From b2340f3fcc2cfded97e0372a336bcf6f9211e0c1 Mon Sep 17 00:00:00 2001 From: Ben Gruver Date: Tue, 11 Feb 2014 16:37:07 -0800 Subject: Add ability to match intents based on the package name of the intent sender Change-Id: Iaf9feececcff9188b1b02751aff6c3ab541dc73d --- .../android/server/firewall/IntentFirewall.java | 1 + .../server/firewall/SenderPackageFilter.java | 73 ++++++++++++++++++++++ 2 files changed, 74 insertions(+) create mode 100644 services/core/java/com/android/server/firewall/SenderPackageFilter.java diff --git a/services/core/java/com/android/server/firewall/IntentFirewall.java b/services/core/java/com/android/server/firewall/IntentFirewall.java index eb7a383..62114cd 100644 --- a/services/core/java/com/android/server/firewall/IntentFirewall.java +++ b/services/core/java/com/android/server/firewall/IntentFirewall.java @@ -95,6 +95,7 @@ public class IntentFirewall { CategoryFilter.FACTORY, SenderFilter.FACTORY, + SenderPackageFilter.FACTORY, SenderPermissionFilter.FACTORY, PortFilter.FACTORY }; diff --git a/services/core/java/com/android/server/firewall/SenderPackageFilter.java b/services/core/java/com/android/server/firewall/SenderPackageFilter.java new file mode 100644 index 0000000..ec9b5de --- /dev/null +++ b/services/core/java/com/android/server/firewall/SenderPackageFilter.java @@ -0,0 +1,73 @@ +/* + * Copyright (C) 2014 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.server.firewall; + +import android.app.AppGlobals; +import android.content.ComponentName; +import android.content.Intent; +import android.content.pm.IPackageManager; +import android.os.RemoteException; +import android.os.UserHandle; + +import org.xmlpull.v1.XmlPullParser; +import org.xmlpull.v1.XmlPullParserException; + +import java.io.IOException; + +public class SenderPackageFilter implements Filter { + private static final String ATTR_NAME = "name"; + + public final String mPackageName; + + public SenderPackageFilter(String packageName) { + mPackageName = packageName; + } + + @Override + public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent, + int callerUid, int callerPid, String resolvedType, int receivingUid) { + IPackageManager pm = AppGlobals.getPackageManager(); + + int packageUid = -1; + try { + packageUid = pm.getPackageUid(mPackageName, UserHandle.USER_OWNER); + } catch (RemoteException ex) { + // handled below + } + + if (packageUid == -1) { + return false; + } + + return UserHandle.isSameApp(packageUid, callerUid); + } + + public static final FilterFactory FACTORY = new FilterFactory("sender-package") { + @Override + public Filter newFilter(XmlPullParser parser) + throws IOException, XmlPullParserException { + String packageName = parser.getAttributeValue(null, ATTR_NAME); + + if (packageName == null) { + throw new XmlPullParserException( + "A package name must be specified.", parser, null); + } + + return new SenderPackageFilter(packageName); + } + }; +} -- cgit v1.1