edu.umich.flowfence.service.KVSSharedPrefs.java Source code

Java tutorial

Introduction

Here is the source code for edu.umich.flowfence.service.KVSSharedPrefs.java

Source

/*
 * Copyright (C) 2017 The Regents of the University of Michigan
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package edu.umich.flowfence.service;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.RemoteException;
import android.util.Log;

import org.apache.commons.lang3.tuple.ImmutablePair;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;

import edu.umich.flowfence.common.TaintSet;
import edu.umich.flowfence.kvs.IRemoteSharedPrefs;
import edu.umich.flowfence.kvs.IRemoteSharedPrefsEditor;
import edu.umich.flowfence.kvs.IRemoteSharedPrefsListener;

public final class KVSSharedPrefs extends IRemoteSharedPrefs.Stub implements AutoCloseable {
    private static final String TAG = "FF.SharedPrefs.Impl";
    private static final boolean localLOGV = Log.isLoggable(TAG, Log.VERBOSE);
    private static final boolean localLOGD = Log.isLoggable(TAG, Log.DEBUG);

    private static final char SEPARATOR = ':';
    private static final String DATA = "data";
    private static final String TAINT = "taint";
    private static final String CONFIG = "config";
    private static final String TAINT_SET = "taint-set";

    private static final String CONFIG_PUBLIC_READABLE = "isPublicReadable";
    private static final String CONFIG_PUBLIC_WRITABLE = "isPublicWritable";

    private static final String PLATFORM_NAME_PREFIX = "kvs" + SEPARATOR;

    private final NamespaceSharedPrefs mPrefs;
    private final FlowfenceApplication mContext;
    private final Sandbox mSandbox;
    private final String mOwningPackage;
    private final String mStoreName;
    private final boolean canReadPublic;
    private final boolean canWritePublic;
    private final boolean isReadable;
    private final boolean isWritable;

    private boolean isClosed;

    public final class Editor extends IRemoteSharedPrefsEditor.Stub {
        // Anything in this set has been modified, and will have sandbox taint added on commit.
        // The values represent additional taint to be added, beyond the sandbox taint.
        // Maps to null for deleted keys.
        private final HashMap<String, TaintSet.Builder> mPendingChanges = new HashMap<>();
        private final NamespaceSharedPrefs.Editor mEditor = mPrefs.edit();
        private boolean isCommitted = false;

        private void throwIfCommitted() {
            if (isCommitted) {
                throw new IllegalStateException("Already committed");
            }
        }

        private synchronized TaintSet.Builder markModified(String key) {
            TaintSet.Builder ts = mPendingChanges.get(key);
            if (ts == null) {
                // Either this key was deleted, or it's never been seen before.
                // Either way, it gets a new taint label.
                ts = new TaintSet.Builder();
                mPendingChanges.put(key, ts);
            }
            return ts;
        }

        private synchronized void addTaintFromSandbox(String key) {
            throwIfCommitted();
            markModified(key);
        }

        @Override
        public synchronized void putString(String key, String value) {
            addTaintFromSandbox(key);
            mEditor.putString(DATA, key, value);
        }

        @Override
        public synchronized void putStringSet(String key, List<String> values) {
            addTaintFromSandbox(key);
            mEditor.putStringSet(DATA, key, new HashSet<>(values));
        }

        @Override
        public synchronized void putInt(String key, int value) {
            addTaintFromSandbox(key);
            mEditor.putInt(DATA, key, value);
        }

        @Override
        public synchronized void putLong(String key, long value) {
            addTaintFromSandbox(key);
            mEditor.putLong(DATA, key, value);
        }

        @Override
        public synchronized void putFloat(String key, float value) {
            addTaintFromSandbox(key);
            mEditor.putFloat(DATA, key, value);
        }

        @Override
        public synchronized void putBoolean(String key, boolean value) {
            addTaintFromSandbox(key);
            mEditor.putBoolean(DATA, key, value);
        }

        @Override
        public synchronized void addTaint(String key, TaintSet taint) {
            markModified(key).unionWith(taint);
        }

        @Override
        public synchronized void addTaintToAll(TaintSet taint) {
            // Mark all keys we haven't seen as modified.
            // Deleted keys are considered seen, so they'll be skipped.
            for (ImmutablePair<String, String> key : mPrefs.getAll().keySet()) {
                if (DATA.equals(key.getLeft())) {
                    if (!mPendingChanges.containsKey(key.getRight())) {
                        markModified(key.getRight());
                    }
                }
            }

