Merge "Move all the permissions check up for unmount" into gingerbread
diff --git a/core/java/android/content/res/ObbScanner.java b/core/java/android/content/res/ObbScanner.java
index a3f141e..572b75e 100644
--- a/core/java/android/content/res/ObbScanner.java
+++ b/core/java/android/content/res/ObbScanner.java
@@ -42,7 +42,7 @@
final File obbFile = new File(filePath);
if (!obbFile.exists()) {
- throw new IllegalArgumentException("OBB file does nto exist: " + filePath);
+ throw new IllegalArgumentException("OBB file does not exist: " + filePath);
}
final String canonicalFilePath = obbFile.getCanonicalPath();
diff --git a/services/java/com/android/server/MountService.java b/services/java/com/android/server/MountService.java
index f3625a8..265d6138 100644
--- a/services/java/com/android/server/MountService.java
+++ b/services/java/com/android/server/MountService.java
@@ -1451,11 +1451,6 @@
mHandler.sendEmptyMessage(H_UNMOUNT_PM_DONE);
}
- private boolean isCallerOwnerOfPackageOrSystem(String packageName) {
- final int callerUid = Binder.getCallingUid();
- return isUidOwnerOfPackageOrSystem(packageName, callerUid);
- }
-
private boolean isUidOwnerOfPackageOrSystem(String packageName, int callerUid) {
if (callerUid == android.os.Process.SYSTEM_UID) {
return true;
@@ -1507,6 +1502,12 @@
waitForReady();
warnOnNotMounted();
+ if (filename == null) {
+ throw new IllegalArgumentException("filename cannot be null");
+ } else if (token == null) {
+ throw new IllegalArgumentException("token cannot be null");
+ }
+
final ObbState obbState;
synchronized (mObbMounts) {
@@ -1533,6 +1534,12 @@
}
public void unmountObb(String filename, boolean force, IObbActionListener token) {
+ if (filename == null) {
+ throw new IllegalArgumentException("filename cannot be null");
+ } else if (token == null) {
+ throw new IllegalArgumentException("token cannot be null");
+ }
+
final ObbState obbState;
synchronized (mObbMounts) {
@@ -1540,6 +1547,12 @@
throw new IllegalArgumentException("OBB is not mounted");
}
obbState = mObbPathToStateMap.get(filename);
+
+ if (Binder.getCallingUid() != obbState.callerUid) {
+ throw new SecurityException("caller UID does not match original mount caller UID");
+ } else if (!token.asBinder().equals(obbState.token.asBinder())) {
+ throw new SecurityException("caller does not match original mount caller");
+ }
}
UnmountObbAction action = new UnmountObbAction(obbState, force);
@@ -1758,9 +1771,9 @@
}
public void handleExecute() throws RemoteException, IOException {
- ObbInfo obbInfo = mContainerService.getObbInfo(mObbState.filename);
+ final ObbInfo obbInfo = mContainerService.getObbInfo(mObbState.filename);
if (obbInfo == null) {
- throw new IOException("Couldn't read OBB file");
+ throw new IOException("Couldn't read OBB file: " + mObbState.filename);
}
if (!isUidOwnerOfPackageOrSystem(obbInfo.packageName, mObbState.callerUid)) {
@@ -1833,13 +1846,9 @@
}
public void handleExecute() throws RemoteException, IOException {
- ObbInfo obbInfo = mContainerService.getObbInfo(mObbState.filename);
+ final ObbInfo obbInfo = mContainerService.getObbInfo(mObbState.filename);
if (obbInfo == null) {
- throw new IOException("Couldn't read OBB file");
- }
-
- if (!isCallerOwnerOfPackageOrSystem(obbInfo.packageName)) {
- throw new IllegalArgumentException("Caller package does not match OBB file");
+ throw new IOException("Couldn't read OBB file: " + mObbState.filename);
}
int rc = StorageResultCode.OperationSucceeded;
