Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Fix auto revoke installer whitelist APIs" into rvc-dev am: 511c3aa955 am: d867abc731

Browse Source 
Change-Id: I0bcf01d9509b6a614a4a7291773d613e03eedbf9
This commit is contained in:
Eugene Susla
2020-05-12 19:20:53 +00:00
committed by Automerger Merge Worker
parent 13aea3b028 d867abc731
commit cbb2901ffb
2 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
packages/Shell/AndroidManifest.xml
View File

@@ -291,6 +291,9 @@
<uses-permission android:name="android.permission.ACCESS_TV_TUNER" />
<uses-permission android:name="android.permission.TUNER_RESOURCE_ACCESS" />
<!-- Permissions required for CTS test - AutoRevokeTest -->
<uses-permission android:name="android.permission.WHITELIST_AUTO_REVOKE_PERMISSIONS" />
<application android:label="@string/app_label"
android:theme="@android:style/Theme.DeviceDefault.DayNight"
android:defaultToDeviceProtectedStorage="true"

8
services/core/java/com/android/server/pm/permission/PermissionManagerService.java
View File

@@ -1289,6 +1289,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
final AndroidPackage pkg = mPackageManagerInt.getPackage(packageName);
final int callingUid = Binder.getCallingUid();
final int packageUid = UserHandle.getUid(userId, pkg.getUid());
if (!checkAutoRevokeAccess(pkg, callingUid)) {
return false;
@@ -1296,7 +1297,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
if (mAppOpsManager
.checkOpNoThrow(AppOpsManager.OP_AUTO_REVOKE_MANAGED_BY_INSTALLER,
callingUid, packageName)
packageUid, packageName)
!= MODE_ALLOWED) {
// Whitelist user set - don't override
return false;
@@ -1305,7 +1306,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
final long identity = Binder.clearCallingIdentity();
try {
mAppOpsManager.setMode(AppOpsManager.OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED,
callingUid, packageName,
packageUid, packageName,
whitelisted ? MODE_IGNORED : MODE_ALLOWED);
} finally {
Binder.restoreCallingIdentity(identity);
@@ -1338,6 +1339,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
final AndroidPackage pkg = mPackageManagerInt.getPackage(packageName);
final int callingUid = Binder.getCallingUid();
final int packageUid = UserHandle.getUid(userId, pkg.getUid());
if (!checkAutoRevokeAccess(pkg, callingUid)) {
return false;
@@ -1346,7 +1348,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
final long identity = Binder.clearCallingIdentity();
try {
return mAppOpsManager.checkOpNoThrow(
AppOpsManager.OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED, callingUid, packageName)
AppOpsManager.OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED, packageUid, packageName)
== MODE_IGNORED;
} finally {
Binder.restoreCallingIdentity(identity);