DivestOS/Patches/LineageOS-19.1/android_frameworks_base/0013-Special_Permissions-2.patch

59 lines
4.0 KiB
Diff
Raw Normal View History

From 7408144e1b476918ada6dfaedcc3c243dbb22d7b Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 31 May 2022 04:18:35 -0400
Subject: [PATCH] extend special runtime permission implementation
---
.../server/pm/permission/PermissionManagerService.java | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index c0567a446e48..96e2760d9e87 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -1881,7 +1881,7 @@ public void onInstallPermissionUpdatedNotifyListener(int uid) {
// permission as requiring a review as this is the initial state.
final int uid = mPackageManagerInt.getPackageUid(packageName, 0, userId);
final int targetSdk = mPackageManagerInt.getUidTargetSdkVersion(uid);
- final int flags = (targetSdk < Build.VERSION_CODES.M && isRuntimePermission)
+ final int flags = (targetSdk < Build.VERSION_CODES.M && isRuntimePermission && !isSpecialRuntimePermission(permName))
? FLAG_PERMISSION_REVIEW_REQUIRED | FLAG_PERMISSION_REVOKED_COMPAT
: 0;
@@ -2727,7 +2727,7 @@ && shouldGrantPermissionByProtectionFlags(pkg, ps, permission,
FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT,
FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT);
}
- if (targetSdkVersion < Build.VERSION_CODES.M) {
+ if (targetSdkVersion < Build.VERSION_CODES.M && !isSpecialRuntimePermission(permissionName)) {
uidState.updatePermissionFlags(permission,
PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED
| PackageManager.FLAG_PERMISSION_REVOKED_COMPAT,
@@ -2853,7 +2853,7 @@ && shouldGrantPermissionByProtectionFlags(pkg, ps, permission,
// continue;
// }
- if (bp.isRuntimeOnly() && !appSupportsRuntimePermissions) {
+ if (bp.isRuntimeOnly() && !appSupportsRuntimePermissions && !isSpecialRuntimePermission(bp.getName())) {
if (DEBUG_PERMISSIONS) {
Log.i(TAG, "Denying runtime-only permission " + bp.getName()
+ " for package " + friendlyName);
@@ -2932,7 +2932,7 @@ && shouldGrantPermissionByProtectionFlags(pkg, ps, permission,
boolean restrictionApplied = (origState.getPermissionFlags(
bp.getName()) & FLAG_PERMISSION_APPLY_RESTRICTION) != 0;
- if (appSupportsRuntimePermissions) {
+ if (appSupportsRuntimePermissions || isSpecialRuntimePermission(bp.getName())) {
// If hard restricted we don't allow holding it
if (permissionPolicyInitialized && hardRestricted) {
if (!restrictionExempt) {
@@ -3020,7 +3020,7 @@ && shouldGrantPermissionByProtectionFlags(pkg, ps, permission,
if (restrictionApplied) {
flags &= ~FLAG_PERMISSION_APPLY_RESTRICTION;
// Dropping restriction on a legacy app implies a review
- if (!appSupportsRuntimePermissions) {
+ if (!appSupportsRuntimePermissions && !isSpecialRuntimePermission(bp.getName())) {
flags |= FLAG_PERMISSION_REVIEW_REQUIRED;
}
wasChanged = true;