DO NOT MERGE. Persistable Uri grants still require permissions.

When FLAG_GRANT_PERSISTABLE_URI_PERMISSION is requested, we still need to check permissions between the source and target packages, instead of shortcutting past them. The spirit of the original change is remains intact: if the caller requested FLAG_GRANT_PERSISTABLE_URI_PERMISSION, then we avoid returning "-1", which would prevent the grant data structure from being allocated. Bug: 111934948 Test: atest android.appsecurity.cts.AppSecurityTests Change-Id: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030 Merged-In: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
2018-08-07 15:02:17 -06:00
parent 515700b4fe
commit 05519b7e3d
1 changed files with 12 additions and 5 deletions
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -8666,10 +8666,17 @@ public class ActivityManagerService extends IActivityManager.Stub
            }
        }

-        // If we're extending a persistable grant, then we always need to create
-        // the grant data structure so that take/release APIs work
+        // Figure out the value returned when access is allowed
+        final int allowedResult;
        if ((modeFlags & Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION) != 0) {
-            return targetUid;
+            // If we're extending a persistable grant, then we need to return
+            // "targetUid" so that we always create a grant data structure to
+            // support take/release APIs
+            allowedResult = targetUid;
+        } else {
+            // Otherwise, we can return "-1" to indicate that no grant data
+            // structures need to be created
+            allowedResult = -1;
        }

        if (targetUid >= 0) {
@@ -8678,7 +8685,7 @@ public class ActivityManagerService extends IActivityManager.Stub
                // No need to grant the target this permission.
                if (DEBUG_URI_PERMISSION) Slog.v(TAG_URI_PERMISSION,
                        "Target " + targetPkg + " already has full permission to " + grantUri);
-                return -1;
+                return allowedResult;
            }
        } else {
            // First...  there is no target package, so can anyone access it?
@@ -8694,7 +8701,7 @@ public class ActivityManagerService extends IActivityManager.Stub
                }
            }
            if (allowed) {
-                return -1;
+                return allowedResult;
            }
        }