DivestOS/Patches/LineageOS-19.1/android_frameworks_base/0013-Special_Permissions-2.patch

59 lines
4.0 KiB
Diff
Raw Normal View History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 31 May 2022 04:18:35 -0400
Subject: [PATCH] extend special runtime permission implementation
---
.../server/pm/permission/PermissionManagerService.java | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index 5be5d735598c..e7c141d3e5fd 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -1881,7 +1881,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
// permission as requiring a review as this is the initial state.
final int uid = mPackageManagerInt.getPackageUid(packageName, 0, userId);
final int targetSdk = mPackageManagerInt.getUidTargetSdkVersion(uid);
- final int flags = (targetSdk < Build.VERSION_CODES.M && isRuntimePermission)
+ final int flags = (targetSdk < Build.VERSION_CODES.M && isRuntimePermission && !isSpecialRuntimePermission(permName))
? FLAG_PERMISSION_REVIEW_REQUIRED | FLAG_PERMISSION_REVOKED_COMPAT
: 0;
@@ -2765,7 +2765,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT,
FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT);
}
- if (targetSdkVersion < Build.VERSION_CODES.M) {
+ if (targetSdkVersion < Build.VERSION_CODES.M && !isSpecialRuntimePermission(permissionName)) {
uidState.updatePermissionFlags(permission,
PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED
| PackageManager.FLAG_PERMISSION_REVOKED_COMPAT,
@@ -2855,7 +2855,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
// continue;
// }
- if (bp.isRuntimeOnly() && !appSupportsRuntimePermissions) {
+ if (bp.isRuntimeOnly() && !appSupportsRuntimePermissions && !isSpecialRuntimePermission(bp.getName())) {
if (DEBUG_PERMISSIONS) {
Log.i(TAG, "Denying runtime-only permission " + bp.getName()
+ " for package " + friendlyName);
@@ -2934,7 +2934,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
boolean restrictionApplied = (origState.getPermissionFlags(
bp.getName()) & FLAG_PERMISSION_APPLY_RESTRICTION) != 0;
- if (appSupportsRuntimePermissions) {
+ if (appSupportsRuntimePermissions || isSpecialRuntimePermission(bp.getName())) {
// If hard restricted we don't allow holding it
if (permissionPolicyInitialized && hardRestricted) {
if (!restrictionExempt) {
@@ -3018,7 +3018,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
if (restrictionApplied) {
flags &= ~FLAG_PERMISSION_APPLY_RESTRICTION;
// Dropping restriction on a legacy app implies a review
- if (!appSupportsRuntimePermissions) {
+ if (!appSupportsRuntimePermissions && !isSpecialRuntimePermission(bp.getName())) {
flags |= FLAG_PERMISSION_REVIEW_REQUIRED;
}
wasChanged = true;