Commit 05dc947c authored by akirilov's avatar akirilov

RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions.

Bug: 111752150
Test: Manual local test
Change-Id: I0b48a20525f87fc6f5ab8d7e70aa7d11cd747f97
parent 5b78b001
......@@ -276,6 +276,7 @@ import com.android.server.Watchdog;
import com.android.server.net.NetworkPolicyManagerInternal;
import com.android.server.pm.Installer.InstallerException;
import com.android.server.pm.PermissionsState.PermissionState;
import com.android.server.pm.PackageSetting;
import com.android.server.pm.Settings.DatabaseVersion;
import com.android.server.pm.Settings.VersionInfo;
import com.android.server.pm.dex.DexManager;
......@@ -5355,8 +5356,10 @@ public class PackageManagerService extends IPackageManager.Stub
private static void enforceDeclaredAsUsedAndRuntimeOrDevelopmentPermission(
PackageParser.Package pkg, BasePermission bp) {
final PackageSetting pkgSetting = (PackageSetting) pkg.mExtras;
final PermissionsState permsState = pkgSetting.getPermissionsState();
int index = pkg.requestedPermissions.indexOf(bp.name);
if (index == -1) {
if (!permsState.hasRequestedPermission(bp.name) && index == -1) {
throw new SecurityException("Package " + pkg.packageName
+ " has not requested permission " + bp.name);
}
......@@ -290,6 +290,14 @@ public final class PermissionsState {
return false;
}
/**
* Returns whether the state has any known request for the given permission name,
* whether or not it has been granted.
*/
public boolean hasRequestedPermission(String name) {
return mPermissions != null && (mPermissions.get(name) != null);
}
/**
* Gets all permissions for a given device user id regardless if they
* are install time or runtime permissions.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment