diff options
| author | 2025-03-21 13:32:18 -0700 | |
|---|---|---|
| committer | 2025-03-21 13:32:18 -0700 | |
| commit | 91c12d7e7154bb170f0a2baf806187789339326b (patch) | |
| tree | f2dc604818d71a6923d23958d6f422e235b31c4b | |
| parent | 84b998c85053c8d502fcfa1991524eab341ebb88 (diff) | |
AppIdPermissionUpgrade: Followup improvements to BODY_SENSORS sync.
Bug: 401614607
Test: Presubmits passing.
Flag: EXEMPT bugfix
Change-Id: I25f944b2e42164c7824c3ffca067881ba0b3538d
| -rw-r--r-- | services/permission/java/com/android/server/permission/access/permission/AppIdPermissionUpgrade.kt | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/services/permission/java/com/android/server/permission/access/permission/AppIdPermissionUpgrade.kt b/services/permission/java/com/android/server/permission/access/permission/AppIdPermissionUpgrade.kt index 022b811d9ac8..bd63918e751b 100644 --- a/services/permission/java/com/android/server/permission/access/permission/AppIdPermissionUpgrade.kt +++ b/services/permission/java/com/android/server/permission/access/permission/AppIdPermissionUpgrade.kt @@ -295,10 +295,10 @@ class AppIdPermissionUpgrade(private val policy: AppIdPermissionPolicy) { val isReadHeartRateRequested = HealthPermissions.READ_HEART_RATE in androidPackage.requestedPermissions var isBodySensorsGranted = - isPermissionGranted(packageState, userId, Manifest.permission.BODY_SENSORS) + isRuntimePermissionGranted(packageState, userId, Manifest.permission.BODY_SENSORS) if (isBodySensorsRequested && isReadHeartRateRequested) { val isReadHeartRateGranted = - isPermissionGranted(packageState, userId, HealthPermissions.READ_HEART_RATE) + isRuntimePermissionGranted(packageState, userId, HealthPermissions.READ_HEART_RATE) if (isBodySensorsGranted != isReadHeartRateGranted) { if (isBodySensorsGranted) { if ( @@ -319,7 +319,11 @@ class AppIdPermissionUpgrade(private val policy: AppIdPermissionPolicy) { // Then check to ensure we haven't put the background/foreground permissions out of sync. var isBodySensorsBackgroundGranted = - isPermissionGranted(packageState, userId, Manifest.permission.BODY_SENSORS_BACKGROUND) + isRuntimePermissionGranted( + packageState, + userId, + Manifest.permission.BODY_SENSORS_BACKGROUND, + ) // Background permission should not be granted without the foreground permission. if (!isBodySensorsGranted && isBodySensorsBackgroundGranted) { if ( @@ -340,7 +344,7 @@ class AppIdPermissionUpgrade(private val policy: AppIdPermissionPolicy) { HealthPermissions.READ_HEALTH_DATA_IN_BACKGROUND in androidPackage.requestedPermissions if (isBodySensorsBackgroundRequested && isReadHealthDataInBackgroundRequested) { val isReadHealthDataInBackgroundGranted = - isPermissionGranted( + isRuntimePermissionGranted( packageState, userId, HealthPermissions.READ_HEALTH_DATA_IN_BACKGROUND, @@ -364,7 +368,7 @@ class AppIdPermissionUpgrade(private val policy: AppIdPermissionPolicy) { } } - private fun GetStateScope.isPermissionGranted( + private fun GetStateScope.isRuntimePermissionGranted( packageState: PackageState, userId: Int, permissionName: String, @@ -425,18 +429,14 @@ class AppIdPermissionUpgrade(private val policy: AppIdPermissionPolicy) { "Revoking runtime permission for package: ${packageState.packageName}, " + "permission: $permissionName, userId: $userId", ) - val permission = newState.systemState.permissions[permissionName]!! - if (packageState.getUserStateOrDefault(userId).isInstantApp && !permission.isInstant) { - return false - } val appId = packageState.appId var flags = with(policy) { getPermissionFlags(appId, userId, permissionName) } if (flags.hasAnyBit(MASK_SYSTEM_OR_POLICY_FIXED)) { Slog.v( LOG_TAG, - "Not allowed to revoke $permissionName to package ${packageState.packageName} " + - "for user $userId", + "Cannot revoke fixed runtime permission from package: " + + "${packageState.packageName}, permission: $permissionName, userId: $userId", ) return false } |