SenderFilter.java revision 49660c7c24f24c3394233e3bbf94c96281e8c408
14efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver/* 24efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * Copyright (C) 2013 The Android Open Source Project 34efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * 44efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * Licensed under the Apache License, Version 2.0 (the "License"); 54efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * you may not use this file except in compliance with the License. 64efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * You may obtain a copy of the License at 74efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * 84efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * http://www.apache.org/licenses/LICENSE-2.0 94efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * 104efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * Unless required by applicable law or agreed to in writing, software 114efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * distributed under the License is distributed on an "AS IS" BASIS, 124efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 134efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * See the License for the specific language governing permissions and 144efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver * limitations under the License. 154efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver */ 164efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver 174efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruverpackage com.android.server.firewall; 184efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver 19dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruverimport android.app.AppGlobals; 20f5323fee2a7deaf264ed10fbe3d9c69055987e55Ben Gruverimport android.content.ComponentName; 214efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruverimport android.content.Intent; 224efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruverimport android.content.pm.ApplicationInfo; 23dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruverimport android.content.pm.IPackageManager; 244efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruverimport android.os.Process; 25dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruverimport android.os.RemoteException; 26dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruverimport android.util.Slog; 274efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruverimport org.xmlpull.v1.XmlPullParser; 284efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruverimport org.xmlpull.v1.XmlPullParserException; 294efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver 304efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruverimport java.io.IOException; 314efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver 324efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruverclass SenderFilter { 334efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver private static final String ATTR_TYPE = "type"; 344efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver 354efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver private static final String VAL_SIGNATURE = "signature"; 364efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver private static final String VAL_SYSTEM = "system"; 374efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver private static final String VAL_SYSTEM_OR_SIGNATURE = "system|signature"; 384efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver private static final String VAL_USER_ID = "userId"; 394efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver 40dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver static boolean isPrivilegedApp(int callerUid, int callerPid) { 41dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver if (callerUid == Process.SYSTEM_UID || callerUid == 0 || 42dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver callerPid == Process.myPid() || callerPid == 0) { 434efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver return true; 444efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } 45dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver 46dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver IPackageManager pm = AppGlobals.getPackageManager(); 47dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver try { 48dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver return (pm.getFlagsForUid(callerUid) & ApplicationInfo.FLAG_PRIVILEGED) != 0; 49dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver } catch (RemoteException ex) { 50dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver Slog.e(IntentFirewall.TAG, "Remote exception while retrieving uid flags", 51dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver ex); 524efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } 53dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver 54dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver return false; 554efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } 564efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver 574efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver public static final FilterFactory FACTORY = new FilterFactory("sender") { 584efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver @Override 594efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver public Filter newFilter(XmlPullParser parser) throws IOException, XmlPullParserException { 604efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver String typeString = parser.getAttributeValue(null, ATTR_TYPE); 614efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver if (typeString == null) { 624efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver throw new XmlPullParserException("type attribute must be specified for <sender>", 634efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver parser, null); 644efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } 654efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver if (typeString.equals(VAL_SYSTEM)) { 664efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver return SYSTEM; 674efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } else if (typeString.equals(VAL_SIGNATURE)) { 684efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver return SIGNATURE; 694efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } else if (typeString.equals(VAL_SYSTEM_OR_SIGNATURE)) { 704efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver return SYSTEM_OR_SIGNATURE; 714efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } else if (typeString.equals(VAL_USER_ID)) { 724efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver return USER_ID; 734efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } 744efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver throw new XmlPullParserException( 754efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver "Invalid type attribute for <sender>: " + typeString, parser, null); 764efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } 774efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver }; 784efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver 794efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver private static final Filter SIGNATURE = new Filter() { 804efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver @Override 81f5323fee2a7deaf264ed10fbe3d9c69055987e55Ben Gruver public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent, 8249660c7c24f24c3394233e3bbf94c96281e8c408Ben Gruver int callerUid, int callerPid, String resolvedType, int receivingUid) { 8349660c7c24f24c3394233e3bbf94c96281e8c408Ben Gruver return ifw.signaturesMatch(callerUid, receivingUid); 844efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } 854efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver }; 864efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver 874efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver private static final Filter SYSTEM = new Filter() { 884efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver @Override 89f5323fee2a7deaf264ed10fbe3d9c69055987e55Ben Gruver public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent, 9049660c7c24f24c3394233e3bbf94c96281e8c408Ben Gruver int callerUid, int callerPid, String resolvedType, int receivingUid) { 91dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver return isPrivilegedApp(callerUid, callerPid); 924efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } 934efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver }; 944efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver 954efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver private static final Filter SYSTEM_OR_SIGNATURE = new Filter() { 964efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver @Override 97f5323fee2a7deaf264ed10fbe3d9c69055987e55Ben Gruver public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent, 9849660c7c24f24c3394233e3bbf94c96281e8c408Ben Gruver int callerUid, int callerPid, String resolvedType, int receivingUid) { 99dd72c9ed558158f889a8cdfed8a108553ba5a562Ben Gruver return isPrivilegedApp(callerUid, callerPid) || 10049660c7c24f24c3394233e3bbf94c96281e8c408Ben Gruver ifw.signaturesMatch(callerUid, receivingUid); 1014efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } 1024efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver }; 1034efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver 1044efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver private static final Filter USER_ID = new Filter() { 1054efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver @Override 106f5323fee2a7deaf264ed10fbe3d9c69055987e55Ben Gruver public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent, 10749660c7c24f24c3394233e3bbf94c96281e8c408Ben Gruver int callerUid, int callerPid, String resolvedType, int receivingUid) { 1084efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver // This checks whether the caller is either the system process, or has the same user id 1094efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver // I.e. the same app, or an app that uses the same shared user id. 1104efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver // This is the same set of applications that would be able to access the component if 1114efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver // it wasn't exported. 11249660c7c24f24c3394233e3bbf94c96281e8c408Ben Gruver return ifw.checkComponentPermission(null, callerPid, callerUid, receivingUid, false); 1134efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver } 1144efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver }; 1154efe9403afb0ba3b83fa647eb82e4f90d29f131bBen Gruver} 116