Loading services/core/java/com/android/server/pm/PackageManagerService.java +1 −3 Original line number Diff line number Diff line Loading @@ -12494,9 +12494,7 @@ public class PackageManagerService extends IPackageManager.Stub AsyncTask.execute(() -> { if (hasOldPkg) { mPermissionManager.revokeRuntimePermissionsIfGroupChanged(pkg, oldPkg, allPackageNames); mPermissionManager.revokeStoragePermissionsIfScopeExpanded(pkg, oldPkg); mPermissionManager.onPackageUpdated(pkg, oldPkg, allPackageNames); } if (hasPermissionDefinitionChanges) { mPermissionManager.revokeRuntimePermissionsIfPermissionDefinitionChanged( services/core/java/com/android/server/pm/permission/PermissionManagerService.java +48 −12 Original line number Diff line number Diff line Loading @@ -2321,6 +2321,46 @@ public class PermissionManagerService extends IPermissionManager.Stub { } /** * If the package was below api 23, got the SYSTEM_ALERT_WINDOW permission automatically, and * then updated past api 23, and the app does not satisfy any of the other SAW permission flags, * the permission should be revoked. * * @param newPackage The new package that was installed * @param oldPackage The old package that was updated */ private void revokeSystemAlertWindowIfUpgradedPast23( @NonNull AndroidPackage newPackage, @NonNull AndroidPackage oldPackage, @NonNull PermissionCallback permissionCallback) { if (oldPackage.getTargetSdkVersion() >= Build.VERSION_CODES.M || newPackage.getTargetSdkVersion() < Build.VERSION_CODES.M || !newPackage.getRequestedPermissions() .contains(Manifest.permission.SYSTEM_ALERT_WINDOW)) { return; } BasePermission saw; synchronized (mLock) { saw = mSettings.getPermissionLocked(Manifest.permission.SYSTEM_ALERT_WINDOW); } final PackageSetting ps = (PackageSetting) mPackageManagerInt.getPackageSetting(newPackage.getPackageName()); if (grantSignaturePermission(Manifest.permission.SYSTEM_ALERT_WINDOW, newPackage, ps, saw, ps.getPermissionsState())) { return; } for (int userId : mUserManagerInt.getUserIds()) { try { revokePermissionFromPackageForUser(newPackage.getPackageName(), Manifest.permission.SYSTEM_ALERT_WINDOW, false, userId, permissionCallback); } catch (IllegalStateException | SecurityException e) { Log.e(TAG, "unable to revoke SYSTEM_ALERT_WINDOW for " + newPackage.getPackageName() + " user " + userId, e); } } } /** * We might auto-grant permissions if any permission of the group is already granted. Hence if * the group of a granted permission changes we need to revoke it to avoid having permissions of Loading Loading @@ -4789,24 +4829,20 @@ public class PermissionManagerService extends IPermissionManager.Stub { return PermissionManagerService.this.isPermissionsReviewRequired(pkg, userId); } /** * If the app is updated, and has scoped storage permissions, then it is possible that the * app updated in an attempt to get unscoped storage. If so, revoke all storage permissions. * If the app is updated, then some checks need to be performed to ensure the * package is not attempting to expoit permission changes across API boundaries. * @param newPackage The new package that was installed * @param oldPackage The old package that was updated * @param allPackageNames The current packages in the system */ public void revokeStoragePermissionsIfScopeExpanded( @NonNull AndroidPackage newPackage, @NonNull AndroidPackage oldPackage ) { PermissionManagerService.this.revokeStoragePermissionsIfScopeExpanded(newPackage, oldPackage, mDefaultPermissionCallback); } @Override public void revokeRuntimePermissionsIfGroupChanged( public void onPackageUpdated( @NonNull AndroidPackage newPackage, @NonNull AndroidPackage oldPackage, @NonNull ArrayList<String> allPackageNames) { PermissionManagerService.this.revokeStoragePermissionsIfScopeExpanded(newPackage, oldPackage, mDefaultPermissionCallback); PermissionManagerService.this.revokeSystemAlertWindowIfUpgradedPast23(newPackage, oldPackage, mDefaultPermissionCallback); PermissionManagerService.this.revokeRuntimePermissionsIfGroupChanged(newPackage, oldPackage, allPackageNames, mDefaultPermissionCallback); } Loading