Loading services/java/com/android/server/pm/PackageManagerService.java +28 −8 Original line number Original line Diff line number Diff line Loading @@ -1715,6 +1715,7 @@ public class PackageManagerService extends IPackageManager.Stub { } } public int[] getPackageGids(String packageName) { public int[] getPackageGids(String packageName) { final boolean enforcedDefault = isPermissionEnforcedDefault(READ_EXTERNAL_STORAGE); // reader // reader synchronized (mPackages) { synchronized (mPackages) { PackageParser.Package p = mPackages.get(packageName); PackageParser.Package p = mPackages.get(packageName); Loading @@ -1726,7 +1727,7 @@ public class PackageManagerService extends IPackageManager.Stub { int[] gids = suid != null ? suid.gids : ps.gids; int[] gids = suid != null ? suid.gids : ps.gids; // include GIDs for any unenforced permissions // include GIDs for any unenforced permissions if (!isPermissionEnforcedLocked(READ_EXTERNAL_STORAGE)) { if (!isPermissionEnforcedLocked(READ_EXTERNAL_STORAGE, enforcedDefault)) { final BasePermission basePerm = mSettings.mPermissions.get( final BasePermission basePerm = mSettings.mPermissions.get( READ_EXTERNAL_STORAGE); READ_EXTERNAL_STORAGE); gids = appendInts(gids, basePerm.gids); gids = appendInts(gids, basePerm.gids); Loading Loading @@ -2054,6 +2055,7 @@ public class PackageManagerService extends IPackageManager.Stub { } } public int checkPermission(String permName, String pkgName) { public int checkPermission(String permName, String pkgName) { final boolean enforcedDefault = isPermissionEnforcedDefault(permName); synchronized (mPackages) { synchronized (mPackages) { PackageParser.Package p = mPackages.get(pkgName); PackageParser.Package p = mPackages.get(pkgName); if (p != null && p.mExtras != null) { if (p != null && p.mExtras != null) { Loading @@ -2066,7 +2068,7 @@ public class PackageManagerService extends IPackageManager.Stub { return PackageManager.PERMISSION_GRANTED; return PackageManager.PERMISSION_GRANTED; } } } } if (!isPermissionEnforcedLocked(permName)) { if (!isPermissionEnforcedLocked(permName, enforcedDefault)) { return PackageManager.PERMISSION_GRANTED; return PackageManager.PERMISSION_GRANTED; } } } } Loading @@ -2074,6 +2076,7 @@ public class PackageManagerService extends IPackageManager.Stub { } } public int checkUidPermission(String permName, int uid) { public int checkUidPermission(String permName, int uid) { final boolean enforcedDefault = isPermissionEnforcedDefault(permName); synchronized (mPackages) { synchronized (mPackages) { Object obj = mSettings.getUserIdLPr(UserHandle.getAppId(uid)); Object obj = mSettings.getUserIdLPr(UserHandle.getAppId(uid)); if (obj != null) { if (obj != null) { Loading @@ -2087,7 +2090,7 @@ public class PackageManagerService extends IPackageManager.Stub { return PackageManager.PERMISSION_GRANTED; return PackageManager.PERMISSION_GRANTED; } } } } if (!isPermissionEnforcedLocked(permName)) { if (!isPermissionEnforcedLocked(permName, enforcedDefault)) { return PackageManager.PERMISSION_GRANTED; return PackageManager.PERMISSION_GRANTED; } } } } Loading Loading @@ -10133,19 +10136,36 @@ public class PackageManagerService extends IPackageManager.Stub { @Override @Override public boolean isPermissionEnforced(String permission) { public boolean isPermissionEnforced(String permission) { final boolean enforcedDefault = isPermissionEnforcedDefault(permission); synchronized (mPackages) { synchronized (mPackages) { return isPermissionEnforcedLocked(permission); return isPermissionEnforcedLocked(permission, enforcedDefault); } } } } private boolean isPermissionEnforcedLocked(String permission) { /** * Check if given permission should be enforced by default. Should always be * called outside of {@link #mPackages} lock. */ private boolean isPermissionEnforcedDefault(String permission) { if (READ_EXTERNAL_STORAGE.equals(permission)) { return Secure.getInt(mContext.getContentResolver(), Secure.READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT, 0) != 0; } else { return true; } } /** * Check if user has requested that given permission be enforced, using * given default if undefined. */ private boolean isPermissionEnforcedLocked(String permission, boolean enforcedDefault) { if (READ_EXTERNAL_STORAGE.equals(permission)) { if (READ_EXTERNAL_STORAGE.equals(permission)) { if (mSettings.mReadExternalStorageEnforced != null) { if (mSettings.mReadExternalStorageEnforced != null) { return mSettings.mReadExternalStorageEnforced; return mSettings.mReadExternalStorageEnforced; } else { } else { // if user hasn't defined, fall back to secure default // User hasn't defined; fall back to secure default return Secure.getInt(mContext.getContentResolver(), return enforcedDefault; Secure.READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT, 0) != 0; } } } else { } else { return true; return true; Loading Loading
