Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit afd1fc3c authored by Svetoslav's avatar Svetoslav
Browse files

Improve permission group handling. 

1. Don't ignore permissions in an unknown group.

2. Ignore permission groups for legacy apps as the meaning
   of a permission group is redefined.

Change-Id: Ifd0e0928cfd8540f3abc39a8834e84c3f18149be
parent 7d43893b

services/core/java/com/android/server/pm/PackageManagerService.java

+74 −66
Original line number Diff line number Diff line
@@ -6645,11 +6645,23 @@ public class PackageManagerService extends IPackageManager.Stub { 
            r = null;

            for (i=0; i<N; i++) {

                PackageParser.Permission p = pkg.permissions.get(i);













                // Now that permission groups have a special meaning, we ignore permission













                // groups for legacy apps to prevent unexpected behavior. In particular,













                // permissions for one app being granted to someone just becuase they happen













                // to be in a group defined by another app (before this had no implications).













                if (pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1) {













                    p.group = mPermissionGroups.get(p.info.group);













                    // Warn for a permission in an unknown group.













                    if (p.info.group != null && p.group == null) {













                        Slog.w(TAG, "Permission " + p.info.name + " from package "













                                + p.info.packageName + " in an unknown group " + p.info.group);













                    }













                }



























                ArrayMap<String, BasePermission> permissionMap =















                        p.tree ? mSettings.mPermissionTrees















                                : mSettings.mPermissions;













                p.group = mPermissionGroups.get(p.info.group);













                if (p.info.group == null || p.group != null) {















                BasePermission bp = permissionMap.get(p.info.name);





























                // Allow system apps to redefine non-system permissions










@@ -6719,12 +6731,8 @@ public class PackageManagerService extends IPackageManager.Stub {













                if (bp.perm == p) {















                    bp.protectionLevel = p.info.protectionLevel;















                }













                } else {













                    Slog.w(TAG, "Permission " + p.info.name + " from package "













                            + p.info.packageName + " ignored: no group "













                            + p.group);













                }















            }



























            if (r != null) {















                if (DEBUG_PACKAGE_SCANNING) Log.d(TAG, "  Permissions: " + r);















            }