissions( |
| 254 | String packageName, boolean incoming, boolean persistedOnly) { |
| 255 | enforceNotIsolatedCaller("getUriPermissions"); |
Daulet Zhanguzin | ee9d224 | 2020-01-02 17:19:16 +0000 | [diff] [blame] | 256 | Objects.requireNonNull(packageName, "packageName"); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 257 | |
| 258 | final int callingUid = Binder.getCallingUid(); |
| 259 | final int callingUserId = UserHandle.getUserId(callingUid); |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 260 | final PackageManagerInternal pm = LocalServices.getService(PackageManagerInternal.class); |
| 261 | final int packageUid = pm.getPackageUidInternal(packageName, |
| 262 | MATCH_DIRECT_BOOT_AWARE | MATCH_DIRECT_BOOT_UNAWARE, callingUserId); |
| 263 | if (packageUid != callingUid) { |
| 264 | throw new SecurityException( |
| 265 | "Package " + packageName + " does not belong to calling UID " + callingUid); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 266 | } |
| 267 | |
| 268 | final ArrayList<android.content.UriPermission> result = Lists.newArrayList(); |
| 269 | synchronized (mLock) { |
| 270 | if (incoming) { |
| 271 | final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.get( |
| 272 | callingUid); |
| 273 | if (perms == null) { |
| 274 | Slog.w(TAG, "No permission grants found for " + packageName); |
| 275 | } else { |
| 276 | for (int j = 0; j < perms.size(); j++) { |
| 277 | final UriPermission perm = perms.valueAt(j); |
Sudheer Shanka | 1b817f6 | 2019-05-20 16:54:59 -0700 | [diff] [blame] | 278 | if (packageName.equals(perm.targetPkg) |
| 279 | && (!persistedOnly || perm.persistedModeFlags != 0)) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 280 | result.add(perm.buildPersistedPublicApiObject()); |
| 281 | } |
| 282 | } |
| 283 | } |
| 284 | } else { |
| 285 | final int size = mGrantedUriPermissions.size(); |
| 286 | for (int i = 0; i < size; i++) { |
| 287 | final ArrayMap<GrantUri, UriPermission> perms = |
| 288 | mGrantedUriPermissions.valueAt(i); |
| 289 | for (int j = 0; j < perms.size(); j++) { |
| 290 | final UriPermission perm = perms.valueAt(j); |
Sudheer Shanka | 1b817f6 | 2019-05-20 16:54:59 -0700 | [diff] [blame] | 291 | if (packageName.equals(perm.sourcePkg) |
| 292 | && (!persistedOnly || perm.persistedModeFlags != 0)) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 293 | result.add(perm.buildPersistedPublicApiObject()); |
| 294 | } |
| 295 | } |
| 296 | } |
| 297 | } |
| 298 | } |
| 299 | return new ParceledListSlice<>(result); |
| 300 | } |
| 301 | |
| 302 | @Override |
| 303 | public ParceledListSlice<GrantedUriPermission> getGrantedUriPermissions( |
| 304 | @Nullable String packageName, int userId) { |
| 305 | mAmInternal.enforceCallingPermission( |
| 306 | GET_APP_GRANTED_URI_PERMISSIONS, "getGrantedUriPermissions"); |
| 307 | |
| 308 | final List<GrantedUriPermission> result = new ArrayList<>(); |
| 309 | synchronized (mLock) { |
| 310 | final int size = mGrantedUriPermissions.size(); |
| 311 | for (int i = 0; i < size; i++) { |
| 312 | final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.valueAt(i); |
| 313 | for (int j = 0; j < perms.size(); j++) { |
| 314 | final UriPermission perm = perms.valueAt(j); |
| 315 | if ((packageName == null || packageName.equals(perm.targetPkg)) |
| 316 | && perm.targetUserId == userId |
| 317 | && perm.persistedModeFlags != 0) { |
| 318 | result.add(perm.buildGrantedUriPermission()); |
| 319 | } |
| 320 | } |
| 321 | } |
| 322 | } |
| 323 | return new ParceledListSlice<>(result); |
| 324 | } |
| 325 | |
| 326 | /** |
| 327 | * @param uri This uri must NOT contain an embedded userId. |
| 328 | * @param toPackage Name of package whose uri is being granted to (if {@code null}, uses |
| 329 | * calling uid) |
| 330 | * @param userId The userId in which the uri is to be resolved. |
| 331 | */ |
| 332 | @Override |
| 333 | public void takePersistableUriPermission(Uri uri, final int modeFlags, |
| 334 | @Nullable String toPackage, int userId) { |
| 335 | final int uid; |
| 336 | if (toPackage != null) { |
| 337 | mAmInternal.enforceCallingPermission(FORCE_PERSISTABLE_URI_PERMISSIONS, |
| 338 | "takePersistableUriPermission"); |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 339 | uid = mPmInternal.getPackageUidInternal(toPackage, 0, userId); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 340 | } else { |
| 341 | enforceNotIsolatedCaller("takePersistableUriPermission"); |
| 342 | uid = Binder.getCallingUid(); |
| 343 | } |
| 344 | |
| 345 | Preconditions.checkFlagsArgument(modeFlags, |
| 346 | Intent.FLAG_GRANT_READ_URI_PERMISSION | Intent.FLAG_GRANT_WRITE_URI_PERMISSION); |
| 347 | |
| 348 | synchronized (mLock) { |
| 349 | boolean persistChanged = false; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 350 | |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 351 | UriPermission exactPerm = findUriPermissionLocked(uid, |
| 352 | new GrantUri(userId, uri, 0)); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 353 | UriPermission prefixPerm = findUriPermissionLocked(uid, |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 354 | new GrantUri(userId, uri, FLAG_GRANT_PREFIX_URI_PERMISSION)); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 355 | |
| 356 | final boolean exactValid = (exactPerm != null) |
| 357 | && ((modeFlags & exactPerm.persistableModeFlags) == modeFlags); |
| 358 | final boolean prefixValid = (prefixPerm != null) |
| 359 | && ((modeFlags & prefixPerm.persistableModeFlags) == modeFlags); |
| 360 | |
| 361 | if (!(exactValid || prefixValid)) { |
| 362 | throw new SecurityException("No persistable permission grants found for UID " |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 363 | + uid + " and Uri " + uri.toSafeString()); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 364 | } |
| 365 | |
| 366 | if (exactValid) { |
| 367 | persistChanged |= exactPerm.takePersistableModes(modeFlags); |
| 368 | } |
| 369 | if (prefixValid) { |
| 370 | persistChanged |= prefixPerm.takePersistableModes(modeFlags); |
| 371 | } |
| 372 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 373 | persistChanged |= maybePrunePersistedUriGrantsLocked(uid); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 374 | |
| 375 | if (persistChanged) { |
| 376 | schedulePersistUriGrants(); |
| 377 | } |
| 378 | } |
| 379 | } |
| 380 | |
| 381 | @Override |
| 382 | public void clearGrantedUriPermissions(String packageName, int userId) { |
| 383 | mAmInternal.enforceCallingPermission( |
| 384 | CLEAR_APP_GRANTED_URI_PERMISSIONS, "clearGrantedUriPermissions"); |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 385 | synchronized (mLock) { |
| 386 | removeUriPermissionsForPackageLocked(packageName, userId, true, true); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 387 | } |
| 388 | } |
| 389 | |
| 390 | /** |
| 391 | * @param uri This uri must NOT contain an embedded userId. |
| 392 | * @param toPackage Name of the target package whose uri is being released (if {@code null}, |
| 393 | * uses calling uid) |
| 394 | * @param userId The userId in which the uri is to be resolved. |
| 395 | */ |
| 396 | @Override |
| 397 | public void releasePersistableUriPermission(Uri uri, final int modeFlags, |
| 398 | @Nullable String toPackage, int userId) { |
| 399 | |
| 400 | final int uid; |
| 401 | if (toPackage != null) { |
| 402 | mAmInternal.enforceCallingPermission(FORCE_PERSISTABLE_URI_PERMISSIONS, |
| 403 | "releasePersistableUriPermission"); |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 404 | uid = mPmInternal.getPackageUidInternal(toPackage, 0, userId); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 405 | } else { |
