DivestOS/Patches/LineageOS-16.0/android_packages_apps_Settings/408512.patch

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Fan Wu <cechkahn@google.com>
Date: Mon, 22 Jul 2024 16:12:46 +0800
Subject: [PATCH] Checks cross user permission before handling intent

Bug: 326057017

Test: atest

Flag: EXEMPT bug fix
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d3b3edd45167515579ab156533754e56ac813f35)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0f67d233c1cd653c113df5956f1ed29a42e1d32f)
Merged-In: I3444e55b22b7487f96b0e3e9deb3f844c4c4723a
Change-Id: I3444e55b22b7487f96b0e3e9deb3f844c4c4723a
---
 .../settings/applications/AppInfoBase.java    | 38 ++++++++++++++++++-
 1 file changed, 36 insertions(+), 2 deletions(-)

diff --git a/src/com/android/settings/applications/AppInfoBase.java b/src/com/android/settings/applications/AppInfoBase.java
index f8ed315bfd5..549ecbdd61e 100644
--- a/src/com/android/settings/applications/AppInfoBase.java
+++ b/src/com/android/settings/applications/AppInfoBase.java
@@ -18,7 +18,9 @@ package com.android.settings.applications;
 
 import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
 
+import android.Manifest;
 import android.app.Activity;
+import android.app.ActivityManager;
 import android.app.AlertDialog;
 import android.app.Dialog;
 import android.app.DialogFragment;
@@ -37,6 +39,7 @@ import android.os.IBinder;
 import android.os.ServiceManager;
 import android.os.UserHandle;
 import android.os.UserManager;
+import android.support.annotation.VisibleForTesting;
 import android.text.TextUtils;
 import android.util.Log;
 
@@ -134,8 +137,13 @@ public abstract class AppInfoBase extends SettingsPreferenceFragment
             }
         }
         if (intent != null && intent.hasExtra(Intent.EXTRA_USER_HANDLE)) {
-            mUserId = ((UserHandle) intent.getParcelableExtra(
-                    Intent.EXTRA_USER_HANDLE)).getIdentifier();
+            mUserId = ((UserHandle) intent.getParcelableExtra(Intent.EXTRA_USER_HANDLE))
+                    .getIdentifier();
+            if (mUserId != UserHandle.myUserId() && !hasInteractAcrossUsersPerm()) {
+                Log.w(TAG, "Intent not valid.");
+                finish();
+                return "";
+            }
         } else {
             mUserId = UserHandle.myUserId();
         }
@@ -158,6 +166,32 @@ public abstract class AppInfoBase extends SettingsPreferenceFragment
         return mPackageName;
     }
 
+    @VisibleForTesting
+    protected boolean hasInteractAcrossUsersPerm() {
+        Activity activity = getActivity();
+        if (activity == null) {
+            return false;
+        }
+        String callingPackageName = null;
+        try {
+            callingPackageName = ActivityManager.getService()
+                .getLaunchedFromPackage(activity.getActivityToken());
+        } catch (Exception e) {
+            return false;
+        }
+        if (TextUtils.isEmpty(callingPackageName)) {
+            Log.w(TAG, "Not able to get calling package name for permission check");
+            return false;
+        }
+        if (mPm.checkPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingPackageName)
+                != PackageManager.PERMISSION_GRANTED) {
+            Log.w(TAG, "Package " + callingPackageName + " does not have required permission "
+                    + Manifest.permission.INTERACT_ACROSS_USERS_FULL);
+            return false;
+        }
+        return true;
+    }
+
     protected void setIntentAndFinish(boolean finish, boolean appChanged) {
         if (localLOGV) Log.i(TAG, "appChanged=" + appChanged);
         Intent intent = new Intent();
Fixup + Churn Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:47:52 -05:00			`From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001`
16: November 2024 ASB Picks Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:28:57 -05:00			`From: Fan Wu <cechkahn@google.com>`
			`Date: Mon, 22 Jul 2024 16:12:46 +0800`
Fixup + Churn Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:47:52 -05:00			`Subject: [PATCH] Checks cross user permission before handling intent`
16: November 2024 ASB Picks Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:28:57 -05:00
			`Bug: 326057017`

