Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d9041331 authored by Hai Zhang's avatar Hai Zhang
Browse files

Fix apps losing storage permission on every boot. 

The storage permission revocation should only happen when we actually
have the APK information available from the old state.

Fixes: 286136403
Test: manual
Change-Id: If57b8424fe86440df33f293d972bd4bd0da82020
parent beab714a

services/permission/java/com/android/server/permission/access/permission/AppIdPermissionPolicy.kt

+24 −9
Original line number Diff line number Diff line
@@ -621,6 +621,15 @@ class AppIdPermissionPolicy : SchemePolicy() { 
    }



    private fun MutateStateScope.revokePermissionsOnPackageUpdate(appId: Int) {

        val hasOldPackage = appId in oldState.externalState.appIdPackageNames &&

            anyPackageInAppId(appId, oldState) { true }

        if (!hasOldPackage) {

            // Don't revoke anything if this isn't a package update, i.e. if information about the

            // old package isn't available. Notably, this also means skipping packages changed via

            // OTA, but the revocation here is also mostly for normal apps and there's no way to get

            // information about the package before OTA anyway.

            return

        }

        // If the app is updated, and has scoped storage permissions, then it is possible that the

        // app updated in an attempt to get unscoped storage. If so, revoke all storage permissions.

        newState.userStates.forEachIndexed { _, userId, userState ->
@@ -1111,9 +1120,8 @@ class AppIdPermissionPolicy : SchemePolicy() { 
        return targetSdkVersion

    }



    private inline fun MutateStateScope.anyRequestingPackageInAppId(

    private inline fun MutateStateScope.anyPackageInAppId(

        appId: Int,

        permissionName: String,

        state: AccessState = newState,

        predicate: (PackageState) -> Boolean

    ): Boolean {
@@ -1121,11 +1129,21 @@ class AppIdPermissionPolicy : SchemePolicy() { 
        return packageNames.anyIndexed { _, packageName ->

            val packageState = state.externalState.packageStates[packageName]!!

            val androidPackage = packageState.androidPackage

            androidPackage != null && permissionName in androidPackage.requestedPermissions &&

                predicate(packageState)

            androidPackage != null && predicate(packageState)

        }

    }



    private inline fun MutateStateScope.anyRequestingPackageInAppId(

        appId: Int,

        permissionName: String,

        state: AccessState = newState,

        predicate: (PackageState) -> Boolean

    ): Boolean =

        anyPackageInAppId(appId, state) { packageState ->

            permissionName in packageState.androidPackage!!.requestedPermissions &&

                predicate(packageState)

        }



    private inline fun MutateStateScope.forEachPackageInAppId(

        appId: Int,

        state: AccessState = newState,
@@ -1146,11 +1164,8 @@ class AppIdPermissionPolicy : SchemePolicy() { 
        state: AccessState = newState,

        action: (PackageState) -> Unit

    ) {

        val packageNames = state.externalState.appIdPackageNames[appId]!!

        packageNames.forEachIndexed { _, packageName ->

            val packageState = state.externalState.packageStates[packageName]!!

            val androidPackage = packageState.androidPackage

            if (androidPackage != null && permissionName in androidPackage.requestedPermissions) {

        forEachPackageInAppId(appId, state) { packageState ->

            if (permissionName in packageState.androidPackage!!.requestedPermissions) {

                action(packageState)

            }

        }