From 605a44fe93bd532667b1778a9304d0ecc541b3d8 Mon Sep 17 00:00:00 2001 From: Alex Buynytskyy Date: Thu, 2 Apr 2020 15:21:47 -0700 Subject: [PATCH] Additional operation check when enabling read logs. Vold now does not check caller's permission, but only accepts transactions from system_server. And it's up to system server to do the right thing and check permissions/appops. Bug: b/152633648 Test: atest PackageManagerShellCommandTest PackageManagerShellCommandIncrementalTest Test: adb shell appops set 1000 GET_USAGE_STATS deny Change-Id: Id56c1673b135b72b3ec86e572aa4bcca3afc19ab --- VoldNativeService.cpp | 7 ++----- VoldNativeServiceValidation.cpp | 7 +++---- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp index d1d7d86..0cce561 100644 --- a/VoldNativeService.cpp +++ b/VoldNativeService.cpp @@ -53,7 +53,6 @@ namespace vold { namespace { constexpr const char* kDump = "android.permission.DUMP"; -constexpr const char* kDataUsageStats = "android.permission.LOADER_USAGE_STATS"; static binder::Status error(const std::string& msg) { PLOG(ERROR) << msg; @@ -920,11 +919,9 @@ binder::Status VoldNativeService::unmountIncFs(const std::string& dir) { binder::Status VoldNativeService::setIncFsMountOptions( const ::android::os::incremental::IncrementalFileSystemControlParcel& control, bool enableReadLogs) { - auto status = CheckPermission(kDataUsageStats); - if (!status.isOk()) { - return status; - } + ENFORCE_SYSTEM_OR_ROOT; + auto status = Ok(); auto incfsControl = IncFs_CreateControl(dup(control.cmd.get()), dup(control.pendingReads.get()), dup(control.log.get())); if (auto error = IncFs_SetOptions( diff --git a/VoldNativeServiceValidation.cpp b/VoldNativeServiceValidation.cpp index 2e21ace..ee1e65a 100644 --- a/VoldNativeServiceValidation.cpp +++ b/VoldNativeServiceValidation.cpp @@ -39,11 +39,10 @@ binder::Status Exception(uint32_t code, const std::string& msg) { } binder::Status CheckPermission(const char* permission) { - pid_t pid; - uid_t uid; + int32_t pid; + int32_t uid; - if (checkCallingPermission(String16(permission), reinterpret_cast(&pid), - reinterpret_cast(&uid))) { + if (checkCallingPermission(String16(permission), &pid, &uid)) { return Ok(); } else { return Exception(binder::Status::EX_SECURITY,