summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author akirilov <akirilov@google.com> 2018-09-05 17:32:07 -0700
committer android-build-merger <android-build-merger@google.com> 2018-09-05 17:32:07 -0700
commitd55320b5240a20bccca4ad7df57e92b14c7f7d37 (patch)
tree43043f8d29f98a4cd3932eed3ef278e90820a338
parent9e6abebb10581d1288e14e56ef9d583afc6db191 (diff)
parent08d2780e1e2cac0f75721ac59c74a62bbc96de27 (diff)
Merge "RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions." into oc-dev
am: 08d2780e1e Change-Id: I3d963182b12d33718157576105d10c7da56ec228
Diffstat
-rw-r--r--services/core/java/com/android/server/pm/PackageManagerService.java5
-rw-r--r--services/core/java/com/android/server/pm/PermissionsState.java8
2 files changed, 12 insertions, 1 deletions
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 8606b3e94e49..3fa8aca8e5d9 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -278,6 +278,7 @@ import com.android.server.Watchdog;
import com.android.server.net.NetworkPolicyManagerInternal;
import com.android.server.pm.Installer.InstallerException;
import com.android.server.pm.PermissionsState.PermissionState;
+import com.android.server.pm.PackageSetting;
import com.android.server.pm.Settings.DatabaseVersion;
import com.android.server.pm.Settings.VersionInfo;
import com.android.server.pm.dex.DexManager;
@@ -5353,8 +5354,10 @@ public class PackageManagerService extends IPackageManager.Stub
private static void enforceDeclaredAsUsedAndRuntimeOrDevelopmentPermission(
PackageParser.Package pkg, BasePermission bp) {
+ final PackageSetting pkgSetting = (PackageSetting) pkg.mExtras;
+ final PermissionsState permsState = pkgSetting.getPermissionsState();
int index = pkg.requestedPermissions.indexOf(bp.name);
- if (index == -1) {
+ if (!permsState.hasRequestedPermission(bp.name) && index == -1) {
throw new SecurityException("Package " + pkg.packageName
+ " has not requested permission " + bp.name);
}
diff --git a/services/core/java/com/android/server/pm/PermissionsState.java b/services/core/java/com/android/server/pm/PermissionsState.java
index 8a427cd329e2..d494e33cc647 100644
--- a/services/core/java/com/android/server/pm/PermissionsState.java
+++ b/services/core/java/com/android/server/pm/PermissionsState.java
@@ -291,6 +291,14 @@ public final class PermissionsState {
}
/**
+ * Returns whether the state has any known request for the given permission name,
+ * whether or not it has been granted.
+ */
+ public boolean hasRequestedPermission(String name) {
+ return mPermissions != null && (mPermissions.get(name) != null);
+ }
+
+ /**
* Gets all permissions for a given device user id regardless if they
* are install time or runtime permissions.
*
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-28 15:01:46 +0000