Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 78027f3b authored by Svet Ganov's avatar Svet Ganov
Browse files

Properly handle system app permissions. 

System apps targeting SDK grater than Lollipop MR1 get runtime
permissions and when a new user is added we update the permissions
for all packages to ensure that the new user gets the runtime
permissions.

Change-Id: Ic7dc5b5a94b034e00d715a60b12f613803524c3b
parent 94615e49

services/core/java/com/android/server/pm/PackageManagerService.java

+8 −3
Original line number Diff line number Diff line
@@ -339,7 +339,7 @@ public class PackageManagerService extends IPackageManager.Stub { 
    /** Permission grant: grant the permission as an install permission. */

    private static final int GRANT_INSTALL = 2;













    /** Permission grant: grant the permission as a runtime permission. */













    /** Permission grant: grant the permission as a runtime one. */















    private static final int GRANT_RUNTIME = 3;





























    /** Permission grant: grant as runtime a permission that was granted as an install time one. */










@@ -7022,8 +7022,8 @@ public class PackageManagerService extends IPackageManager.Stub {













                        // For legacy apps dangerous permissions are install time ones.















                        grant = GRANT_INSTALL;















                    } else if ((pkg.applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) != 0) {













                        // For modern system apps dangerous permissions are install time ones.













                        grant = GRANT_INSTALL;













                        // For modern system apps dangerous permissions are runtime ones.













                        grant = GRANT_UPGRADE;















                    } else {















                        if (origPermissions.hasInstallPermission(bp.name)) {















                            // For legacy apps that became modern, install becomes runtime.










@@ -13358,6 +13358,11 @@ public class PackageManagerService extends IPackageManager.Stub {













        }















    }



























    void newUserCreatedLILPw(int userHandle) {













        // Adding a user requires updating runtime permissions for system apps.













        updatePermissionsLPw(null, null, UPDATE_PERMISSIONS_ALL);













    }



























    @Override















    public VerifierDeviceIdentity getVerifierDeviceIdentity() throws RemoteException {















        mContext.enforceCallingOrSelfPermission(

























services/core/java/com/android/server/pm/UserManagerService.java



+1
−0




























Original line number
Diff line number
Diff line








@@ -1219,6 +1219,7 @@ public class UserManagerService extends IUserManager.Stub {













                    updateUserIdsLocked();















                    Bundle restrictions = new Bundle();















                    mUserRestrictions.append(userId, restrictions);













                    mPm.newUserCreatedLILPw(userId);















                }















            }















            if (userInfo != null) {