Commit 7d252f5e authored by Android Build Merger (Role)'s avatar Android Build Merger (Role)

[automerger] RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed...

[automerger] RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package. am: fa69d725

Change-Id: I7bfd11dd549f814b59742c7565c4a39ed3df66fe
parents 00b57fc9 fa69d725
......@@ -510,6 +510,8 @@ public class PackageManagerService extends IPackageManager.Stub {
/** Special library name that skips shared libraries check during compilation. */
private static final String SKIP_SHARED_LIBRARY_CHECK = "&";
private static final int PROTECTION_MASK_BASE = 0xf;
final ServiceThread mHandlerThread;
final PackageHandler mHandler;
......@@ -4069,6 +4071,11 @@ public class PackageManagerService extends IPackageManager.Stub {
@Override
public void revokeRuntimePermission(String packageName, String name, int userId) {
revokeRuntimePermission(packageName, name, userId, mSettings.getPermission(name));
}
private void revokeRuntimePermission(String packageName, String name, int userId,
BasePermission bp) {
if (!sUserManager.exists(userId)) {
Log.e(TAG, "No such user:" + userId);
return;
......@@ -4089,8 +4096,6 @@ public class PackageManagerService extends IPackageManager.Stub {
if (pkg == null) {
throw new IllegalArgumentException("Unknown package: " + packageName);
}
final BasePermission bp = mSettings.mPermissions.get(name);
if (bp == null) {
throw new IllegalArgumentException("Unknown permission: " + name);
}
......@@ -4207,7 +4212,8 @@ public class PackageManagerService extends IPackageManager.Stub {
oldPermissionGroupName, "to", newPermissionGroupName);
try {
revokeRuntimePermission(packageName, permissionName, userId);
revokeRuntimePermission(packageName, permissionName, userId,
mSettings.getPermission(permissionName));
} catch (IllegalArgumentException e) {
Slog.e(TAG, "Could not revoke " + permissionName + " from "
+ packageName, e);
......@@ -9695,7 +9701,10 @@ public class PackageManagerService extends IPackageManager.Stub {
if (DEBUG_REMOVE) Log.d(TAG, " Activities: " + r);
}
final ArrayList<String> allPackageNames = new ArrayList<>(mPackages.keySet());
N = pkg.permissions.size();
List<BasePermission> bps = new ArrayList<BasePermission>(N);
r = null;
for (i=0; i<N; i++) {
PackageParser.Permission p = pkg.permissions.get(i);
......@@ -9704,6 +9713,10 @@ public class PackageManagerService extends IPackageManager.Stub {
bp = mSettings.mPermissionTrees.get(p.info.name);
}
if (bp != null && bp.perm == p) {
if (((p.info.protectionLevel & PROTECTION_MASK_BASE) &
PermissionInfo.PROTECTION_DANGEROUS) != 0) {
bps.add(bp);
}
bp.perm = null;
if (DEBUG_REMOVE && chatty) {
if (r == null) {
......@@ -9721,6 +9734,44 @@ public class PackageManagerService extends IPackageManager.Stub {
}
}
}
AsyncTask.execute(() -> {
final int numRemovedPermissions = bps.size();
for (int permissionNum = 0; permissionNum < numRemovedPermissions; permissionNum++) {
final int[] userIds = sUserManager.getUserIds();
final int numUserIds = userIds.length;
final int numPackages = allPackageNames.size();
for (int packageNum = 0; packageNum < numPackages; packageNum++) {
final String packageName = allPackageNames.get(packageNum);
final PackageManagerInternal packageManagerInt =
LocalServices.getService(PackageManagerInternal.class);
final ApplicationInfo applicationInfo = packageManagerInt.getApplicationInfo(
packageName, UserHandle.USER_SYSTEM);
if (applicationInfo != null
&& applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
continue;
}
for (int userIdNum = 0; userIdNum < numUserIds; userIdNum++) {
final int userId = userIds[userIdNum];
final String permissionName = bps.get(permissionNum).name;
if (checkPermission(permissionName, packageName,
userId) == PackageManager.PERMISSION_GRANTED) {
try {
revokeRuntimePermission(packageName,
permissionName,
userId,
bps.get(permissionNum));
} catch (IllegalArgumentException e) {
Slog.e(TAG, "Could not revoke " + permissionName + " from "
+ packageName, e);
}
}
}
}
}
});
if (r != null) {
if (DEBUG_REMOVE) Log.d(TAG, " Permissions: " + r);
}
......
......@@ -454,6 +454,17 @@ final class Settings {
return mPackages.get(name);
}
public BasePermission getPermission(@NonNull String permName) {
synchronized (mLock) {
return getPermissionLocked(permName);
}
}
@GuardedBy("mLock")
BasePermission getPermissionLocked(@NonNull String permName) {
return mPermissions.get(permName);
}
void setInstallStatus(String pkgName, final int status) {
PackageSetting p = mPackages.get(pkgName);
if(p != null) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment