diff options
| author | 2019-09-06 04:52:10 +0000 | |
|---|---|---|
| committer | 2019-09-06 04:52:10 +0000 | |
| commit | f09d52d3e08fb863fe1c302f48a3ae1c12a1247c (patch) | |
| tree | 37223fddefe358c8f34834b1104ffaa019b61028 | |
| parent | c9c241e650ad3155cfe304b7d281db34905b7cd9 (diff) | |
| parent | bc4d010e101fe126d2c1f77d230336f5c8c467cd (diff) | |
Merge "Revoke granted permission when the permission defining app is removed."
| -rw-r--r-- | services/core/java/com/android/server/pm/permission/PermissionManagerService.java | 45 |
1 files changed, 43 insertions, 2 deletions
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java index 83aa07d446e8..a9e3f046e425 100644 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java @@ -57,6 +57,7 @@ import android.app.AppOpsManager; import android.app.ApplicationPackageManager; import android.app.IActivityManager; import android.content.Context; +import android.content.pm.ApplicationInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManager.PermissionGroupInfoFlags; import android.content.pm.PackageManager.PermissionInfoFlags; @@ -3750,7 +3751,7 @@ public class PermissionManagerService extends IPermissionManager.Stub { // Make sure all dynamic permissions have been assigned to a package, // and make sure there are no dangling permissions. boolean permissionSourcePackageChanged = updatePermissionSourcePackage(changingPkgName, - changingPkg); + changingPkg, callback); if (permissionTreesSourcePackageChanged | permissionSourcePackageChanged) { // Permission ownership has changed. This e.g. changes which packages can get signature @@ -3803,7 +3804,8 @@ public class PermissionManagerService extends IPermissionManager.Stub { * @return {@code true} if a permission source package might have changed */ private boolean updatePermissionSourcePackage(@Nullable String packageName, - @Nullable PackageParser.Package pkg) { + @Nullable PackageParser.Package pkg, + final @Nullable PermissionCallback callback) { boolean changed = false; Set<BasePermission> needsUpdate = null; @@ -3819,6 +3821,45 @@ public class PermissionManagerService extends IPermissionManager.Stub { && (pkg == null || !hasPermission(pkg, bp.getName()))) { Slog.i(TAG, "Removing permission " + bp.getName() + " that used to be declared by " + bp.getSourcePackageName()); + if (bp.isRuntime()) { + final int[] userIds = mUserManagerInt.getUserIds(); + final int numUserIds = userIds.length; + for (int userIdNum = 0; userIdNum < numUserIds; userIdNum++) { + final int userId = userIds[userIdNum]; + + mPackageManagerInt.forEachPackage((Package p) -> { + final String pName = p.packageName; + final ApplicationInfo appInfo = + mPackageManagerInt.getApplicationInfo(pName, 0, + Process.SYSTEM_UID, UserHandle.USER_SYSTEM); + if (appInfo != null + && appInfo.targetSdkVersion < Build.VERSION_CODES.M) { + return; + } + + final String permissionName = bp.getName(); + if (checkPermissionImpl(permissionName, pName, userId) + == PackageManager.PERMISSION_GRANTED) { + try { + revokeRuntimePermissionInternal( + permissionName, + pName, + false, + Process.SYSTEM_UID, + userId, + callback); + } catch (IllegalArgumentException e) { + Slog.e(TAG, + "Failed to revoke " + + permissionName + + " from " + + pName, + e); + } + } + }); + } + } changed = true; it.remove(); } |