summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSvetoslav <svetoslavganov@google.com>2015-08-06 15:03:55 -0700
committerSvetoslav <svetoslavganov@google.com>2015-08-06 18:47:41 -0700
commitaa41add33b8d7d318387cc74c34e3d347d245211 (patch)
tree643633b00ab1b46e19076c3b58d20923fc787636
parent8eaf18b0ab77184f16870428258650bd12bb2ea5 (diff)
downloadframeworks_base-aa41add33b8d7d318387cc74c34e3d347d245211.zip
frameworks_base-aa41add33b8d7d318387cc74c34e3d347d245211.tar.gz
frameworks_base-aa41add33b8d7d318387cc74c34e3d347d245211.tar.bz2
Immediately kill a shared user process on a permission revocation.
1. When a permission is revoked we kill the app immediately but do not do an immediate kill for shared uid processes. This fixes it. 2. Remove system APIs that are used only by the package installer. bug:22984670 Change-Id: I3d4ae52ea8679f894aa7c5972941263903479183
Diffstat
-rw-r--r--api/system-current.txt2
-rw-r--r--core/java/android/app/ActivityManager.java4
-rw-r--r--core/java/android/app/ActivityManagerNative.java10
-rw-r--r--core/java/android/app/IActivityManager.java2
-rw-r--r--core/res/AndroidManifest.xml2
-rw-r--r--services/core/java/com/android/server/am/ActivityManagerService.java7
-rw-r--r--services/core/java/com/android/server/audio/AudioService.java4
-rw-r--r--services/core/java/com/android/server/pm/PackageManagerService.java57
8 files changed, 33 insertions, 55 deletions
diff --git a/api/system-current.txt b/api/system-current.txt
index a784378..e5cfeb8 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -115,7 +115,6 @@ package android {
field public static final java.lang.String INTERNET = "android.permission.INTERNET";
field public static final java.lang.String INVOKE_CARRIER_SETUP = "android.permission.INVOKE_CARRIER_SETUP";
field public static final java.lang.String KILL_BACKGROUND_PROCESSES = "android.permission.KILL_BACKGROUND_PROCESSES";
- field public static final java.lang.String KILL_UID = "android.permission.KILL_UID";
field public static final java.lang.String LOCAL_MAC_ADDRESS = "android.permission.LOCAL_MAC_ADDRESS";
field public static final java.lang.String LOCATION_HARDWARE = "android.permission.LOCATION_HARDWARE";
field public static final java.lang.String LOOP_RADIO = "android.permission.LOOP_RADIO";
@@ -3653,7 +3652,6 @@ package android.app {
method public static boolean isRunningInTestHarness();
method public static boolean isUserAMonkey();
method public void killBackgroundProcesses(java.lang.String);
- method public void killUid(int, java.lang.String);
method public void moveTaskToFront(int, int);
method public void moveTaskToFront(int, int, android.os.Bundle);
method public deprecated void restartPackage(java.lang.String);
diff --git a/core/java/android/app/ActivityManager.java b/core/java/android/app/ActivityManager.java
index 55b2fd9..87c9efc2 100644
--- a/core/java/android/app/ActivityManager.java
+++ b/core/java/android/app/ActivityManager.java
@@ -2430,11 +2430,11 @@ public class ActivityManager {
*
* @hide
*/
- @SystemApi
@RequiresPermission(Manifest.permission.KILL_UID)
public void killUid(int uid, String reason) {
try {
- ActivityManagerNative.getDefault().killUid(uid, reason);
+ ActivityManagerNative.getDefault().killUid(UserHandle.getAppId(uid),
+ UserHandle.getUserId(uid), reason);
} catch (RemoteException e) {
Log.e(TAG, "Couldn't kill uid:" + uid, e);
}
diff --git a/core/java/android/app/ActivityManagerNative.java b/core/java/android/app/ActivityManagerNative.java
index e144c29..f6e0735 100644
--- a/core/java/android/app/ActivityManagerNative.java
+++ b/core/java/android/app/ActivityManagerNative.java
@@ -2245,9 +2245,10 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM
case KILL_UID_TRANSACTION: {
data.enforceInterface(IActivityManager.descriptor);
- int uid = data.readInt();
+ int appId = data.readInt();
+ int userId = data.readInt();
String reason = data.readString();
- killUid(uid, reason);
+ killUid(appId, userId, reason);
reply.writeNoException();
return true;
}
@@ -5479,11 +5480,12 @@ class ActivityManagerProxy implements IActivityManager
return res;
}
- public void killUid(int uid, String reason) throws RemoteException {
+ public void killUid(int appId, int userId, String reason) throws RemoteException {
Parcel data = Parcel.obtain();
Parcel reply = Parcel.obtain();
data.writeInterfaceToken(IActivityManager.descriptor);
- data.writeInt(uid);
