Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 553fc429 authored by Hai Zhang's avatar Hai Zhang
Browse files

Fix all runtime permissions being considered changing protection from 

non-runtime on first boot.

1. Don't check against a newly created permission object, as it will
always have signature protection and be considered non-runtime.

2. "Placeholder" permissions of TYPE_CONFIG shouldn't count as an
existing permission, as they are only used for assigning GIDs.

Bug: 183304624
Test: manual
Test: atest PermissionEscalationTest (from ag/12980961)
Change-Id: I39055a914a8575c754a3a4def2b2a31071605986
parent a95de94f

services/core/java/com/android/server/pm/permission/Permission.java

+2 −1
Original line number Diff line number Diff line
@@ -435,11 +435,12 @@ public final class Permission { 
                }

            }

        }

        boolean wasNonRuntime = permission != null && permission.mType != TYPE_CONFIG

                && !permission.isRuntime();

        if (permission == null) {

            permission = new Permission(permissionInfo.name, permissionInfo.packageName,

                    TYPE_MANIFEST);

        }

        boolean wasNonRuntime = !permission.isRuntime();

        StringBuilder r = null;

        if (!permission.mReconciled) {

            if (permission.mPermissionInfo.packageName == null