Merge "Surface outgoing Uri permission grants." into klp-dev

author: Jeff Sharkey <jsharkey@android.com> 2013-10-09 22:07:10 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2013-10-09 22:07:11 +0000
commit: b3da3db34ae32cf9f57b00710488456e82e5de44 (patch)
tree: 55a08992a6f483df64c01b58d73003af19235c49 /services/java/com/android/server/am
parent: 65e911261d972758577f76cf41c6c0c532896fe1 (diff)
parent: bcaac0adecc8f9d7e66548df39e0f5c9f759e38c (diff)
download: frameworks_base-b3da3db34ae32cf9f57b00710488456e82e5de44.zip
frameworks_base-b3da3db34ae32cf9f57b00710488456e82e5de44.tar.gz
frameworks_base-b3da3db34ae32cf9f57b00710488456e82e5de44.tar.bz2
2 files changed, 38 insertions, 12 deletions
diff --git a/services/java/com/android/server/am/ActivityManagerService.java b/services/java/com/android/server/am/ActivityManagerService.java
index b553086..6c6cc98 100644
--- a/services/java/com/android/server/am/ActivityManagerService.java
+++ b/services/java/com/android/server/am/ActivityManagerService.java
@@ -6489,26 +6489,53 @@ public final class ActivityManagerService extends ActivityManagerNative
     }
 
     @Override
-    public ParceledListSlice<android.content.UriPermission> getPersistedUriPermissions() {
+    public ParceledListSlice<android.content.UriPermission> getPersistedUriPermissions(
+            String packageName, boolean incoming) {
         enforceNotIsolatedCaller("getPersistedUriPermissions");
+        Preconditions.checkNotNull(packageName, "packageName");
 
+        final int callingUid = Binder.getCallingUid();
+        final IPackageManager pm = AppGlobals.getPackageManager();
+        try {
+            final int packageUid = pm.getPackageUid(packageName, UserHandle.getUserId(callingUid));
+            if (packageUid != callingUid) {
+                throw new SecurityException(
+                        "Package " + packageName + " does not belong to calling UID " + callingUid);
+            }
+        } catch (RemoteException e) {
+            throw new SecurityException("Failed to verify package name ownership");
+        }
+
+        final ArrayList<android.content.UriPermission> result = Lists.newArrayList();
         synchronized (this) {
-            final int callingUid = Binder.getCallingUid();
-            final ArrayList<android.content.UriPermission> result = Lists.newArrayList();
-            final ArrayMap<Uri, UriPermission> perms = mGrantedUriPermissions.get(callingUid);
-            if (perms == null) {
-                Slog.w(TAG, "No permission grants found for UID " + callingUid);
+            if (incoming) {
+                final ArrayMap<Uri, UriPermission> perms = mGrantedUriPermissions.get(callingUid);
+                if (perms == null) {
+                    Slog.w(TAG, "No permission grants found for " + packageName);
+                } else {
+                    final int size = perms.size();
+                    for (int i = 0; i < size; i++) {
+                        final UriPermission perm = perms.valueAt(i);
+                        if (packageName.equals(perm.targetPkg) && perm.persistedModeFlags != 0) {
+                            result.add(perm.buildPersistedPublicApiObject());
+                        }
+                    }
+                }
             } else {
-                final int size = perms.size();
+                final int size = mGrantedUriPermissions.size();
                 for (int i = 0; i < size; i++) {
-                    final UriPermission perm = perms.valueAt(i);
-                    if (perm.persistedModeFlags != 0) {
-                        result.add(perm.buildPersistedPublicApiObject());
+                    final ArrayMap<Uri, UriPermission> perms = mGrantedUriPermissions.valueAt(i);
+                    final int permsSize = perms.size();
+                    for (int j = 0; j < permsSize; j++) {
+                        final UriPermission perm = perms.valueAt(j);
+                        if (packageName.equals(perm.sourcePkg) && perm.persistedModeFlags != 0) {
+                            result.add(perm.buildPersistedPublicApiObject());
+                        }
                     }
                 }
             }
-            return new ParceledListSlice<android.content.UriPermission>(result);
         }
+        return new ParceledListSlice<android.content.UriPermission>(result);
     }
 
     @Override
diff --git a/services/java/com/android/server/am/UriPermission.java b/services/java/com/android/server/am/UriPermission.java
index 5868c08..684f247 100644
--- a/services/java/com/android/server/am/UriPermission.java
+++ b/services/java/com/android/server/am/UriPermission.java
@@ -20,7 +20,6 @@ import android.content.Intent;
 import android.net.Uri;
 import android.os.UserHandle;
 import android.util.Log;
-import android.util.Slog;
 
 import com.android.internal.util.Preconditions;
 import com.google.android.collect.Sets;
author	Jeff Sharkey <jsharkey@android.com>	2013-10-09 22:07:10 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2013-10-09 22:07:11 +0000
commit	b3da3db34ae32cf9f57b00710488456e82e5de44 (patch)
tree	55a08992a6f483df64c01b58d73003af19235c49 /services/java/com/android/server/am
parent	65e911261d972758577f76cf41c6c0c532896fe1 (diff)
parent	bcaac0adecc8f9d7e66548df39e0f5c9f759e38c (diff)
download	frameworks_base-b3da3db34ae32cf9f57b00710488456e82e5de44.zip frameworks_base-b3da3db34ae32cf9f57b00710488456e82e5de44.tar.gz frameworks_base-b3da3db34ae32cf9f57b00710488456e82e5de44.tar.bz2