2024-06-19 23:57:56 -04:00
|
|
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
2024-06-19 16:19:28 -04:00
|
|
|
From: Guojing Yuan <guojing@google.com>
|
|
|
|
Date: Thu, 14 Dec 2023 19:30:04 +0000
|
2024-06-19 23:57:56 -04:00
|
|
|
Subject: [PATCH] Check permissions for CDM shell commands
|
2024-06-19 16:19:28 -04:00
|
|
|
|
|
|
|
Override handleShellCommand instead of onShellCommand because
|
|
|
|
Binder.onShellCommand checks the necessary permissions of the caller.
|
|
|
|
|
|
|
|
Backport by mse1969@posteo.de:
|
|
|
|
In Pie, method handleShellCommand does not exist, only Binder.onShellCommand, in which
|
|
|
|
the caller uid check isn't yet implemented. Backport: Take over the uid check from A11
|
|
|
|
and implement it in the method override.
|
|
|
|
|
|
|
|
Bug: 313428840
|
|
|
|
|
|
|
|
Test: manually tested CDM shell commands
|
|
|
|
(cherry picked from commit 1761a0fee9c2cd9787bbb7fbdbe30b4c2b03396e)
|
|
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8d008c61451dba86aa9f14c6bcd661db2cea4856)
|
|
|
|
Merged-In: I5539b3594feb5544c458c0fd1061b51a0a808900
|
|
|
|
Change-Id: I5539b3594feb5544c458c0fd1061b51a0a808900
|
|
|
|
---
|
|
|
|
.../server/companion/CompanionDeviceManagerService.java | 5 +++++
|
|
|
|
1 file changed, 5 insertions(+)
|
|
|
|
|
|
|
|
diff --git a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
|
2024-06-19 23:57:56 -04:00
|
|
|
index a5c9f67060d7..355fc5cd1c8f 100644
|
2024-06-19 16:19:28 -04:00
|
|
|
--- a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
|
|
|
|
+++ b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
|
2024-06-19 23:57:56 -04:00
|
|
|
@@ -348,6 +348,11 @@ public class CompanionDeviceManagerService extends SystemService implements Bind
|
2024-06-19 16:19:28 -04:00
|
|
|
public void onShellCommand(FileDescriptor in, FileDescriptor out, FileDescriptor err,
|
|
|
|
String[] args, ShellCallback callback, ResultReceiver resultReceiver)
|
|
|
|
throws RemoteException {
|
|
|
|
+ final int callingUid = Binder.getCallingUid();
|
|
|
|
+ if (callingUid != Process.ROOT_UID && callingUid != Process.SHELL_UID) {
|
|
|
|
+ resultReceiver.send(-1, null);
|
|
|
|
+ throw new RemoteException("Shell commands are only callable by ADB");
|
|
|
|
+ }
|
|
|
|
new ShellCmd().exec(this, in, out, err, args, callback, resultReceiver);
|
|
|
|
}
|
|
|
|
}
|