From 3d7a4143d5a2b771a02777354c9a11c981c63c59 Mon Sep 17 00:00:00 2001
From: Neil Fuller <nfuller@google.com>
Date: Wed, 12 Jul 2017 17:18:19 +0100
Subject: [PATCH] Re-enable use of isPrivilegedApp()

Re-enable use of isPrivilegedApp() since it appears to work.

Bug: 35995024
Bug: 31008728
Test: Manual testing
Change-Id: If5a59aeba19320d55b42ff3dd28a654bce27dd35
---
 .../server/timezone/PackageTracker.java       | 40 +++++++++----------
 1 file changed, 18 insertions(+), 22 deletions(-)

diff --git a/services/core/java/com/android/server/timezone/PackageTracker.java b/services/core/java/com/android/server/timezone/PackageTracker.java
index e8dfd779a715f..9b4999667c88d 100644
--- a/services/core/java/com/android/server/timezone/PackageTracker.java
+++ b/services/core/java/com/android/server/timezone/PackageTracker.java
@@ -164,33 +164,29 @@ public class PackageTracker implements IntentHelper.Listener {
         }
 
         // Validate the updater application package.
-        // TODO(nfuller) Uncomment or remove the code below. Currently an app stops being a priv-app
-        // after it is replaced by one in data so this check fails. http://b/35995024
-        // try {
-        //     if (!mPackageManagerHelper.isPrivilegedApp(mUpdateAppPackageName)) {
-        //         throw failWithException(
-        //                 "Update app " + mUpdateAppPackageName + " must be a priv-app.", null);
-        //     }
-        // } catch (PackageManager.NameNotFoundException e) {
-        //     throw failWithException("Could not determine update app package details for "
-        //             + mUpdateAppPackageName, e);
-        // }
+        try {
+            if (!mPackageManagerHelper.isPrivilegedApp(mUpdateAppPackageName)) {
+                throw logAndThrowRuntimeException(
+                        "Update app " + mUpdateAppPackageName + " must be a priv-app.", null);
+            }
+        } catch (PackageManager.NameNotFoundException e) {
+            throw logAndThrowRuntimeException("Could not determine update app package details for "
+                    + mUpdateAppPackageName, e);
+        }
         // TODO(nfuller) Consider permission checks. While an updated system app retains permissions
         // obtained by the system version it's not clear how to check them.
         Slog.d(TAG, "Update app " + mUpdateAppPackageName + " is valid.");
 
         // Validate the data application package.
-        // TODO(nfuller) Uncomment or remove the code below. Currently an app stops being a priv-app
-        // after it is replaced by one in data. http://b/35995024
-        // try {
-        //     if (!mPackageManagerHelper.isPrivilegedApp(mDataAppPackageName)) {
-        //         throw failWithException(
-        //                 "Data app " + mDataAppPackageName + " must be a priv-app.", null);
-        //     }
-        // } catch (PackageManager.NameNotFoundException e) {
-        //     throw failWithException("Could not determine data app package details for "
-        //             + mDataAppPackageName, e);
-        // }
+        try {
+            if (!mPackageManagerHelper.isPrivilegedApp(mDataAppPackageName)) {
+                throw logAndThrowRuntimeException(
+                        "Data app " + mDataAppPackageName + " must be a priv-app.", null);
+            }
+        } catch (PackageManager.NameNotFoundException e) {
+            throw logAndThrowRuntimeException("Could not determine data app package details for "
+                    + mDataAppPackageName, e);
+        }
         // TODO(nfuller) Consider permission checks. While an updated system app retains permissions
         // obtained by the system version it's not clear how to check them.
         Slog.d(TAG, "Data app " + mDataAppPackageName + " is valid.");