summaryrefslogtreecommitdiffstats
path: root/packages/SettingsProvider
diff options
context:
space:
mode:
authorBilly Lau <billylau@google.com>2015-07-18 00:26:58 +0100
committerBilly Lau <billylau@google.com>2015-07-29 23:21:26 +0100
commit6ad2d66072795dd9836350b273dcde52910ab4c3 (patch)
tree407b5f32d915c561baded2f6eb7ed7e9d2e61ad5 /packages/SettingsProvider
parent771d210ab2d0df9d6748eb56e3f7250377df1fc4 (diff)
downloadframeworks_base-6ad2d66072795dd9836350b273dcde52910ab4c3.zip
frameworks_base-6ad2d66072795dd9836350b273dcde52910ab4c3.tar.gz
frameworks_base-6ad2d66072795dd9836350b273dcde52910ab4c3.tar.bz2
Bug: 21589105 Rescope WRITE_SETTINGS permission (framework services perm check
changes) AppOpsManager: Changed the default operating mode for WRITE_SETTINGS to MODE_DEFAULT from MODE_ALLOWED. packages/SettingsProvider: We no longer do static permission checks for WRITE_SETTINGS in early checks and defer that to app op when MODE_DEFAULT is returned. For some operations, checking against WRITE_SECURE_SETTINGS is sufficient. ActivityManagerService & PowerManagerService: Incorporated app op checks and handled the MODE_DEFAULT case. provider/Settings: Added helper function to do checks on whether app ops protected operations can be performed by a caller. This includes checks for WRITE_SETTINGS and SYSTEM_ALERT_WINDOW. Also added a public API (with javadocs) for apps to query if they can modify system settings. Changed the javadocs description for ACTION_MANAGE_WRITE_SETTINGS and ACTION_MANAGE_OVERLAY_PERMISSION. Added public API (with javadocs) for apps to query whether they can draw overlays or not, and also javadocs description on how to use that check. Change-Id: I7b651fe8af836c2074defdbd6acfec3f32acdbe9
Diffstat (limited to 'packages/SettingsProvider')
-rw-r--r--packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java48
1 files changed, 8 insertions, 40 deletions
diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
index 2a68252..3e9b122 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
@@ -643,11 +643,6 @@ public class SettingsProvider extends ContentProvider {
// Make sure the caller can change the settings - treated as secure.
enforceWritePermission(Manifest.permission.WRITE_SECURE_SETTINGS);
- // Verify whether this operation is allowed for the calling package.
- if (!isAppOpWriteSettingsAllowedForCallingPackage()) {
- return false;
- }
-
// Resolve the userId on whose behalf the call is made.
final int callingUserId = resolveCallingUserIdEnforcingPermissionsLocked(requestingUserId);
@@ -773,11 +768,6 @@ public class SettingsProvider extends ContentProvider {
// Make sure the caller can change the settings.
enforceWritePermission(Manifest.permission.WRITE_SECURE_SETTINGS);
- // Verify whether this operation is allowed for the calling package.
- if (!isAppOpWriteSettingsAllowedForCallingPackage()) {
- return false;
- }
-
// Resolve the userId on whose behalf the call is made.
final int callingUserId = resolveCallingUserIdEnforcingPermissionsLocked(requestingUserId);
@@ -904,14 +894,13 @@ public class SettingsProvider extends ContentProvider {
private boolean mutateSystemSetting(String name, String value, int runAsUserId,
int operation) {
- // Check for permissions first.
- if (!hasPermissionsToMutateSystemSettings()) {
- return false;
- }
-
- // Verify whether this operation is allowed for the calling package.
- if (!isAppOpWriteSettingsAllowedForCallingPackage()) {
- return false;
+ if (!hasWriteSecureSettingsPermission()) {
+ // If the caller doesn't hold WRITE_SECURE_SETTINGS, we verify whether this
+ // operation is allowed for the calling package through appops.
+ if (!Settings.checkAndNoteWriteSettingsOperation(getContext(),
+ Binder.getCallingUid(), getCallingPackage(), true)) {
+ return false;
+ }
}
// Enforce what the calling package can mutate the system settings.
@@ -956,25 +945,13 @@ public class SettingsProvider extends ContentProvider {
}
}
- private boolean hasPermissionsToMutateSystemSettings() {
+ private boolean hasWriteSecureSettingsPermission() {
// Write secure settings is a more protected permission. If caller has it we are good.
if (getContext().checkCallingOrSelfPermission(Manifest.permission.WRITE_SECURE_SETTINGS)
== PackageManager.PERMISSION_GRANTED) {
return true;
}
- // The write settings permission gates mutation of system settings.
- if (getContext().checkCallingOrSelfPermission(Manifest.permission.WRITE_SETTINGS)
- == PackageManager.PERMISSION_GRANTED) {
- return true;
- }
-
- // Excpet we let system apps change system settings without the permission.
- PackageInfo packageInfo = getCallingPackageInfoOrThrow();
- if ((packageInfo.applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) != 0) {
- return true;
- }
-
return false;
}
@@ -1102,15 +1079,6 @@ public class SettingsProvider extends ContentProvider {
}
}
- private boolean isAppOpWriteSettingsAllowedForCallingPackage() {
- final int callingUid = Binder.getCallingUid();
-
- mAppOpsManager.checkPackage(Binder.getCallingUid(), getCallingPackage());
-
- return mAppOpsManager.noteOp(AppOpsManager.OP_WRITE_SETTINGS, callingUid,
- getCallingPackage()) == AppOpsManager.MODE_ALLOWED;
- }
-
private void enforceWritePermission(String permission) {
if (getContext().checkCallingOrSelfPermission(permission)
!= PackageManager.PERMISSION_GRANTED) {