Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2a31ecf0 authored by Jeffrey Vander Stoep's avatar Jeffrey Vander Stoep
Browse files

Revert "pm: Scan as privileged apps that share a privileged user" 

This reverts commit 2ede0473.

This change + 77029c5b
pass build checks/tests, (with the exception of a known unrelated test failure), but together break the build.
Change-Id: I067da56df7239539e570499347ffaf91d6af2b0d
parent 2ede0473

services/core/java/com/android/server/pm/PackageManagerService.java

+3 −28
Original line number Diff line number Diff line
@@ -9765,9 +9765,8 @@ Slog.e("TODD", 
     * <li>{@link #SCAN_AS_VIRTUAL_PRELOAD}</li>

     * </ul>

     */

    private @ScanFlags int adjustScanFlags(@ScanFlags int scanFlags,

            PackageSetting pkgSetting, PackageSetting disabledPkgSetting, UserHandle user,

            PackageParser.Package pkg) {

    private static @ScanFlags int adjustScanFlags(@ScanFlags int scanFlags,

            PackageSetting pkgSetting, PackageSetting disabledPkgSetting, UserHandle user) {

        if (disabledPkgSetting != null) {

            // updated system application, must at least have SCAN_AS_SYSTEM

            scanFlags |= SCAN_AS_SYSTEM;
@@ -9793,30 +9792,6 @@ Slog.e("TODD", 
                scanFlags |= SCAN_AS_VIRTUAL_PRELOAD;

            }

        }













        // Scan as privileged apps that share a user with a priv-app.













        if (((scanFlags & SCAN_AS_PRIVILEGED) == 0) && !pkg.isPrivileged()













                && (pkg.mSharedUserId != null)) {













            SharedUserSetting sharedUserSetting = null;













            try {













                sharedUserSetting = mSettings.getSharedUserLPw(pkg.mSharedUserId, 0, 0, false);













            } catch (PackageManagerException ignore) {}













            if (sharedUserSetting != null && sharedUserSetting.isPrivileged()) {













                // Exempt SharedUsers signed with the platform key.













                // TODO(b/72378145) Fix this exemption. Force signature apps













                // to whitelist their privileged permissions just like other













                // priv-apps.













                synchronized (mPackages) {













                    PackageSetting platformPkgSetting = mSettings.mPackages.get("android");













                    if (!pkg.packageName.equals("android")













                            && (compareSignatures(platformPkgSetting.signatures.mSignatures,













                                pkg.mSigningDetails.signatures) != PackageManager.SIGNATURE_MATCH)) {













                        scanFlags |= SCAN_AS_PRIVILEGED;













                    }













                }













            }













        }



























        return scanFlags;















    }























@@ -9840,7 +9815,7 @@ Slog.e("TODD",













                    + " was transferred to another, but its .apk remains");















        }



























        scanFlags = adjustScanFlags(scanFlags, pkgSetting, disabledPkgSetting, user, pkg);













        scanFlags = adjustScanFlags(scanFlags, pkgSetting, disabledPkgSetting, user);















        synchronized (mPackages) {















            applyPolicy(pkg, parseFlags, scanFlags);















            assertPackageIsValid(pkg, parseFlags, scanFlags);