diff options
| author | Dianne Hackborn <hackbod@google.com> | 2013-09-11 09:51:14 -0700 |
|---|---|---|
| committer | Dianne Hackborn <hackbod@google.com> | 2013-09-11 09:59:47 -0700 |
| commit | 95d785346b4dae808a2d8f77356175e55a572d96 (patch) | |
| tree | 821f4566c90d25c624d6c85539bfbb6a0142754c /core/java/android/content/Context.java | |
| parent | ec7a6ea84578be91e04a54331ea4ca63e7fb69e1 (diff) | |
| download | frameworks_base-95d785346b4dae808a2d8f77356175e55a572d96.zip frameworks_base-95d785346b4dae808a2d8f77356175e55a572d96.tar.gz frameworks_base-95d785346b4dae808a2d8f77356175e55a572d96.tar.bz2 | |
Fix issue #10688644: Java crash in com.android.phone:
java.lang.SecurityException: Operation not allowed
There was a situation I wasn't taking into account -- components
declared by the system has a special ability to run in the processes
of other uids. This means that if that code loaded into another
process tries to do anything needing an app op verification, it will
fail, because it will say it is calling as the system package name but
it is not actually coming from the system uid.
To fix this, we add a new Context.getOpPackageName() to go along-side
getBasePackageName(). This is a special call for use by all app ops
verification, which will be initialized with either the base package
name, the actual package name, or now the default package name of the
process if we are creating a context for system code being loaded into
a non-system process.
I had to update all of the code doing app ops checks to switch to this
method to get the calling package name.
Also improve the security exception throw to have a more descriptive
error message.
Change-Id: Ic04f77b3938585b02fccabbc12d2f0dc62b9ef25
Diffstat (limited to 'core/java/android/content/Context.java')
| -rw-r--r-- | core/java/android/content/Context.java | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/core/java/android/content/Context.java b/core/java/android/content/Context.java index 8df5bee..7b15e63 100644 --- a/core/java/android/content/Context.java +++ b/core/java/android/content/Context.java @@ -435,6 +435,13 @@ public abstract class Context { /** @hide Return the name of the base context this context is derived from. */ public abstract String getBasePackageName(); + /** @hide Return the package name that should be used for app ops calls from + * this context. This is the same as {@link #getBasePackageName()} except in + * cases where system components are loaded into other app processes, in which + * case this will be the name of the primary package in that process (so that app + * ops uid verification will work with the name). */ + public abstract String getOpPackageName(); + /** Return the full application info for this context's package. */ public abstract ApplicationInfo getApplicationInfo(); |