diff options
author | Neil Fuller <nfuller@google.com> | 2017-09-22 17:01:10 +0100 |
---|---|---|
committer | Neil Fuller <nfuller@google.com> | 2017-09-25 16:44:20 +0100 |
commit | dabb14f82bfeaf3e598157ac4fc6e7844b1a6044 (patch) | |
tree | f01b0710e56a10aa6094d055d8948926238f8457 | |
parent | 21843e19927764b3210e504345738e7fa2321565 (diff) | |
download | TimeZoneData-dabb14f82bfeaf3e598157ac4fc6e7844b1a6044.tar.gz |
Explicitly disallow multiple user execute
Explicitly disallow multiple user execution:
it's not expected because everything runs as system
but this change explicitly rules out execution.
This change also adds an xTS to confirm that
a secondary user installing the app triggers
an update (as the owner) and the device is updated
correctly.
Test: Manual testing installing updates as secondary device user
Test: PTS: run pts -m PtsTimeZoneTestCases
Bug: 64111659
Change-Id: Ic839bb264b9ce5448e6191c71ffb7c2b634e4efa
-rw-r--r-- | src/main/com/android/timezone/data/TimeZoneRulesDataProvider.java | 9 | ||||
-rw-r--r-- | testing/xts/src/com/android/timezone/xts/TimeZoneUpdateHostTest.java | 43 |
2 files changed, 52 insertions, 0 deletions
diff --git a/src/main/com/android/timezone/data/TimeZoneRulesDataProvider.java b/src/main/com/android/timezone/data/TimeZoneRulesDataProvider.java index 194620f..d92665a 100644 --- a/src/main/com/android/timezone/data/TimeZoneRulesDataProvider.java +++ b/src/main/com/android/timezone/data/TimeZoneRulesDataProvider.java @@ -31,6 +31,7 @@ import android.database.Cursor; import android.net.Uri; import android.os.Bundle; import android.os.ParcelFileDescriptor; +import android.os.UserHandle; import android.provider.TimeZoneRulesDataContract; import android.provider.TimeZoneRulesDataContract.Operation; import android.support.annotation.NonNull; @@ -94,6 +95,14 @@ public final class TimeZoneRulesDataProvider extends ContentProvider { public void attachInfo(Context context, ProviderInfo info) { super.attachInfo(context, info); + // The time zone update process should run as the system user exclusively as it's a + // system feature, not user dependent. + UserHandle currentUserHandle = android.os.Process.myUserHandle(); + if (!currentUserHandle.isSystem()) { + throw new SecurityException("ContentProvider is supposed to run as the system user," + + " instead user=" + currentUserHandle); + } + // Sanity check our security if (!TimeZoneRulesDataContract.AUTHORITY.equals(info.authority)) { // The authority looked for by the time zone updater is fixed. diff --git a/testing/xts/src/com/android/timezone/xts/TimeZoneUpdateHostTest.java b/testing/xts/src/com/android/timezone/xts/TimeZoneUpdateHostTest.java index a875634..71ae1d0 100644 --- a/testing/xts/src/com/android/timezone/xts/TimeZoneUpdateHostTest.java +++ b/testing/xts/src/com/android/timezone/xts/TimeZoneUpdateHostTest.java @@ -18,6 +18,7 @@ package com.android.timezone.xts; import com.android.compatibility.common.tradefed.build.CompatibilityBuildHelper; import com.android.tradefed.build.IBuildInfo; import com.android.tradefed.config.Option; +import com.android.tradefed.device.ITestDevice; import com.android.tradefed.log.LogUtil; import com.android.tradefed.testtype.DeviceTestCase; import com.android.tradefed.testtype.IBuildReceiver; @@ -186,6 +187,48 @@ public class TimeZoneUpdateHostTest extends DeviceTestCase implements IBuildRece } // @Test + public void testInstallNewerRulesVersion_secondaryUser() throws Exception { + ITestDevice device = getDevice(); + if (!device.isMultiUserSupported()) { + // Just pass on non-multi-user devices. + return; + } + + int userId = device.createUser("TimeZoneTest", false /* guest */, false /* ephemeral */); + try { + + // This information must match the rules version in test1: IANA version=2030a, revision=1 + String test1VersionInfo = "2030a,1"; + + // Confirm the staged / install state before we start. + assertFalse(test1VersionInfo.equals(getCurrentInstalledVersion())); + assertEquals(STAGED_OPERATION_NONE, getStagedOperationType()); + + File appFile = getTimeZoneDataApkFile("test1"); + + // Install the app for the test user. It should still all work. + device.installPackageForUser(appFile, true /* reinstall */, userId); + + waitForStagedInstall(test1VersionInfo); + + // Confirm the install state hasn't changed. + assertFalse(test1VersionInfo.equals(getCurrentInstalledVersion())); + + // Now reboot, and the staged version should become the installed version. + rebootDeviceAndWaitForRestart(); + + // After reboot, check the state. + assertEquals(STAGED_OPERATION_NONE, getStagedOperationType()); + assertEquals(INSTALL_STATE_INSTALLED, getCurrentInstallState()); + assertEquals(test1VersionInfo, getCurrentInstalledVersion()); + } + finally { + // If this fails, the device may be left in a bad state. + device.removeUser(userId); + } + } + + // @Test public void testInstallOlderRulesVersion() throws Exception { File appFile = getTimeZoneDataApkFile("test2"); getDevice().installPackage(appFile, true /* reinstall */); |