Android 4.4: java.lang.SecurityException: Package com.android.settings does not belong to 1001

问题描述:

在Android4.4.2上面定制的东西,今天code base改为Android4.4.4。

代码merge到新的Android 4.4.4 code base后,clean build后会报出下面错误:

 1 W/dalvikvm( 3125): threadid=1: thread exiting with uncaught exception (group=0x415e8d58)
 2 W/AppOps  ( 1053): Bad call: specified package com.android.settings under uid 1001 but it is really 1000
 3 E/AndroidRuntime( 3125): FATAL EXCEPTION: main
 4 E/AndroidRuntime( 3125): Process: com.android.phone, PID: 3125
 5 E/AndroidRuntime( 3125): java.lang.SecurityException: Package com.android.settings does not belong to 1001
 6 E/AndroidRuntime( 3125):     at android.os.Parcel.readException(Parcel.java:1465)
 7 E/AndroidRuntime( 3125):     at android.database.DatabaseUtils.readExceptionFromParcel(DatabaseUtils.java:185)
 8 E/AndroidRuntime( 3125):     at android.database.DatabaseUtils.readExceptionFromParcel(DatabaseUtils.java:137)
 9 E/AndroidRuntime( 3125):     at android.content.ContentProviderProxy.call(ContentProviderNative.java:636)
10 E/AndroidRuntime( 3125):     at android.provider.Settings$NameValueCache.putStringForUser(Settings.java:903)
11 E/AndroidRuntime( 3125):     at android.provider.Settings$System.putStringForUser(Settings.java:1169)
12 E/AndroidRuntime( 3125):     at android.provider.Settings$System.putIntForUser(Settings.java:1274)
13 E/AndroidRuntime( 3125):     at android.provider.Settings$System.putInt(Settings.java:1268)
14 E/AndroidRuntime( 3125):     at com.android.settings.DataRoamingSettings$3.onPreferenceChange(DataRoamingSettings.java:136)
15 。。。

定位到code中,是这行代码:

Settings.System.putInt(getContentResolver(), DATA_ROAMING_SELECTION_CODE, 0);

在网上搜索资料,只找到一个相关的介绍:

http://blog.csdn.net/eqiang8271/article/details/39576101

How to check:

When enable flight mode, it will update one attribute in the setting’s DB. When updating the value, security error occurs, saying “Package com.android.settings does not belong to 1001”. From the error information, We understand that the user id which is accessing the DB is 1001(phone) while the package which it belonged to is 1000(the package is com.android.settings and in the manifest it is declared that it is the “system” group, the value is 1000).From Android4.3, there is the permission management module called Appops, it will check if the process id and the id which the package belongs to are identical in case of the application is hacked. In this case, it detected that they are different, so the FC occurred.

Tracing the code to AppOpsManager.java, it call checkPackage(), and then the AppOpsSevice.checkpackage is called. In this function,

pkgUid = mContext.getPackageManager().getPackageUid(packageName, UserHandle.getUserId(uid));

The returned packageUid is 1001, not same as the 1000 which is the uid of com.android.settings.

But as a process in system group, the operation which an activity in “phone” process should be valid, since in the ContextImpl.java

if (ainfo.uid == Process.SYSTEM_UID && ainfo.uid != Process.myUid()) {

// Special case: system components allow themselves to be loaded in to other

// processes. For purposes of app ops, we must then consider the context as

// belonging to the package of this process, not the system itself, otherwise

// the package+uid verifications in app ops will fail.

mOpPackageName = ActivityThread.currentPackageName();

} else {

mOpPackageName = mBasePackageName;

}

So it’s really strange that
this case has been considered in the code, but it doesn’t work After
checking the code carefully, We found that the init of the
contentResolver is before the code sniff mentioned above.
At that time, the mOpPackageName is not set at all. So the solution for
this is moving the code of initiating the contentResolve after
initiating mopPackageName.

….

} else {

mOpPackageName = mBasePackageName;

}

}

mContentResolver = new ApplicationContentResolver(this, mainThread, user);

After changing this, we are
wondering why this error is found till now since it is from AOSP4.4.
After checking the settings of AOSP4.4, it won’t access DB when
enable/disable flight mode. Accessing DB when enable/disable
flight mode is QUALCOMM specified. That’s why the issue happened on
Nokia phone but not AOSP.

