Merge "Verify INTERACT_ACROSS_USERS_FULL perm for cross-user calls." into tm-dev

author: Sudheer Shanka <sudheersai@google.com> 2022-04-30 01:07:51 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2022-04-30 01:07:51 +0000
commit: 5047c1abb45c25848d9e4e031b00f90dec810c91 (patch)
tree: 059cfa944aced511a77e6e235a896732c705485b /core/java
parent: f9ccda5c78c21804342e7cd7c08c87139e959d46 (diff)
parent: 85a9add6bdacee1b310ff1a3d01b53f3460a3d1a (diff)
2 files changed, 19 insertions, 2 deletions
diff --git a/core/java/android/app/ActivityManager.java b/core/java/android/app/ActivityManager.java
index 458dd5d804d1..abd60177f884 100644
--- a/core/java/android/app/ActivityManager.java
+++ b/core/java/android/app/ActivityManager.java
@@ -3710,10 +3710,16 @@ public class ActivityManager {
     /**
      * Returns the process state of this uid.
      *
+     * If the caller does not hold {@link Manifest.permission#INTERACT_ACROSS_USERS_FULL}
+     * permission, they can only query process state of UIDs running in the same user as the caller.
+     *
      * @hide
      */
     @TestApi
-    @RequiresPermission(Manifest.permission.PACKAGE_USAGE_STATS)
+    @RequiresPermission(allOf = {
+            Manifest.permission.PACKAGE_USAGE_STATS,
+            Manifest.permission.INTERACT_ACROSS_USERS_FULL
+    }, conditional = true)
     public int getUidProcessState(int uid) {
         try {
             return getService().getUidProcessState(uid, mContext.getOpPackageName());
@@ -3725,10 +3731,17 @@ public class ActivityManager {
     /**
      * Returns the process capability of this uid.
      *
+     * If the caller does not hold {@link Manifest.permission#INTERACT_ACROSS_USERS_FULL}
+     * permission, they can only query process capabilities of UIDs running in the same user
+     * as the caller.
+     *
      * @hide
      */
     @TestApi
-    @RequiresPermission(Manifest.permission.PACKAGE_USAGE_STATS)
+    @RequiresPermission(allOf = {
+            Manifest.permission.PACKAGE_USAGE_STATS,
+            Manifest.permission.INTERACT_ACROSS_USERS_FULL
+    }, conditional = true)
     public @ProcessCapability int getUidProcessCapabilities(int uid) {
         try {
             return getService().getUidProcessCapabilities(uid, mContext.getOpPackageName());
diff --git a/core/java/android/app/IActivityManager.aidl b/core/java/android/app/IActivityManager.aidl
index 49a61580ab3b..4efe9dfe7185 100644
--- a/core/java/android/app/IActivityManager.aidl
+++ b/core/java/android/app/IActivityManager.aidl
@@ -100,6 +100,8 @@ interface IActivityManager {
             String callingPackage);
     void unregisterUidObserver(in IUidObserver observer);
     boolean isUidActive(int uid, String callingPackage);
+    @JavaPassthrough(annotation=
+            "@android.annotation.RequiresPermission(allOf = {android.Manifest.permission.PACKAGE_USAGE_STATS, android.Manifest.permission.INTERACT_ACROSS_USERS_FULL}, conditional = true)")
     int getUidProcessState(int uid, in String callingPackage);
     @UnsupportedAppUsage
     int checkPermission(in String permission, int pid, int uid);
@@ -742,6 +744,8 @@ interface IActivityManager {
     /** Called by PendingIntent.queryIntentComponents() */
     ParceledListSlice queryIntentComponentsForIntentSender(in IIntentSender sender, int matchFlags);
 
+    @JavaPassthrough(annotation=
+            "@android.annotation.RequiresPermission(allOf = {android.Manifest.permission.PACKAGE_USAGE_STATS, android.Manifest.permission.INTERACT_ACROSS_USERS_FULL}, conditional = true)")
     int getUidProcessCapabilities(int uid, in String callingPackage);
 
     /** Blocks until all broadcast queues become idle. */
author	Sudheer Shanka <sudheersai@google.com>	2022-04-30 01:07:51 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2022-04-30 01:07:51 +0000
commit	5047c1abb45c25848d9e4e031b00f90dec810c91 (patch)
tree	059cfa944aced511a77e6e235a896732c705485b /core/java
parent	f9ccda5c78c21804342e7cd7c08c87139e959d46 (diff)
parent	85a9add6bdacee1b310ff1a3d01b53f3460a3d1a (diff)