}
}
+ private String buildSecurityExceptionMsg(int op, int uid, String packageName) {
+ return packageName + " from uid " + uid + " not allowed to perform " + sOpNames[op];
+ }
+
/**
* Do a quick check for whether an application might be able to perform an operation.
* This is <em>not</em> a security check; you must use {@link #noteOp(int, int, String)}
try {
int mode = mService.checkOperation(op, uid, packageName);
if (mode == MODE_ERRORED) {
- throw new SecurityException("Operation not allowed");
+ throw new SecurityException(buildSecurityExceptionMsg(op, uid, packageName));
}
return mode;
} catch (RemoteException e) {
try {
int mode = mService.noteOperation(op, uid, packageName);
if (mode == MODE_ERRORED) {
- throw new SecurityException("Operation not allowed");
+ throw new SecurityException(buildSecurityExceptionMsg(op, uid, packageName));
}
return mode;
} catch (RemoteException e) {
/** @hide */
public int noteOp(int op) {
- return noteOp(op, Process.myUid(), mContext.getBasePackageName());
+ return noteOp(op, Process.myUid(), mContext.getOpPackageName());
}
/** @hide */
try {
int mode = mService.startOperation(getToken(mService), op, uid, packageName);
if (mode == MODE_ERRORED) {
- throw new SecurityException("Operation not allowed");
+ throw new SecurityException(buildSecurityExceptionMsg(op, uid, packageName));
}
return mode;
} catch (RemoteException e) {
/** @hide */
public int startOp(int op) {
- return startOp(op, Process.myUid(), mContext.getBasePackageName());
+ return startOp(op, Process.myUid(), mContext.getOpPackageName());
}
/**
}
public void finishOp(int op) {
- finishOp(op, Process.myUid(), mContext.getBasePackageName());
+ finishOp(op, Process.myUid(), mContext.getOpPackageName());
}
}
int newState, int flags) {
try {
mPM.setApplicationEnabledSetting(packageName, newState, flags,
- mContext.getUserId(), mContext.getBasePackageName());
+ mContext.getUserId(), mContext.getOpPackageName());
} catch (RemoteException e) {
// Should never happen!
}
/*package*/ LoadedApk mPackageInfo;
private String mBasePackageName;
+ private String mOpPackageName;
private Resources mResources;
/*package*/ ActivityThread mMainThread;
private Context mOuterContext;
return mBasePackageName != null ? mBasePackageName : getPackageName();
}
+ /** @hide */
+ @Override
+ public String getOpPackageName() {
+ return mOpPackageName != null ? mOpPackageName : getBasePackageName();
+ }
+
@Override
public ApplicationInfo getApplicationInfo() {
if (mPackageInfo != null) {
public ContextImpl(ContextImpl context) {
mPackageInfo = context.mPackageInfo;
mBasePackageName = context.mBasePackageName;
+ mOpPackageName = context.mOpPackageName;
mResources = context.mResources;
mMainThread = context.mMainThread;
mContentResolver = context.mContentResolver;
final void init(LoadedApk packageInfo, IBinder activityToken, ActivityThread mainThread,
Resources container, String basePackageName, UserHandle user) {
mPackageInfo = packageInfo;
- mBasePackageName = basePackageName != null ? basePackageName : packageInfo.mPackageName;
+ if (basePackageName != null) {
+ mBasePackageName = mOpPackageName = basePackageName;
+ } else {
+ mBasePackageName = packageInfo.mPackageName;
+ ApplicationInfo ainfo = packageInfo.getApplicationInfo();
+ if (ainfo.uid == Process.SYSTEM_UID && ainfo.uid != Process.myUid()) {
+ // Special case: system components allow themselves to be loaded in to other
+ // processes. For purposes of app ops, we must then consider the context as
+ // belonging to the package of this process, not the system itself, otherwise
+ // the package+uid verifications in app ops will fail.
