From 33e24c883c5797fe7ba05468bde967fb0e46e66d Mon Sep 17 00:00:00 2001 From: "Philip P. Moltmann" Date: Tue, 3 Nov 2020 15:12:44 -0800 Subject: Revoke permission on non-runtime -> runtime upgrade Not only on normal -> runtime. Test: atest PermissionEscalationTest Bug: 154505240, 168319670 Change-Id: If3b420067b4d7111dcf67ae6f98e42176158b679 Merged-In: If3b420067b4d7111dcf67ae6f98e42176158b679 --- .../core/java/com/android/server/pm/permission/BasePermission.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/core/java/com/android/server/pm/permission/BasePermission.java b/services/core/java/com/android/server/pm/permission/BasePermission.java index 2d4b5012bf15..5e04171a3bca 100644 --- a/services/core/java/com/android/server/pm/permission/BasePermission.java +++ b/services/core/java/com/android/server/pm/permission/BasePermission.java @@ -367,7 +367,7 @@ public final class BasePermission { if (bp == null) { bp = new BasePermission(p.getName(), p.getPackageName(), TYPE_NORMAL); } - boolean wasNormal = bp.isNormal(); + boolean wasNonRuntime = !bp.isRuntime(); StringBuilder r = null; if (bp.perm == null) { if (bp.sourcePackageName == null @@ -411,7 +411,7 @@ public final class BasePermission { && Objects.equals(bp.perm.getName(), p.getName())) { bp.protectionLevel = p.getProtectionLevel(); } - if (bp.isRuntime() && (ownerChanged || wasNormal)) { + if (bp.isRuntime() && (ownerChanged || wasNonRuntime)) { // If this is a runtime permission and the owner has changed, or this was a normal // permission, then permission state should be cleaned up bp.mPermissionDefinitionChanged = true; -- cgit v1.2.3-59-g8ed1b