| 406 | enforceNotIsolatedCaller("releasePersistableUriPermission"); |
| 407 | uid = Binder.getCallingUid(); |
| 408 | } |
| 409 | |
| 410 | Preconditions.checkFlagsArgument(modeFlags, |
| 411 | Intent.FLAG_GRANT_READ_URI_PERMISSION | Intent.FLAG_GRANT_WRITE_URI_PERMISSION); |
| 412 | |
| 413 | synchronized (mLock) { |
| 414 | boolean persistChanged = false; |
| 415 | |
| 416 | UriPermission exactPerm = findUriPermissionLocked(uid, |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 417 | new GrantUri(userId, uri, 0)); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 418 | UriPermission prefixPerm = findUriPermissionLocked(uid, |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 419 | new GrantUri(userId, uri, FLAG_GRANT_PREFIX_URI_PERMISSION)); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 420 | if (exactPerm == null && prefixPerm == null && toPackage == null) { |
| 421 | throw new SecurityException("No permission grants found for UID " + uid |
| 422 | + " and Uri " + uri.toSafeString()); |
| 423 | } |
| 424 | |
| 425 | if (exactPerm != null) { |
| 426 | persistChanged |= exactPerm.releasePersistableModes(modeFlags); |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 427 | removeUriPermissionIfNeededLocked(exactPerm); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 428 | } |
| 429 | if (prefixPerm != null) { |
| 430 | persistChanged |= prefixPerm.releasePersistableModes(modeFlags); |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 431 | removeUriPermissionIfNeededLocked(prefixPerm); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 432 | } |
| 433 | |
| 434 | if (persistChanged) { |
| 435 | schedulePersistUriGrants(); |
| 436 | } |
| 437 | } |
| 438 | } |
| 439 | |
| 440 | /** |
| 441 | * Remove any {@link UriPermission} granted <em>from</em> or <em>to</em> the |
| 442 | * given package. |
| 443 | * |
| 444 | * @param packageName Package name to match, or {@code null} to apply to all |
| 445 | * packages. |
| 446 | * @param userHandle User to match, or {@link UserHandle#USER_ALL} to apply |
| 447 | * to all users. |
| 448 | * @param persistable If persistable grants should be removed. |
| 449 | * @param targetOnly When {@code true}, only remove permissions where the app is the target, |
| 450 | * not source. |
| 451 | */ |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 452 | @GuardedBy("mLock") |
| 453 | private void removeUriPermissionsForPackageLocked(String packageName, int userHandle, |
| 454 | boolean persistable, boolean targetOnly) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 455 | if (userHandle == UserHandle.USER_ALL && packageName == null) { |
| 456 | throw new IllegalArgumentException("Must narrow by either package or user"); |
| 457 | } |
| 458 | |
| 459 | boolean persistChanged = false; |
| 460 | |
| 461 | int N = mGrantedUriPermissions.size(); |
| 462 | for (int i = 0; i < N; i++) { |
| 463 | final int targetUid = mGrantedUriPermissions.keyAt(i); |
| 464 | final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.valueAt(i); |
| 465 | |
| 466 | // Only inspect grants matching user |
| 467 | if (userHandle == UserHandle.USER_ALL |
| 468 | || userHandle == UserHandle.getUserId(targetUid)) { |
| 469 | for (Iterator<UriPermission> it = perms.values().iterator(); it.hasNext();) { |
| 470 | final UriPermission perm = it.next(); |
| 471 | |
| 472 | // Only inspect grants matching package |
| 473 | if (packageName == null || (!targetOnly && perm.sourcePkg.equals(packageName)) |
| 474 | || perm.targetPkg.equals(packageName)) { |
| 475 | // Hacky solution as part of fixing a security bug; ignore |
| 476 | // grants associated with DownloadManager so we don't have |
| 477 | // to immediately launch it to regrant the permissions |
| 478 | if (Downloads.Impl.AUTHORITY.equals(perm.uri.uri.getAuthority()) |
| 479 | && !persistable) continue; |
| 480 | |
| 481 | persistChanged |= perm.revokeModes(persistable |
| 482 | ? ~0 : ~Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION, true); |
| 483 | |
| 484 | // Only remove when no modes remain; any persisted grants |
| 485 | // will keep this alive. |
| 486 | if (perm.modeFlags == 0) { |
| 487 | it.remove(); |
| 488 | } |
| 489 | } |
| 490 | } |
| 491 | |
| 492 | if (perms.isEmpty()) { |
| 493 | mGrantedUriPermissions.remove(targetUid); |
| 494 | N--; |
| 495 | i--; |
| 496 | } |
| 497 | } |
| 498 | } |
| 499 | |
| 500 | if (persistChanged) { |
| 501 | schedulePersistUriGrants(); |
| 502 | } |
| 503 | } |
| 504 | |
| 505 | /** Returns if the ContentProvider has granted a uri to callingUid */ |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 506 | @GuardedBy("mLock") |
| 507 | private boolean checkAuthorityGrantsLocked(int callingUid, ProviderInfo cpi, int userId, |
| 508 | boolean checkUser) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 509 | final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.get(callingUid); |
| 510 | if (perms != null) { |
| 511 | for (int i = perms.size() - 1; i >= 0; i--) { |
| 512 | GrantUri grantUri = perms.keyAt(i); |
| 513 | if (grantUri.sourceUserId == userId || !checkUser) { |
| 514 | if (matchesProvider(grantUri.uri, cpi)) { |
| 515 | return true; |
| 516 | } |
| 517 | } |
| 518 | } |
| 519 | } |
| 520 | return false; |
| 521 | } |
| 522 | |
| 523 | /** Returns true if the uri authority is one of the authorities specified in the provider. */ |
| 524 | private boolean matchesProvider(Uri uri, ProviderInfo cpi) { |
| 525 | String uriAuth = uri.getAuthority(); |
| 526 | String cpiAuth = cpi.authority; |
| 527 | if (cpiAuth.indexOf(';') == -1) { |
| 528 | return cpiAuth.equals(uriAuth); |
| 529 | } |
| 530 | String[] cpiAuths = cpiAuth.split(";"); |
| 531 | int length = cpiAuths.length; |
| 532 | for (int i = 0; i < length; i++) { |
| 533 | if (cpiAuths[i].equals(uriAuth)) return true; |
| 534 | } |
| 535 | return false; |
| 536 | } |
| 537 | |
| 538 | /** |
| 539 | * Prune any older {@link UriPermission} for the given UID until outstanding |
| 540 | * persisted grants are below {@link #MAX_PERSISTED_URI_GRANTS}. |
| 541 | * |
| 542 | * @return if any mutations occured that require persisting. |
| 543 | */ |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 544 | @GuardedBy("mLock") |
| 545 | private boolean maybePrunePersistedUriGrantsLocked(int uid) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 546 | final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.get(uid); |
| 547 | if (perms == null) return false; |
| 548 | if (perms.size() < MAX_PERSISTED_URI_GRANTS) return false; |
| 549 | |
| 550 | final ArrayList<UriPermission> persisted = Lists.newArrayList(); |
| 551 | for (UriPermission perm : perms.values()) { |
| 552 | if (perm.persistedModeFlags != 0) { |
| 553 | persisted.add(perm); |
| 554 | } |
| 555 | } |
| 556 | |
| 557 | final int trimCount = persisted.size() - MAX_PERSISTED_URI_GRANTS; |
| 558 | if (trimCount <= 0) return false; |
| 559 | |
| 560 | Collections.sort(persisted, new UriPermission.PersistedTimeComparator()); |
| 561 | for (int i = 0; i < trimCount; i++) { |
| 562 | final UriPermission perm = persisted.get(i); |
| 563 | |
| 564 | if (DEBUG) Slog.v(TAG, "Trimming grant created at " + perm.persistedCreateTime); |
| 565 | |
| 566 | perm.releasePersistableModes(~0); |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 567 | removeUriPermissionIfNeededLocked(perm); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 568 | } |
| 569 | |
| 570 | return true; |
| 571 | } |
| 572 | |
