Merge "Only log a warning if it's an actual violation"

author: Fyodor Kupolov <fkupolov@google.com> 2017-10-26 23:02:07 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2017-10-26 23:02:07 +0000
commit: 68533018e748ae7fa881cdb933ec18f9273cfc1e (patch)
tree: 615a3f747981598da666b93d0870e4c3c841abbd
parent: 35c1a5d51b02a9a9853cf4abc0569591bdb71ecb (diff)
parent: f5e600d073e7b3c7a6ba36c904c9d51acfaaf6ff (diff)
1 files changed, 9 insertions, 7 deletions
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index 9e4940908bda..40a02b9c2500 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -1010,8 +1010,6 @@ Slog.e(TAG, "TODD: No package not found; UID: " + uid);
         if (!privappPermissionsDisable && privilegedPermission && pkg.isPrivileged()
                 && !platformPackage && platformPermission) {
             if (!hasPrivappWhitelistEntry(perm, pkg)) {
-                Slog.w(TAG, "Privileged permission " + perm + " for package "
-                        + pkg.packageName + " - not in privapp-permissions whitelist");
                 // Only report violations for apps on system image
                 if (!mSystemReady && !pkg.isUpdatedSystemApp()) {
                     // it's only a reportable violation if the permission isn't explicitly denied
@@ -1019,12 +1017,16 @@ Slog.e(TAG, "TODD: No package not found; UID: " + uid);
                             .getPrivAppDenyPermissions(pkg.packageName);
                     final boolean permissionViolation =
                             deniedPermissions == null || !deniedPermissions.contains(perm);
-                    if (permissionViolation
-                            && RoSystemProperties.CONTROL_PRIVAPP_PERMISSIONS_ENFORCE) {
-                        if (mPrivappPermissionsViolations == null) {
-                            mPrivappPermissionsViolations = new ArraySet<>();
+                    if (permissionViolation) {
+                        Slog.w(TAG, "Privileged permission " + perm + " for package "
+                                + pkg.packageName + " - not in privapp-permissions whitelist");
+
+                        if (RoSystemProperties.CONTROL_PRIVAPP_PERMISSIONS_ENFORCE) {
+                            if (mPrivappPermissionsViolations == null) {
+                                mPrivappPermissionsViolations = new ArraySet<>();
+                            }
+                            mPrivappPermissionsViolations.add(pkg.packageName + ": " + perm);
                         }
-                        mPrivappPermissionsViolations.add(pkg.packageName + ": " + perm);
                     } else {
                         return false;
                     }
author	Fyodor Kupolov <fkupolov@google.com>	2017-10-26 23:02:07 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2017-10-26 23:02:07 +0000
commit	68533018e748ae7fa881cdb933ec18f9273cfc1e (patch)
tree	615a3f747981598da666b93d0870e4c3c841abbd
parent	35c1a5d51b02a9a9853cf4abc0569591bdb71ecb (diff)
parent	f5e600d073e7b3c7a6ba36c904c9d51acfaaf6ff (diff)