services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java +8 −21 Original line number Diff line number Diff line Loading @@ -240,15 +240,13 @@ public abstract class PermissionManagerServiceInternal extends PermissionManager @UserIdInt int userId); /** * We might auto-grant permissions if any permission of the group is already granted. Hence if * the group of a granted permission changes we need to revoke it to avoid having permissions of * the new group auto-granted. * * If the app is updated, then some checks need to be performed to ensure the package is not * attempting to expoit permission changes across API boundaries. * @param newPackage The new package that was installed * @param oldPackage The old package that was updated * @param allPackageNames All packages * @param allPackageNames The current packages in the system */ public abstract void revokeRuntimePermissionsIfGroupChanged( public abstract void onPackageUpdated( @NonNull AndroidPackage newPackage, @NonNull AndroidPackage oldPackage, @NonNull ArrayList<String> allPackageNames); Loading @@ -265,17 +263,6 @@ public abstract class PermissionManagerServiceInternal extends PermissionManager @NonNull List<String> permissionsToRevoke, @NonNull ArrayList<String> allPackageNames); /** * If the app is updated, and has scoped storage permissions, then it is possible that the * app updated in an attempt to get unscoped storage. If so, revoke all storage permissions. * @param newPackage The new package that was installed * @param oldPackage The old package that was updated */ public abstract void revokeStoragePermissionsIfScopeExpanded( @NonNull AndroidPackage newPackage, @NonNull AndroidPackage oldPackage ); /** * Add all permissions in the given package. * <p> Loading Loading
services/core/java/com/android/server/pm/PackageManagerService.java +1 −3 Original line number Diff line number Diff line Loading @@ -12494,9 +12494,7 @@ public class PackageManagerService extends IPackageManager.Stub AsyncTask.execute(() -> { if (hasOldPkg) { mPermissionManager.revokeRuntimePermissionsIfGroupChanged(pkg, oldPkg, allPackageNames); mPermissionManager.revokeStoragePermissionsIfScopeExpanded(pkg, oldPkg); mPermissionManager.onPackageUpdated(pkg, oldPkg, allPackageNames); } if (hasPermissionDefinitionChanges) { mPermissionManager.revokeRuntimePermissionsIfPermissionDefinitionChanged(
services/core/java/com/android/server/pm/permission/PermissionManagerService.java +48 −12 Original line number Diff line number Diff line Loading @@ -2321,6 +2321,46 @@ public class PermissionManagerService extends IPermissionManager.Stub { } /** * If the package was below api 23, got the SYSTEM_ALERT_WINDOW permission automatically, and * then updated past api 23, and the app does not satisfy any of the other SAW permission flags, * the permission should be revoked. * * @param newPackage The new package that was installed * @param oldPackage The old package that was updated */ private void revokeSystemAlertWindowIfUpgradedPast23( @NonNull AndroidPackage newPackage, @NonNull AndroidPackage oldPackage, @NonNull PermissionCallback permissionCallback) { if (oldPackage.getTargetSdkVersion() >= Build.VERSION_CODES.M || newPackage.getTargetSdkVersion() < Build.VERSION_CODES.M || !newPackage.getRequestedPermissions() .contains(Manifest.permission.SYSTEM_ALERT_WINDOW)) { return; } BasePermission saw; synchronized (mLock) { saw = mSettings.getPermissionLocked(Manifest.permission.SYSTEM_ALERT_WINDOW); } final PackageSetting ps = (PackageSetting) mPackageManagerInt.getPackageSetting(newPackage.getPackageName()); if (grantSignaturePermission(Manifest.permission.SYSTEM_ALERT_WINDOW, newPackage, ps, saw, ps.getPermissionsState())) { return; } for (int userId : mUserManagerInt.getUserIds()) { try { revokePermissionFromPackageForUser(newPackage.getPackageName(), Manifest.permission.SYSTEM_ALERT_WINDOW, false, userId, permissionCallback); } catch (IllegalStateException | SecurityException e) { Log.e(TAG, "unable to revoke SYSTEM_ALERT_WINDOW for " + newPackage.getPackageName() + " user " + userId, e); } } } /** * We might auto-grant permissions if any permission of the group is already granted. Hence if * the group of a granted permission changes we need to revoke it to avoid having permissions of Loading Loading @@ -4789,24 +4829,20 @@ public class PermissionManagerService extends IPermissionManager.Stub { return PermissionManagerService.this.isPermissionsReviewRequired(pkg, userId); } /** * If the app is updated, and has scoped storage permissions, then it is possible that the * app updated in an attempt to get unscoped storage. If so, revoke all storage permissions. * If the app is updated, then some checks need to be performed to ensure the * package is not attempting to expoit permission changes across API boundaries. * @param newPackage The new package that was installed * @param oldPackage The old package that was updated * @param allPackageNames The current packages in the system */ public void revokeStoragePermissionsIfScopeExpanded( @NonNull AndroidPackage newPackage, @NonNull AndroidPackage oldPackage ) { PermissionManagerService.this.revokeStoragePermissionsIfScopeExpanded(newPackage, oldPackage, mDefaultPermissionCallback); } @Override public void revokeRuntimePermissionsIfGroupChanged( public void onPackageUpdated( @NonNull AndroidPackage newPackage, @NonNull AndroidPackage oldPackage, @NonNull ArrayList<String> allPackageNames) { PermissionManagerService.this.revokeStoragePermissionsIfScopeExpanded(newPackage, oldPackage, mDefaultPermissionCallback); PermissionManagerService.this.revokeSystemAlertWindowIfUpgradedPast23(newPackage, oldPackage, mDefaultPermissionCallback); PermissionManagerService.this.revokeRuntimePermissionsIfGroupChanged(newPackage, oldPackage, allPackageNames, mDefaultPermissionCallback); } Loading
services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java +8 −21 Original line number Diff line number Diff line Loading @@ -240,15 +240,13 @@ public abstract class PermissionManagerServiceInternal extends PermissionManager @UserIdInt int userId); /** * We might auto-grant permissions if any permission of the group is already granted. Hence if * the group of a granted permission changes we need to revoke it to avoid having permissions of * the new group auto-granted. * * If the app is updated, then some checks need to be performed to ensure the package is not * attempting to expoit permission changes across API boundaries. * @param newPackage The new package that was installed * @param oldPackage The old package that was updated * @param allPackageNames All packages * @param allPackageNames The current packages in the system */ public abstract void revokeRuntimePermissionsIfGroupChanged( public abstract void onPackageUpdated( @NonNull AndroidPackage newPackage, @NonNull AndroidPackage oldPackage, @NonNull ArrayList<String> allPackageNames); Loading @@ -265,17 +263,6 @@ public abstract class PermissionManagerServiceInternal extends PermissionManager @NonNull List<String> permissionsToRevoke, @NonNull ArrayList<String> allPackageNames); /** * If the app is updated, and has scoped storage permissions, then it is possible that the * app updated in an attempt to get unscoped storage. If so, revoke all storage permissions. * @param newPackage The new package that was installed * @param oldPackage The old package that was updated */ public abstract void revokeStoragePermissionsIfScopeExpanded( @NonNull AndroidPackage newPackage, @NonNull AndroidPackage oldPackage ); /** * Add all permissions in the given package. * <p> Loading