services/java/com/android/server/pm/PackageManagerService.java +28 −8 Original line number Original line Diff line number Diff line Loading @@ -1715,6 +1715,7 @@ public class PackageManagerService extends IPackageManager.Stub { } } public int[] getPackageGids(String packageName) { public int[] getPackageGids(String packageName) { final boolean enforcedDefault = isPermissionEnforcedDefault(READ_EXTERNAL_STORAGE); // reader // reader synchronized (mPackages) { synchronized (mPackages) { PackageParser.Package p = mPackages.get(packageName); PackageParser.Package p = mPackages.get(packageName); Loading @@ -1726,7 +1727,7 @@ public class PackageManagerService extends IPackageManager.Stub { int[] gids = suid != null ? suid.gids : ps.gids; int[] gids = suid != null ? suid.gids : ps.gids; // include GIDs for any unenforced permissions // include GIDs for any unenforced permissions if (!isPermissionEnforcedLocked(READ_EXTERNAL_STORAGE)) { if (!isPermissionEnforcedLocked(READ_EXTERNAL_STORAGE, enforcedDefault)) { final BasePermission basePerm = mSettings.mPermissions.get( final BasePermission basePerm = mSettings.mPermissions.get( READ_EXTERNAL_STORAGE); READ_EXTERNAL_STORAGE); gids = appendInts(gids, basePerm.gids); gids = appendInts(gids, basePerm.gids); Loading Loading @@ -2054,6 +2055,7 @@ public class PackageManagerService extends IPackageManager.Stub { } } public int checkPermission(String permName, String pkgName) { public int checkPermission(String permName, String pkgName) { final boolean enforcedDefault = isPermissionEnforcedDefault(permName); synchronized (mPackages) { synchronized (mPackages) { PackageParser.Package p = mPackages.get(pkgName); PackageParser.Package p = mPackages.get(pkgName); if (p != null && p.mExtras != null) { if (p != null && p.mExtras != null) { Loading @@ -2066,7 +2068,7 @@ public class PackageManagerService extends IPackageManager.Stub { return PackageManager.PERMISSION_GRANTED; return PackageManager.PERMISSION_GRANTED; } } } } if (!isPermissionEnforcedLocked(permName)) { if (!isPermissionEnforcedLocked(permName, enforcedDefault)) { return PackageManager.PERMISSION_GRANTED; return PackageManager.PERMISSION_GRANTED; } } } } Loading @@ -2074,6 +2076,7 @@ public class PackageManagerService extends IPackageManager.Stub { } } public int checkUidPermission(String permName, int uid) { public int checkUidPermission(String permName, int uid) { final boolean enforcedDefault = isPermissionEnforcedDefault(permName); synchronized (mPackages) { synchronized (mPackages) { Object obj = mSettings.getUserIdLPr(UserHandle.getAppId(uid)); Object obj = mSettings.getUserIdLPr(UserHandle.getAppId(uid)); if (obj != null) { if (obj != null) { Loading @@ -2087,7 +2090,7 @@ public class PackageManagerService extends IPackageManager.Stub { return PackageManager.PERMISSION_GRANTED; return PackageManager.PERMISSION_GRANTED; } } } } if (!isPermissionEnforcedLocked(permName)) { if (!isPermissionEnforcedLocked(permName, enforcedDefault)) { return PackageManager.PERMISSION_GRANTED; return PackageManager.PERMISSION_GRANTED; } } } } Loading Loading @@ -10133,19 +10136,36 @@ public class PackageManagerService extends IPackageManager.Stub { @Override @Override public boolean isPermissionEnforced(String permission) { public boolean isPermissionEnforced(String permission) { final boolean enforcedDefault = isPermissionEnforcedDefault(permission); synchronized (mPackages) { synchronized (mPackages) { return isPermissionEnforcedLocked(permission); return isPermissionEnforcedLocked(permission, enforcedDefault); } } } } private boolean isPermissionEnforcedLocked(String permission) { /** * Check if given permission should be enforced by default. Should always be * called outside of {@link #mPackages} lock. */ private boolean isPermissionEnforcedDefault(String permission) { if (READ_EXTERNAL_STORAGE.equals(permission)) { return Secure.getInt(mContext.getContentResolver(), Secure.READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT, 0) != 0; } else { return true; } } /** * Check if user has requested that given permission be enforced, using * given default if undefined. */ private boolean isPermissionEnforcedLocked(String permission, boolean enforcedDefault) { if (READ_EXTERNAL_STORAGE.equals(permission)) { if (READ_EXTERNAL_STORAGE.equals(permission)) { if (mSettings.mReadExternalStorageEnforced != null) { if (mSettings.mReadExternalStorageEnforced != null) { return mSettings.mReadExternalStorageEnforced; return mSettings.mReadExternalStorageEnforced; } else { } else { // if user hasn't defined, fall back to secure default // User hasn't defined; fall back to secure default return Secure.getInt(mContext.getContentResolver(), return enforcedDefault; Secure.READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT, 0) != 0; } } } else { } else { return true; return true; Loading
