Revert "pm: Scan as privileged apps that share a privileged user"

This reverts commit 2ede04735081bd8c0e399a280484fb9e6089f33f. This change + 77029c5b16351775cb2333369ef9a4bc1d9acf58 pass build checks/tests, (with the exception of a known unrelated test failure), but together break the build. Change-Id: I067da56df7239539e570499347ffaf91d6af2b0d
author: Jeffrey Vander Stoep <jeffv@google.com> 2018-01-24 00:38:55 +0000
committer: Jeffrey Vander Stoep <jeffv@google.com> 2018-01-24 00:38:55 +0000
commit: 2a31ecf04023660b62a97e7331b6d68fd68bf9f9 (patch)
tree: a3d6abaac44c655646dfed976fc295384d7c143a
parent: 2ede04735081bd8c0e399a280484fb9e6089f33f (diff)
1 files changed, 3 insertions, 28 deletions
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 8a250bfef836..faf6114237cd 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -9765,9 +9765,8 @@ Slog.e("TODD",
      * <li>{@link #SCAN_AS_VIRTUAL_PRELOAD}</li>
      * </ul>
      */
-    private @ScanFlags int adjustScanFlags(@ScanFlags int scanFlags,
-            PackageSetting pkgSetting, PackageSetting disabledPkgSetting, UserHandle user,
-            PackageParser.Package pkg) {
+    private static @ScanFlags int adjustScanFlags(@ScanFlags int scanFlags,
+            PackageSetting pkgSetting, PackageSetting disabledPkgSetting, UserHandle user) {
         if (disabledPkgSetting != null) {
             // updated system application, must at least have SCAN_AS_SYSTEM
             scanFlags |= SCAN_AS_SYSTEM;
@@ -9793,30 +9792,6 @@ Slog.e("TODD",
                 scanFlags |= SCAN_AS_VIRTUAL_PRELOAD;
             }
         }
-
-        // Scan as privileged apps that share a user with a priv-app.
-        if (((scanFlags & SCAN_AS_PRIVILEGED) == 0) && !pkg.isPrivileged()
-                && (pkg.mSharedUserId != null)) {
-            SharedUserSetting sharedUserSetting = null;
-            try {
-                sharedUserSetting = mSettings.getSharedUserLPw(pkg.mSharedUserId, 0, 0, false);
-            } catch (PackageManagerException ignore) {}
-            if (sharedUserSetting != null && sharedUserSetting.isPrivileged()) {
-                // Exempt SharedUsers signed with the platform key.
-                // TODO(b/72378145) Fix this exemption. Force signature apps
-                // to whitelist their privileged permissions just like other
-                // priv-apps.
-                synchronized (mPackages) {
-                    PackageSetting platformPkgSetting = mSettings.mPackages.get("android");
-                    if (!pkg.packageName.equals("android")
-                            && (compareSignatures(platformPkgSetting.signatures.mSignatures,
-                                pkg.mSigningDetails.signatures) != PackageManager.SIGNATURE_MATCH)) {
-                        scanFlags |= SCAN_AS_PRIVILEGED;
-                    }
-                }
-            }
-        }
-
         return scanFlags;
     }
 
@@ -9840,7 +9815,7 @@ Slog.e("TODD",
                     + " was transferred to another, but its .apk remains");
         }
 
-        scanFlags = adjustScanFlags(scanFlags, pkgSetting, disabledPkgSetting, user, pkg);
+        scanFlags = adjustScanFlags(scanFlags, pkgSetting, disabledPkgSetting, user);
         synchronized (mPackages) {
             applyPolicy(pkg, parseFlags, scanFlags);
             assertPackageIsValid(pkg, parseFlags, scanFlags);
author	Jeffrey Vander Stoep <jeffv@google.com>	2018-01-24 00:38:55 +0000
committer	Jeffrey Vander Stoep <jeffv@google.com>	2018-01-24 00:38:55 +0000
commit	2a31ecf04023660b62a97e7331b6d68fd68bf9f9 (patch)
tree	a3d6abaac44c655646dfed976fc295384d7c143a
parent	2ede04735081bd8c0e399a280484fb9e6089f33f (diff)