Android检查权限

举个例子,来看下面段代码

1         if (!checkCallingPermission(android.Manifest.permission.MANAGE_APP_TOKENS,
2 "updateOrientationFromAppTokens()")) {
3 throw new SecurityException("Requires MANAGE_APP_TOKENS permission");
4 }

找到函数checkCallingPermission(),我们查看函数内容

 1     boolean checkCallingPermission(String permission, String func) {
2 // Quick check: if the calling permission is me, it's all okay.
3 if (Binder.getCallingPid() == Process.myPid()) {
4 return true;
5 }
6
7 if (mContext.checkCallingPermission(permission)
8 == PackageManager.PERMISSION_GRANTED) {
9 return true;
10 }
11 String msg = "Permission Denial: " + func + " from pid="
12 + Binder.getCallingPid()
13 + ", uid=" + Binder.getCallingUid()
14 + " requires " + permission;
15 Slog.w(TAG, msg);
16 return false;
17 }

上面函数返回false的时候抛出异常,那么返回true的时候就是权限检查通过了,继续跟进Context.java

1 public abstract int checkCallingPermission(String permission);

原来是抽象的,继续查看继承它的类找到ContextImpl.java

 1     @Override
2 public int checkPermission(String permission, int pid, int uid) {
3 if (permission == null) {
4 throw new IllegalArgumentException("permission is null");
5 }
6
7 if (!Process.supportsProcesses()) {
8 return PackageManager.PERMISSION_GRANTED;
9 }
10 try {
11 return ActivityManagerNative.getDefault().checkPermission(
12 permission, pid, uid);
13 } catch (RemoteException e) {
14 return PackageManager.PERMISSION_DENIED;
15 }
16 }
17
18 @Override
19 public int checkCallingPermission(String permission) {
20 if (permission == null) {
21 throw new IllegalArgumentException("permission is null");
22 }
23
24 if (!Process.supportsProcesses()) {
25 return PackageManager.PERMISSION_GRANTED;
26 }
27 int pid = Binder.getCallingPid();
28 if (pid != Process.myPid()) {
29 return checkPermission(permission, pid,
30 Binder.getCallingUid());
31 }
32 return PackageManager.PERMISSION_DENIED;
33 }
ActivityManagerNative.getDefault() 返回 IActivityManager,拿到ActivityManagerProxy对象的引用
static public IActivityManager getDefault()
     {
         if (gDefault != null) {
             return gDefault;
         }
         IBinder b = ServiceManager.getService("activity");
         gDefault = asInterface(b);
return gDefault; }

找到ActivityManagerNative.java 

public int checkPermission(String permission, int pid, int uid)
throws RemoteException {
         Parcel data = Parcel.obtain();
         Parcel reply = Parcel.obtain();
         data.writeInterfaceToken(IActivityManager.descriptor);
         data.writeString(permission);
         data.writeInt(pid);
         data.writeInt(uid);
         mRemote.transact(CHECK_PERMISSION_TRANSACTION, data, reply, 0);
         reply.readException();
         int res = reply.readInt();
         data.recycle();
         reply.recycle();
         return res;
}

通过Binder机制调用到onTransact

public boolean onTransact(int code, Parcel data, Parcel reply, int flags) throws RemoteException {
        case CHECK_PERMISSION_TRANSACTION: {
             data.enforceInterface(IActivityManager.descriptor);
             String perm = data.readString();
             int pid = data.readInt();
             int uid = data.readInt();
             int res = checkPermission(perm, pid, uid);
             reply.writeNoException();
             reply.writeInt(res);
             return true;
         }
         .................
}

找到ActivityManagerService.java 

    public int checkPermission(String permission, int pid, int uid) {
         if (permission == null) {
             return PackageManager.PERMISSION_DENIED;
         }
         return checkComponentPermission(permission, pid, uid, -1);
     }
int checkComponentPermission(String permission, int pid, int uid, int reqUid) {
         try {
             return AppGlobals.getPackageManager().checkUidPermission(permission, uid);
         } catch (RemoteException e) {
         }
 }

转到 AppGlobals.java

public static IPackageManager getPackageManager() {
         return ActivityThread.getPackageManager();
}

转到 ActivityThread.java

    public static IPackageManager getPackageManager() {
         if (sPackageManager != null) {
             return sPackageManager;
         }
         IBinder b = ServiceManager.getService("package");
         sPackageManager = IPackageManager.Stub.asInterface(b);
         return sPackageManager;
     }

 转到PackageManagerService.java

    public int checkUidPermission(String permName, int uid) {
         synchronized (mPackages) {
             Object obj = mSettings.getUserIdLP(uid);
             if (obj != null) {
                 GrantedPermissions gp = (GrantedPermissions)obj;
                 if (gp.grantedPermissions.contains(permName)) {
                     return PackageManager.PERMISSION_GRANTED;
                 }
             } else {
                 HashSet<String> perms = mSystemPermissions.get(uid);
                 if (perms != null && perms.contains(permName)) {
                     return PackageManager.PERMISSION_GRANTED;
                 }
             }
         }
         return PackageManager.PERMISSION_DENIED;
     }

posted on 2012-03-14 13:04 RTFSC 阅读(...) 评论(...) 编辑 收藏

导航

统计