| 573 | /** Like checkGrantUriPermission, but takes an Intent. */ |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 574 | private NeededUriGrants checkGrantUriPermissionFromIntentUnlocked(int callingUid, |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 575 | String targetPkg, Intent intent, int mode, NeededUriGrants needed, int targetUserId) { |
| 576 | if (DEBUG) Slog.v(TAG, |
| 577 | "Checking URI perm to data=" + (intent != null ? intent.getData() : null) |
| 578 | + " clip=" + (intent != null ? intent.getClipData() : null) |
| 579 | + " from " + intent + "; flags=0x" |
| 580 | + Integer.toHexString(intent != null ? intent.getFlags() : 0)); |
| 581 | |
| 582 | if (targetPkg == null) { |
| 583 | throw new NullPointerException("targetPkg"); |
| 584 | } |
| 585 | |
| 586 | if (intent == null) { |
| 587 | return null; |
| 588 | } |
| 589 | Uri data = intent.getData(); |
| 590 | ClipData clip = intent.getClipData(); |
| 591 | if (data == null && clip == null) { |
| 592 | return null; |
| 593 | } |
| 594 | // Default userId for uris in the intent (if they don't specify it themselves) |
| 595 | int contentUserHint = intent.getContentUserHint(); |
| 596 | if (contentUserHint == UserHandle.USER_CURRENT) { |
| 597 | contentUserHint = UserHandle.getUserId(callingUid); |
| 598 | } |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 599 | int targetUid; |
| 600 | if (needed != null) { |
| 601 | targetUid = needed.targetUid; |
| 602 | } else { |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 603 | targetUid = mPmInternal.getPackageUidInternal(targetPkg, MATCH_DEBUG_TRIAGED_MISSING, |
| 604 | targetUserId); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 605 | if (targetUid < 0) { |
| 606 | if (DEBUG) Slog.v(TAG, "Can't grant URI permission no uid for: " + targetPkg |
| 607 | + " on user " + targetUserId); |
| 608 | return null; |
| 609 | } |
| 610 | } |
| 611 | if (data != null) { |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 612 | GrantUri grantUri = GrantUri.resolve(contentUserHint, data, mode); |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 613 | targetUid = checkGrantUriPermissionUnlocked(callingUid, targetPkg, grantUri, mode, |
| 614 | targetUid); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 615 | if (targetUid > 0) { |
| 616 | if (needed == null) { |
| 617 | needed = new NeededUriGrants(targetPkg, targetUid, mode); |
| 618 | } |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 619 | needed.uris.add(grantUri); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 620 | } |
| 621 | } |
| 622 | if (clip != null) { |
| 623 | for (int i=0; i<clip.getItemCount(); i++) { |
| 624 | Uri uri = clip.getItemAt(i).getUri(); |
| 625 | if (uri != null) { |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 626 | GrantUri grantUri = GrantUri.resolve(contentUserHint, uri, mode); |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 627 | targetUid = checkGrantUriPermissionUnlocked(callingUid, targetPkg, |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 628 | grantUri, mode, targetUid); |
| 629 | if (targetUid > 0) { |
| 630 | if (needed == null) { |
| 631 | needed = new NeededUriGrants(targetPkg, targetUid, mode); |
| 632 | } |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 633 | needed.uris.add(grantUri); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 634 | } |
| 635 | } else { |
| 636 | Intent clipIntent = clip.getItemAt(i).getIntent(); |
| 637 | if (clipIntent != null) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 638 | NeededUriGrants newNeeded = checkGrantUriPermissionFromIntentUnlocked( |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 639 | callingUid, targetPkg, clipIntent, mode, needed, targetUserId); |
| 640 | if (newNeeded != null) { |
| 641 | needed = newNeeded; |
| 642 | } |
| 643 | } |
| 644 | } |
| 645 | } |
| 646 | } |
| 647 | |
| 648 | return needed; |
| 649 | } |
| 650 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 651 | @GuardedBy("mLock") |
| 652 | private void readGrantedUriPermissionsLocked() { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 653 | if (DEBUG) Slog.v(TAG, "readGrantedUriPermissions()"); |
| 654 | |
| 655 | final long now = System.currentTimeMillis(); |
| 656 | |
| 657 | FileInputStream fis = null; |
| 658 | try { |
| 659 | fis = mGrantFile.openRead(); |
| 660 | final XmlPullParser in = Xml.newPullParser(); |
| 661 | in.setInput(fis, StandardCharsets.UTF_8.name()); |
| 662 | |
| 663 | int type; |
| 664 | while ((type = in.next()) != END_DOCUMENT) { |
| 665 | final String tag = in.getName(); |
| 666 | if (type == START_TAG) { |
| 667 | if (TAG_URI_GRANT.equals(tag)) { |
| 668 | final int sourceUserId; |
| 669 | final int targetUserId; |
| 670 | final int userHandle = readIntAttribute(in, |
| 671 | ATTR_USER_HANDLE, UserHandle.USER_NULL); |
| 672 | if (userHandle != UserHandle.USER_NULL) { |
| 673 | // For backwards compatibility. |
| 674 | sourceUserId = userHandle; |
| 675 | targetUserId = userHandle; |
| 676 | } else { |
| 677 | sourceUserId = readIntAttribute(in, ATTR_SOURCE_USER_ID); |
| 678 | targetUserId = readIntAttribute(in, ATTR_TARGET_USER_ID); |
| 679 | } |
| 680 | final String sourcePkg = in.getAttributeValue(null, ATTR_SOURCE_PKG); |
| 681 | final String targetPkg = in.getAttributeValue(null, ATTR_TARGET_PKG); |
| 682 | final Uri uri = Uri.parse(in.getAttributeValue(null, ATTR_URI)); |
| 683 | final boolean prefix = readBooleanAttribute(in, ATTR_PREFIX); |
| 684 | final int modeFlags = readIntAttribute(in, ATTR_MODE_FLAGS); |
| 685 | final long createdTime = readLongAttribute(in, ATTR_CREATED_TIME, now); |
| 686 | |
| 687 | // Sanity check that provider still belongs to source package |
| 688 | // Both direct boot aware and unaware packages are fine as we |
| 689 | // will do filtering at query time to avoid multiple parsing. |
| 690 | final ProviderInfo pi = getProviderInfo(uri.getAuthority(), sourceUserId, |
| 691 | MATCH_DIRECT_BOOT_AWARE | MATCH_DIRECT_BOOT_UNAWARE); |
| 692 | if (pi != null && sourcePkg.equals(pi.packageName)) { |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 693 | int targetUid = mPmInternal.getPackageUidInternal( |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 694 | targetPkg, MATCH_UNINSTALLED_PACKAGES, targetUserId); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 695 | if (targetUid != -1) { |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 696 | final GrantUri grantUri = new GrantUri(sourceUserId, uri, |
| 697 | prefix ? Intent.FLAG_GRANT_PREFIX_URI_PERMISSION : 0); |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 698 | final UriPermission perm = findOrCreateUriPermissionLocked( |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 699 | sourcePkg, targetPkg, targetUid, grantUri); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 700 | perm.initPersistedModes(modeFlags, createdTime); |
| 701 | } |
| 702 | } else { |
| 703 | Slog.w(TAG, "Persisted grant for " + uri + " had source " + sourcePkg |
| 704 | + " but instead found " + pi); |
| 705 | } |
| 706 | } |
| 707 | } |
| 708 | } |
| 709 | } catch (FileNotFoundException e) { |
| 710 | // Missing grants is okay |
| 711 | } catch (IOException e) { |
| 712 | Slog.wtf(TAG, "Failed reading Uri grants", e); |
| 713 | } catch (XmlPullParserException e) { |
| 714 | Slog.wtf(TAG, "Failed reading Uri grants", e); |
| 715 | } finally { |
| 716 | IoUtils.closeQuietly(fis); |
| 717 | } |
| 718 | } |
| 719 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 720 | @GuardedBy("mLock") |
| 721 | private UriPermission findOrCreateUriPermissionLocked(String sourcePkg, |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 722 | String targetPkg, int targetUid, GrantUri grantUri) { |
| 723 | ArrayMap<GrantUri, UriPermission> targetUris = mGrantedUriPermissions.get(targetUid); |
| 724 | if (targetUris == null) { |
| 725 | targetUris = Maps.newArrayMap(); |
| 726 | mGrantedUriPermissions.put(targetUid, targetUris); |
| 727 | } |
| 728 | |
| 729 | UriPermission perm = targetUris.get(grantUri); |
| 730 | if (perm == null) { |
| 731 | perm = new UriPermission(sourcePkg, targetPkg, targetUid, grantUri); |
| 732 | targetUris.put(grantUri, perm); |
| 733 | } |
| 734 | |
| 735 | return perm; |
| 736 | } |
| 737 | |
| 738 | private void grantUriPermissionUnchecked(int targetUid, String targetPkg, GrantUri grantUri, |
| 739 | final int modeFlags, UriPermissionOwner owner) { |
| 740 | if (!Intent.isAccessUriMode(modeFlags)) { |
| 741 | return; |
| 742 | } |
| 743 | |
| 744 | // So here we are: the caller has the assumed permission to the uri, and the target doesn't. |
| 745 | // Let's now give this to the target. |
| 746 | |
| 747 | if (DEBUG) Slog.v(TAG, |
| 748 | "Granting " + targetPkg + "/" + targetUid + " permission to " + grantUri); |
| 749 | |
| 750 | final String authority = grantUri.uri.getAuthority(); |
| 751 | final ProviderInfo pi = getProviderInfo(authority, grantUri.sourceUserId, |
| 752 | MATCH_DEBUG_TRIAGED_MISSING); |
| 753 | if (pi == null) { |
| 754 | Slog.w(TAG, "No content provider found for grant: " + grantUri.toSafeString()); |
| 755 | return; |
| 756 | } |
| 757 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 758 | final UriPermission perm; |
| 759 | synchronized (mLock) { |
| 760 | perm = findOrCreateUriPermissionLocked(pi.packageName, targetPkg, targetUid, grantUri); |
| 761 | } |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 762 | perm.grantModes(modeFlags, owner); |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 763 | mPmInternal.grantImplicitAccess(UserHandle.getUserId(targetUid), null, |
Patrick Baumann | 710d720 | 2020-01-09 15:02:14 -0800 | [diff] [blame] | 764 | UserHandle.getAppId(targetUid), pi.applicationInfo.uid, false /*direct*/); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 765 | } |
| 766 | |
| 767 | /** Like grantUriPermissionUnchecked, but takes an Intent. */ |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 768 | private void grantUriPermissionUncheckedFromIntent(NeededUriGrants needed, |
| 769 | UriPermissionOwner owner) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 770 | if (needed == null) { |
| 771 | return; |
| 772 | } |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 773 | final int N = needed.uris.size(); |
| 774 | for (int i = 0; i < N; i++) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 775 | grantUriPermissionUnchecked(needed.targetUid, needed.targetPkg, |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 776 | needed.uris.valueAt(i), needed.flags, owner); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 777 | } |
| 778 | } |
| 779 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 780 | private void grantUriPermissionUnlocked(int callingUid, String targetPkg, GrantUri grantUri, |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 781 | final int modeFlags, UriPermissionOwner owner, int targetUserId) { |
| 782 | if (targetPkg == null) { |
| 783 | throw new NullPointerException("targetPkg"); |
| 784 | } |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 785 | int targetUid = mPmInternal.getPackageUidInternal(targetPkg, MATCH_DEBUG_TRIAGED_MISSING, |
| 786 | targetUserId); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 787 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 788 | targetUid = checkGrantUriPermissionUnlocked(callingUid, targetPkg, grantUri, modeFlags, |
| 789 | targetUid); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 790 | if (targetUid < 0) { |
| 791 | return; |
| 792 | } |
| 793 | |
| 794 | grantUriPermissionUnchecked(targetUid, targetPkg, grantUri, modeFlags, owner); |
| 795 | } |
| 796 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 797 | private void revokeUriPermission(String targetPackage, int callingUid, GrantUri grantUri, |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 798 | final int modeFlags) { |
| 799 | if (DEBUG) Slog.v(TAG, "Revoking all granted permissions to " + grantUri); |
| 800 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 801 | final String authority = grantUri.uri.getAuthority(); |
| 802 | final ProviderInfo pi = getProviderInfo(authority, grantUri.sourceUserId, |
| 803 | MATCH_DIRECT_BOOT_AWARE | MATCH_DIRECT_BOOT_UNAWARE); |
| 804 | if (pi == null) { |
| 805 | Slog.w(TAG, "No content provider found for permission revoke: " |
| 806 | + grantUri.toSafeString()); |
| 807 | return; |
| 808 | } |
| 809 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 810 | final boolean callerHoldsPermissions = checkHoldingPermissionsUnlocked(pi, grantUri, |
| 811 | callingUid, modeFlags); |
| 812 | synchronized (mLock) { |
| 813 | revokeUriPermissionLocked(targetPackage, callingUid, grantUri, modeFlags, |
| 814 | callerHoldsPermissions); |
| 815 | } |
| 816 | } |
| 817 | |
| 818 | @GuardedBy("mLock") |
| 819 | private void revokeUriPermissionLocked(String targetPackage, int callingUid, GrantUri grantUri, |
| 820 | final int modeFlags, final boolean callerHoldsPermissions) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 821 | // Does the caller have this permission on the URI? |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 822 | if (!callerHoldsPermissions) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 823 | // If they don't have direct access to the URI, then revoke any |
| 824 | // ownerless URI permissions that have been granted to them. |
| 825 | final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.get(callingUid); |
| 826 | if (perms != null) { |
| 827 | boolean persistChanged = false; |
| 828 | for (int i = perms.size()-1; i >= 0; i--) { |
| 829 | final UriPermission perm = perms.valueAt(i); |
| 830 | if (targetPackage != null && !targetPackage.equals(perm.targetPkg)) { |
| 831 | continue; |
| 832 | } |
| 833 | if (perm.uri.sourceUserId == grantUri.sourceUserId |
| 834 | && perm.uri.uri.isPathPrefixMatch(grantUri.uri)) { |
| 835 | if (DEBUG) Slog.v(TAG, "Revoking non-owned " |
| 836 | + perm.targetUid + " permission to " + perm.uri); |
| 837 | persistChanged |= perm.revokeModes( |
| 838 | modeFlags | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION, false); |
| 839 | if (perm.modeFlags == 0) { |
| 840 | perms.removeAt(i); |
| 841 | } |
| 842 | } |
| 843 | } |
| 844 | if (perms.isEmpty()) { |
| 845 | mGrantedUriPermissions.remove(callingUid); |
| 846 | } |
| 847 | if (persistChanged) { |
| 848 | schedulePersistUriGrants(); |
| 849 | } |
| 850 | } |
| 851 | return; |
| 852 | } |
| 853 | |
| 854 | boolean persistChanged = false; |
| 855 | |
| 856 | // Go through all of the permissions and remove any that match. |
| 857 | for (int i = mGrantedUriPermissions.size()-1; i >= 0; i--) { |
| 858 | final int targetUid = mGrantedUriPermissions.keyAt(i); |
| 859 | final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.valueAt(i); |
| 860 | |
| 861 | for (int j = perms.size()-1; j >= 0; j--) { |
| 862 | final UriPermission perm = perms.valueAt(j); |
| 863 | if (targetPackage != null && !targetPackage.equals(perm.targetPkg)) { |
| 864 | continue; |
| 865 | } |
| 866 | if (perm.uri.sourceUserId == grantUri.sourceUserId |
| 867 | && perm.uri.uri.isPathPrefixMatch(grantUri.uri)) { |
| 868 | if (DEBUG) Slog.v(TAG, |
| 869 | "Revoking " + perm.targetUid + " permission to " + perm.uri); |
| 870 | persistChanged |= perm.revokeModes( |
| 871 | modeFlags | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION, |
| 872 | targetPackage == null); |
| 873 | if (perm.modeFlags == 0) { |