            // Add taint to all modified keys.
            for (TaintSet.Builder ts : mPendingChanges.values()) {
                if (ts != null) {
                    ts.unionWith(taint);
                }
            }
        }

        @Override
        public synchronized void remove(String key) {
            throwIfCommitted();
            mPendingChanges.put(key, null);
            mEditor.remove(DATA, key);
        }

        @Override
        public synchronized void clear() {
            throwIfCommitted();
            mPendingChanges.clear();
            for (ImmutablePair<String, String> pair : mPrefs.getAll().keySet()) {
                if (DATA.equals(pair.getLeft())) {
                    mPendingChanges.put(pair.getRight(), null);
                    mEditor.remove(pair.getLeft(), pair.getRight());
                }
            }
        }

        @SuppressWarnings("unchecked")
        private synchronized void prepareChanges() {
            for (Map.Entry<String, TaintSet.Builder> entry : mPendingChanges.entrySet()) {
                String key = entry.getKey();
                TaintSet.Builder builder = entry.getValue();
                TaintSet ts;
                if (builder == null) {
                    ts = (mSandbox != null) ? mSandbox.getTaints() : TaintSet.EMPTY;
                } else {
                    if (mSandbox != null) {
                        builder.unionWith(mSandbox.getTaints());
                    }
                    ts = builder.build();
                }

                if (localLOGV) {
                    Log.v(TAG, "Tainting " + mStoreName + '/' + key + " with " + ts);
                }
                if (ts.equals(TaintSet.EMPTY)) {
                    mEditor.remove(TAINT, key);
                } else {
                    mEditor.putTaint(TAINT, key, ts);
                }
            }

            mEditor.putBoolean(CONFIG, CONFIG_PUBLIC_READABLE, canReadPublic).putBoolean(CONFIG,
                    CONFIG_PUBLIC_WRITABLE, canWritePublic);
            isCommitted = true;
        }

        @Override
        public synchronized boolean commit() {
            // Synchronize on external SharedPrefs, to ensure that we don't get
            // the taint tag from before and the data from after (or vice-versa).
            synchronized (KVSSharedPrefs.this) {
                prepareChanges();
                return mEditor.commit();
            }
        }

        @Override
        public void apply() {
            synchronized (KVSSharedPrefs.this) {
                prepareChanges();
                mEditor.apply();
            }
        }
    }

    private SharedPreferences getPlatformSharedPrefs(String store) {
        final String prefsName = PLATFORM_NAME_PREFIX + mOwningPackage + SEPARATOR + store;
        return mContext.getSharedPreferences(prefsName, Context.MODE_PRIVATE);
    }

    @SuppressWarnings("deprecation")
    public KVSSharedPrefs(Sandbox sandbox, String owningPackage, String callingPackage, String storeName,
            int mode) {
        mContext = FlowfenceApplication.getInstance();
        mSandbox = sandbox;
        mStoreName = storeName;
        mOwningPackage = mContext.checkPackageName(owningPackage);

        SharedPreferences sp = getPlatformSharedPrefs(storeName);
        mPrefs = NamespaceSharedPrefs.get(sp, TAINT_SET, TAINT);

        // Handle read and write permissions, as previously configured.
        boolean configReadPublic = mPrefs.getBoolean(CONFIG, CONFIG_PUBLIC_READABLE, false);
        boolean configWritePublic = mPrefs.getBoolean(CONFIG, CONFIG_PUBLIC_WRITABLE, false);

        if (localLOGD) {
            Log.d(TAG,
                    String.format("Store '%s', owner '%s', caller '%s'", storeName, owningPackage, callingPackage));
        }
        // Are we trying to load this package's prefs, or something else?
        boolean isSamePackage = Objects.equals(owningPackage, callingPackage);

        // Set the readable and writable flags for this object...
        isReadable = isSamePackage || configReadPublic;
        isWritable = isSamePackage || configWritePublic;

