Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

am 5a370882: Merge "Check READ_EXTERNAL enforcement outside of lock." into jb-mr1-dev

Browse Source 
* commit '5a370882f87321629f98f6149ac946a57e25dfa8':
  Check READ_EXTERNAL enforcement outside of lock.
This commit is contained in:
Jeff Sharkey
2012-09-24 09:28:25 -07:00
committed by Android Git Automerger
parent 8bc3cfa367 5a370882f8
commit 27bb709abe
1 changed files with 28 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
services/java/com/android/server/pm/PackageManagerService.java
View File

@@ -1715,6 +1715,7 @@ public class PackageManagerService extends IPackageManager.Stub {
}
public int[] getPackageGids(String packageName) {
final boolean enforcedDefault = isPermissionEnforcedDefault(READ_EXTERNAL_STORAGE);
// reader
synchronized (mPackages) {
PackageParser.Package p = mPackages.get(packageName);
@@ -1726,7 +1727,7 @@ public class PackageManagerService extends IPackageManager.Stub {
int[] gids = suid != null ? suid.gids : ps.gids;
// include GIDs for any unenforced permissions
if (!isPermissionEnforcedLocked(READ_EXTERNAL_STORAGE)) {
if (!isPermissionEnforcedLocked(READ_EXTERNAL_STORAGE, enforcedDefault)) {
final BasePermission basePerm = mSettings.mPermissions.get(
READ_EXTERNAL_STORAGE);
gids = appendInts(gids, basePerm.gids);
@@ -2054,6 +2055,7 @@ public class PackageManagerService extends IPackageManager.Stub {
}
public int checkPermission(String permName, String pkgName) {
final boolean enforcedDefault = isPermissionEnforcedDefault(permName);
synchronized (mPackages) {
PackageParser.Package p = mPackages.get(pkgName);
if (p != null && p.mExtras != null) {
@@ -2066,7 +2068,7 @@ public class PackageManagerService extends IPackageManager.Stub {
return PackageManager.PERMISSION_GRANTED;
}
}
if (!isPermissionEnforcedLocked(permName)) {
if (!isPermissionEnforcedLocked(permName, enforcedDefault)) {
return PackageManager.PERMISSION_GRANTED;
}
}
@@ -2074,6 +2076,7 @@ public class PackageManagerService extends IPackageManager.Stub {
}
public int checkUidPermission(String permName, int uid) {
final boolean enforcedDefault = isPermissionEnforcedDefault(permName);
synchronized (mPackages) {
Object obj = mSettings.getUserIdLPr(UserHandle.getAppId(uid));
if (obj != null) {
@@ -2087,7 +2090,7 @@ public class PackageManagerService extends IPackageManager.Stub {
return PackageManager.PERMISSION_GRANTED;
}
}
if (!isPermissionEnforcedLocked(permName)) {
if (!isPermissionEnforcedLocked(permName, enforcedDefault)) {
return PackageManager.PERMISSION_GRANTED;
}
}
@@ -10133,19 +10136,36 @@ public class PackageManagerService extends IPackageManager.Stub {
@Override
public boolean isPermissionEnforced(String permission) {
final boolean enforcedDefault = isPermissionEnforcedDefault(permission);
synchronized (mPackages) {
return isPermissionEnforcedLocked(permission);
return isPermissionEnforcedLocked(permission, enforcedDefault);
}
}
private boolean isPermissionEnforcedLocked(String permission) {
/**
* Check if given permission should be enforced by default. Should always be
* called outside of {@link #mPackages} lock.
*/
private boolean isPermissionEnforcedDefault(String permission) {
if (READ_EXTERNAL_STORAGE.equals(permission)) {
return Secure.getInt(mContext.getContentResolver(),
Secure.READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT, 0) != 0;
} else {
return true;
}
}
/**
* Check if user has requested that given permission be enforced, using
* given default if undefined.
*/
private boolean isPermissionEnforcedLocked(String permission, boolean enforcedDefault) {
if (READ_EXTERNAL_STORAGE.equals(permission)) {
if (mSettings.mReadExternalStorageEnforced != null) {
return mSettings.mReadExternalStorageEnforced;
} else {
// if user hasn't defined, fall back to secure default
return Secure.getInt(mContext.getContentResolver(),
Secure.READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT, 0) != 0;
// User hasn't defined; fall back to secure default
return enforcedDefault;
}
} else {
return true;