Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 2fe979fc611263965d25f9fb0d484fac99f4ef83^! / .
commit2fe979fc611263965d25f9fb0d484fac99f4ef83[log] [tgz]
authorDianne Hackborn <hackbod@google.com>Fri Oct 08 15:07:17 2010 -0700
committerDianne Hackborn <hackbod@google.com>Fri Oct 08 15:07:17 2010 -0700
tree479155a5dde97054347c290f07bb794f90aa69f5
parent9934fa77efab362729d0d3cb8aa0bdcd31d63ead [diff]
Fix retaining of granted permissions when updating of system app.

Was broken when the app is using a shared user ID.

Change-Id: I088334f6540889969ee4367fa502807ce3f94f6a

diff --git a/services/java/com/android/server/PackageManagerService.java b/services/java/com/android/server/PackageManagerService.java
index ce0e79f..37b4c1d 100644
--- a/services/java/com/android/server/PackageManagerService.java
+++ b/services/java/com/android/server/PackageManagerService.java

@@ -3931,17 +3931,22 @@
                     allowed = false;
                 } else if (bp.protectionLevel == PermissionInfo.PROTECTION_SIGNATURE
                         || bp.protectionLevel == PermissionInfo.PROTECTION_SIGNATURE_OR_SYSTEM) {
-                    allowed = (checkSignaturesLP(bp.packageSetting.signatures.mSignatures, pkg.mSignatures)
+                    allowed = (checkSignaturesLP(
+                            bp.packageSetting.signatures.mSignatures, pkg.mSignatures)
                                     == PackageManager.SIGNATURE_MATCH)
                             || (checkSignaturesLP(mPlatformPackage.mSignatures, pkg.mSignatures)
                                     == PackageManager.SIGNATURE_MATCH);
-                    if (bp.protectionLevel == PermissionInfo.PROTECTION_SIGNATURE_OR_SYSTEM) {
+                    if (!allowed && bp.protectionLevel
+                            == PermissionInfo.PROTECTION_SIGNATURE_OR_SYSTEM) {
                         if (isSystemApp(pkg)) {
                             // For updated system applications, the signatureOrSystem permission
                             // is granted only if it had been defined by the original application.
                             if (isUpdatedSystemApp(pkg)) {
-                                PackageSetting sysPs = mSettings.getDisabledSystemPkg(pkg.packageName);
-                                if(sysPs.grantedPermissions.contains(perm)) {
+                                PackageSetting sysPs = mSettings.getDisabledSystemPkg(
+                                        pkg.packageName);
+                                final GrantedPermissions origGp = sysPs.sharedUser != null
+                                        ? sysPs.sharedUser : sysPs;
+                                if (origGp.grantedPermissions.contains(perm)) {
                                     allowed = true;
                                 } else {
                                     allowed = false;