| 874 | perms.removeAt(j); |
| 875 | } |
| 876 | } |
| 877 | } |
| 878 | |
| 879 | if (perms.isEmpty()) { |
| 880 | mGrantedUriPermissions.removeAt(i); |
| 881 | } |
| 882 | } |
| 883 | |
| 884 | if (persistChanged) { |
| 885 | schedulePersistUriGrants(); |
| 886 | } |
| 887 | } |
| 888 | |
| 889 | /** |
| 890 | * Determine if UID is holding permissions required to access {@link Uri} in |
| 891 | * the given {@link ProviderInfo}. Final permission checking is always done |
| 892 | * in {@link ContentProvider}. |
| 893 | */ |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 894 | private boolean checkHoldingPermissionsUnlocked( |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 895 | ProviderInfo pi, GrantUri grantUri, int uid, final int modeFlags) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 896 | if (DEBUG) Slog.v(TAG, "checkHoldingPermissions: uri=" + grantUri + " uid=" + uid); |
| 897 | if (UserHandle.getUserId(uid) != grantUri.sourceUserId) { |
| 898 | if (ActivityManager.checkComponentPermission(INTERACT_ACROSS_USERS, uid, -1, true) |
| 899 | != PERMISSION_GRANTED) { |
| 900 | return false; |
| 901 | } |
| 902 | } |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 903 | return checkHoldingPermissionsInternalUnlocked(pi, grantUri, uid, modeFlags, true); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 904 | } |
| 905 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 906 | private boolean checkHoldingPermissionsInternalUnlocked(ProviderInfo pi, |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 907 | GrantUri grantUri, int uid, final int modeFlags, boolean considerUidPermissions) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 908 | // We must never hold our local mLock in this method, since we may need |
| 909 | // to call into ActivityManager for dynamic permission checks |
| 910 | if (Thread.holdsLock(mLock)) { |
| 911 | throw new IllegalStateException("Must never hold local mLock"); |
| 912 | } |
| 913 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 914 | if (pi.applicationInfo.uid == uid) { |
| 915 | return true; |
| 916 | } else if (!pi.exported) { |
| 917 | return false; |
| 918 | } |
| 919 | |
| 920 | boolean readMet = (modeFlags & Intent.FLAG_GRANT_READ_URI_PERMISSION) == 0; |
| 921 | boolean writeMet = (modeFlags & Intent.FLAG_GRANT_WRITE_URI_PERMISSION) == 0; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 922 | |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 923 | // check if target holds top-level <provider> permissions |
| 924 | if (!readMet && pi.readPermission != null && considerUidPermissions |
| 925 | && (checkUidPermission(pi.readPermission, uid) == PERMISSION_GRANTED)) { |
| 926 | readMet = true; |
| 927 | } |
| 928 | if (!writeMet && pi.writePermission != null && considerUidPermissions |
| 929 | && (checkUidPermission(pi.writePermission, uid) == PERMISSION_GRANTED)) { |
| 930 | writeMet = true; |
| 931 | } |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 932 | |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 933 | // track if unprotected read/write is allowed; any denied |
| 934 | // <path-permission> below removes this ability |
| 935 | boolean allowDefaultRead = pi.readPermission == null; |
| 936 | boolean allowDefaultWrite = pi.writePermission == null; |
| 937 | |
| 938 | // check if target holds any <path-permission> that match uri |
| 939 | final PathPermission[] pps = pi.pathPermissions; |
| 940 | if (pps != null) { |
| 941 | final String path = grantUri.uri.getPath(); |
| 942 | int i = pps.length; |
| 943 | while (i > 0 && (!readMet || !writeMet)) { |
| 944 | i--; |
| 945 | PathPermission pp = pps[i]; |
| 946 | if (pp.match(path)) { |
| 947 | if (!readMet) { |
| 948 | final String pprperm = pp.getReadPermission(); |
| 949 | if (DEBUG) Slog.v(TAG, |
| 950 | "Checking read perm for " + pprperm + " for " + pp.getPath() |
| 951 | + ": match=" + pp.match(path) |
| 952 | + " check=" + checkUidPermission(pprperm, uid)); |
| 953 | if (pprperm != null) { |
| 954 | if (considerUidPermissions && checkUidPermission(pprperm, uid) |
| 955 | == PERMISSION_GRANTED) { |
| 956 | readMet = true; |
| 957 | } else { |
| 958 | allowDefaultRead = false; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 959 | } |
| 960 | } |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 961 | } |
| 962 | if (!writeMet) { |
| 963 | final String ppwperm = pp.getWritePermission(); |
| 964 | if (DEBUG) Slog.v(TAG, |
| 965 | "Checking write perm " + ppwperm + " for " + pp.getPath() |
| 966 | + ": match=" + pp.match(path) |
| 967 | + " check=" + checkUidPermission(ppwperm, uid)); |
| 968 | if (ppwperm != null) { |
| 969 | if (considerUidPermissions && checkUidPermission(ppwperm, uid) |
| 970 | == PERMISSION_GRANTED) { |
| 971 | writeMet = true; |
| 972 | } else { |
| 973 | allowDefaultWrite = false; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 974 | } |
| 975 | } |
| 976 | } |
| 977 | } |
| 978 | } |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 979 | } |
| 980 | |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 981 | // grant unprotected <provider> read/write, if not blocked by |
| 982 | // <path-permission> above |
| 983 | if (allowDefaultRead) readMet = true; |
| 984 | if (allowDefaultWrite) writeMet = true; |
| 985 | |
Jeff Sharkey | 9edef25 | 2019-05-20 14:00:17 -0600 | [diff] [blame] | 986 | // If this provider says that grants are always required, we need to |
| 987 | // consult it directly to determine if the UID has permission |
| 988 | final boolean forceMet; |
Jeff Sharkey | b1c88b7 | 2019-07-19 16:23:26 -0600 | [diff] [blame] | 989 | if (ENABLE_DYNAMIC_PERMISSIONS && pi.forceUriPermissions) { |
Jeff Sharkey | 9edef25 | 2019-05-20 14:00:17 -0600 | [diff] [blame] | 990 | final int providerUserId = UserHandle.getUserId(pi.applicationInfo.uid); |
| 991 | final int clientUserId = UserHandle.getUserId(uid); |
| 992 | if (providerUserId == clientUserId) { |
| 993 | forceMet = (mAmInternal.checkContentProviderUriPermission(grantUri.uri, |
| 994 | providerUserId, uid, modeFlags) == PackageManager.PERMISSION_GRANTED); |
| 995 | } else { |
| 996 | // The provider can't track cross-user permissions, so we have |
| 997 | // to assume they're always denied |
| 998 | forceMet = false; |
| 999 | } |
| 1000 | } else { |
| 1001 | forceMet = true; |
| 1002 | } |
| 1003 | |
| 1004 | return readMet && writeMet && forceMet; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1005 | } |
| 1006 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1007 | @GuardedBy("mLock") |
| 1008 | private void removeUriPermissionIfNeededLocked(UriPermission perm) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1009 | if (perm.modeFlags != 0) { |
| 1010 | return; |
| 1011 | } |
| 1012 | final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.get( |
| 1013 | perm.targetUid); |
| 1014 | if (perms == null) { |
| 1015 | return; |
| 1016 | } |
| 1017 | if (DEBUG) Slog.v(TAG, "Removing " + perm.targetUid + " permission to " + perm.uri); |
| 1018 | |
| 1019 | perms.remove(perm.uri); |
| 1020 | if (perms.isEmpty()) { |
| 1021 | mGrantedUriPermissions.remove(perm.targetUid); |
| 1022 | } |
| 1023 | } |
| 1024 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1025 | @GuardedBy("mLock") |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1026 | private UriPermission findUriPermissionLocked(int targetUid, GrantUri grantUri) { |
| 1027 | final ArrayMap<GrantUri, UriPermission> targetUris = mGrantedUriPermissions.get(targetUid); |
| 1028 | if (targetUris != null) { |
| 1029 | return targetUris.get(grantUri); |
| 1030 | } |
| 1031 | return null; |
| 1032 | } |
