Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dd6911cd authored by Philip P. Moltmann's avatar Philip P. Moltmann
Browse files

Revoke permission on non-runtime -> runtime upgrade 

Not only on normal -> runtime.

Test: cts-tradefed run cts-dev -m CtsAppSecurityHostTestCases --test android.appsecurity.cts.PermissionsHostTest#testNoPermissionEscalationAfterReboot
Bug: 154505240, 168319670
Change-Id: If3b420067b4d7111dcf67ae6f98e42176158b679
Merged-In: If3b420067b4d7111dcf67ae6f98e42176158b679
parent 3dfb5446

services/core/java/com/android/server/pm/PackageManagerService.java

+2 −2
Original line number Diff line number Diff line
@@ -11612,7 +11612,7 @@ public class PackageManagerService extends IPackageManager.Stub 
                    permissionMap.put(p.info.name, bp);

                }













                boolean wasNormal = bp.type == BasePermission.TYPE_NORMAL;













                boolean wasNonRuntime = !bp.isRuntime();















                if (bp.perm == null) {















                    if (bp.sourcePackage == null















                            || bp.sourcePackage.equals(p.info.packageName)) {










@@ -11656,7 +11656,7 @@ public class PackageManagerService extends IPackageManager.Stub













                    bp.protectionLevel = p.info.protectionLevel;















                }



























                if (bp.isRuntime() && (ownerChanged || wasNormal)) {













                if (bp.isRuntime() && (ownerChanged || wasNonRuntime)) {















                    // If this is a runtime permission and the owner has changed, or this was a normal















                    // permission, then permission state should be cleaned up















                    bp.setPermissionDefinitionChanged(true);