			`Test: atest`

			`Flag: EXEMPT bug fix`
			`(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d3b3edd45167515579ab156533754e56ac813f35)`
			`(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0f67d233c1cd653c113df5956f1ed29a42e1d32f)`
			`Merged-In: I3444e55b22b7487f96b0e3e9deb3f844c4c4723a`
			`Change-Id: I3444e55b22b7487f96b0e3e9deb3f844c4c4723a`
			`---`
			`.../settings/applications/AppInfoBase.java \| 38 ++++++++++++++++++-`
			`1 file changed, 36 insertions(+), 2 deletions(-)`

			`diff --git a/src/com/android/settings/applications/AppInfoBase.java b/src/com/android/settings/applications/AppInfoBase.java`
			`index f8ed315bfd5..549ecbdd61e 100644`
			`--- a/src/com/android/settings/applications/AppInfoBase.java`
			`+++ b/src/com/android/settings/applications/AppInfoBase.java`
Fixup + Churn Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:47:52 -05:00			`@@ -18,7 +18,9 @@ package com.android.settings.applications;`
16: November 2024 ASB Picks Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:28:57 -05:00
			`import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;`

			`+import android.Manifest;`
			`import android.app.Activity;`
			`+import android.app.ActivityManager;`
			`import android.app.AlertDialog;`
			`import android.app.Dialog;`
			`import android.app.DialogFragment;`
Fixup + Churn Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:47:52 -05:00			`@@ -37,6 +39,7 @@ import android.os.IBinder;`
16: November 2024 ASB Picks Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:28:57 -05:00			`import android.os.ServiceManager;`
			`import android.os.UserHandle;`
			`import android.os.UserManager;`
			`+import android.support.annotation.VisibleForTesting;`
			`import android.text.TextUtils;`
			`import android.util.Log;`

Fixup + Churn Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:47:52 -05:00			`@@ -134,8 +137,13 @@ public abstract class AppInfoBase extends SettingsPreferenceFragment`
16: November 2024 ASB Picks Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:28:57 -05:00			`}`
			`}`
			`if (intent != null && intent.hasExtra(Intent.EXTRA_USER_HANDLE)) {`
			`- mUserId = ((UserHandle) intent.getParcelableExtra(`
			`- Intent.EXTRA_USER_HANDLE)).getIdentifier();`
			`+ mUserId = ((UserHandle) intent.getParcelableExtra(Intent.EXTRA_USER_HANDLE))`
			`+ .getIdentifier();`
			`+ if (mUserId != UserHandle.myUserId() && !hasInteractAcrossUsersPerm()) {`
			`+ Log.w(TAG, "Intent not valid.");`
			`+ finish();`
			`+ return "";`
			`+ }`
			`} else {`
			`mUserId = UserHandle.myUserId();`
			`}`
Fixup + Churn Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:47:52 -05:00			`@@ -158,6 +166,32 @@ public abstract class AppInfoBase extends SettingsPreferenceFragment`
16: November 2024 ASB Picks Signed-off-by: Tavi <tavi@divested.dev> 2024-11-14 07:28:57 -05:00			`return mPackageName;`
			`}`

			`+ @VisibleForTesting`
			`+ protected boolean hasInteractAcrossUsersPerm() {`
			`+ Activity activity = getActivity();`
			`+ if (activity == null) {`
			`+ return false;`
			`+ }`
			`+ String callingPackageName = null;`
			`+ try {`
			`+ callingPackageName = ActivityManager.getService()`
			`+ .getLaunchedFromPackage(activity.getActivityToken());`
			`+ } catch (Exception e) {`
			`+ return false;`
			`+ }`
			`+ if (TextUtils.isEmpty(callingPackageName)) {`
			`+ Log.w(TAG, "Not able to get calling package name for permission check");`
			`+ return false;`
			`+ }`
			`+ if (mPm.checkPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingPackageName)`
			`+ != PackageManager.PERMISSION_GRANTED) {`
			`+ Log.w(TAG, "Package " + callingPackageName + " does not have required permission "`
			`+ + Manifest.permission.INTERACT_ACROSS_USERS_FULL);`
			`+ return false;`
			`+ }`
			`+ return true;`
			`+ }`
			`+`
			`protected void setIntentAndFinish(boolean finish, boolean appChanged) {`
			`if (localLOGV) Log.i(TAG, "appChanged=" + appChanged);`
			`Intent intent = new Intent();`