Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-09-30 13:15:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
898c040ead
DivestOS/Patches/LineageOS-14.1/android_frameworks_base/0009-Sensors-P2.patch
Tad 4ce35a3c60 Refresh most branch specific patches 
Fixed up:
LineageOS-16.0/android_packages_apps_Backgrounds/308977.patch
LineageOS-16.0/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch
LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch
LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch

Must review again:
LineageOS-14.1/android_packages_apps_PackageInstaller/64d8b44.patch

Signed-off-by: Tad <tad@spotco.us>
2021-10-16 15:19:55 -04:00

50 lines
2.1 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: MSe <mse1969@posteo.de>
Date: Wed, 25 Apr 2018 23:07:47 +0200
Subject: [PATCH] AppOpsService: Default mode 'allowed' for systemUID and
platform signed
To avoid severe issues when setting selected Ops to 'ASK', the default
mode for systemui, apps with uid 1000 (system) and apps signed with the
platform key will always get the 'allowed' mode as default.
Change-Id: I71d9618d5b900241b99c060d43bc4270da05305b
---
.../com/android/server/AppOpsService.java | 20 +++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/services/core/java/com/android/server/AppOpsService.java b/services/core/java/com/android/server/AppOpsService.java
index a9e350570508..de31ba177ca2 100644
--- a/services/core/java/com/android/server/AppOpsService.java
+++ b/services/core/java/com/android/server/AppOpsService.java
@@ -2576,6 +2576,26 @@ public class AppOpsService extends IAppOpsService.Stub {
}
private int getDefaultMode(int code, int uid, String packageName) {
+ // To allow setting 'MODE_ASK' for own Ops, some precautions to
+ // avoid privileged apps to trigger the toggle are needed:
+
+ // 1st check: Skip uid 1000 and systemui
+ if (uid == android.os.Process.SYSTEM_UID || "com.android.systemui".equals(packageName)) {
+ return AppOpsManager.MODE_ALLOWED;
+ }
+ // 2nd check: Skip apps signed with platform key, except for the 'root' Op
+ if (code != AppOpsManager.OP_SU) {
+ try {
+ int match = AppGlobals.getPackageManager().checkSignatures("android", packageName);
+ if (match >= PackageManager.SIGNATURE_MATCH) {
+ return AppOpsManager.MODE_ALLOWED;
+ }
+ } catch (RemoteException re) {
+ Log.e(TAG, "AppOps getDefaultMode: Can't talk to PM f. Sig.Check", re);
+ }
+ }
+ // end
+
int mode = AppOpsManager.opToDefaultMode(code,
isStrict(code, uid, packageName));
if (AppOpsManager.isStrictOp(code) && mPolicy != null) {
--
2.31.1
Reference in New Issue View Git Blame Copy Permalink