From ceac51deddb873956c647d1b2dc7b2cc251d404b Mon Sep 17 00:00:00 2001 From: Svetoslav Date: Wed, 1 Oct 2014 12:50:58 -0700 Subject: Fix accessiblity introspection from the shell user regression. Accessibility introspection APIs are meant to query only the state of the current user. There are command line tools that run as the shell user and want to be able to intropspect the screen. When resolving the calling user we were using the calling user id instead of the special constant for the current user. Now when resolving the calling user for intrspection we are using the current user constant and consequentially only the current user or a profile of the current user or the root or the shell or the system or an app with cross user permission can introspect the screen. bug:17674631 Change-Id: I36d1d7b65441d04c3b4204123c4b6d036ff032c0 --- .../accessibility/AccessibilityManagerService.java | 26 +++++++++++++--------- 1 file changed, 16 insertions(+), 10 deletions(-) (limited to 'services/accessibility') diff --git a/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java b/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java index be3fc47..dd0b551 100644 --- a/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java +++ b/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java @@ -2087,7 +2087,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { // performs the current profile parent resolution. final int resolvedUserId = mSecurityPolicy .resolveCallingUserIdEnforcingPermissionsLocked( - UserHandle.getCallingUserId()); + UserHandle.USER_CURRENT); if (resolvedUserId != mCurrentUserId) { return null; } @@ -2118,7 +2118,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { // performs the current profile parent resolution. final int resolvedUserId = mSecurityPolicy .resolveCallingUserIdEnforcingPermissionsLocked( - UserHandle.getCallingUserId()); + UserHandle.USER_CURRENT); if (resolvedUserId != mCurrentUserId) { return null; } @@ -2151,7 +2151,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { // performs the current profile parent resolution. final int resolvedUserId = mSecurityPolicy .resolveCallingUserIdEnforcingPermissionsLocked( - UserHandle.getCallingUserId()); + UserHandle.USER_CURRENT); if (resolvedUserId != mCurrentUserId) { return false; } @@ -2203,7 +2203,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { // performs the current profile parent resolution. final int resolvedUserId = mSecurityPolicy .resolveCallingUserIdEnforcingPermissionsLocked( - UserHandle.getCallingUserId()); + UserHandle.USER_CURRENT); if (resolvedUserId != mCurrentUserId) { return false; } @@ -2255,7 +2255,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { // performs the current profile parent resolution. final int resolvedUserId = mSecurityPolicy .resolveCallingUserIdEnforcingPermissionsLocked( - UserHandle.getCallingUserId()); + UserHandle.USER_CURRENT); if (resolvedUserId != mCurrentUserId) { return false; } @@ -2307,7 +2307,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { // performs the current profile parent resolution. final int resolvedUserId = mSecurityPolicy .resolveCallingUserIdEnforcingPermissionsLocked( - UserHandle.getCallingUserId()); + UserHandle.USER_CURRENT); if (resolvedUserId != mCurrentUserId) { return false; } @@ -2360,7 +2360,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { // performs the current profile parent resolution. final int resolvedUserId = mSecurityPolicy .resolveCallingUserIdEnforcingPermissionsLocked( - UserHandle.getCallingUserId()); + UserHandle.USER_CURRENT); if (resolvedUserId != mCurrentUserId) { return false; } @@ -2411,7 +2411,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { // performs the current profile parent resolution. final int resolvedUserId = mSecurityPolicy .resolveCallingUserIdEnforcingPermissionsLocked( - UserHandle.getCallingUserId()); + UserHandle.USER_CURRENT); if (resolvedUserId != mCurrentUserId) { return false; } @@ -2450,7 +2450,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { // performs the current profile parent resolution. final int resolvedUserId = mSecurityPolicy .resolveCallingUserIdEnforcingPermissionsLocked( - UserHandle.getCallingUserId()); + UserHandle.USER_CURRENT); if (resolvedUserId != mCurrentUserId) { return false; } @@ -2497,7 +2497,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { // performs the current profile parent resolution. final int resolvedUserId = mSecurityPolicy .resolveCallingUserIdEnforcingPermissionsLocked( - UserHandle.getCallingUserId()); + UserHandle.USER_CURRENT); if (resolvedUserId != mCurrentUserId) { return false; } @@ -3591,6 +3591,12 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { if (callingUserId == userId) { return resolveProfileParentLocked(userId); } + final int callingUserParentId = resolveProfileParentLocked(callingUserId); + if (callingUserParentId == mCurrentUserId && + (userId == UserHandle.USER_CURRENT + || userId == UserHandle.USER_CURRENT_OR_SELF)) { + return mCurrentUserId; + } if (!hasPermission(Manifest.permission.INTERACT_ACROSS_USERS) && !hasPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL)) { throw new SecurityException("Call from user " + callingUserId + " as user " -- cgit v1.1