diff options
Diffstat (limited to 'apex/blobstore/service/java')
4 files changed, 21 insertions, 134 deletions
diff --git a/apex/blobstore/service/java/com/android/server/blob/BlobAccessMode.java b/apex/blobstore/service/java/com/android/server/blob/BlobAccessMode.java index 09260b775444..0d17bbc7bbff 100644 --- a/apex/blobstore/service/java/com/android/server/blob/BlobAccessMode.java +++ b/apex/blobstore/service/java/com/android/server/blob/BlobAccessMode.java @@ -15,30 +15,19 @@ */ package com.android.server.blob; -import static android.Manifest.permission.ACCESS_COARSE_LOCATION; -import static android.Manifest.permission.ACCESS_FINE_LOCATION; import static android.app.blob.XmlTags.ATTR_CERTIFICATE; import static android.app.blob.XmlTags.ATTR_PACKAGE; import static android.app.blob.XmlTags.ATTR_TYPE; -import static android.app.blob.XmlTags.ATTR_VALUE; import static android.app.blob.XmlTags.TAG_ALLOWED_PACKAGE; -import static android.app.blob.XmlTags.TAG_ALLOWED_PERMISSION; - -import static com.android.server.blob.BlobStoreConfig.TAG; import android.annotation.IntDef; import android.annotation.NonNull; -import android.annotation.Nullable; -import android.app.AppOpsManager; import android.content.Context; import android.content.pm.PackageManager; -import android.os.UserHandle; -import android.permission.PermissionManager; import android.util.ArraySet; import android.util.Base64; import android.util.DebugUtils; import android.util.IndentingPrintWriter; -import android.util.Slog; import com.android.internal.util.XmlUtils; @@ -64,27 +53,21 @@ class BlobAccessMode { ACCESS_TYPE_PUBLIC, ACCESS_TYPE_SAME_SIGNATURE, ACCESS_TYPE_ALLOWLIST, - ACCESS_TYPE_LOCATION_PERMISSION, }) @interface AccessType {} public static final int ACCESS_TYPE_PRIVATE = 1 << 0; public static final int ACCESS_TYPE_PUBLIC = 1 << 1; public static final int ACCESS_TYPE_SAME_SIGNATURE = 1 << 2; public static final int ACCESS_TYPE_ALLOWLIST = 1 << 3; - public static final int ACCESS_TYPE_LOCATION_PERMISSION = 1 << 4; private int mAccessType = ACCESS_TYPE_PRIVATE; private final ArraySet<PackageIdentifier> mAllowedPackages = new ArraySet<>(); - private final ArraySet<String> mAllowedPermissions = new ArraySet<>(); void allow(BlobAccessMode other) { if ((other.mAccessType & ACCESS_TYPE_ALLOWLIST) != 0) { mAllowedPackages.addAll(other.mAllowedPackages); } - if ((other.mAccessType & ACCESS_TYPE_LOCATION_PERMISSION) != 0) { - mAllowedPermissions.addAll(other.mAllowedPermissions); - } mAccessType |= other.mAccessType; } @@ -101,11 +84,6 @@ class BlobAccessMode { mAllowedPackages.add(PackageIdentifier.create(packageName, certificate)); } - void allowPackagesWithLocationPermission(@NonNull String permissionName) { - mAccessType |= ACCESS_TYPE_LOCATION_PERMISSION; - mAllowedPermissions.add(permissionName); - } - boolean isPublicAccessAllowed() { return (mAccessType & ACCESS_TYPE_PUBLIC) != 0; } @@ -121,15 +99,8 @@ class BlobAccessMode { return mAllowedPackages.contains(PackageIdentifier.create(packageName, certificate)); } - boolean arePackagesWithLocationPermissionAllowed(@NonNull String permissionName) { - if ((mAccessType & ACCESS_TYPE_LOCATION_PERMISSION) == 0) { - return false; - } - return mAllowedPermissions.contains(permissionName); - } - - boolean isAccessAllowedForCaller(Context context, @NonNull String callingPackage, - @NonNull String committerPackage, int callingUid, @Nullable String attributionTag) { + boolean isAccessAllowedForCaller(Context context, + @NonNull String callingPackage, @NonNull String committerPackage) { if ((mAccessType & ACCESS_TYPE_PUBLIC) != 0) { return true; } @@ -153,37 +124,9 @@ class BlobAccessMode { } } - if ((mAccessType & ACCESS_TYPE_LOCATION_PERMISSION) != 0) { - final AppOpsManager appOpsManager = context.getSystemService(AppOpsManager.class); - for (int i = 0; i < mAllowedPermissions.size(); ++i) { - final String permission = mAllowedPermissions.valueAt(i); - if (PermissionManager.checkPackageNamePermission(permission, callingPackage, - UserHandle.getUserId(callingUid)) != PackageManager.PERMISSION_GRANTED) { - continue; - } - // TODO: