Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 33110a0b authored by Koushik Dutta's avatar Koushik Dutta
Browse files

Add support for allow-permission extension. 

This will grant a sharedUserId arbitrary permissions as defined by XML files
in /system/etc/permissions.

Change-Id: I4c0be56173b89621c4cc7ae589715a030931e8d5
parent 42182f6f

services/java/com/android/server/pm/PackageManagerService.java

+25 −1
Original line number Diff line number Diff line
@@ -398,6 +398,8 @@ public class PackageManagerService extends IPackageManager.Stub { 
    final ActivityIntentResolver mReceivers =

            new ActivityIntentResolver();



    final HashSet<String> mAllowances = new HashSet<String>();



    // All available services, for your resolving pleasure.

    final ServiceIntentResolver mServices = new ServiceIntentResolver();
@@ -1706,6 +1708,26 @@ public class PackageManagerService extends IPackageManager.Stub { 
                    perms.add(perm);

                    XmlUtils.skipCurrentTag(parser);



                } else if ("allow-permission".equals(name)) {

                    String perm = parser.getAttributeValue(null, "name");

                    if (perm == null) {

                        Slog.w(TAG,

                                "<allow-permission> without name at "

                                        + parser.getPositionDescription());

                        XmlUtils.skipCurrentTag(parser);

                        continue;

                    }

                    String sharedUserId = parser.getAttributeValue(null, "sharedUserId");

                    if (sharedUserId == null) {

                        Slog.w(TAG,

                                "<allow-permission> without uid at "

                                        + parser.getPositionDescription());

                        XmlUtils.skipCurrentTag(parser);

                        continue;

                    }

                    mAllowances.add(sharedUserId + ":" + perm);

                    XmlUtils.skipCurrentTag(parser);



                } else if ("library".equals(name)) {

                    String lname = parser.getAttributeValue(null, "name");

                    String lfile = parser.getAttributeValue(null, "file");
@@ -5689,7 +5711,9 @@ public class PackageManagerService extends IPackageManager.Stub { 
                bp.packageSetting.signatures.mSignatures, pkg.mSignatures)

                        == PackageManager.SIGNATURE_MATCH)

                || (compareSignatures(mPlatformPackage.mSignatures, pkg.mSignatures)

                        == PackageManager.SIGNATURE_MATCH);

                        == PackageManager.SIGNATURE_MATCH)

                || (pkg.mSharedUserId != null

                        && mAllowances.contains(pkg.mSharedUserId + ":" + perm));

        if (!allowed && (bp.protectionLevel

                & PermissionInfo.PROTECTION_FLAG_SYSTEM) != 0) {

            if (isSystemApp(pkg)) {