        // ...And set the flags that will be written on update.
        canReadPublic = (mode & Context.MODE_WORLD_READABLE) != 0;
        canWritePublic = (mode & Context.MODE_WORLD_WRITEABLE) != 0;

        isClosed = false;
    }

    private void checkClosed() {
        if (isClosed) {
            throw new IllegalStateException("SharedPreferences has been closed");
        }
    }

    private void checkRead() {
        checkClosed();
        if (!isReadable) {
            throw new SecurityException("Can't read this SharedPreferences");
        }
    }

    private void checkReadKey(String key) {
        checkRead();
        if (mSandbox != null) {
            mSandbox.addTaint(mPrefs.getTaint(TAINT, key, TaintSet.EMPTY));
        }
    }

    /**
     * Wrap a {@link ClassCastException} to be thrown across the wire.
     * @param cce The ClassCastException to wrap.
     * @return An exception capable of being handled by {@link android.os.Parcel#writeException(Exception)}.
     */
    private RuntimeException wrapClassCast(final ClassCastException cce) {
        return new IllegalArgumentException(cce.getMessage());
    }

    @Override
    public synchronized boolean contains(String key) {
        checkReadKey(key);
        return mPrefs.contains(DATA, key);
    }

    @Override
    public synchronized Editor edit() {
        checkClosed();
        if (!isWritable) {
            throw new SecurityException("This SharedPreferences cannot be modified");
        }
        return new Editor();
    }

    @Override
    public synchronized boolean getBoolean(String key, boolean defValue) {
        checkReadKey(key);
        try {
            return mPrefs.getBoolean(DATA, key, defValue);
        } catch (ClassCastException cce) {
            throw wrapClassCast(cce);
        }
    }

    @Override
    public synchronized float getFloat(String key, float defValue) {
        checkReadKey(key);
        try {
            return mPrefs.getFloat(DATA, key, defValue);
        } catch (ClassCastException cce) {
            throw wrapClassCast(cce);
        }
    }

    @Override
    public synchronized int getInt(String key, int defValue) {
        checkReadKey(key);
        try {
            return mPrefs.getInt(DATA, key, defValue);
        } catch (ClassCastException cce) {
            throw wrapClassCast(cce);
        }
    }

    @Override
    public synchronized long getLong(String key, long defValue) {
        checkReadKey(key);
        try {
            return mPrefs.getLong(DATA, key, defValue);
        } catch (ClassCastException cce) {
            throw wrapClassCast(cce);
        }
    }

    @Override
    @SuppressWarnings("unchecked")
    public synchronized Map<String, ?> getAll() {
        checkRead();
        TaintSet.Builder tsb = new TaintSet.Builder();
        Map<String, Object> data = new HashMap<>();

        for (Map.Entry<ImmutablePair<String, String>, ?> entry : mPrefs.getAll().entrySet()) {
            ImmutablePair<String, String> typeAndKey = entry.getKey();
            if (DATA.equals(typeAndKey.getLeft())) {
                // If this is a data entry, remember it.
                data.put(typeAndKey.getRight(), entry.getValue());
            } else if (TAINT.equals(typeAndKey.getKey())) {
                // If this is a taint entry, add it to the overall taint label.
                tsb.unionWith((TaintSet) entry.getValue());
            }
        }

        if (mSandbox != null) {
            mSandbox.addTaint(tsb.build());
        }

        return data;
    }

    @Override
    public synchronized String getString(String key) {
        checkReadKey(key);
        try {
            return mPrefs.getString(DATA, key, null);
        } catch (ClassCastException cce) {
            throw wrapClassCast(cce);
        }
    }

    @Override
    public synchronized List<String> getStringSet(String key) {
        checkReadKey(key);
        try {
            Set<String> retSet = mPrefs.getStringSet(DATA, key, null);
            return (retSet != null) ? new ArrayList<>(retSet) : null;
        } catch (ClassCastException cce) {
            throw wrapClassCast(cce);
        }
    }

    @Override
    public synchronized void close() {
        isClosed = true;
    }

    @Override
    public String toString() {
        return "TaintableSharedPrefs{" + "mSandbox=" + mSandbox + ", mOwningPackage='" + mOwningPackage + '\''
                + ", isClosed=" + isClosed + '}';
    }

    @Override
    public void registerOnSharedPreferenceChangeListener(IRemoteSharedPrefsListener listener)
            throws RemoteException {
        throw new IllegalStateException("Not implemented");
    }

    @Override
    public void unregisterOnSharedPreferenceChangeListener(IRemoteSharedPrefsListener listener)
            throws RemoteException {
        throw new IllegalStateException("Not implemented");
    }
}