Add appropriate message - if (appOpsManager.noteOpNoThrow(getAppOp(permission), callingUid, callingPackage, - attributionTag, null /* message */) == AppOpsManager.MODE_ALLOWED) { - return true; - } - } - } - return false; } - private static String getAppOp(String permission) { - switch (permission) { - case ACCESS_FINE_LOCATION: - return AppOpsManager.OPSTR_FINE_LOCATION; - case ACCESS_COARSE_LOCATION: - return AppOpsManager.OPSTR_COARSE_LOCATION; - default: - Slog.w(TAG, "Unknown permission found: " + permission); - return null; - } - } - int getAccessType() { return mAccessType; } @@ -205,16 +148,6 @@ class BlobAccessMode { } fout.decreaseIndent(); } - fout.print("Allowed permissions:"); - if (mAllowedPermissions.isEmpty()) { - fout.println(" (Empty)"); - } else { - fout.increaseIndent(); - for (int i = 0, count = mAllowedPermissions.size(); i < count; ++i) { - fout.println(mAllowedPermissions.valueAt(i).toString()); - } - fout.decreaseIndent(); - } } void writeToXml(@NonNull XmlSerializer out) throws IOException { @@ -226,12 +159,6 @@ class BlobAccessMode { XmlUtils.writeByteArrayAttribute(out, ATTR_CERTIFICATE, packageIdentifier.certificate); out.endTag(null, TAG_ALLOWED_PACKAGE); } - for (int i = 0, count = mAllowedPermissions.size(); i < count; ++i) { - out.startTag(null, TAG_ALLOWED_PERMISSION); - final String permission = mAllowedPermissions.valueAt(i); - XmlUtils.writeStringAttribute(out, ATTR_VALUE, permission); - out.endTag(null, TAG_ALLOWED_PERMISSION); - } } @NonNull @@ -249,10 +176,6 @@ class BlobAccessMode { final byte[] certificate = XmlUtils.readByteArrayAttribute(in, ATTR_CERTIFICATE); blobAccessMode.allowPackageAccess(packageName, certificate); } - if (TAG_ALLOWED_PERMISSION.equals(in.getName())) { - final String permission = XmlUtils.readStringAttribute(in, ATTR_VALUE); - blobAccessMode.allowPackagesWithLocationPermission(permission); - } } return blobAccessMode; } diff --git a/apex/blobstore/service/java/com/android/server/blob/BlobMetadata.java b/apex/blobstore/service/java/com/android/server/blob/BlobMetadata.java index e47715685323..e116c8189f91 100644 --- a/apex/blobstore/service/java/com/android/server/blob/BlobMetadata.java +++ b/apex/blobstore/service/java/com/android/server/blob/BlobMetadata.java @@ -263,8 +263,7 @@ class BlobMetadata { return getBlobFile().length(); } - boolean isAccessAllowedForCaller(@NonNull String callingPackage, int callingUid, - @Nullable String attributionTag) { + boolean isAccessAllowedForCaller(@NonNull String callingPackage, int callingUid) { // Don't allow the blob to be accessed after it's expiry time has passed. if (getBlobHandle().isExpired()) { return false; @@ -293,7 +292,7 @@ class BlobMetadata { // Check if the caller is allowed access as per the access mode specified // by the committer. if (committer.blobAccessMode.isAccessAllowedForCaller(mContext, - callingPackage, committer.packageName, callingUid, attributionTag)) { + callingPackage, committer.packageName)) { return true; } } @@ -316,7 +315,7 @@ class BlobMetadata { // Check if the caller is allowed access as per the access mode specified // by the committer. if (committer.blobAccessMode.isAccessAllowedForCaller(mContext, - callingPackage, committer.packageName, callingUid, attributionTag)) { + callingPackage, committer.packageName)) { return true; } } diff --git a/apex/blobstore/service/java/com/android/server/blob/BlobStoreManagerService.java b/apex/blobstore/service/java/com/android/server/blob/BlobStoreManagerService.java index 731ba9254ea4..beeffd633a83 100644 --- a/apex/blobstore/service/java/com/android/server/blob/BlobStoreManagerService.java +++ b/apex/blobstore/service/java/com/android/server/blob/BlobStoreManagerService.java @@ -397,11 +397,11 @@ public class BlobStoreManagerService extends SystemService { } private ParcelFileDescriptor openBlobInternal(BlobHandle blobHandle, int callingUid, - String callingPackage, String attributionTag) throws IOException { + String callingPackage) throws IOException { synchronized (mBlobsLock) { final BlobMetadata blobMetadata = mBlobsMap.get(blobHandle); if (blobMetadata == null || !blobMetadata.isAccessAllowedForCaller( - callingPackage, callingUid, attributionTag)) { + callingPackage, callingUid)) { if (blobMetadata == null) { FrameworkStatsLog.write(FrameworkStatsLog.BLOB_OPENED, callingUid, INVALID_BLOB_ID, INVALID_BLOB_SIZE, @@ -449,7 +449,7 @@ public class BlobStoreManagerService extends SystemService { private void acquireLeaseInternal(BlobHandle blobHandle, int descriptionResId, CharSequence description, long leaseExpiryTimeMillis, - int callingUid, String callingPackage, String attributionTag) { + int callingUid, String callingPackage) { synchronized (mBlobsLock) { final int leasesCount = getLeasedBlobsCountLocked(callingUid, callingPackage); if (leasesCount >= getMaxLeasedBlobs()) { @@ -470,7 +470,7 @@ public class BlobStoreManagerService extends SystemService { final BlobMetadata blobMetadata = mBlobsMap.get(blobHandle); if (blobMetadata == null || !blobMetadata.isAccessAllowedForCaller( - callingPackage, callingUid, attributionTag)) { + callingPackage, callingUid)) { if (blobMetadata == null) { FrameworkStatsLog.write(FrameworkStatsLog.BLOB_LEASED, callingUid, INVALID_BLOB_ID, INVALID_BLOB_SIZE, @@ -521,11 +521,11 @@ public class BlobStoreManagerService extends SystemService { } private void releaseLeaseInternal(BlobHandle blobHandle, int callingUid, - String callingPackage, String attributionTag) { + String callingPackage) { synchronized (mBlobsLock) { final BlobMetadata blobMetadata = mBlobsMap.get(blobHandle); if (blobMetadata == null || !blobMetadata.isAccessAllowedForCaller( - callingPackage, callingUid, attributionTag)) { + callingPackage, callingUid)) { throw new SecurityException("Caller not allowed to access " + blobHandle + "; callingUid=" + callingUid + ", callingPackage=" + callingPackage); } @@ -632,11 +632,11 @@ public class BlobStoreManagerService extends SystemService { } private LeaseInfo getLeaseInfoInternal(BlobHandle blobHandle, - int callingUid, @NonNull String callingPackage, String attributionTag) { + int callingUid, @NonNull String callingPackage) { synchronized (mBlobsLock) { final BlobMetadata blobMetadata = mBlobsMap.get(blobHandle); if (blobMetadata == null || !blobMetadata.isAccessAllowedForCaller( - callingPackage, callingUid, attributionTag)) { + callingPackage, callingUid)) { throw new SecurityException("Caller not allowed to access " + blobHandle + "; callingUid=" + callingUid + ", callingPackage=" + callingPackage); } @@ -1478,7 +1478,7 @@ public class BlobStoreManagerService extends SystemService { @Override public ParcelFileDescriptor openBlob(@NonNull BlobHandle blobHandle, - @NonNull String packageName, @Nullable String attributionTag) { + @NonNull String packageName) { Objects.requireNonNull(blobHandle, "blobHandle must not be null"); blobHandle.assertIsValid(); Objects.requireNonNull(packageName, "packageName must not be null"); @@ -1493,7 +1493,7 @@ public class BlobStoreManagerService extends SystemService { } try { - return openBlobInternal(blobHandle, callingUid, packageName, attributionTag); + return openBlobInternal(blobHandle, callingUid, packageName); } catch (IOException e) { throw ExceptionUtils.wrap(e); } @@ -1502,8 +1502,7 @@ public class BlobStoreManagerService extends SystemService { @Override public void acquireLease(@NonNull BlobHandle blobHandle, @IdRes int descriptionResId, @Nullable CharSequence description, - @CurrentTimeSecondsLong long leaseExpiryTimeMillis, @NonNull String packageName, - @Nullable String attributionTag) { + @CurrentTimeSecondsLong long leaseExpiryTimeMillis, @NonNull String packageName) { Objects.requireNonNull(blobHandle, "blobHandle must not be null"); blobHandle.assertIsValid(); Preconditions.checkArgument( @@ -1527,7 +1526,7 @@ public class BlobStoreManagerService extends SystemService { try { acquireLeaseInternal(blobHandle, descriptionResId, description, - leaseExpiryTimeMillis, callingUid, packageName, attributionTag); + leaseExpiryTimeMillis, callingUid, packageName); } catch (Resources.NotFoundException e) { throw new IllegalArgumentException(e); } catch (LimitExceededException e) { @@ -1536,8 +1535,7 @@ public class BlobStoreManagerService extends SystemService { } @Override - public void releaseLease(@NonNull BlobHandle blobHandle, @NonNull String packageName, - @Nullable String attributionTag) { + public void releaseLease(@NonNull BlobHandle blobHandle, @NonNull String packageName) { Objects.requireNonNull(blobHandle, "blobHandle must not be null"); blobHandle.assertIsValid(); Objects.requireNonNull(packageName, "packageName must not be null"); @@ -1551,7 +1549,7 @@ public class BlobStoreManagerService extends SystemService { + "callingUid=" + callingUid + ", callingPackage=" + packageName); } - releaseLeaseInternal(blobHandle, callingUid, packageName, attributionTag); + releaseLeaseInternal(blobHandle, callingUid, packageName); } @Override @@ -1621,8 +1619,7 @@ public class BlobStoreManagerService extends SystemService { @Override @Nullable - public LeaseInfo getLeaseInfo(@NonNull BlobHandle blobHandle, @NonNull String packageName, - @Nullable String attributionTag) { + public LeaseInfo getLeaseInfo(@NonNull BlobHandle blobHandle, @NonNull String packageName) { Objects.requireNonNull(blobHandle, "blobHandle must not be null"); blobHandle.assertIsValid(); Objects.requireNonNull(packageName, "packageName must not be null"); @@ -1636,7 +1633,7 @@ public class BlobStoreManagerService extends SystemService { + "callingUid=" + callingUid + ", callingPackage=" + packageName); } - return getLeaseInfoInternal(blobHandle, callingUid, packageName, attributionTag); + return getLeaseInfoInternal(blobHandle, callingUid, packageName); } @Override diff --git a/apex/blobstore/service/java/com/android/server/blob/BlobStoreSession.java b/apex/blobstore/service/java/com/android/server/blob/BlobStoreSession.java index 3f0032fe537e..8eef8cebec3f 100644 --- a/apex/blobstore/service/java/com/android/server/blob/BlobStoreSession.java +++ b/apex/blobstore/service/java/com/android/server/blob/BlobStoreSession.java @@ -15,8 +15,6 @@ */ package com.android.server.blob; -import static android.Manifest.permission.ACCESS_COARSE_LOCATION; -import static android.Manifest.permission.ACCESS_FINE_LOCATION; import static android.app.blob.BlobStoreManager.COMMIT_RESULT_ERROR; import static android.app.blob.XmlTags.ATTR_CREATION_TIME_MS; import static android.app.blob.XmlTags.ATTR_ID; @@ -368,21 +366,6 @@ class BlobStoreSession extends IBlobStoreSession.Stub { } @Override - public void allowPackagesWithLocationPermission(@NonNull String permissionName) { - assertCallerIsOwner(); - Preconditions.checkArgument(ACCESS_FINE_LOCATION.equals(permissionName) - || ACCESS_COARSE_LOCATION.equals(permissionName), - "permissionName is unknown: " + permissionName); - synchronized (mSessionLock) { - if (mState != STATE_OPENED) { - throw new IllegalStateException("Not allowed to change access type in state: " - + stateToString(mState)); - } - mBlobAccessMode.allowPackagesWithLocationPermission(permissionName); - } - } - - @Override public boolean isPackageAccessAllowed(@NonNull String packageName, @NonNull byte[] certificate) { assertCallerIsOwner(); @@ -423,21 +406,6 @@ class BlobStoreSession extends IBlobStoreSession.Stub { } @Override - public boolean arePackagesWithLocationPermissionAllowed(@NonNull String permissionName) { - assertCallerIsOwner(); - Preconditions.checkArgument(ACCESS_FINE_LOCATION.equals(permissionName) - || ACCESS_COARSE_LOCATION.equals(permissionName), - "permissionName is unknown: " + permissionName); - synchronized (mSessionLock) { - if (mState != STATE_OPENED) { - throw new IllegalStateException("Not allowed to change access type in state: " - + stateToString(mState)); - } - return mBlobAccessMode.arePackagesWithLocationPermissionAllowed(permissionName); - } - } - - @Override public void close() { closeSession(STATE_CLOSED, false /* sendCallback */); } |