[automerger] RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions. am: 8da6786608

Change-Id: I2c9174d4b065aada8c4ba95e864b3628dd1f0975
author: Android Build Merger (Role) <noreply-android-build-merger@google.com> 2018-08-24 22:45:15 +0000
committer: Android Build Merger (Role) <noreply-android-build-merger@google.com> 2018-08-24 22:45:15 +0000
commit: 7d153c56c622f55a74277e5b1ebfd32dbb51eb99 (patch)
tree: 156086c0fc9b86b684a9946c44dda0e1eee11575
parent: 1425bb41aa61eaf10c93c5f153da131ac9f86a74 (diff)
parent: 8da6786608e374c20ae584b1c404fd4894786e46 (diff)
2 files changed, 12 insertions, 1 deletions
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index eea14b654754..3a62088baf29 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -248,6 +248,7 @@ import com.android.server.SystemConfig;
 import com.android.server.Watchdog;
 import com.android.server.net.NetworkPolicyManagerInternal;
 import com.android.server.pm.PermissionsState.PermissionState;
+import com.android.server.pm.PackageSetting;
 import com.android.server.pm.Settings.DatabaseVersion;
 import com.android.server.pm.Settings.VersionInfo;
 import com.android.server.storage.DeviceStorageMonitorInternal;
@@ -3946,8 +3947,10 @@ public class PackageManagerService extends IPackageManager.Stub {
 
     private static void enforceDeclaredAsUsedAndRuntimeOrDevelopmentPermission(PackageParser.Package pkg,
             BasePermission bp) {
+        final PackageSetting pkgSetting = (PackageSetting) pkg.mExtras;
+        final PermissionsState permsState = pkgSetting.getPermissionsState();
         int index = pkg.requestedPermissions.indexOf(bp.name);
-        if (index == -1) {
+        if (!permsState.hasRequestedPermission(bp.name) && index == -1) {
             throw new SecurityException("Package " + pkg.packageName
                     + " has not requested permission " + bp.name);
         }
diff --git a/services/core/java/com/android/server/pm/PermissionsState.java b/services/core/java/com/android/server/pm/PermissionsState.java
index 8f9968ecf7fd..39194feb264d 100644
--- a/services/core/java/com/android/server/pm/PermissionsState.java
+++ b/services/core/java/com/android/server/pm/PermissionsState.java
@@ -261,6 +261,14 @@ public final class PermissionsState {
     }
 
     /**
+     * Returns whether the state has any known request for the given permission name,
+     * whether or not it has been granted.
+     */
+    public boolean hasRequestedPermission(String name) {
+        return mPermissions != null && (mPermissions.get(name) != null);
+    }
+
+    /**
      * Gets all permissions for a given device user id regardless if they
      * are install time or runtime permissions.
      *
author	Android Build Merger (Role) <noreply-android-build-merger@google.com>	2018-08-24 22:45:15 +0000
committer	Android Build Merger (Role) <noreply-android-build-merger@google.com>	2018-08-24 22:45:15 +0000
commit	7d153c56c622f55a74277e5b1ebfd32dbb51eb99 (patch)
tree	156086c0fc9b86b684a9946c44dda0e1eee11575
parent	1425bb41aa61eaf10c93c5f153da131ac9f86a74 (diff)
parent	8da6786608e374c20ae584b1c404fd4894786e46 (diff)