Skip to content

Commit da2509c

Browse files
krutonAndroid (Google) Code Review
kruton
authored and
Android (Google) Code Review
committed
Merge "Check non-primary user dirs during package scan" into jb-mr1-dev
2 parents 6757572 + 4525f5b commit da2509c

File tree

3 files changed

+181
-140
lines changed

3 files changed

+181
-140
lines changed

cmds/installd/commands.c

Lines changed: 24 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -141,39 +141,54 @@ int renamepkg(const char *oldpkgname, const char *newpkgname)
141141
return 0;
142142
}
143143

144-
int fix_uid(const char *pkgname, uid_t uid, gid_t gid)
144+
int fix_uid(const char *pkgname, uid_t uid, uid_t userId)
145145
{
146146
char pkgdir[PKG_PATH_MAX];
147147
struct stat s;
148148
int rc = 0;
149149

150-
if ((uid < AID_SYSTEM) || (gid < AID_SYSTEM)) {
151-
ALOGE("invalid uid/gid: %d %d\n", uid, gid);
150+
if (uid < AID_SYSTEM) {
151+
ALOGE("invalid uid: %d\n", uid);
152152
return -1;
153153
}
154154

155-
if (create_pkg_path(pkgdir, pkgname, PKG_DIR_POSTFIX, 0)) {
155+
if (create_pkg_path(pkgdir, pkgname, PKG_DIR_POSTFIX, userId)) {
156156
ALOGE("cannot create package path\n");
157157
return -1;
158158
}
159159

160160
if (stat(pkgdir, &s) < 0) return -1;
161161

162-
if (s.st_uid != 0 || s.st_gid != 0) {
163-
ALOGE("fixing uid of non-root pkg: %s %lu %lu\n", pkgdir, s.st_uid, s.st_gid);
162+
if (((s.st_uid != 0) && (s.st_uid != AID_INSTALL))
163+
|| ((s.st_gid != 0) && (s.st_gid != AID_INSTALL))) {
164+
ALOGE("fixing uid of pkg not owned by install or root: %s %lu %lu\n", pkgdir, s.st_uid,
165+
s.st_gid);
166+
return -1;
167+
}
168+
169+
if (chown(pkgdir, AID_INSTALL, AID_INSTALL) < 0) {
170+
ALOGE("cannot chown dir '%s': %s\n", pkgdir, strerror(errno));
171+
unlink(pkgdir);
164172
return -1;
165173
}
166174

167175
if (chmod(pkgdir, 0751) < 0) {
168176
ALOGE("cannot chmod dir '%s': %s\n", pkgdir, strerror(errno));
169177
unlink(pkgdir);
170-
return -errno;
178+
return -1;
171179
}
172-
if (chown(pkgdir, uid, gid) < 0) {
180+
if (chown(pkgdir, uid, uid) < 0) {
173181
ALOGE("cannot chown dir '%s': %s\n", pkgdir, strerror(errno));
174182
unlink(pkgdir);
175-
return -errno;
183+
return -1;
176184
}
185+
#ifdef HAVE_SELINUX
186+
if (selinux_android_setfilecon(pkgdir, pkgname, uid) < 0) {
187+
ALOGE("cannot setfilecon dir '%s': %s\n", pkgdir, strerror(errno));
188+
unlink(pkgdir);
189+
return -1;
190+
}
191+
#endif
177192

178193
return 0;
179194
}

services/java/com/android/server/pm/Installer.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -243,14 +243,14 @@ public int rename(String oldname, String newname) {
243243
return execute(builder.toString());
244244
}
245245

246-
public int fixUid(String name, int uid, int gid) {
246+
public int fixUid(String name, int uid, int userId) {
247247
StringBuilder builder = new StringBuilder("fixuid");
248248
builder.append(' ');
249249
builder.append(name);
250250
builder.append(' ');
251251
builder.append(uid);
252252
builder.append(' ');
253-
builder.append(gid);
253+
builder.append(userId);
254254
return execute(builder.toString());
255255
}
256256

0 commit comments

Comments
 (0)