Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 764e41b0 authored by Philip P. Moltmann's avatar Philip P. Moltmann
Browse files

Revoke permission on non-runtime -> runtime upgrade 

Not only on normal -> runtime.

Test: atest PermissionEscalationTest
Bug: 154505240, 168319670
Change-Id: If3b420067b4d7111dcf67ae6f98e42176158b679
parent 14310884

services/core/java/com/android/server/pm/permission/Permission.java

+3 −3
Original line number Diff line number Diff line
@@ -425,7 +425,7 @@ public final class Permission { 
            permission = new Permission(permissionInfo.name, permissionInfo.packageName,

                    TYPE_MANIFEST);

        }

        boolean wasNormal = permission.isNormal();

        boolean wasNonRuntime = !permission.isRuntime();

        StringBuilder r = null;

        if (!permission.mReconciled) {

            if (permission.mPermissionInfo.packageName == null
@@ -465,8 +465,8 @@ public final class Permission { 
            r.append("DUP:");

            r.append(permissionInfo.name);

        }

        if (permission.isRuntime() && (ownerChanged || wasNormal)) {

            // If this is a runtime permission and the owner has changed, or this was a normal

        if (permission.isRuntime() && (ownerChanged || wasNonRuntime)) {

            // If this is a runtime permission and the owner has changed, or this wasn't a runtime

            // permission, then permission state should be cleaned up

            permission.mDefinitionChanged = true;

        }