+ data.writeInt(appId);
+ data.writeInt(userId);
data.writeString(reason);
mRemote.transact(KILL_UID_TRANSACTION, data, reply, 0);
reply.readException();
diff --git a/core/java/android/app/IActivityManager.java b/core/java/android/app/IActivityManager.java
index 90216af..ef121ce 100644
--- a/core/java/android/app/IActivityManager.java
+++ b/core/java/android/app/IActivityManager.java
@@ -447,7 +447,7 @@ public interface IActivityManager extends IInterface {
public boolean showAssistFromActivity(IBinder token, Bundle args) throws RemoteException;
- public void killUid(int uid, String reason) throws RemoteException;
+ public void killUid(int appId, int userId, String reason) throws RemoteException;
public void hang(IBinder who, boolean allowRestart) throws RemoteException;
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 1f47ce3..699e113 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -2575,7 +2575,7 @@
<permission android:name="android.permission.QUERY_DO_NOT_ASK_CREDENTIALS_ON_BOOT"
android:protectionLevel="signature" />
- <!-- @SystemApi Allows applications to kill UIDs.
+ <!-- Allows applications to kill UIDs.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.KILL_UID"
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index b8d32c3..bc7ee6d 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -5521,7 +5521,7 @@ public final class ActivityManagerService extends ActivityManagerNative
// If no package is specified, we call all processes under the
// give user id.
if (packageName == null) {
- if (app.userId != userId) {
+ if (userId != UserHandle.USER_ALL && app.userId != userId) {
continue;
}
if (appId >= 0 && UserHandle.getAppId(app.uid) != appId) {
@@ -11226,13 +11226,12 @@ public final class ActivityManagerService extends ActivityManagerNative
}
@Override
- public void killUid(int uid, String reason) {
+ public void killUid(int appId, int userId, String reason) {
enforceCallingPermission(Manifest.permission.KILL_UID, "killUid");
synchronized (this) {
final long identity = Binder.clearCallingIdentity();
try {
- killPackageProcessesLocked(null, UserHandle.getAppId(uid),
- UserHandle.getUserId(uid),
+ killPackageProcessesLocked(null, appId, userId,
ProcessList.PERSISTENT_PROC_ADJ, false, true, true, true,
reason != null ? reason : "kill uid");
} finally {
diff --git a/services/core/java/com/android/server/audio/AudioService.java b/services/core/java/com/android/server/audio/AudioService.java
index a0ededf..7565e9d 100644
--- a/services/core/java/com/android/server/audio/AudioService.java
+++ b/services/core/java/com/android/server/audio/AudioService.java
@@ -5150,7 +5150,9 @@ public class AudioService extends IAudioService.Stub {
continue;
}
try {
- ActivityManagerNative.getDefault().killUid(pkg.applicationInfo.uid,
+ final int uid = pkg.applicationInfo.uid;
+ ActivityManagerNative.getDefault().killUid(UserHandle.getAppId(uid),
+ UserHandle.getUserId(uid),
"killBackgroundUserProcessesWithAudioRecordPermission");
} catch (RemoteException e) {
Log.w(TAG, "Error calling killUid", e);
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 11e30b5..6e902e5 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -3469,10 +3469,11 @@ public class PackageManagerService extends IPackageManager.Stub {
}
case PermissionsState.PERMISSION_OPERATION_SUCCESS_GIDS_CHANGED: {
+ final int appId = UserHandle.getAppId(pkg.applicationInfo.uid);
mHandler.post(new Runnable() {
@Override
public void run() {
- killSettingPackagesForUser(sb, userId, KILL_APP_REASON_GIDS_CHANGED);
+ killUid(appId, userId, KILL_APP_REASON_GIDS_CHANGED);
}
});
} break;
@@ -3516,7 +3517,7 @@ public class PackageManagerService extends IPackageManager.Stub {
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
"revokeRuntimePermission");
- final SettingBase sb;
+ final int appId;
synchronized (mPackages) {
final PackageParser.Package pkg = mPackages.get(packageName);
@@ -3531,7 +3532,7 @@ public class PackageManagerService extends IPackageManager.Stub {
enforceDeclaredAsUsedAndRuntimePermission(pkg, bp);
- sb = (SettingBase) pkg.mExtras;
+ SettingBase sb = (SettingBase) pkg.mExtras;
if (sb == null) {
throw new IllegalArgumentException("Unknown package: " + packageName);
}
@@ -3553,9 +3554,11 @@ public class PackageManagerService extends IPackageManager.Stub {
// Critical, after this call app should never have the permission.
