Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d6a6e712 authored by Jeff Sharkey's avatar Jeff Sharkey Committed by Jeff Sharkey
Browse files

DO NOT MERGE. Persistable Uri grants still require permissions. 

When FLAG_GRANT_PERSISTABLE_URI_PERMISSION is requested, we still
need to check permissions between the source and target packages,
instead of shortcutting past them.

The spirit of the original change is remains intact: if the caller
requested FLAG_GRANT_PERSISTABLE_URI_PERMISSION, then we avoid
returning "-1", which would prevent the grant data structure from
being allocated.

Bug: 111934948
Test: atest android.appsecurity.cts.AppSecurityTests
Change-Id: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
Merged-In: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
parent 97229ed3

services/core/java/com/android/server/am/ActivityManagerService.java

+12 −5
Original line number Diff line number Diff line
@@ -9629,10 +9629,17 @@ public class ActivityManagerService extends IActivityManager.Stub 
            }

        }













        // If we're extending a persistable grant, then we always need to create













        // the grant data structure so that take/release APIs work













        // Figure out the value returned when access is allowed













        final int allowedResult;















        if ((modeFlags & Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION) != 0) {













            return targetUid;













            // If we're extending a persistable grant, then we need to return













            // "targetUid" so that we always create a grant data structure to













            // support take/release APIs













            allowedResult = targetUid;













        } else {













            // Otherwise, we can return "-1" to indicate that no grant data













            // structures need to be created













            allowedResult = -1;















        }





























        if (targetUid >= 0) {









@@ -9641,7 +9648,7 @@ public class ActivityManagerService extends IActivityManager.Stub













                // No need to grant the target this permission.















                if (DEBUG_URI_PERMISSION) Slog.v(TAG_URI_PERMISSION,















                        "Target " + targetPkg + " already has full permission to " + grantUri);













                return -1;













                return allowedResult;















            }















        } else {















            // First...  there is no target package, so can anyone access it?










@@ -9676,7 +9683,7 @@ public class ActivityManagerService extends IActivityManager.Stub













                }















            }















            if (allowed) {













                return -1;













                return allowedResult;















            }















        }