diff options
author | Nate Myren <ntmyren@google.com> | 2023-08-30 17:07:44 -0700 |
---|---|---|
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2023-09-15 21:18:57 +0000 |
commit | 79aabce061b0e661d3d9c1698f216966a97a574d (patch) | |
tree | abbfc3ce6ebb39b83a959ce0409f9356af4678f8 | |
parent | 50d69832b421413adea107d412a533f111bd62b9 (diff) | |
download | base-79aabce061b0e661d3d9c1698f216966a97a574d.tar.gz |
Store trusted AttributionSources without token
Storing them with token means that there is a strong reference to the
token, preventing the WeakHashMap from properly purging values
This CP also includes changeID I5731ceeab5b9d0c72ce0131e2c9ba2f74558218c
Bug: 298253183
Test: manual (for WeakHashMap ejection)
atest CtsAttributionSourceTestCases
(cherry picked from commit ed57878c8e89d136264ed419590a0601bdfa18f6)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c5127b478d0b1e72aa60783fcb4f1f1254d01075)
Merged-In: Ie92b76ec83552cebb419318c214057f1ea8455d2
Change-Id: Ie92b76ec83552cebb419318c214057f1ea8455d2
-rw-r--r-- | core/java/android/content/AttributionSource.java | 31 | ||||
-rw-r--r-- | services/core/java/com/android/server/pm/permission/PermissionManagerService.java | 6 |
2 files changed, 28 insertions, 9 deletions
diff --git a/core/java/android/content/AttributionSource.java b/core/java/android/content/AttributionSource.java index cd45f4df3d50..b4f4a7efad98 100644 --- a/core/java/android/content/AttributionSource.java +++ b/core/java/android/content/AttributionSource.java @@ -212,6 +212,11 @@ public final class AttributionSource implements Parcelable { } /** @hide */ + public AttributionSource withDefaultToken() { + return withToken(sDefaultToken); + } + + /** @hide */ public AttributionSource withPid(int pid) { return new AttributionSource(getUid(), pid, getPackageName(), getAttributionTag(), getToken(), mAttributionSourceState.renouncedPermissions, getNext()); @@ -520,16 +525,28 @@ public final class AttributionSource implements Parcelable { if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; AttributionSource that = (AttributionSource) o; - return mAttributionSourceState.uid == that.mAttributionSourceState.uid + return equalsExceptToken(that) && Objects.equals( + mAttributionSourceState.token, that.mAttributionSourceState.token); + } + + /** + * We store trusted attribution sources without their token (the token is the key to the map) + * to avoid having a strong reference to the token. This means, when checking the equality of a + * supplied AttributionSource in PermissionManagerService.isTrustedAttributionSource, we want to + * compare everything except the token. + * + * @hide + */ + public boolean equalsExceptToken(@Nullable AttributionSource o) { + if (o == null) return false; + return mAttributionSourceState.uid == o.mAttributionSourceState.uid && Objects.equals(mAttributionSourceState.packageName, - that.mAttributionSourceState.packageName) + o.mAttributionSourceState.packageName) && Objects.equals(mAttributionSourceState.attributionTag, - that.mAttributionSourceState.attributionTag) - && Objects.equals(mAttributionSourceState.token, - that.mAttributionSourceState.token) + o.mAttributionSourceState.attributionTag) && Arrays.equals(mAttributionSourceState.renouncedPermissions, - that.mAttributionSourceState.renouncedPermissions) - && Objects.equals(getNext(), that.getNext()); + o.mAttributionSourceState.renouncedPermissions) + && Objects.equals(getNext(), o.getNext()); } @Override diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java index 297ad73e054b..c24d5236f4f7 100644 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java @@ -1001,7 +1001,9 @@ public class PermissionManagerService extends IPermissionManager.Stub { } synchronized (mLock) { - mAttributions.put(source.getToken(), source); + // Change the token for the AttributionSource we're storing, so that we don't store + // a strong reference to the original token inside the map itself. + mAttributions.put(source.getToken(), source.withDefaultToken()); } } @@ -1009,7 +1011,7 @@ public class PermissionManagerService extends IPermissionManager.Stub { synchronized (mLock) { final AttributionSource cachedSource = mAttributions.get(source.getToken()); if (cachedSource != null) { - return cachedSource.equals(source); + return cachedSource.equalsExceptToken(source); } return false; } |