mSettings.writeRuntimePermissionsForUserLPr(userId, true);
+
+ appId = UserHandle.getAppId(pkg.applicationInfo.uid);
}
- killSettingPackagesForUser(sb, userId, KILL_APP_REASON_PERMISSIONS_REVOKED);
+ killUid(appId, userId, KILL_APP_REASON_PERMISSIONS_REVOKED);
}
@Override
@@ -3859,28 +3862,15 @@ public class PackageManagerService extends IPackageManager.Stub {
}
}
- private void killSettingPackagesForUser(SettingBase sb, int userId, String reason) {
+ private void killUid(int appId, int userId, String reason) {
final long identity = Binder.clearCallingIdentity();
try {
- if (sb instanceof SharedUserSetting) {
- SharedUserSetting sus = (SharedUserSetting) sb;
- final int packageCount = sus.packages.size();
- for (int i = 0; i < packageCount; i++) {
- PackageSetting susPs = sus.packages.valueAt(i);
- if (userId == UserHandle.USER_ALL) {
- killApplication(susPs.pkg.packageName, susPs.appId, reason);
- } else {
- final int uid = UserHandle.getUid(userId, susPs.appId);
- killUid(uid, reason);
- }
- }
- } else if (sb instanceof PackageSetting) {
- PackageSetting ps = (PackageSetting) sb;
- if (userId == UserHandle.USER_ALL) {
- killApplication(ps.pkg.packageName, ps.appId, reason);
- } else {
- final int uid = UserHandle.getUid(userId, ps.appId);
- killUid(uid, reason);
+ IActivityManager am = ActivityManagerNative.getDefault();
+ if (am != null) {
+ try {
+ am.killUid(appId, userId, reason);
+ } catch (RemoteException e) {
+ /* ignore - same process */
}
}
} finally {
@@ -3888,17 +3878,6 @@ public class PackageManagerService extends IPackageManager.Stub {
}
}
- private static void killUid(int uid, String reason) {
- IActivityManager am = ActivityManagerNative.getDefault();
- if (am != null) {
- try {
- am.killUid(uid, reason);
- } catch (RemoteException e) {
- /* ignore - same process */
- }
- }
- }
-
/**
* Compares two sets of signatures. Returns:
* <br />
@@ -12821,7 +12800,7 @@ public class PackageManagerService extends IPackageManager.Stub {
@Override
public void run() {
// This has to happen with no lock held.
- killSettingPackagesForUser(deletedPs, userIdToKill,
+ killApplication(deletedPs.name, deletedPs.appId,
KILL_APP_REASON_GIDS_CHANGED);
}
});
@@ -13403,13 +13382,11 @@ public class PackageManagerService extends IPackageManager.Stub {
case PERMISSION_OPERATION_SUCCESS_GIDS_CHANGED: {
writeRuntimePermissions = true;
- // If gids changed for this user, kill all affected packages.
+ final int appId = ps.appId;
mHandler.post(new Runnable() {
@Override
public void run() {
- // This has to happen with no lock held.
- killSettingPackagesForUser(ps, userId,
- KILL_APP_REASON_GIDS_CHANGED);
+ killUid(appId, userId, KILL_APP_REASON_GIDS_CHANGED);
}
});
} break;
generated by cgit v1.1 at 2025-08-04 08:33:23 +0000