Merge "Prevent some key system applications from losing storage permissions" into main

author: Nate Myren <ntmyren@google.com> 2023-07-26 16:09:01 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2023-07-26 16:09:01 +0000
commit: 969a52a60344a9c22e5a107f935a2dfc7544f16e (patch)
tree: 6d718b8283aa2f8787702f968e8891a3547f9657
parent: 040e83876d7d049c3db749dd1fe11e91c29c3fea (diff)
parent: e7b8f467c071662e80d51e6531869711993529ad (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
index 9ed5aa7158ab..5221cfa85a7c 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
@@ -2116,6 +2116,12 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
                 if (!isStorageOrMedia) {
                     continue;
                 }
+                boolean isSystemOrPolicyFixed = (getPermissionFlags(newPackage.getPackageName(),
+                        permInfo.name, userId) & (FLAG_PERMISSION_SYSTEM_FIXED
+                        | FLAG_PERMISSION_POLICY_FIXED)) != 0;
+                if (isSystemOrPolicyFixed) {
+                    continue;
+                }
 
                 EventLog.writeEvent(0x534e4554, "171430330", newPackage.getUid(),
                         "Revoking permission " + permInfo.name + " from package "
author	Nate Myren <ntmyren@google.com>	2023-07-26 16:09:01 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2023-07-26 16:09:01 +0000
commit	969a52a60344a9c22e5a107f935a2dfc7544f16e (patch)
tree	6d718b8283aa2f8787702f968e8891a3547f9657
parent	040e83876d7d049c3db749dd1fe11e91c29c3fea (diff)
parent	e7b8f467c071662e80d51e6531869711993529ad (diff)