Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_base / 66acf93106a784172c39e6bbf5c22a1aa3563e0b^! / .
commit66acf93106a784172c39e6bbf5c22a1aa3563e0b[log] [tgz]
authorNikita Ioffe <ioffe@google.com>Thu Jun 16 13:36:35 2022 +0100
committerNikita Ioffe <ioffe@google.com>Fri Jun 17 21:45:09 2022 +0100
treeee764fc503936d7d567688abfbd4f2c5eb731708
parentb5a2fdd6ca5cee425916e630ba4dec1c41a746d7 [diff]
Handle the visibility of sdk sandbox uids

Sdk sandbox processes have the following visibility rules:

1. Sdk sandbox process should be visible to itself
2. Sdk sandbox process should be visible to the corresponding client app
3. Sdk sandbox process shouldn't be visible to anything else

On top of that handle the NPE in the
ComputerEngine.shouldFilterApplication by treating null
PackageStateInternal the same way it is treated in case the calling uid
belongs to the instant app, which is to pretend that null application
exists and that it shouldn't be visible to sdk sandbox.

Bug: 236162773
Test: atest SdkSandboxInprocessTests
Change-Id: Ic2583610f55c36169f9abb35b58a0ab60884a312
Merged-In: Ic2583610f55c36169f9abb35b58a0ab60884a312

diff --git a/services/core/java/com/android/server/pm/ComputerEngine.java b/services/core/java/com/android/server/pm/ComputerEngine.java
index 30de9ba..259ca65 100644
--- a/services/core/java/com/android/server/pm/ComputerEngine.java
+++ b/services/core/java/com/android/server/pm/ComputerEngine.java

@@ -2686,7 +2686,7 @@
         if (Process.isSdkSandboxUid(callingUid)) {
             int clientAppUid = Process.getAppUidForSdkSandboxUid(callingUid);
             // SDK sandbox should be able to see it's client app
-            if (clientAppUid == UserHandle.getUid(userId, ps.getAppId())) {
+            if (ps != null && clientAppUid == UserHandle.getUid(userId, ps.getAppId())) {
                 return false;
             }
         }
@@ -2698,7 +2698,7 @@
         final boolean callerIsInstantApp = instantAppPkgName != null;
         if (ps == null) {
             // pretend the application exists, but, needs to be filtered
-            return callerIsInstantApp;
+            return callerIsInstantApp || Process.isSdkSandboxUid(callingUid);
         }
         // if the target and caller are the same application, don't filter
         if (isCallerSameApp(ps.getPackageName(), callingUid)) {
@@ -3089,6 +3089,19 @@
     }
 
     public boolean filterAppAccess(int uid, int callingUid) {
+        if (Process.isSdkSandboxUid(uid)) {
+            // Sdk sandbox instance should be able to see itself.
+            if (callingUid == uid) {
+                return false;
+            }
+            final int clientAppUid = Process.getAppUidForSdkSandboxUid(uid);
+            // Client app of this sdk sandbox process should be able to see it.
+            if (clientAppUid == uid) {
+                return false;
+            }
+            // Nobody else should be able to see the sdk sandbox process.
+            return true;
+        }
         final int userId = UserHandle.getUserId(uid);
         final int appId = UserHandle.getAppId(uid);
         final Object setting = mSettings.getSettingBase(appId);