Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 33e24c88 authored by Philip P. Moltmann's avatar Philip P. Moltmann
Browse files

Revoke permission on non-runtime -> runtime upgrade 

Not only on normal -> runtime.

Test: atest PermissionEscalationTest
Bug: 154505240, 168319670
Change-Id: If3b420067b4d7111dcf67ae6f98e42176158b679
Merged-In: If3b420067b4d7111dcf67ae6f98e42176158b679
parent 84c1247a

services/core/java/com/android/server/pm/permission/BasePermission.java

+2 −2
Original line number Diff line number Diff line
@@ -367,7 +367,7 @@ public final class BasePermission { 
        if (bp == null) {

            bp = new BasePermission(p.getName(), p.getPackageName(), TYPE_NORMAL);

        }

        boolean wasNormal = bp.isNormal();

        boolean wasNonRuntime = !bp.isRuntime();

        StringBuilder r = null;

        if (bp.perm == null) {

            if (bp.sourcePackageName == null
@@ -411,7 +411,7 @@ public final class BasePermission { 
                && Objects.equals(bp.perm.getName(), p.getName())) {

            bp.protectionLevel = p.getProtectionLevel();

        }

        if (bp.isRuntime() && (ownerChanged || wasNormal)) {

        if (bp.isRuntime() && (ownerChanged || wasNonRuntime)) {

            // If this is a runtime permission and the owner has changed, or this was a normal

            // permission, then permission state should be cleaned up

            bp.mPermissionDefinitionChanged = true;