| 1033 | |
| 1034 | private void schedulePersistUriGrants() { |
| 1035 | if (!mH.hasMessages(PERSIST_URI_GRANTS_MSG)) { |
| 1036 | mH.sendMessageDelayed(mH.obtainMessage(PERSIST_URI_GRANTS_MSG), |
| 1037 | 10 * DateUtils.SECOND_IN_MILLIS); |
| 1038 | } |
| 1039 | } |
| 1040 | |
| 1041 | private void enforceNotIsolatedCaller(String caller) { |
| 1042 | if (UserHandle.isIsolated(Binder.getCallingUid())) { |
| 1043 | throw new SecurityException("Isolated process not allowed to call " + caller); |
| 1044 | } |
| 1045 | } |
| 1046 | |
| 1047 | private ProviderInfo getProviderInfo(String authority, int userHandle, int pmFlags) { |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 1048 | return mPmInternal.resolveContentProvider(authority, |
| 1049 | PackageManager.GET_URI_PERMISSION_PATTERNS | pmFlags, userHandle); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1050 | } |
| 1051 | |
| 1052 | /** |
| 1053 | * Check if the targetPkg can be granted permission to access uri by |
| 1054 | * the callingUid using the given modeFlags. Throws a security exception |
| 1055 | * if callingUid is not allowed to do this. Returns the uid of the target |
| 1056 | * if the URI permission grant should be performed; returns -1 if it is not |
| 1057 | * needed (for example targetPkg already has permission to access the URI). |
| 1058 | * If you already know the uid of the target, you can supply it in |
| 1059 | * lastTargetUid else set that to -1. |
| 1060 | */ |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1061 | private int checkGrantUriPermissionUnlocked(int callingUid, String targetPkg, GrantUri grantUri, |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 1062 | int modeFlags, int lastTargetUid) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1063 | if (!Intent.isAccessUriMode(modeFlags)) { |
| 1064 | return -1; |
| 1065 | } |
| 1066 | |
| 1067 | if (targetPkg != null) { |
| 1068 | if (DEBUG) Slog.v(TAG, "Checking grant " + targetPkg + " permission to " + grantUri); |
| 1069 | } |
| 1070 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1071 | // If this is not a content: uri, we can't do anything with it. |
| 1072 | if (!ContentResolver.SCHEME_CONTENT.equals(grantUri.uri.getScheme())) { |
| 1073 | if (DEBUG) Slog.v(TAG, "Can't grant URI permission for non-content URI: " + grantUri); |
| 1074 | return -1; |
| 1075 | } |
| 1076 | |
| 1077 | // Bail early if system is trying to hand out permissions directly; it |
| 1078 | // must always grant permissions on behalf of someone explicit. |
| 1079 | final int callingAppId = UserHandle.getAppId(callingUid); |
| 1080 | if ((callingAppId == SYSTEM_UID) || (callingAppId == ROOT_UID)) { |
Andrew Sapperstein | 93f5ed6 | 2019-06-20 15:25:19 -0700 | [diff] [blame] | 1081 | if ("com.android.settings.files".equals(grantUri.uri.getAuthority()) |
| 1082 | || "com.android.settings.module_licenses".equals(grantUri.uri.getAuthority())) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1083 | // Exempted authority for |
| 1084 | // 1. cropping user photos and sharing a generated license html |
| 1085 | // file in Settings app |
| 1086 | // 2. sharing a generated license html file in TvSettings app |
Andrew Sapperstein | 93f5ed6 | 2019-06-20 15:25:19 -0700 | [diff] [blame] | 1087 | // 3. Sharing module license files from Settings app |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1088 | } else { |
| 1089 | Slog.w(TAG, "For security reasons, the system cannot issue a Uri permission" |
| 1090 | + " grant to " + grantUri + "; use startActivityAsCaller() instead"); |
| 1091 | return -1; |
| 1092 | } |
| 1093 | } |
| 1094 | |
| 1095 | final String authority = grantUri.uri.getAuthority(); |
| 1096 | final ProviderInfo pi = getProviderInfo(authority, grantUri.sourceUserId, |
| 1097 | MATCH_DEBUG_TRIAGED_MISSING); |
| 1098 | if (pi == null) { |
| 1099 | Slog.w(TAG, "No content provider found for permission check: " + |
| 1100 | grantUri.uri.toSafeString()); |
| 1101 | return -1; |
| 1102 | } |
| 1103 | |
| 1104 | int targetUid = lastTargetUid; |
| 1105 | if (targetUid < 0 && targetPkg != null) { |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 1106 | targetUid = mPmInternal.getPackageUidInternal(targetPkg, MATCH_DEBUG_TRIAGED_MISSING, |
| 1107 | UserHandle.getUserId(callingUid)); |
| 1108 | if (targetUid < 0) { |
| 1109 | if (DEBUG) Slog.v(TAG, "Can't grant URI permission no uid for: " + targetPkg); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1110 | return -1; |
| 1111 | } |
| 1112 | } |
| 1113 | |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 1114 | boolean targetHoldsPermission = false; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1115 | if (targetUid >= 0) { |
| 1116 | // First... does the target actually need this permission? |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1117 | if (checkHoldingPermissionsUnlocked(pi, grantUri, targetUid, modeFlags)) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1118 | // No need to grant the target this permission. |
| 1119 | if (DEBUG) Slog.v(TAG, |
| 1120 | "Target " + targetPkg + " already has full permission to " + grantUri); |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 1121 | targetHoldsPermission = true; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1122 | } |
| 1123 | } else { |
| 1124 | // First... there is no target package, so can anyone access it? |
| 1125 | boolean allowed = pi.exported; |
| 1126 | if ((modeFlags&Intent.FLAG_GRANT_READ_URI_PERMISSION) != 0) { |
| 1127 | if (pi.readPermission != null) { |
| 1128 | allowed = false; |
| 1129 | } |
| 1130 | } |
| 1131 | if ((modeFlags&Intent.FLAG_GRANT_WRITE_URI_PERMISSION) != 0) { |
| 1132 | if (pi.writePermission != null) { |
| 1133 | allowed = false; |
| 1134 | } |
| 1135 | } |
| 1136 | if (pi.pathPermissions != null) { |
| 1137 | final int N = pi.pathPermissions.length; |
| 1138 | for (int i=0; i<N; i++) { |
| 1139 | if (pi.pathPermissions[i] != null |
| 1140 | && pi.pathPermissions[i].match(grantUri.uri.getPath())) { |
| 1141 | if ((modeFlags&Intent.FLAG_GRANT_READ_URI_PERMISSION) != 0) { |
| 1142 | if (pi.pathPermissions[i].getReadPermission() != null) { |
| 1143 | allowed = false; |
| 1144 | } |
| 1145 | } |
| 1146 | if ((modeFlags&Intent.FLAG_GRANT_WRITE_URI_PERMISSION) != 0) { |
| 1147 | if (pi.pathPermissions[i].getWritePermission() != null) { |
| 1148 | allowed = false; |
| 1149 | } |
| 1150 | } |
| 1151 | break; |
| 1152 | } |
| 1153 | } |
| 1154 | } |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 1155 | if (allowed) { |
| 1156 | targetHoldsPermission = true; |
| 1157 | } |
| 1158 | } |
| 1159 | |
Jeff Sharkey | edb79a9 | 2020-04-24 19:21:20 -0600 | [diff] [blame] | 1160 | if (pi.forceUriPermissions) { |
| 1161 | // When provider requires dynamic permission checks, the only |
| 1162 | // way to be safe is to issue permission grants for each item by |
| 1163 | // assuming no generic access |
| 1164 | targetHoldsPermission = false; |
| 1165 | } |
| 1166 | |
Jeff Sharkey | 51a14c0 | 2020-05-06 14:15:44 -0600 | [diff] [blame] | 1167 | final boolean basicGrant = (modeFlags |
| 1168 | & (FLAG_GRANT_PERSISTABLE_URI_PERMISSION | FLAG_GRANT_PREFIX_URI_PERMISSION)) == 0; |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 1169 | if (basicGrant && targetHoldsPermission) { |
| 1170 | // When caller holds permission, and this is a simple permission |
| 1171 | // grant, we can skip generating any bookkeeping; when any advanced |
| 1172 | // features have been requested, we proceed below to make sure the |
| 1173 | // provider supports granting permissions |
| 1174 | return -1; |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1175 | } |
