Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ac2b5fb8 authored by Chad Brubaker's avatar Chad Brubaker
Browse files

Handle install time ephemeral permissions 

Normal install time permissions can still be denied to apps that are
running as Instant Apps, properly report such permissions as not
granted.

This fix isn't the perfect fix where PermissionState handles install
time permissions and Instant Apps but that fix is more invasive and
involves a lot of code change.

Bug: 37871983
Test: cts-tradefed run commandAndExit cts-dev -m
CtsAppSecurityHostTestCases -t
android.appsecurity.cts.EphemeralTest#testInstallPermissionNotGranted

Change-Id: Ie47fb92953bc5f2ff3a58a6420b1cb524cf1ed9e
parent 69457095

services/core/java/com/android/server/pm/PackageManagerService.java

+18 −2
Original line number Diff line number Diff line
@@ -4804,10 +4804,18 @@ public class PackageManagerService extends IPackageManager.Stub 
                if (filterAppAccessLPr(ps, callingUid, userId)) {

                    return PackageManager.PERMISSION_DENIED;

                }

                final boolean instantApp = ps.getInstantApp(userId);

                final PermissionsState permissionsState = ps.getPermissionsState();

                if (permissionsState.hasPermission(permName, userId)) {

                    if (instantApp) {

                        BasePermission bp = mSettings.mPermissions.get(permName);

                        if (bp != null && bp.isInstant()) {

                            return PackageManager.PERMISSION_GRANTED;

                        }

                    } else {

                        return PackageManager.PERMISSION_GRANTED;

                    }

                }

                // Special case: ACCESS_FINE_LOCATION permission includes ACCESS_COARSE_LOCATION

                if (Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName) && permissionsState

                        .hasPermission(Manifest.permission.ACCESS_FINE_LOCATION, userId)) {
@@ -4824,6 +4832,7 @@ public class PackageManagerService extends IPackageManager.Stub 
        final int callingUid = Binder.getCallingUid();

        final int callingUserId = UserHandle.getUserId(callingUid);

        final boolean isCallerInstantApp = getInstantAppPackageName(callingUid) != null;

        final boolean isUidInstantApp = getInstantAppPackageName(uid) != null;

        final int userId = UserHandle.getUserId(uid);

        if (!sUserManager.exists(userId)) {

            return PackageManager.PERMISSION_DENIED;
@@ -4845,8 +4854,15 @@ public class PackageManagerService extends IPackageManager.Stub 
                final SettingBase settingBase = (SettingBase) obj;

                final PermissionsState permissionsState = settingBase.getPermissionsState();

                if (permissionsState.hasPermission(permName, userId)) {

                    if (isUidInstantApp) {

                        BasePermission bp = mSettings.mPermissions.get(permName);

                        if (bp != null && bp.isInstant()) {

                            return PackageManager.PERMISSION_GRANTED;

                        }

                    } else {

                        return PackageManager.PERMISSION_GRANTED;

                    }

                }

                // Special case: ACCESS_FINE_LOCATION permission includes ACCESS_COARSE_LOCATION

                if (Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName) && permissionsState

                        .hasPermission(Manifest.permission.ACCESS_FINE_LOCATION, userId)) {