From d8d4e7c567872fa4596c2f63c85092a90b36a6b3 Mon Sep 17 00:00:00 2001 From: Roman Birg Date: Tue, 19 Jul 2016 12:37:33 -0700 Subject: PackageManager: make protected-broadcasts permission aware This extends the mechanism to allow protecting actions based on a permission for system apps. For instance: will restrict intents with action "ACTION_A" to be only sent with apps holding the "PERMISSION_X" permission. Note that system UIDs will bypass the permission check and always be allowed, just like the normal protected-broadcast mechanism. You must still be a system application to delcare a protected broadcast. Change-Id: Id25cffd233d400800dcb5249c5f487134e1b4152 Signed-off-by: Roman Birg --- core/java/android/content/pm/IPackageManager.aidl | 3 +++ core/java/android/content/pm/PackageParser.java | 15 +++++++++++---- core/res/res/values/attrs_manifest.xml | 1 + 3 files changed, 15 insertions(+), 4 deletions(-) (limited to 'core') diff --git a/core/java/android/content/pm/IPackageManager.aidl b/core/java/android/content/pm/IPackageManager.aidl index a3329db..51f13af 100644 --- a/core/java/android/content/pm/IPackageManager.aidl +++ b/core/java/android/content/pm/IPackageManager.aidl @@ -523,4 +523,7 @@ interface IPackageManager { /** Protected Apps */ boolean isComponentProtected(in String callingPackage, in int callingUid, in ComponentName componentName, int userId); + + /** protected broadcast ext */ + boolean isProtectedBroadcastAllowed(in String actionName, in int callingUid); } diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java index 6a07b31..bb46ef0 100644 --- a/core/java/android/content/pm/PackageParser.java +++ b/core/java/android/content/pm/PackageParser.java @@ -1877,14 +1877,18 @@ public class PackageParser { String name = sa.getNonResourceString( com.android.internal.R.styleable.AndroidManifestProtectedBroadcast_name); + String permission = sa.getNonResourceString( + com.android.internal.R.styleable.AndroidManifestProtectedBroadcast_permission); + sa.recycle(); if (name != null && (flags&PARSE_IS_SYSTEM) != 0) { if (pkg.protectedBroadcasts == null) { - pkg.protectedBroadcasts = new ArrayList(); + pkg.protectedBroadcasts = new ArrayMap<>(); } - if (!pkg.protectedBroadcasts.contains(name)) { - pkg.protectedBroadcasts.add(name.intern()); + if (!pkg.protectedBroadcasts.containsKey(name)) { + pkg.protectedBroadcasts.put(name.intern(), + permission != null ? permission.intern() : null); } } @@ -4519,7 +4523,10 @@ public class PackageParser { public final ArrayList requestedPermissions = new ArrayList(); - public ArrayList protectedBroadcasts; + /** + * Maps from package -> permission, null for system (default behavior) + */ + public ArrayMap protectedBroadcasts; public ArrayList libraryNames = null; public ArrayList usesLibraries = null; diff --git a/core/res/res/values/attrs_manifest.xml b/core/res/res/values/attrs_manifest.xml index a0b92b9..6da5941 100644 --- a/core/res/res/values/attrs_manifest.xml +++ b/core/res/res/values/attrs_manifest.xml @@ -1595,6 +1595,7 @@ {@link #AndroidManifest manifest} tag. --> +