Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

am abc4a1ac: am c10d90bc: am 201cc84d: am 3bbec99f: am e6c4fb00: Merge "Only revoke ownerless grants when unprivileged." into lmp-dev

Browse Source 
* commit 'abc4a1aca54e38686de917f238ee7f23cf808d85':
  Only revoke ownerless grants when unprivileged.
This commit is contained in:
Jeff Sharkey
2014-09-19 17:33:41 +00:00
committed by Android Git Automerger
parent 110dfc4491 66434643d5
commit 7fdb4cd377
2 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
services/core/java/com/android/server/am/ActivityManagerService.java
View File

@@ -7528,8 +7528,8 @@ public final class ActivityManagerService extends ActivityManagerNative
// Does the caller have this permission on the URI?
if (!checkHoldingPermissionsLocked(pm, pi, grantUri, callingUid, modeFlags)) {
// Have they don't have direct access to the URI, then revoke any URI
// permissions that have been granted to them.
// If they don't have direct access to the URI, then revoke any
// ownerless URI permissions that have been granted to them.
final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.get(callingUid);
if (perms != null) {
boolean persistChanged = false;
@@ -7538,10 +7538,10 @@ public final class ActivityManagerService extends ActivityManagerNative
if (perm.uri.sourceUserId == grantUri.sourceUserId
&& perm.uri.uri.isPathPrefixMatch(grantUri.uri)) {
if (DEBUG_URI_PERMISSION)
Slog.v(TAG,
"Revoking " + perm.targetUid + " permission to " + perm.uri);
Slog.v(TAG, "Revoking non-owned " + perm.targetUid +
" permission to " + perm.uri);
persistChanged |= perm.revokeModes(
modeFlags | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION);
modeFlags | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION, false);
if (perm.modeFlags == 0) {
it.remove();
}
@@ -7573,7 +7573,7 @@ public final class ActivityManagerService extends ActivityManagerNative
Slog.v(TAG,
"Revoking " + perm.targetUid + " permission to " + perm.uri);
persistChanged |= perm.revokeModes(
modeFlags | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION);
modeFlags | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION, true);
if (perm.modeFlags == 0) {
it.remove();
}
@@ -7661,8 +7661,8 @@ public final class ActivityManagerService extends ActivityManagerNative
// Only inspect grants matching package
if (packageName == null || perm.sourcePkg.equals(packageName)
|| perm.targetPkg.equals(packageName)) {
persistChanged |= perm.revokeModes(
persistable ? ~0 : ~Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION);
persistChanged |= perm.revokeModes(persistable
? ~0 : ~Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION, true);
// Only remove when no modes remain; any persisted grants
// will keep this alive.

6
services/core/java/com/android/server/am/UriPermission.java
View File

@@ -180,7 +180,7 @@ final class UriPermission {
/**
* @return if mode changes should trigger persisting.
*/
boolean revokeModes(int modeFlags) {
boolean revokeModes(int modeFlags, boolean includingOwners) {
final boolean persistable = (modeFlags & Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION) != 0;
modeFlags &= (Intent.FLAG_GRANT_READ_URI_PERMISSION
| Intent.FLAG_GRANT_WRITE_URI_PERMISSION);
@@ -193,7 +193,7 @@ final class UriPermission {
persistedModeFlags &= ~Intent.FLAG_GRANT_READ_URI_PERMISSION;
}
globalModeFlags &= ~Intent.FLAG_GRANT_READ_URI_PERMISSION;
if (mReadOwners != null) {
if (mReadOwners != null && includingOwners) {
ownedModeFlags &= ~Intent.FLAG_GRANT_READ_URI_PERMISSION;
for (UriPermissionOwner r : mReadOwners) {
r.removeReadPermission(this);
@@ -207,7 +207,7 @@ final class UriPermission {
persistedModeFlags &= ~Intent.FLAG_GRANT_WRITE_URI_PERMISSION;
}
globalModeFlags &= ~Intent.FLAG_GRANT_WRITE_URI_PERMISSION;
if (mWriteOwners != null) {
if (mWriteOwners != null && includingOwners) {
ownedModeFlags &= ~Intent.FLAG_GRANT_WRITE_URI_PERMISSION;
for (UriPermissionOwner r : mWriteOwners) {
r.removeWritePermission(this);