总结一下,意思就是说Android原生应该不会有问题,但是QUALCOMM的code base会有这个问题。

修改方法如下:

修改LINUX/android/frameworks/base/core/java/android/app/ContextImpl.java

将mContentResolver初始化部分放在mOpPackageName之类的后面:

下面这句

mContentResolver = new ApplicationContentResolver(this, mainThread, user);

放在方法的最后部分:

    if (container != null) {
            mBasePackageName = container.mBasePackageName;
            mOpPackageName = container.mOpPackageName;
        } else {
            mBasePackageName = packageInfo.mPackageName;
            ApplicationInfo ainfo = packageInfo.getApplicationInfo();
            if (ainfo.uid == Process.SYSTEM_UID && ainfo.uid != Process.myUid()) {
                // Special case: system components allow themselves to be loaded in to other
                // processes.  For purposes of app ops, we must then consider the context as
                // belonging to the package of this process, not the system itself, otherwise
                // the package+uid verifications in app ops will fail.
                mOpPackageName = ActivityThread.currentPackageName();
            } else {
                mOpPackageName = mBasePackageName;
            }
        }

    //Kunkka modified
    mContentResolver = new ApplicationContentResolver(this, mainThread, user);

重新编译code,问题没有再出现。

时间: 2024-10-09 15:09:09

Android 4.4: java.lang.SecurityException: Package com.android.settings does not belong to 1001的相关文章

Android 编程下 java.lang.NoClassDefFoundError: cn.jpush.android.api.JPushInterface 报错

使用了极光推送的 jar 包项目在从 SVN 中检出后,假设不又一次对 jar 包和 Bulid Path 进行配置就会抛出 java.lang.NoClassDefFoundError: cn.jpush.android.api.JPushInterface 的错误,进行例如以下操作就可以消除这样的错误: 删除 libs 目录下的 jpush-sdk-release1.3.8.jar(极光推送的 jar 包),又一次在 libs 目录中增加  jpush-sdk-release1.3.8.ja

java.lang.SecurityException:under uid 10090 but it is really 10060

E/DatabaseUtils( 1255): java.lang.SecurityException: Package com.flyaudio.skin does not belong to 10090 E/DatabaseUtils( 1255):     at android.app.AppOpsManager.checkPackage(AppOpsManager.java:1133) E/DatabaseUtils( 1255):     at android.content.Cont

Android 开发之错误整理java.lang.SecurityException: Requires READ_PHONE_STATE: Neither user 10088 nor current process has android.permission.READ_PHONE_STATE.

java.lang.SecurityException: Requires READ_PHONE_STATE: Neither user 10088 nor current process has android.permission.READ_PHONE_STATE. 今天写了一款发短信的软件,拿了个酷派5879,试了下,结果不能用,把try{}catch{}去掉了,报这个错误, android.permission.READ_PHONE_STATE.没有READ_PHONE_STATE权限,

AIDL 发生异常的原因 Android java.lang.SecurityException: Binder invocation to an incorrect interface

我建立了两个project.一个是activity 的 ,一个是service 的. 在进行两个project通信时,应该有以下几点注意: 1.在activity project中引入service project中aidl文件.注意引入后的aidl文件包名应该和service中aidl文件包名保持一致. 2.service project中manifest文件中,service 注册时要声明 android:process=":remote" action应该是aidl中接口的包名.

Caused by: java.lang.SecurityException: Permission Denial: reading com.android.providers.media.MediaProvider uri content://...

在as中创建cordova中添加从相册选取照片的插件 $cordovaImagePicker 就是以上这货,调用后直接程序就崩溃了,并报错 Caused by: java.lang.SecurityException: Permission Denial: reading com.android.providers.media.MediaProvider uri content://... 添加权限 <uses-permission android:name="android.permis

java.lang.SecurityException: Prohibited package name

今天在看<深入理解 Java 虚拟机 (JVM 高级特性与最佳实践)>关于垃圾回收的一些知识.自己建立了一个java工程,敲了一下书上写的代码.运行java程序的时候报错: java.lang.SecurityException: Prohibited package name: java.gc.aty 我的代码如下: package java.gc.aty; public class DeepUnderJvm { private static final int _1MB = 1024 *

spring Caused by: java.lang.SecurityException: Prohibited package name: java.time

六月 09, 2014 1:05:02 下午 org.apache.catalina.core.AprLifecycleListener init 信息: Loaded APR based Apache Tomcat Native library 1.1.29 using APR version 1.4.8. 六月 09, 2014 1:05:03 下午 org.apache.catalina.core.AprLifecycleListener init 信息: APR capabilities

Caused by: java.lang.SecurityException: Permission Denial: not allowed to send broadcast android.intent.action.HEADSET_PLUG

crash information:Caused by: java.lang.SecurityException: Permission Denial: not allowed to send broadcast android.intent.action.HEADSET_PLUG from    at android.os.Parcel.readException(Parcel.java:1465)     at android.os.Parcel.readException(Parcel.j

Appium报错: An unknown server-side error occurred while processing the command. Original error: java.lang.SecurityException: Injecting to another application requires INJECT_EVENTS permission

Appium 运行start session时报错An unknown server-side error occurred while processing the command.Original error: Error executing adbExec.Original error: ‘Command ‘‘D:\Program Files (x86)\Android-SDK\sdk\platform-tools\adb.exe’-P 5037 -s e3172f55 shell pm