Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3a701f90 authored by Jeff Sharkey's avatar Jeff Sharkey Committed by android-build-team Robot
Browse files

DO NOT MERGE. Persistable Uri grants still require permissions. 

When FLAG_GRANT_PERSISTABLE_URI_PERMISSION is requested, we still
need to check permissions between the source and target packages,
instead of shortcutting past them.

The spirit of the original change is remains intact: if the caller
requested FLAG_GRANT_PERSISTABLE_URI_PERMISSION, then we avoid
returning "-1", which would prevent the grant data structure from
being allocated.

Bug: 111934948
Test: atest android.appsecurity.cts.AppSecurityTests
Change-Id: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
Merged-In: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
(cherry picked from commit d6a6e712)
parent 48a49c74

services/core/java/com/android/server/am/ActivityManagerService.java

+12 −5
Original line number Diff line number Diff line
@@ -9626,10 +9626,17 @@ public class ActivityManagerService extends IActivityManager.Stub 
            }

        }













        // If we're extending a persistable grant, then we always need to create













        // the grant data structure so that take/release APIs work













        // Figure out the value returned when access is allowed













        final int allowedResult;















        if ((modeFlags & Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION) != 0) {













            return targetUid;













            // If we're extending a persistable grant, then we need to return













            // "targetUid" so that we always create a grant data structure to













            // support take/release APIs













            allowedResult = targetUid;













        } else {













            // Otherwise, we can return "-1" to indicate that no grant data













            // structures need to be created













            allowedResult = -1;















        }





























        if (targetUid >= 0) {









@@ -9638,7 +9645,7 @@ public class ActivityManagerService extends IActivityManager.Stub













                // No need to grant the target this permission.















                if (DEBUG_URI_PERMISSION) Slog.v(TAG_URI_PERMISSION,















                        "Target " + targetPkg + " already has full permission to " + grantUri);













                return -1;













                return allowedResult;















            }















        } else {















            // First...  there is no target package, so can anyone access it?










@@ -9673,7 +9680,7 @@ public class ActivityManagerService extends IActivityManager.Stub













                }















            }















            if (allowed) {













                return -1;













                return allowedResult;















            }















        }