PackageManager: make protected-broadcasts permission aware

This extends the <protected-broadcast> mechanism to allow protecting
actions based on a permission for system apps.

For instance:

   <protected-broadcast android:name="ACTION_A"
                        android:permission="PERMISSION_X" />

will restrict intents with action "ACTION_A" to be only sent with
apps holding the "PERMISSION_X" permission. Note that system UIDs will
bypass the permission check and always be allowed, just like the normal
protected-broadcast mechanism.

You must still be a system application to delcare a protected broadcast.

Change-Id: Id25cffd233d400800dcb5249c5f487134e1b4152
Signed-off-by: Roman Birg <roman@cyngn.com>

1 files changed, 2 insertions, 1 deletions

diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index 6d9ed28..17d8d47 100755
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -16962,7 +16962,8 @@ public final class ActivityManagerService extends ActivityManagerNative
         } else if (callerApp == null || !callerApp.persistent) {
             try {
                 if (AppGlobals.getPackageManager().isProtectedBroadcast(
-                        intent.getAction())) {
+                        intent.getAction()) && !AppGlobals.getPackageManager()
+                        .isProtectedBroadcastAllowed(intent.getAction(), callingUid)) {
                     String msg = "Permission Denial: not allowed to send broadcast "
                             + intent.getAction() + " from pid="
                             + callingPid + ", uid=" + callingUid;