Preserve flags for non-runtime permissions upon package update.
PermissionManagerServiceImpl.restorePermissionState() creates a new
UID permission state for non-shared-UID packages that have been
updated (i.e. replaced), however the existing logic for non-runtime
permission never carried over the flags from the old state. This
wasn't an issue for much older platforms because permission flags
weren't used for non-runtime permissions, however since we are
starting to use them for role protected permissions (ROLE_GRANTED) and
app op permissions (USER_SET), we do need to preserver the permission
flags.
This change merges the logic for granting and revoking a non-runtime
permission in restorePermissionState() into a single if branch, and
appends the logic to copy the flag from the old state in that branch.
Bug: 283006437
Test: PermissionFlagsTest#nonRuntimePermissionFlagsPreservedAfterReinstall
Change-Id: Iea3c66710e7d28c6fc730b1939da64f1172b08db
Merged-In: Iea3c66710e7d28c6fc730b1939da64f1172b08db
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
index b559a96..5eff14f 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
@@ -2783,29 +2783,55 @@
+ pkg.getPackageName());
}
- if ((bp.isNormal() && shouldGrantNormalPermission)
- || (bp.isSignature()
- && (!bp.isPrivileged() || CollectionUtils.contains(
- isPrivilegedPermissionAllowlisted, permName))
- && (CollectionUtils.contains(shouldGrantSignaturePermission,
- permName)
- || (((bp.isPrivileged() && CollectionUtils.contains(
- shouldGrantPrivilegedPermissionIfWasGranted,
- permName)) || bp.isDevelopment() || bp.isRole())
- && origState.isPermissionGranted(permName))))
- || (bp.isInternal()
- && (!bp.isPrivileged() || CollectionUtils.contains(
- isPrivilegedPermissionAllowlisted, permName))
- && (CollectionUtils.contains(shouldGrantInternalPermission,
- permName)
- || (((bp.isPrivileged() && CollectionUtils.contains(
- shouldGrantPrivilegedPermissionIfWasGranted,
- permName)) || bp.isDevelopment() || bp.isRole())
- && origState.isPermissionGranted(permName))))) {
- // Grant an install permission.
- if (uidState.grantPermission(bp)) {
- changedInstallPermission = true;
+ if (bp.isNormal() || bp.isSignature() || bp.isInternal()) {
+ if ((bp.isNormal() && shouldGrantNormalPermission)
+ || (bp.isSignature()
+ && (!bp.isPrivileged() || CollectionUtils.contains(
+ isPrivilegedPermissionAllowlisted, permName))
+ && (CollectionUtils.contains(shouldGrantSignaturePermission,
+ permName)
+ || (((bp.isPrivileged() && CollectionUtils.contains(
+ shouldGrantPrivilegedPermissionIfWasGranted,
+ permName)) || bp.isDevelopment()
+ || bp.isRole())
+ && origState.isPermissionGranted(
+ permName))))
+ || (bp.isInternal()
+ && (!bp.isPrivileged() || CollectionUtils.contains(
+ isPrivilegedPermissionAllowlisted, permName))
+ && (CollectionUtils.contains(shouldGrantInternalPermission,
+ permName)
+ || (((bp.isPrivileged() && CollectionUtils.contains(
+ shouldGrantPrivilegedPermissionIfWasGranted,
+ permName)) || bp.isDevelopment()
+ || bp.isRole())
+ && origState.isPermissionGranted(
+ permName))))) {
+ // Grant an install permission.
+ if (uidState.grantPermission(bp)) {
+ changedInstallPermission = true;
+ }
+ } else {
+ if (DEBUG_PERMISSIONS) {
+ boolean wasGranted = uidState.isPermissionGranted(bp.getName());
+ if (wasGranted || bp.isAppOp()) {
+ Slog.i(TAG, (wasGranted ? "Un-granting" : "Not granting")
+ + " permission " + perm
+ + " from package " + friendlyName
+ + " (protectionLevel=" + bp.getProtectionLevel()
+ + " flags=0x"
+ + Integer.toHexString(PackageInfoUtils.appInfoFlags(pkg,
+ ps))
+ + ")");
+ }
+ }
+ if (uidState.revokePermission(bp)) {
+ changedInstallPermission = true;
+ }
}
+ PermissionState origPermState = origState.getPermissionState(perm);
+ int flags = origPermState != null ? origPermState.getFlags() : 0;
+ uidState.updatePermissionFlags(bp, MASK_PERMISSION_FLAGS_ALL, flags);
} else if (bp.isRuntime()) {
boolean hardRestricted = bp.isHardRestricted();
boolean softRestricted = bp.isSoftRestricted();
@@ -2929,22 +2955,8 @@
uidState.updatePermissionFlags(bp, MASK_PERMISSION_FLAGS_ALL,
flags);
} else {
- if (DEBUG_PERMISSIONS) {
- boolean wasGranted = uidState.isPermissionGranted(bp.getName());
- if (wasGranted || bp.isAppOp()) {
- Slog.i(TAG, (wasGranted ? "Un-granting" : "Not granting")
- + " permission " + perm
- + " from package " + friendlyName
- + " (protectionLevel=" + bp.getProtectionLevel()
- + " flags=0x"
- + Integer.toHexString(PackageInfoUtils.appInfoFlags(pkg,
- ps))
- + ")");
- }
- }
- if (uidState.removePermissionState(bp.getName())) {
- changedInstallPermission = true;
- }
+ Slog.wtf(LOG_TAG, "Unknown permission protection " + bp.getProtection()
+ + " for permission " + bp.getName());
}
}