From ff17024e583b170312d82089fd358d278ce16c9a Mon Sep 17 00:00:00 2001 From: Dianne Hackborn Date: Wed, 19 Nov 2014 10:59:01 -0800 Subject: Fix issue with call backs from media process. All but a few lines of this is for issue #16013164, which allowed apps to do some operations as the media uid by having it call back to them to open a file. The problem here is with the tempory identity stuff in the activity manager, allowing us to make the open call as the original caller... ideally we should figure out a way to just get rid of all of that, but the solution here is actually easier (even though it doesn't look it) -- we now hand a token over to the openFile() call that it can use when doing permission checks to say "yes I would like the check to be against whoever is responsible for the open". This allows us to do the uid remapping for only this one specific set of permission checks, and nothing else. Also fix issue #17487348: Isolated services can access system services they shouldn't be able to. Don't send any system service IBinder objects down for the first initialization of an isolated process. Change-Id: I3c70e16e0899d7eef0bae458e83958b41ed2b75e --- .../layoutlib/bridge/android/BridgeContentProvider.java | 2 +- .../com/android/layoutlib/bridge/android/BridgeContext.java | 13 +++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) (limited to 'tools') diff --git a/tools/layoutlib/bridge/src/com/android/layoutlib/bridge/android/BridgeContentProvider.java b/tools/layoutlib/bridge/src/com/android/layoutlib/bridge/android/BridgeContentProvider.java index 89288bf..e4cbb2f 100644 --- a/tools/layoutlib/bridge/src/com/android/layoutlib/bridge/android/BridgeContentProvider.java +++ b/tools/layoutlib/bridge/src/com/android/layoutlib/bridge/android/BridgeContentProvider.java @@ -90,7 +90,7 @@ public final class BridgeContentProvider implements IContentProvider { @Override public ParcelFileDescriptor openFile( - String callingPackage, Uri arg0, String arg1, ICancellationSignal signal) + String callingPackage, Uri arg0, String arg1, ICancellationSignal signal, IBinder token) throws RemoteException, FileNotFoundException { // TODO Auto-generated method stub return null; diff --git a/tools/layoutlib/bridge/src/com/android/layoutlib/bridge/android/BridgeContext.java b/tools/layoutlib/bridge/src/com/android/layoutlib/bridge/android/BridgeContext.java index aeb70e9..2c3736f 100644 --- a/tools/layoutlib/bridge/src/com/android/layoutlib/bridge/android/BridgeContext.java +++ b/tools/layoutlib/bridge/src/com/android/layoutlib/bridge/android/BridgeContext.java @@ -16,6 +16,7 @@ package com.android.layoutlib.bridge.android; +import android.os.IBinder; import com.android.annotations.Nullable; import com.android.ide.common.rendering.api.ILayoutPullParser; import com.android.ide.common.rendering.api.IProjectCallback; @@ -938,12 +939,24 @@ public final class BridgeContext extends Context { } @Override + public int checkPermission(String arg0, int arg1, int arg2, IBinder arg3) { + // pass + return 0; + } + + @Override public int checkUriPermission(Uri arg0, int arg1, int arg2, int arg3) { // pass return 0; } @Override + public int checkUriPermission(Uri arg0, int arg1, int arg2, int arg3, IBinder arg4) { + // pass + return 0; + } + + @Override public int checkUriPermission(Uri arg0, String arg1, String arg2, int arg3, int arg4, int arg5) { // pass -- cgit v1.1