Check cross-user interactions for permissions and app-ops operations
1.
We want to be quite permissive here as without being able to check
permissions or appops nothing else works. Hence allow cross-user
interactions if any cross-user permission is granted.
2.
Also we need to prevent infinite recursion as we are checking permission
and appops inside of permission and app-op checks.
2.
Clear Binder.callingUid when checking permission inside system server
Makeing the binder call "checkPermission" usually sets
Binder.callingUid to the calling processes UID. Hence clearing the
calling UID is superflous. If the call is inside the system server
though "checkPermission" is not a binder all, it is only a method call.
Hence Binder.callingUid might still be set to the app that called the
system server. This can lead to problems as not every app can check the
same permission the system server can check.
E.g. the system server can check permission accross user boundaries,
most regular apps can't
Test: atest CtsPermissionHostTestCases CtsAppOpHostTestCases // execute the new paths for both full users and profiles
atest ManagedProfileTest#testCameraPolicy // a previous version of the patch caused a regression in this test
atest AccountManagerXUserTest // a previous version of the patch caused a regression in this test
Accessed clipboard from chrome in work profile
Fixes: 153996875
Change-Id: I2a8a84f574fbf07ab88ed991445830fa85aa4450
9 files changed