Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 61b3937d authored by Nate Myren's avatar Nate Myren
Browse files

Ensure only runtime permissions marked user sensitive 

Ensure that only runtime permissions are marked as user sensitive

Test: Manual
Fixes: 152784093
Change-Id: Ie72575342b8bbdb4967386bde49fca1f51741371
parent def1ca31

src/com/android/permissioncontroller/permission/data/UserSensitivityLiveData.kt

+15 −1
Original line number Diff line number Diff line
@@ -101,6 +101,8 @@ class UserSensitivityLiveData private constructor( 
        // map of <uid, userSensitiveState>

        val sensitiveStatePerUid = mutableMapOf<Int, UidSensitivityState>()



        val runtimePerms = getAllRuntimePermNames()



        for (pkg in pkgs) {

            // sensitivityState for one uid

            val userSensitiveState = sensitiveStatePerUid.getOrPut(pkg.uid) {
@@ -110,7 +112,8 @@ class UserSensitivityLiveData private constructor( 


            val pkgHasLauncherIcon = pkgsWithLauncherIcon.contains(pkg.packageName)

            val pkgIsSystemApp = pkg.appFlags and ApplicationInfo.FLAG_SYSTEM != 0

            for (perm in pkg.requestedPermissions) {

            // Iterate through all runtime perms, setting their keys

            for (perm in pkg.requestedPermissions.intersect(runtimePerms)) {

                /*

                 * Permissions are considered user sensitive for a package, when

                 * - the package has a launcher icon, or
@@ -156,6 +159,17 @@ class UserSensitivityLiveData private constructor( 
        postValue(sensitiveStatePerUid)

    }



    private suspend fun getAllRuntimePermNames(): Set<String> {

        val permNames = mutableSetOf<String>()

        val allGroups = Utils.getPlatformPermissionGroups()

        allGroups.addAll(CustomPermGroupNamesLiveData.getInitializedValue())

        for (groupName in allGroups) {

            val permGroup = PermGroupLiveData[groupName].getInitializedValue() ?: continue

            permNames.addAll(permGroup.permissionInfos.keys)

        }

        return permNames

    }



    private fun getAndObservePackageLiveDatas() {

        val packageNames = app.packageManager.getPackagesForUid(uid)?.toList() ?: emptyList()

        val (toAdd, toRemove) = KotlinUtils.getMapAndListDifferences(packageNames, packageLiveDatas)

src/com/android/permissioncontroller/permission/utils/UserSensitiveFlagsUtils.kt

+1 −1
Original line number Diff line number Diff line
@@ -69,7 +69,7 @@ private suspend fun updateUserSensitiveForUidsInternal( 
        jobs.add(GlobalScope.launch(IO) {

            for (pkg in uidState.packages) {

                for (perm in pkg.requestedPermissions) {

                    val flags = uidState.permStates[perm] ?: 0

                    val flags = uidState.permStates[perm] ?: continue



                    try {

                        pm.updatePermissionFlags(perm, pkg.packageName, FLAGS_ALWAYS_USER_SENSITIVE,