Revert "appops: Finish started proxy op when chain fails"
This reverts commit 0f09c2f475d06e6802085755aa3fffe729f3a256.
Reason for revert: b/377407253
Change-Id: Id19815be004ddf022ea31d5c30c8010204a45945
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index 24933ca..5fc3e33 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -1015,8 +1015,7 @@
permission, attributionSource, message, forDataDelivery, startDataDelivery,
fromDatasource, attributedOp);
// Finish any started op if some step in the attribution chain failed.
- if (startDataDelivery && result != PermissionChecker.PERMISSION_GRANTED
- && result != PermissionChecker.PERMISSION_SOFT_DENIED) {
+ if (startDataDelivery && result != PermissionChecker.PERMISSION_GRANTED) {
if (attributedOp == AppOpsManager.OP_NONE) {
finishDataDelivery(AppOpsManager.permissionToOpCode(permission),
attributionSource.asState(), fromDatasource);
@@ -1245,7 +1244,6 @@
final boolean hasChain = attributionChainId != ATTRIBUTION_CHAIN_ID_NONE;
AttributionSource current = attributionSource;
AttributionSource next = null;
- AttributionSource prev = null;
// We consider the chain trusted if the start node has UPDATE_APP_OPS_STATS, and
// every attributionSource in the chain is registered with the system.
final boolean isChainStartTrusted = !hasChain || checkPermission(context,
@@ -1312,21 +1310,8 @@
selfAccess, singleReceiverFromDatasource, attributedOp,
proxyAttributionFlags, proxiedAttributionFlags, attributionChainId);
- if (opMode != AppOpsManager.MODE_ALLOWED) {
- // Current failed the perm check, so if we are part-way through an attr chain,
- // we need to clean up the already started proxy op higher up the chain. Note,
- // proxy ops are verified two by two, which means we have to clear the 2nd next
- // from the previous iteration (since it is actually curr.next which failed
- // to pass the perm check).
- if (prev != null) {
- final var cutAttrSourceState = prev.asState();
- if (cutAttrSourceState.next.length > 0) {
- cutAttrSourceState.next[0].next = new AttributionSourceState[0];
- }
- finishDataDelivery(context, attributedOp,
- cutAttrSourceState, fromDatasource);
- }
- if (opMode == AppOpsManager.MODE_ERRORED) {
+ switch (opMode) {
+ case AppOpsManager.MODE_ERRORED: {
if (permission.equals(Manifest.permission.BLUETOOTH_CONNECT)) {
Slog.e(LOG_TAG, "BLUETOOTH_CONNECT permission hard denied as op"
+ " mode is MODE_ERRORED. Permission check was requested for: "
@@ -1334,7 +1319,8 @@
+ current);
}
return PermissionChecker.PERMISSION_HARD_DENIED;
- } else {
+ }
+ case AppOpsManager.MODE_IGNORED: {
return PermissionChecker.PERMISSION_SOFT_DENIED;
}
}
@@ -1349,8 +1335,6 @@
return PermissionChecker.PERMISSION_GRANTED;
}
- // an attribution we have already possibly started an op for
- prev = current;
current = next;
}
}