Check user state after clearing identity.

This is to fix the case where the caller has GRANT_REVOKE_PERMISSIONS
but does not have MANAGE_USERS permission.

Related to a recent fix for
Bug: 22356546

Change-Id: Id51157abad14a0bdba3a16d7cd168f61ba25e890

1 files changed, 6 insertions, 5 deletions

diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index bfb803d0d475..2bd00185eabf 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -3461,13 +3461,14 @@ public class PackageManagerService extends IPackageManager.Stub {
         // Only need to do this if user is initialized. Otherwise it's a new user
         // and there are no processes running as the user yet and there's no need
         // to make an expensive call to remount processes for the changed permissions.
-        if ((READ_EXTERNAL_STORAGE.equals(name)
-                || WRITE_EXTERNAL_STORAGE.equals(name))
-                && sUserManager.isInitialized(userId)) {
+        if (READ_EXTERNAL_STORAGE.equals(name)
+                || WRITE_EXTERNAL_STORAGE.equals(name)) {
             final long token = Binder.clearCallingIdentity();
             try {
-                final StorageManager storage = mContext.getSystemService(StorageManager.class);
-                storage.remountUid(uid);
+                if (sUserManager.isInitialized(userId)) {
+                    final StorageManager storage = mContext.getSystemService(StorageManager.class);
+                    storage.remountUid(uid);
+                }
             } finally {
                 Binder.restoreCallingIdentity(token);
             }