Commit 0ead58f6 authored Apr 23, 2024 by Yi-an Chen

Fix security vulnerability of non-dynamic permission removal

The original removePermission() code in PermissionManagerServiceImpl
missed a logical negation operator when handling non-dynamic
permissions, causing both
testPermissionPermission_nonDynamicPermission_permissionUnchanged and
testRemovePermission_dynamicPermission_permissionRemoved tests in
DynamicPermissionsTest to fail.

The corresponding test DynamicPermissionsTest is also updated in the
other CL: ag/27073864

Bug: 321711213
Test: DynamicPermissionsTest on sc-dev and tm-dev locally
Change-Id: Ia146d4098643d9c473f8c83d33a8a125a53101fc

parent 7ce227eb

services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -674,7 +674,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
		if (bp == null) {
		return;
		}
		if (bp.isDynamic()) {
		if (!bp.isDynamic()) {
		// TODO: switch this back to SecurityException
		Slog.wtf(TAG, "Not allowed to modify non-dynamic permission "
		+ permName);