| 1176 | |
| 1177 | /* There is a special cross user grant if: |
| 1178 | * - The target is on another user. |
| 1179 | * - Apps on the current user can access the uri without any uid permissions. |
| 1180 | * In this case, we grant a uri permission, even if the ContentProvider does not normally |
| 1181 | * grant uri permissions. |
| 1182 | */ |
Nicholas Sauer | faa877f | 2018-12-20 19:31:03 -0800 | [diff] [blame] | 1183 | boolean specialCrossUserGrant = targetUid >= 0 |
| 1184 | && UserHandle.getUserId(targetUid) != grantUri.sourceUserId |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1185 | && checkHoldingPermissionsInternalUnlocked(pi, grantUri, callingUid, |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1186 | modeFlags, false /*without considering the uid permissions*/); |
| 1187 | |
| 1188 | // Second... is the provider allowing granting of URI permissions? |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 1189 | boolean grantAllowed = pi.grantUriPermissions; |
| 1190 | if (!ArrayUtils.isEmpty(pi.uriPermissionPatterns)) { |
| 1191 | final int N = pi.uriPermissionPatterns.length; |
| 1192 | grantAllowed = false; |
| 1193 | for (int i = 0; i < N; i++) { |
| 1194 | if (pi.uriPermissionPatterns[i] != null |
| 1195 | && pi.uriPermissionPatterns[i].match(grantUri.uri.getPath())) { |
| 1196 | grantAllowed = true; |
| 1197 | break; |
| 1198 | } |
| 1199 | } |
| 1200 | } |
| 1201 | if (!grantAllowed) { |
| 1202 | if (specialCrossUserGrant) { |
| 1203 | // We're only okay issuing basic grant access across user |
| 1204 | // boundaries; advanced flags are blocked here |
| 1205 | if (!basicGrant) { |
| 1206 | throw new SecurityException("Provider " + pi.packageName |
| 1207 | + "/" + pi.name |
| 1208 | + " does not allow granting of advanced Uri permissions (uri " |
| 1209 | + grantUri + ")"); |
| 1210 | } |
| 1211 | } else { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1212 | throw new SecurityException("Provider " + pi.packageName |
| 1213 | + "/" + pi.name |
| 1214 | + " does not allow granting of Uri permissions (uri " |
| 1215 | + grantUri + ")"); |
| 1216 | } |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1217 | } |
| 1218 | |
| 1219 | // Third... does the caller itself have permission to access this uri? |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1220 | if (!checkHoldingPermissionsUnlocked(pi, grantUri, callingUid, modeFlags)) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1221 | // Require they hold a strong enough Uri permission |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1222 | final boolean res; |
| 1223 | synchronized (mLock) { |
| 1224 | res = checkUriPermissionLocked(grantUri, callingUid, modeFlags); |
| 1225 | } |
| 1226 | if (!res) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1227 | if (android.Manifest.permission.MANAGE_DOCUMENTS.equals(pi.readPermission)) { |
| 1228 | throw new SecurityException( |
| 1229 | "UID " + callingUid + " does not have permission to " + grantUri |
| 1230 | + "; you could obtain access using ACTION_OPEN_DOCUMENT " |
| 1231 | + "or related APIs"); |
| 1232 | } else { |
| 1233 | throw new SecurityException( |
| 1234 | "UID " + callingUid + " does not have permission to " + grantUri); |
| 1235 | } |
| 1236 | } |
| 1237 | } |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 1238 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1239 | return targetUid; |
| 1240 | } |
| 1241 | |
| 1242 | /** |
| 1243 | * @param userId The userId in which the uri is to be resolved. |
| 1244 | */ |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1245 | private int checkGrantUriPermissionUnlocked(int callingUid, String targetPkg, Uri uri, |
| 1246 | int modeFlags, int userId) { |
| 1247 | return checkGrantUriPermissionUnlocked(callingUid, targetPkg, |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 1248 | new GrantUri(userId, uri, modeFlags), modeFlags, -1); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1249 | } |
| 1250 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1251 | @GuardedBy("mLock") |
| 1252 | private boolean checkUriPermissionLocked(GrantUri grantUri, int uid, final int modeFlags) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1253 | final boolean persistable = (modeFlags & Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION) != 0; |
| 1254 | final int minStrength = persistable ? UriPermission.STRENGTH_PERSISTABLE |
| 1255 | : UriPermission.STRENGTH_OWNED; |
| 1256 | |
| 1257 | // Root gets to do everything. |
| 1258 | if (uid == 0) { |
| 1259 | return true; |
| 1260 | } |
| 1261 | |
| 1262 | final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.get(uid); |
| 1263 | if (perms == null) return false; |
| 1264 | |
| 1265 | // First look for exact match |
| 1266 | final UriPermission exactPerm = perms.get(grantUri); |
| 1267 | if (exactPerm != null && exactPerm.getStrength(modeFlags) >= minStrength) { |
| 1268 | return true; |
| 1269 | } |
| 1270 | |
| 1271 | // No exact match, look for prefixes |
| 1272 | final int N = perms.size(); |
| 1273 | for (int i = 0; i < N; i++) { |
| 1274 | final UriPermission perm = perms.valueAt(i); |
| 1275 | if (perm.uri.prefix && grantUri.uri.isPathPrefixMatch(perm.uri.uri) |
| 1276 | && perm.getStrength(modeFlags) >= minStrength) { |
| 1277 | return true; |
| 1278 | } |
| 1279 | } |
| 1280 | |
| 1281 | return false; |
| 1282 | } |
| 1283 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1284 | @GuardedBy("mLock") |
| 1285 | private void writeGrantedUriPermissionsLocked() { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1286 | if (DEBUG) Slog.v(TAG, "writeGrantedUriPermissions()"); |
| 1287 | |
| 1288 | final long startTime = SystemClock.uptimeMillis(); |
| 1289 | |
| 1290 | // Snapshot permissions so we can persist without lock |
| 1291 | ArrayList<UriPermission.Snapshot> persist = Lists.newArrayList(); |
| 1292 | synchronized (this) { |
| 1293 | final int size = mGrantedUriPermissions.size(); |
| 1294 | for (int i = 0; i < size; i++) { |
| 1295 | final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.valueAt(i); |
| 1296 | for (UriPermission perm : perms.values()) { |
| 1297 | if (perm.persistedModeFlags != 0) { |
| 1298 | persist.add(perm.snapshot()); |
| 1299 | } |
| 1300 | } |
| 1301 | } |
| 1302 | } |
| 1303 | |
| 1304 | FileOutputStream fos = null; |
| 1305 | try { |
| 1306 | fos = mGrantFile.startWrite(startTime); |
| 1307 | |
| 1308 | XmlSerializer out = new FastXmlSerializer(); |
| 1309 | out.setOutput(fos, StandardCharsets.UTF_8.name()); |
| 1310 | out.startDocument(null, true); |
| 1311 | out.startTag(null, TAG_URI_GRANTS); |
| 1312 | for (UriPermission.Snapshot perm : persist) { |
| 1313 | out.startTag(null, TAG_URI_GRANT); |
| 1314 | writeIntAttribute(out, ATTR_SOURCE_USER_ID, perm.uri.sourceUserId); |
| 1315 | writeIntAttribute(out, ATTR_TARGET_USER_ID, perm.targetUserId); |
| 1316 | out.attribute(null, ATTR_SOURCE_PKG, perm.sourcePkg); |
| 1317 | out.attribute(null, ATTR_TARGET_PKG, perm.targetPkg); |
| 1318 | out.attribute(null, ATTR_URI, String.valueOf(perm.uri.uri)); |
| 1319 | writeBooleanAttribute(out, ATTR_PREFIX, perm.uri.prefix); |
| 1320 | writeIntAttribute(out, ATTR_MODE_FLAGS, perm.persistedModeFlags); |
| 1321 | writeLongAttribute(out, ATTR_CREATED_TIME, perm.persistedCreateTime); |
| 1322 | out.endTag(null, TAG_URI_GRANT); |
| 1323 | } |
| 1324 | out.endTag(null, TAG_URI_GRANTS); |
| 1325 | out.endDocument(); |
| 1326 | |
| 1327 | mGrantFile.finishWrite(fos); |
| 1328 | } catch (IOException e) { |
| 1329 | if (fos != null) { |
| 1330 | mGrantFile.failWrite(fos); |
| 1331 | } |
| 1332 | } |
| 1333 | } |
| 1334 | |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1335 | final class H extends Handler { |
| 1336 | static final int PERSIST_URI_GRANTS_MSG = 1; |
| 1337 | |
| 1338 | public H(Looper looper) { |
| 1339 | super(looper, null, true); |
| 1340 | } |
| 1341 | |
| 1342 | @Override |
| 1343 | public void handleMessage(Message msg) { |
| 1344 | switch (msg.what) { |
| 1345 | case PERSIST_URI_GRANTS_MSG: { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1346 | synchronized (mLock) { |
| 1347 | writeGrantedUriPermissionsLocked(); |
| 1348 | } |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1349 | break; |
| 1350 | } |
| 1351 | } |
| 1352 | } |
| 1353 | } |
| 1354 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1355 | private final class LocalService implements UriGrantsManagerInternal { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1356 | @Override |
| 1357 | public void removeUriPermissionIfNeeded(UriPermission perm) { |
| 1358 | synchronized (mLock) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1359 | UriGrantsManagerService.this.removeUriPermissionIfNeededLocked(perm); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1360 | } |
| 1361 | } |
| 1362 | |
| 1363 | @Override |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1364 | public void revokeUriPermission(String targetPackage, int callingUid, GrantUri grantUri, |
| 1365 | int modeFlags) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1366 | UriGrantsManagerService.this.revokeUriPermission( |
| 1367 | targetPackage, callingUid, grantUri, modeFlags); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1368 | } |
| 1369 | |
| 1370 | @Override |
| 1371 | public boolean checkUriPermission(GrantUri grantUri, int uid, int modeFlags) { |
| 1372 | synchronized (mLock) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1373 | return UriGrantsManagerService.this.checkUriPermissionLocked(grantUri, uid, |
| 1374 | modeFlags); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1375 | } |
| 1376 | } |
| 1377 | |
| 1378 | @Override |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1379 | public int checkGrantUriPermission(int callingUid, String targetPkg, Uri uri, int modeFlags, |
| 1380 | int userId) { |
| 1381 | enforceNotIsolatedCaller("checkGrantUriPermission"); |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1382 | return UriGrantsManagerService.this.checkGrantUriPermissionUnlocked( |
| 1383 | callingUid, targetPkg, uri, modeFlags, userId); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1384 | } |
| 1385 | |
| 1386 | @Override |
Jeff Sharkey | 938089f | 2020-04-12 16:00:04 -0600 | [diff] [blame] | 1387 | public NeededUriGrants checkGrantUriPermissionFromIntent(Intent intent, int callingUid, |
| 1388 | String targetPkg, int targetUserId) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1389 | final int mode = (intent != null) ? intent.getFlags() : 0; |
| 1390 | return UriGrantsManagerService.this.checkGrantUriPermissionFromIntentUnlocked( |
| 1391 | callingUid, targetPkg, intent, mode, null, targetUserId); |
Wale Ogunwale | 586a8ee | 2019-06-04 13:44:14 +0000 | [diff] [blame] | 1392 | } |
| 1393 | |
| 1394 | @Override |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1395 | public void grantUriPermissionUncheckedFromIntent(NeededUriGrants needed, |
| 1396 | UriPermissionOwner owner) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1397 | UriGrantsManagerService.this.grantUriPermissionUncheckedFromIntent(needed, owner); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1398 | } |
| 1399 | |
| 1400 | @Override |
| 1401 | public void onSystemReady() { |
| 1402 | synchronized (mLock) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1403 | UriGrantsManagerService.this.readGrantedUriPermissionsLocked(); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1404 | } |
| 1405 | } |
| 1406 | |
| 1407 | @Override |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1408 | public IBinder newUriPermissionOwner(String name) { |
| 1409 | enforceNotIsolatedCaller("newUriPermissionOwner"); |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1410 | UriPermissionOwner owner = new UriPermissionOwner(this, name); |
| 1411 | return owner.getExternalToken(); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1412 | } |
| 1413 | |
| 1414 | @Override |
| 1415 | public void removeUriPermissionsForPackage(String packageName, int userHandle, |
| 1416 | boolean persistable, boolean targetOnly) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1417 | synchronized (mLock) { |
| 1418 | UriGrantsManagerService.this.removeUriPermissionsForPackageLocked( |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1419 | packageName, userHandle, persistable, targetOnly); |
| 1420 | } |
| 1421 | } |
| 1422 | |
| 1423 | @Override |
| 1424 | public void revokeUriPermissionFromOwner(IBinder token, Uri uri, int mode, int userId) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1425 | final UriPermissionOwner owner = UriPermissionOwner.fromExternalToken(token); |
| 1426 | if (owner == null) { |
| 1427 | throw new IllegalArgumentException("Unknown owner: " + token); |
| 1428 | } |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1429 | |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1430 | if (uri == null) { |
| 1431 | owner.removeUriPermissions(mode); |
| 1432 | } else { |
| 1433 | owner.removeUriPermission(new GrantUri(userId, uri, mode), mode); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1434 | } |
| 1435 | } |
| 1436 | |
| 1437 | @Override |
| 1438 | public boolean checkAuthorityGrants(int callingUid, ProviderInfo cpi, int userId, |
| 1439 | boolean checkUser) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1440 | synchronized (mLock) { |
| 1441 | return UriGrantsManagerService.this.checkAuthorityGrantsLocked( |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1442 | callingUid, cpi, userId, checkUser); |
| 1443 | } |
| 1444 | } |
| 1445 | |
| 1446 | @Override |
| 1447 | public void dump(PrintWriter pw, boolean dumpAll, String dumpPackage) { |
Jeff Sharkey | a7f0b62 | 2020-06-02 12:51:18 -0600 | [diff] [blame] | 1448 | synchronized (mLock) { |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1449 | boolean needSep = false; |
| 1450 | boolean printedAnything = false; |
| 1451 | if (mGrantedUriPermissions.size() > 0) { |
| 1452 | boolean printed = false; |
| 1453 | int dumpUid = -2; |
| 1454 | if (dumpPackage != null) { |
Jeff Sharkey | 1d194f923 | 2020-04-11 21:12:58 -0600 | [diff] [blame] | 1455 | dumpUid = mPmInternal.getPackageUidInternal(dumpPackage, MATCH_ANY_USER, 0); |
Wale Ogunwale | 6d50dcc | 2018-07-21 23:00:40 -0700 | [diff] [blame] | 1456 | } |
| 1457 | for (int i = 0; i < mGrantedUriPermissions.size(); i++) { |
| 1458 | int uid = mGrantedUriPermissions.keyAt(i); |
| 1459 | if (dumpUid >= -1 && UserHandle.getAppId(uid) != dumpUid) { |
| 1460 | continue; |
| 1461 | } |
| 1462 | final ArrayMap<GrantUri, UriPermission> perms = |
| 1463 | mGrantedUriPermissions.valueAt(i); |
| 1464 | if (!printed) { |
| 1465 | if (needSep) pw.println(); |
| 1466 | needSep = true; |
| 1467 | pw.println(" Granted Uri Permissions:"); |
| 1468 | printed = true; |
| 1469 | printedAnything = true; |
| 1470 | } |
| 1471 | pw.print(" * UID "); pw.print(uid); pw.println(" holds:"); |
| 1472 | for (UriPermission perm : perms.values()) { |
| 1473 | pw.print(" "); pw.println(perm); |
| 1474 | if (dumpAll) { |
| 1475 | perm.dump(pw, " "); |
| 1476 | } |
| 1477 | } |
| 1478 | } |
| 1479 | } |
| 1480 | |
| 1481 | if (!printedAnything) { |
| 1482 | pw.println(" (nothing)"); |
| 1483 | } |
| 1484 | } |
| 1485 | } |
| 1486 | } |
| 1487 | } |