diff options
| -rw-r--r-- | apex/appsearch/service/java/com/android/server/appsearch/AppSearchManagerService.java | 75 |
1 files changed, 20 insertions, 55 deletions
diff --git a/apex/appsearch/service/java/com/android/server/appsearch/AppSearchManagerService.java b/apex/appsearch/service/java/com/android/server/appsearch/AppSearchManagerService.java index b49bbc5fca89..d4e32396187d 100644 --- a/apex/appsearch/service/java/com/android/server/appsearch/AppSearchManagerService.java +++ b/apex/appsearch/service/java/com/android/server/appsearch/AppSearchManagerService.java @@ -18,7 +18,6 @@ package com.android.server.appsearch; import static android.app.appsearch.AppSearchResult.throwableToFailedResult; import static android.os.Process.INVALID_UID; -import android.Manifest; import android.annotation.ElapsedRealtimeLong; import android.annotation.NonNull; import android.app.appsearch.AppSearchBatchResult; @@ -332,7 +331,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(callback); long totalLatencyStartTimeMillis = SystemClock.elapsedRealtime(); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { @AppSearchResult.ResultCode int statusCode = AppSearchResult.RESULT_OK; @@ -345,7 +343,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); List<AppSearchSchema> schemas = new ArrayList<>(schemaBundles.size()); @@ -424,7 +422,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(userHandle); Objects.requireNonNull(callback); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { try { @@ -433,7 +430,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); AppSearchUserInstance instance = @@ -460,7 +457,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(userHandle); Objects.requireNonNull(callback); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { try { @@ -469,7 +465,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); AppSearchUserInstance instance = @@ -499,7 +495,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(callback); long totalLatencyStartTimeMillis = SystemClock.elapsedRealtime(); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { @AppSearchResult.ResultCode int statusCode = AppSearchResult.RESULT_OK; @@ -512,7 +507,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); AppSearchBatchResult.Builder<String, Void> resultBuilder = @@ -589,7 +584,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(callback); long totalLatencyStartTimeMillis = SystemClock.elapsedRealtime(); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { @AppSearchResult.ResultCode int statusCode = AppSearchResult.RESULT_OK; @@ -602,7 +596,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); AppSearchBatchResult.Builder<String, Bundle> resultBuilder = @@ -674,7 +668,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(callback); long totalLatencyStartTimeMillis = SystemClock.elapsedRealtime(); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { @AppSearchResult.ResultCode int statusCode = AppSearchResult.RESULT_OK; @@ -687,7 +680,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); instance = mAppSearchUserInstanceManager.getUserInstance(targetUser); @@ -744,7 +737,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(callback); long totalLatencyStartTimeMillis = SystemClock.elapsedRealtime(); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { @AppSearchResult.ResultCode int statusCode = AppSearchResult.RESULT_OK; @@ -757,7 +749,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); instance = mAppSearchUserInstanceManager.getUserInstance(targetUser); @@ -813,7 +805,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(userHandle); Objects.requireNonNull(callback); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { try { @@ -822,7 +813,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); AppSearchUserInstance instance = @@ -846,7 +837,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(packageName); Objects.requireNonNull(userHandle); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { try { @@ -855,7 +845,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); AppSearchUserInstance instance = @@ -884,7 +874,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(userHandle); Objects.requireNonNull(callback); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { try { @@ -893,7 +882,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); AppSearchUserInstance instance = @@ -940,7 +929,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(userHandle); Objects.requireNonNull(callback); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { try { @@ -949,7 +937,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); AppSearchUserInstance instance = @@ -1006,7 +994,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(userHandle); Objects.requireNonNull(callback); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { try { @@ -1015,7 +1002,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); AppSearchUserInstance instance = @@ -1057,7 +1044,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(callback); long totalLatencyStartTimeMillis = SystemClock.elapsedRealtime(); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { @AppSearchResult.ResultCode int statusCode = AppSearchResult.RESULT_OK; @@ -1070,7 +1056,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); AppSearchBatchResult.Builder<String, Void> resultBuilder = @@ -1147,7 +1133,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(callback); long totalLatencyStartTimeMillis = SystemClock.elapsedRealtime(); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { @AppSearchResult.ResultCode int statusCode = AppSearchResult.RESULT_OK; @@ -1160,7 +1145,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); instance = mAppSearchUserInstanceManager.getUserInstance(targetUser); @@ -1215,7 +1200,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(userHandle); Objects.requireNonNull(callback); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { try { @@ -1224,7 +1208,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); AppSearchUserInstance instance = @@ -1249,7 +1233,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(userHandle); long totalLatencyStartTimeMillis = SystemClock.elapsedRealtime(); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { @AppSearchResult.ResultCode int statusCode = AppSearchResult.RESULT_OK; @@ -1262,7 +1245,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); instance = mAppSearchUserInstanceManager.getUserInstance(targetUser); @@ -1305,7 +1288,6 @@ public class AppSearchManagerService extends SystemService { Objects.requireNonNull(callback); long totalLatencyStartTimeMillis = SystemClock.elapsedRealtime(); - int callingPid = Binder.getCallingPid(); int callingUid = Binder.getCallingUid(); EXECUTOR.execute(() -> { @@ -1319,7 +1301,7 @@ public class AppSearchManagerService extends SystemService { // Obtain the user where the client wants to run the operations in. This should // end up being the same as userHandle, assuming it is not a special user and // the client is allowed to run operations in that user. - UserHandle targetUser = handleIncomingUser(userHandle, callingPid, callingUid); + UserHandle targetUser = handleIncomingUser(userHandle, callingUid); verifyUserUnlocked(targetUser); Context targetUserContext = mContext.createContextAsUser(targetUser, @@ -1407,22 +1389,12 @@ public class AppSearchManagerService extends SystemService { /** * Helper for dealing with incoming user arguments to system service calls. * - * <p>Takes care of checking permissions and if the target is special user, this method will - * simply throw. - * * @param targetUserHandle The user which the caller is requesting to execute as. - * @param callingPid The actual pid of the caller as determined by Binder. * @param callingUid The actual uid of the caller as determined by Binder. - * * @return the user handle that the call should run as. Will always be a concrete user. - * - * @throws IllegalArgumentException if the target user is a special user. - * @throws SecurityException if caller trying to interact across user without - * {@link Manifest.permission#INTERACT_ACROSS_USERS_FULL} */ @NonNull - private UserHandle handleIncomingUser(@NonNull UserHandle targetUserHandle, int callingPid, - int callingUid) { + private UserHandle handleIncomingUser(@NonNull UserHandle targetUserHandle, int callingUid) { UserHandle callingUserHandle = UserHandle.getUserHandleForUid(callingUid); if (callingUserHandle.equals(targetUserHandle)) { return targetUserHandle; @@ -1434,16 +1406,9 @@ public class AppSearchManagerService extends SystemService { "Call does not support special user " + targetUserHandle); } - if (mContext.checkPermission( - Manifest.permission.INTERACT_ACROSS_USERS_FULL, - callingPid, - callingUid) == PackageManager.PERMISSION_GRANTED) { - return targetUserHandle; - } throw new SecurityException( - "Permission denied while calling from uid " + callingUid - + " with " + targetUserHandle + "; Requires permission: " - + Manifest.permission.INTERACT_ACROSS_USERS_FULL); + "Requested user, " + targetUserHandle + ", is not the same as the calling user, " + + callingUserHandle + "."); } /** |