Reset virtual device permissions
Add permission reset support for `reset-permissions`
shell command.
Fix: 303700254
Test: presubmit & manual
Change-Id: Iff374ac90549ca3abe1f2bbd249b7f18b9c63437
diff --git a/services/permission/java/com/android/server/permission/access/permission/DevicePermissionPolicy.kt b/services/permission/java/com/android/server/permission/access/permission/DevicePermissionPolicy.kt
index 240585c..4addab3 100644
--- a/services/permission/java/com/android/server/permission/access/permission/DevicePermissionPolicy.kt
+++ b/services/permission/java/com/android/server/permission/access/permission/DevicePermissionPolicy.kt
@@ -85,10 +85,10 @@
appId: Int,
userId: Int
) {
- resetPermissionStates(packageName, userId)
+ resetRuntimePermissions(packageName, userId)
}
- private fun MutateStateScope.resetPermissionStates(packageName: String, userId: Int) {
+ fun MutateStateScope.resetRuntimePermissions(packageName: String, userId: Int) {
// It's okay to skip resetting permissions for packages that are removed,
// because their states will be trimmed in onPackageRemoved()/onAppIdRemoved()
val packageState = newState.externalState.packageStates[packageName] ?: return
diff --git a/services/permission/java/com/android/server/permission/access/permission/PermissionService.kt b/services/permission/java/com/android/server/permission/access/permission/PermissionService.kt
index cee2524..9aab8851 100644
--- a/services/permission/java/com/android/server/permission/access/permission/PermissionService.kt
+++ b/services/permission/java/com/android/server/permission/access/permission/PermissionService.kt
@@ -1737,6 +1737,9 @@
with(policy) {
resetRuntimePermissions(androidPackage.packageName, userId)
}
+ with(devicePolicy) {
+ resetRuntimePermissions(androidPackage.packageName, userId)
+ }
}
}
@@ -1747,6 +1750,9 @@
with(policy) {
resetRuntimePermissions(packageState.packageName, userId)
}
+ with(devicePolicy) {
+ resetRuntimePermissions(packageState.packageName, userId)
+ }
}
}
}