See also: ag/
6459825
bug:
124844866
Test: From a secondary user:
cts-tradefed run cts-dev -m CtsAppTestCases -t android.app.cts.NotificationManagerTest
Create user 10
$ adb install -r ./testcases/CtsAppTestStubs.apk
$ adb shell cmd package suspend android.app.stubs
Package android.app.stubs new suspended state: true
$ adb shell cmd package unsuspend android.app.stubs
Package android.app.stubs new suspended state: false
$ adb shell cmd package suspend --user 10 android.app.stubs
Package android.app.stubs new suspended state: true
$ adb shell cmd package unsuspend --user 10 android.app.stubs
Package android.app.stubs new suspended state: false
$ adb shell cmd package unsuspend --user 11 android.app.stubs
Security exception: Calling package com.android.shell in user 11 does not belong to calling uid 2000
java.lang.SecurityException: Calling package com.android.shell in user 11 does not belong to calling uid 2000
at com.android.server.pm.PackageManagerService.setPackagesSuspendedAsUser(PackageManagerService.java:12878)
at com.android.server.pm.PackageManagerShellCommand.runSuspend(PackageManagerShellCommand.java:1845)
at com.android.server.pm.PackageManagerShellCommand.onCommand(PackageManagerShellCommand.java:223)
at android.os.ShellCommand.exec(ShellCommand.java:103)
at com.android.server.pm.PackageManagerService.onShellCommand(PackageManagerService.java:20670)
at android.os.Binder.shellCommand(Binder.java:887)
at android.os.Binder.onTransact(Binder.java:771)
at android.content.pm.IPackageManager$Stub.onTransact(IPackageManager.java:4689)
at com.android.server.pm.PackageManagerService.onTransact(PackageManagerService.java:3698)
at android.os.Binder.execTransactInternal(Binder.java:1026)
at android.os.Binder.execTransact(Binder.java:999)
Change-Id: I89ed4eaf95959175c6f366b8760f119abc05719e
"setPackagesSuspendedAsUser");
final int callingUid = Binder.getCallingUid();
- if (callingUid != Process.ROOT_UID && callingUid != Process.SYSTEM_UID
- && getPackageUid(callingPackage, 0, userId) != callingUid) {
+ final int packageUid = getPackageUid(callingPackage, 0, userId);
+ final boolean allowedCallingUid = callingUid == Process.ROOT_UID
+ || callingUid == Process.SYSTEM_UID;
+ final boolean allowedPackageUid = packageUid == callingUid;
+ final boolean allowedShell = callingUid == SHELL_UID
+ && UserHandle.isSameApp(packageUid, callingUid);
+
+ if (!allowedCallingUid && !allowedShell && !allowedPackageUid) {
throw new SecurityException("Calling package " + callingPackage + " in user "
+ userId + " does not belong to calling uid " + callingUid);
}