Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b00eb645 authored by Patrick Baumann's avatar Patrick Baumann
Browse files

Check permissions only against packagesettings 

Prior to this change there was a chance that an updating app would not
exist in mPackages and cause a permission check for that app to fail.
This change moves all permission checks to use mSettings and the cached
package it contains to do the checks.

Change-Id: I0717bddbb08b1d0dbab3ea79fa0d2067aa858753
Fixes: 76228188
Test: Manual - system starts, permission checks work before / after update
parent 752cd826

core/java/android/content/pm/PackageManagerInternal.java

+5 −0
Original line number Diff line number Diff line
@@ -488,6 +488,11 @@ public abstract class PackageManagerInternal { 
     */

    public abstract @Nullable PackageParser.Package getPackage(@NonNull String packageName);



    /**

     * Returns a {@link com.android.server.pm.PackageSetting} for a given package name.

     */

    public abstract @Nullable Object getPackageSetting(String packageName);



    /**

     * Returns a list without a change observer.

     *

services/core/java/com/android/server/pm/PackageManagerService.java

+9 −3
Original line number Diff line number Diff line
@@ -5304,7 +5304,7 @@ public class PackageManagerService extends IPackageManager.Stub 
        synchronized (mPackages) {

            final String[] packageNames = getPackagesForUid(uid);

            final PackageParser.Package pkg = (packageNames != null && packageNames.length > 0)

                    ? mPackages.get(packageNames[0])

                    ? mSettings.getPackageLPr(packageNames[0]).getPackage()

                    : null;

            return mPermissionManager.checkUidPermission(permName, pkg, uid, getCallingUid());

        }
@@ -8070,7 +8070,6 @@ public class PackageManagerService extends IPackageManager.Stub 
                callingUid = mIsolatedOwners.get(callingUid);

            }

            final PackageSetting ps = mSettings.mPackages.get(packageName);

            PackageParser.Package pkg = mPackages.get(packageName);

            final boolean returnAllowed =

                    ps != null

                    && (isCallerSameApp(packageName, callingUid)
@@ -8141,7 +8140,7 @@ public class PackageManagerService extends IPackageManager.Stub 
    }















    private boolean isCallerSameApp(String packageName, int uid) {













        PackageParser.Package pkg = mPackages.get(packageName);













        PackageParser.Package pkg = mSettings.getPackageLPr(packageName).getPackage();















        return pkg != null















                && UserHandle.getAppId(uid) == pkg.applicationInfo.uid;















    }










@@ -23613,6 +23612,13 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());













            }















        }



























        @Override













        public Object getPackageSetting(String packageName) {













            synchronized (mPackages) {













                return mSettings.getPackageLPr(packageName);













            }













        }



























        @Override















        public PackageList getPackageList(PackageListObserver observer) {















            synchronized (mPackages) {

























services/core/java/com/android/server/pm/permission/PermissionManagerService.java



+3
−4




























Original line number
Diff line number
Diff line








@@ -212,12 +212,11 @@ public class PermissionManagerService {













            return PackageManager.PERMISSION_DENIED;















        }





























        final PackageParser.Package pkg = mPackageManagerInt.getPackage(pkgName);













        if (pkg != null && pkg.mExtras != null) {













            if (mPackageManagerInt.filterAppAccess(pkg, callingUid, userId)) {













        final PackageSetting ps = (PackageSetting) mPackageManagerInt.getPackageSetting(pkgName);













        if (ps != null && ps.getPackage() != null) {













            if (mPackageManagerInt.filterAppAccess(ps.getPackage(), callingUid, userId)) {















                return PackageManager.PERMISSION_DENIED;















            }













            final PackageSetting ps = (PackageSetting) pkg.mExtras;















            final boolean instantApp = ps.getInstantApp(userId);















            final PermissionsState permissionsState = ps.getPermissionsState();















            if (permissionsState.hasPermission(permName, userId)) {