From 371cf5203e1140ba416a248ed626413257bac87d Mon Sep 17 00:00:00 2001 From: Fan Wu Date: Mon, 22 Jul 2024 16:12:46 +0800 Subject: [PATCH] [BACKPORT] Checks cross user permission before handling intent Bug: 326057017 Test: atest Flag: EXEMPT bug fix (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d3b3edd45167515579ab156533754e56ac813f35) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0f67d233c1cd653c113df5956f1ed29a42e1d32f) Merged-In: I3444e55b22b7487f96b0e3e9deb3f844c4c4723a Change-Id: I3444e55b22b7487f96b0e3e9deb3f844c4c4723a --- .../settings/applications/AppInfoBase.java | 38 ++++++++++++++++++- 1 file changed, 36 insertions(+), 2 deletions(-) diff --git a/src/com/android/settings/applications/AppInfoBase.java b/src/com/android/settings/applications/AppInfoBase.java index f8ed315bfd5..549ecbdd61e 100644 --- a/src/com/android/settings/applications/AppInfoBase.java +++ b/src/com/android/settings/applications/AppInfoBase.java @@ -18,7 +18,9 @@ import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin; +import android.Manifest; import android.app.Activity; +import android.app.ActivityManager; import android.app.AlertDialog; import android.app.Dialog; import android.app.DialogFragment; @@ -37,6 +39,7 @@ import android.os.ServiceManager; import android.os.UserHandle; import android.os.UserManager; +import android.support.annotation.VisibleForTesting; import android.text.TextUtils; import android.util.Log; @@ -134,8 +137,13 @@ protected String retrieveAppEntry() { } } if (intent != null && intent.hasExtra(Intent.EXTRA_USER_HANDLE)) { - mUserId = ((UserHandle) intent.getParcelableExtra( - Intent.EXTRA_USER_HANDLE)).getIdentifier(); + mUserId = ((UserHandle) intent.getParcelableExtra(Intent.EXTRA_USER_HANDLE)) + .getIdentifier(); + if (mUserId != UserHandle.myUserId() && !hasInteractAcrossUsersPerm()) { + Log.w(TAG, "Intent not valid."); + finish(); + return ""; + } } else { mUserId = UserHandle.myUserId(); } @@ -158,6 +166,32 @@ protected String retrieveAppEntry() { return mPackageName; } + @VisibleForTesting + protected boolean hasInteractAcrossUsersPerm() { + Activity activity = getActivity(); + if (activity == null) { + return false; + } + String callingPackageName = null; + try { + callingPackageName = ActivityManager.getService() + .getLaunchedFromPackage(activity.getActivityToken()); + } catch (Exception e) { + return false; + } + if (TextUtils.isEmpty(callingPackageName)) { + Log.w(TAG, "Not able to get calling package name for permission check"); + return false; + } + if (mPm.checkPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingPackageName) + != PackageManager.PERMISSION_GRANTED) { + Log.w(TAG, "Package " + callingPackageName + " does not have required permission " + + Manifest.permission.INTERACT_ACROSS_USERS_FULL); + return false; + } + return true; + } + protected void setIntentAndFinish(boolean finish, boolean appChanged) { if (localLOGV) Log.i(TAG, "appChanged=" + appChanged); Intent intent = new Intent();