commit 6a166af8fd25445c1b9a4d7869d87557fcb79cf9
author Svet Ganov <svetoslavganov@google.com> Tue Jun 30 10:15:44 2015 -0700
committer Svet Ganov <svetoslavganov@google.com> Tue Jun 30 10:15:49 2015 -0700
tree 0c848949e357b23cbbac6190c87df0a1eb079226
parent 03b5f128dbc375c1a28468773f39e85a5f70fc9a

Installer is a part of the system with unrevocable permissions

1. Mark the installer permissions as not revocable.

2. Make the permission result dispatch more robust to handle installer death.

bug:22012614

Change-Id: Idee30ca884b87ccf97ba1bb878d4c49912e474b8

services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java

diff --git a/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java b/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
index ff097e5..faa7563 100644
--- a/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
+++ b/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
@@ -247,7 +247,7 @@
             for (int i = 0; i < installerCount; i++) {
                 PackageParser.Package installPackage = installerPackages.get(i);
                 grantInstallPermissionsLPw(installPackage, INSTALLER_PERMISSIONS, userId);
-                grantRuntimePermissionsLPw(installPackage, STORAGE_PERMISSIONS, userId);
+                grantRuntimePermissionsLPw(installPackage, STORAGE_PERMISSIONS, true, userId);
             }
 
             // Verifiers
@@ -381,8 +381,8 @@
             // Device provisioning
             Intent deviceProvisionIntent = new Intent(
                     DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE);
-            PackageParser.Package deviceProvisionPackage = getDefaultSystemHandlerActvityPackageLPr(
-                    deviceProvisionIntent, userId);
+            PackageParser.Package deviceProvisionPackage =
+                    getDefaultSystemHandlerActivityPackageLPr(deviceProvisionIntent, userId);
             if (deviceProvisionPackage != null
                     && doesPackageSupportRuntimePermissions(deviceProvisionPackage)) {
                 grantRuntimePermissionsLPw(contactsPackage, ACCOUNTS_PERMISSIONS, userId);
@@ -614,6 +614,12 @@
 
     private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions,
             int userId) {
+        grantRuntimePermissionsLPw(pkg, permissions, false, userId);
+
+    }
+
+    private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions,
+            boolean systemFixed, int userId) {
         List<String> requestedPermissions = pkg.requestedPermissions;
 
         if (pkg.isUpdatedSystemApp()) {
@@ -638,6 +644,12 @@
                         Log.i(TAG, "Granted " + permission + " to default handler "
                                 + pkg.packageName);
                     }
+
+                    if (systemFixed) {
+                        mService.updatePermissionFlags(permission, pkg.packageName,
+                                PackageManager.FLAG_PERMISSION_SYSTEM_FIXED,
+                                PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, userId);
+                    }
                 }
             }
         }