diff options
| -rw-r--r-- | services/permission/java/com/android/server/permission/access/permission/AppIdPermissionPolicy.kt | 46 |
1 files changed, 20 insertions, 26 deletions
diff --git a/services/permission/java/com/android/server/permission/access/permission/AppIdPermissionPolicy.kt b/services/permission/java/com/android/server/permission/access/permission/AppIdPermissionPolicy.kt index c558aae5248e..7ed23cd7df3e 100644 --- a/services/permission/java/com/android/server/permission/access/permission/AppIdPermissionPolicy.kt +++ b/services/permission/java/com/android/server/permission/access/permission/AppIdPermissionPolicy.kt @@ -230,18 +230,7 @@ class AppIdPermissionPolicy : SchemePolicy() { } val isSoftRestricted = if (permission.isSoftRestricted && !isExempt) { - val targetSdkVersion = - reducePackageInAppId(appId, Build.VERSION_CODES.CUR_DEVELOPMENT) { - targetSdkVersion, - packageState -> - if (permissionName in packageState.androidPackage!!.requestedPermissions) { - targetSdkVersion.coerceAtMost( - packageState.androidPackage!!.targetSdkVersion - ) - } else { - targetSdkVersion - } - } + val targetSdkVersion = getAppIdTargetSdkVersion(appId, permissionName) !anyPackageInAppId(appId) { permissionName in it.androidPackage!!.requestedPermissions && isSoftRestrictedPermissionExemptForPackage( @@ -718,18 +707,8 @@ class AppIdPermissionPolicy : SchemePolicy() { // If the app is updated, and has scoped storage permissions, then it is possible that the // app updated in an attempt to get unscoped storage. If so, revoke all storage permissions. - val oldTargetSdkVersion = - reducePackageInAppId(appId, Build.VERSION_CODES.CUR_DEVELOPMENT, oldState) { - targetSdkVersion, - packageState -> - targetSdkVersion.coerceAtMost(packageState.androidPackage!!.targetSdkVersion) - } - val newTargetSdkVersion = - reducePackageInAppId(appId, Build.VERSION_CODES.CUR_DEVELOPMENT, newState) { - targetSdkVersion, - packageState -> - targetSdkVersion.coerceAtMost(packageState.androidPackage!!.targetSdkVersion) - } + val oldTargetSdkVersion = getAppIdTargetSdkVersion(appId, null, oldState) + val newTargetSdkVersion = getAppIdTargetSdkVersion(appId, null, newState) @Suppress("ConvertTwoComparisonsToRangeCheck") val isTargetSdkVersionDowngraded = oldTargetSdkVersion >= Build.VERSION_CODES.Q && @@ -1115,10 +1094,9 @@ class AppIdPermissionPolicy : SchemePolicy() { } private fun MutateStateScope.inheritImplicitPermissionStates(appId: Int, userId: Int) { - var targetSdkVersion = Build.VERSION_CODES.CUR_DEVELOPMENT + val targetSdkVersion = getAppIdTargetSdkVersion(appId, null) val implicitPermissions = MutableIndexedSet<String>() forEachPackageInAppId(appId) { - targetSdkVersion = targetSdkVersion.coerceAtMost(it.androidPackage!!.targetSdkVersion) implicitPermissions += it.androidPackage!!.implicitPermissions } implicitPermissions.forEachIndexed implicitPermissions@{ _, implicitPermissionName -> @@ -1418,6 +1396,22 @@ class AppIdPermissionPolicy : SchemePolicy() { else -> false } + private fun MutateStateScope.getAppIdTargetSdkVersion( + appId: Int, + permissionName: String?, + state: AccessState = newState + ): Int = + reducePackageInAppId(appId, Build.VERSION_CODES.CUR_DEVELOPMENT, state) { + targetSdkVersion, + packageState -> + val androidPackage = packageState.androidPackage!! + if (permissionName == null || permissionName in androidPackage.requestedPermissions) { + targetSdkVersion.coerceAtMost(androidPackage.targetSdkVersion) + } else { + targetSdkVersion + } + } + private inline fun MutateStateScope.anyPackageInAppId( appId: Int, state: AccessState = newState, |