commit fef1a3e7ca5ab18ede42c5729661459fcd691e09
author Chad Brubaker <cbrubaker@google.com> Sat Dec 23 20:06:44 2017 -0800
committer android-build-team Robot <android-build-team-robot@google.com> Fri Feb 09 21:27:58 2018 +0000
tree 63e261cd78a303938b1e6303d85e373269d839e7
parent 2963cd41f64fab200684eae8097aaf529d0d3984

Relax Instant Apps Settings whitelist enforcement

The strict whitelist of settings for Instant Apps is leading to too much
unintended breakage, remove the enforcement until better infrastructure
can be added to make sure settings that should be whitelisted are.

Bug: 71009655
Test: Coming in a follow up

(cherry picked from commit b6108d621002d4de708ae526e7c2bc95dabef080)

Change-Id: Iaa1d71331407cee86c10105c1e5668ffd0c925a1
(cherry picked from commit 26ae1d359e02fe5871177c9adfc90ca571fd0f86)

packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java

diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
index 7d7f9ae7..04be92e 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
@@ -1687,18 +1687,9 @@
     }
 
     private List<String> getSettingsNamesLocked(int settingsType, int userId) {
-        boolean instantApp;
-        if (UserHandle.getAppId(Binder.getCallingUid()) < Process.FIRST_APPLICATION_UID) {
-            instantApp = false;
-        } else {
-            ApplicationInfo ai = getCallingApplicationInfoOrThrow();
-            instantApp = ai.isInstantApp();
-        }
-        if (instantApp) {
-            return new ArrayList<String>(getInstantAppAccessibleSettings(settingsType));
-        } else {
-            return mSettingsRegistry.getSettingsNamesLocked(settingsType, userId);
-        }
+        // Don't enforce the instant app whitelist for now -- its too prone to unintended breakage
+        // in the current form.
+        return mSettingsRegistry.getSettingsNamesLocked(settingsType, userId);
     }
 
     private void enforceSettingReadable(String settingName, int settingsType, int userId) {
@@ -1711,8 +1702,10 @@
         }
         if (!getInstantAppAccessibleSettings(settingsType).contains(settingName)
                 && !getOverlayInstantAppAccessibleSettings(settingsType).contains(settingName)) {
-            throw new SecurityException("Setting " + settingName + " is not accessible from"
-                    + " ephemeral package " + getCallingPackage());
+            // Don't enforce the instant app whitelist for now -- its too prone to unintended
+            // breakage in the current form.
+            Slog.w(LOG_TAG, "Instant App " + ai.packageName
+                    + " trying to access unexposed setting, this will be an error in the future.");
         }
     }