+ mOpPackageName = ActivityThread.currentPackageName();
+ } else {
+ mOpPackageName = mBasePackageName;
+ }
+ }
mResources = mPackageInfo.getResources(mainThread);
mResourcesManager = ResourcesManager.getInstance();
final void init(Resources resources, ActivityThread mainThread, UserHandle user) {
mPackageInfo = null;
mBasePackageName = null;
+ mOpPackageName = null;
mResources = resources;
mMainThread = mainThread;
mContentResolver = new ApplicationContentResolver(this, mainThread, user);
}
if (localLOGV) Log.v(TAG, pkg + ": notify(" + id + ", " + notification + ")");
try {
- service.enqueueNotificationWithTag(pkg, mContext.getBasePackageName(), tag, id,
+ service.enqueueNotificationWithTag(pkg, mContext.getOpPackageName(), tag, id,
notification, idOut, UserHandle.myUserId());
if (id != idOut[0]) {
Log.w(TAG, "notify: id corrupted: sent " + id + ", got back " + idOut[0]);
}
if (localLOGV) Log.v(TAG, pkg + ": notify(" + id + ", " + notification + ")");
try {
- service.enqueueNotificationWithTag(pkg, mContext.getBasePackageName(), tag, id,
+ service.enqueueNotificationWithTag(pkg, mContext.getOpPackageName(), tag, id,
notification, idOut, user.getIdentifier());
if (id != idOut[0]) {
Log.w(TAG, "notify: id corrupted: sent " + id + ", got back " + idOut[0]);
if (clip != null) {
clip.prepareToLeaveProcess();
}
- getService().setPrimaryClip(clip, mContext.getBasePackageName());
+ getService().setPrimaryClip(clip, mContext.getOpPackageName());
} catch (RemoteException e) {
}
}
*/
public ClipData getPrimaryClip() {
try {
- return getService().getPrimaryClip(mContext.getBasePackageName());
+ return getService().getPrimaryClip(mContext.getOpPackageName());
} catch (RemoteException e) {
return null;
}
*/
public ClipDescription getPrimaryClipDescription() {
try {
- return getService().getPrimaryClipDescription(mContext.getBasePackageName());
+ return getService().getPrimaryClipDescription(mContext.getOpPackageName());
} catch (RemoteException e) {
return null;
}
*/
public boolean hasPrimaryClip() {
try {
- return getService().hasPrimaryClip(mContext.getBasePackageName());
+ return getService().hasPrimaryClip(mContext.getOpPackageName());
} catch (RemoteException e) {
return false;
}
if (mPrimaryClipChangedListeners.size() == 0) {
try {
getService().addPrimaryClipChangedListener(
- mPrimaryClipChangedServiceListener, mContext.getBasePackageName());
+ mPrimaryClipChangedServiceListener, mContext.getOpPackageName());
} catch (RemoteException e) {
}
}
*/
public boolean hasText() {
try {
- return getService().hasClipboardText(mContext.getBasePackageName());
+ return getService().hasClipboardText(mContext.getOpPackageName());
} catch (RemoteException e) {
return false;
}
public ContentResolver(Context context) {
mContext = context != null ? context : ActivityThread.currentApplication();
- mPackageName = mContext.getBasePackageName();
+ mPackageName = mContext.getOpPackageName();
}
/** @hide */
/** @hide Return the name of the base context this context is derived from. */
public abstract String getBasePackageName();
+ /** @hide Return the package name that should be used for app ops calls from
+ * this context. This is the same as {@link #getBasePackageName()} except in
+ * cases where system components are loaded into other app processes, in which
+ * case this will be the name of the primary package in that process (so that app
+ * ops uid verification will work with the name). */
+ public abstract String getOpPackageName();
+
/** Return the full application info for this context's package. */
public abstract ApplicationInfo getApplicationInfo();
return mBase.getBasePackageName();
}
+ /** @hide */
+ @Override
+ public String getOpPackageName() {
+ return mBase.getOpPackageName();
+ }
+
@Override
public ApplicationInfo getApplicationInfo() {
return mBase.getApplicationInfo();
*/
public WakeLock newWakeLock(int levelAndFlags, String tag) {
validateWakeLockParameters(levelAndFlags, tag);
- return new WakeLock(levelAndFlags, tag, mContext.getBasePackageName());
+ return new WakeLock(levelAndFlags, tag, mContext.getOpPackageName());
}
/** @hide */
}
public SystemVibrator(Context context) {
- mPackageName = context.getBasePackageName();
+ mPackageName = context.getOpPackageName();
mService = IVibratorService.Stub.asInterface(
ServiceManager.getService("vibrator"));
}
IAudioService service = getService();
try {
if (mUseMasterVolume) {
- service.adjustMasterVolume(direction, flags, mContext.getBasePackageName());
+ service.adjustMasterVolume(direction, flags, mContext.getOpPackageName());
} else {
service.adjustStreamVolume(streamType, direction, flags,
- mContext.getBasePackageName());
+ mContext.getOpPackageName());
}
} catch (RemoteException e) {
Log.e(TAG, "Dead object in adjustStreamVolume", e);
IAudioService service = getService();
try {
if (mUseMasterVolume) {
- service.adjustMasterVolume(direction, flags, mContext.getBasePackageName());
+ service.adjustMasterVolume(direction, flags, mContext.getOpPackageName());
} else {
- service.adjustVolume(direction, flags, mContext.getBasePackageName());
+ service.adjustVolume(direction, flags, mContext.getOpPackageName());
}
} catch (RemoteException e) {
Log.e(TAG, "Dead object in adjustVolume", e);
IAudioService service = getService();
try {
if (mUseMasterVolume) {
- service.adjustMasterVolume(direction, flags, mContext.getBasePackageName());
+ service.adjustMasterVolume(direction, flags, mContext.getOpPackageName());
} else {
service.adjustSuggestedStreamVolume(direction, suggestedStreamType, flags,
- mContext.getBasePackageName());
+ mContext.getOpPackageName());
}
} catch (RemoteException e) {
Log.e(TAG, "Dead object in adjustSuggestedStreamVolume", e);
public void adjustMasterVolume(int steps, int flags) {
IAudioService service = getService();
try {
- service.adjustMasterVolume(steps, flags, mContext.getBasePackageName());
+ service.adjustMasterVolume(steps, flags, mContext.getOpPackageName());
} catch (RemoteException e) {
Log.e(TAG, "Dead object in adjustMasterVolume", e);
}
IAudioService service = getService();
try {
if (mUseMasterVolume) {
- service.setMasterVolume(index, flags, mContext.getBasePackageName());
+ service.setMasterVolume(index, flags, mContext.getOpPackageName());
} else {
- service.setStreamVolume(streamType, index, flags, mContext.getBasePackageName());
+ service.setStreamVolume(streamType, index, flags, mContext.getOpPackageName());
}
} catch (RemoteException e) {
Log.e(TAG, "Dead object in setStreamVolume", e);
public void setMasterVolume(int index, int flags) {
IAudioService service = getService();
try {
- service.setMasterVolume(index, flags, mContext.getBasePackageName());
+ service.setMasterVolume(index, flags, mContext.getOpPackageName());
} catch (RemoteException e) {
Log.e(TAG, "Dead object in setMasterVolume", e);
}
IAudioService service = getService();
try {
service.adjustLocalOrRemoteStreamVolume(streamType, direction,
- mContext.getBasePackageName());
+ mContext.getOpPackageName());
} catch (RemoteException e) {
Log.e(TAG, "Dead object in adjustLocalOrRemoteStreamVolume", e);
}
try {
status = service.requestAudioFocus(streamType, durationHint, mICallBack,
mAudioFocusDispatcher, getIdForAudioFocusListener(l),
- mContext.getBasePackageName() /* package name */);
+ mContext.getOpPackageName() /* package name */);
} catch (RemoteException e) {
Log.e(TAG, "Can't call requestAudioFocus() on AudioService due to "+e);
}
try {
service.requestAudioFocus(streamType, durationHint, mICallBack, null,
MediaFocusControl.IN_VOICE_COMM_FOCUS_ID,
- mContext.getBasePackageName());
+ mContext.getOpPackageName());
} catch (RemoteException e) {
Log.e(TAG, "Can't call requestAudioFocusForCall() on AudioService due to "+e);
}
? AudioManager.ADJUST_RAISE
: AudioManager.ADJUST_LOWER,
0,
- mContext.getBasePackageName());
+ mContext.getOpPackageName());
} catch (RemoteException e) {
Log.w(TAG, "IAudioService.adjustStreamVolume() threw RemoteException " + e);
} finally {
owningPackage = win.getOwningPackage();
} else {
owningUid = android.os.Process.myUid();
- owningPackage = mContext.getBasePackageName();
+ owningPackage = mContext.getOpPackageName();
}
if (pattern.length == 1) {
// One-shot vibration
*/
public List<NeighboringCellInfo> getNeighboringCellInfo() {
try {
- return getITelephony().getNeighboringCellInfo(mContext.getBasePackageName());
+ return getITelephony().getNeighboringCellInfo(mContext.getOpPackageName());
} catch (RemoteException ex) {
return null;
} catch (NullPointerException ex) {
throw new UnsupportedOperationException();
}
+ /** @hide */
+ @Override
+ public String getOpPackageName() {
+ throw new UnsupportedOperationException();
+ }
+
@Override
public ApplicationInfo getApplicationInfo() {
throw new UnsupportedOperationException();
}
@Override
+ public String getOpPackageName() {
+ // pass
+ return null;
+ }
+
+ @Override
public ApplicationInfo getApplicationInfo() {
return mApplicationInfo;
}
*/
public List<BatchedScanResult> getBatchedScanResults() {
try {
- return mService.getBatchedScanResults(mContext.getBasePackageName());
+ return mService.getBatchedScanResults(mContext.getOpPackageName());
} catch (RemoteException e) {
return null;
}
*/
public List<ScanResult> getScanResults() {
try {
- return mService.getScanResults(mContext.getBasePackageName());
+ return mService.getScanResults(mContext.getOpPackageName());
} catch (RemoteException e) {
return null;
}