Merge "Make sure we preserve preserveLegacyExternalStorage." into rvc-qpr-dev am: 50402a42f8

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/13128166 Change-Id: I7158ea9d8a012617fba4d64a96d0e1dfeca413c1
author: Martijn Coenen <maco@google.com> 2020-11-26 13:34:39 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2020-11-26 13:34:39 +0000
commit: 0d2517e6974f12e3f862a83679adc48aefbed5eb (patch)
tree: 1ebbc9894caff180bf2e02771dbb357626188f70
parent: 7b6ce0505209dca6e800c331fe0566a0f444a31e (diff)
parent: 50402a42f83de1935fa4955560a985284ed794ba (diff)
1 files changed, 56 insertions, 15 deletions
diff --git a/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java b/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java
index cc369356c1c9..9026262db897 100644
--- a/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java
+++ b/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java
@@ -127,9 +127,11 @@ public abstract class SoftRestrictedPermissionPolicy {
                 final boolean isWhiteListed;
                 boolean shouldApplyRestriction;
                 final int targetSDK;
+                final boolean hasLegacyExternalStorage;
                 final boolean hasRequestedLegacyExternalStorage;
-                final boolean shouldPreserveLegacyExternalStorage;
+                final boolean hasRequestedPreserveLegacyExternalStorage;
                 final boolean hasWriteMediaStorageGrantedForUid;
+                final boolean isForcedScopedStorage;
 
                 if (appInfo != null) {
                     PackageManager pm = context.getPackageManager();
@@ -137,27 +139,27 @@ public abstract class SoftRestrictedPermissionPolicy {
                             LocalServices.getService(StorageManagerInternal.class);
                     int flags = pm.getPermissionFlags(permission, appInfo.packageName, user);
                     isWhiteListed = (flags & FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT) != 0;
+                    hasLegacyExternalStorage = smInternal.hasLegacyExternalStorage(appInfo.uid);
                     hasRequestedLegacyExternalStorage = hasUidRequestedLegacyExternalStorage(
                             appInfo.uid, context);
                     hasWriteMediaStorageGrantedForUid = hasWriteMediaStorageGrantedForUid(
                             appInfo.uid, context);
-                    shouldPreserveLegacyExternalStorage = pkg.hasPreserveLegacyExternalStorage()
-                            && smInternal.hasLegacyExternalStorage(appInfo.uid);
+                    hasRequestedPreserveLegacyExternalStorage =
+                            pkg.hasPreserveLegacyExternalStorage();
                     targetSDK = getMinimumTargetSDK(context, appInfo, user);
 
-                    shouldApplyRestriction = (flags & FLAG_PERMISSION_APPLY_RESTRICTION) != 0
-                            || (targetSDK > Build.VERSION_CODES.Q
-                            && !shouldPreserveLegacyExternalStorage)
-                            // If the device is configured to force this app into scoped storage,
-                            // then we should apply the restriction
-                            || sForcedScopedStorageAppWhitelist.contains(appInfo.packageName);
+                    shouldApplyRestriction = (flags & FLAG_PERMISSION_APPLY_RESTRICTION) != 0;
+                    isForcedScopedStorage = sForcedScopedStorageAppWhitelist
+                            .contains(appInfo.packageName);
                 } else {
                     isWhiteListed = false;
                     shouldApplyRestriction = false;
                     targetSDK = 0;
+                    hasLegacyExternalStorage = false;
                     hasRequestedLegacyExternalStorage = false;
-                    shouldPreserveLegacyExternalStorage = false;
+                    hasRequestedPreserveLegacyExternalStorage = false;
                     hasWriteMediaStorageGrantedForUid = false;
+                    isForcedScopedStorage = false;
                 }
 
                 // We have a check in PermissionPolicyService.PermissionToOpSynchroniser.setUidMode
@@ -175,14 +177,53 @@ public abstract class SoftRestrictedPermissionPolicy {
                     }
                     @Override
                     public boolean mayAllowExtraAppOp() {
-                        return !shouldApplyRestriction
-                                && (hasRequestedLegacyExternalStorage
-                                        || hasWriteMediaStorageGrantedForUid
-                                        || shouldPreserveLegacyExternalStorage);
+                        // The only way to get LEGACY_STORAGE (if you didn't already have it)
+                        // is that all of the following must be true:
+                        // 1. The flag shouldn't be restricted
+                        if (shouldApplyRestriction) {
+                            return false;
+                        }
+
+                        // 2. The app shouldn't be in sForcedScopedStorageAppWhitelist
+                        if (isForcedScopedStorage) {
+                            return false;
+                        }
+
+                        // 3. The app has WRITE_MEDIA_STORAGE, OR
+                        //      the app already has legacy external storage or requested it,
+                        //      and is < R.
+                        return hasWriteMediaStorageGrantedForUid
+                                || ((hasLegacyExternalStorage || hasRequestedLegacyExternalStorage)
+                                    && targetSDK < Build.VERSION_CODES.R);
                     }
                     @Override
                     public boolean mayDenyExtraAppOpIfGranted() {
-                        return shouldApplyRestriction;
+                        // If you're an app targeting < R, you can keep the app op for
+                        // as long as you meet the conditions required to acquire it.
+                        if (targetSDK < Build.VERSION_CODES.R) {
+                            return !mayAllowExtraAppOp();
+                        }
+
+                        // For an app targeting R, the only way to lose LEGACY_STORAGE if you
+                        // already had it is in one or more of the following conditions:
+                        // 1. The flag became restricted
+                        if (shouldApplyRestriction) {
+                            return true;
+                        }
+
+                        // The package is now a part of the forced scoped storage whitelist
+                        if (isForcedScopedStorage) {
+                            return true;
+                        }
+
+                        // The package doesn't have WRITE_MEDIA_STORAGE,
+                        // AND didn't request legacy storage to be preserved
+                        if (!hasWriteMediaStorageGrantedForUid
+                                && !hasRequestedPreserveLegacyExternalStorage) {
+                            return true;
+                        }
+
+                        return false;
                     }
                 };
             }
author	Martijn Coenen <maco@google.com>	2020-11-26 13:34:39 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2020-11-26 13:34:39 +0000
commit	0d2517e6974f12e3f862a83679adc48aefbed5eb (patch)
tree	1ebbc9894caff180bf2e02771dbb357626188f70
parent	7b6ce0505209dca6e800c331fe0566a0f444a31e (diff)
parent	50402a42f83de1935fa4955560a985284ed794ba (diff)