[automerger] RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions. am: 8da6786608 am: 7d153c56c6 am: eff2a46342 am: ee4a2aee83 Change-Id: Ieaa5386305a8d359b5b79d99925bd12696bbce2a

commit: 879ecd17ab1e9645a9fff994e856fabeb68c8f96 [log] [tgz]
author: Android Build Merger (Role) <noreply-android-build-merger@google.com> Fri Aug 24 22:45:36 2018 +0000
committer: Android Build Merger (Role) <noreply-android-build-merger@google.com> Fri Aug 24 22:45:36 2018 +0000
tree: 81f9d579049de0371cc2d7c8f3b0e49f499302e7
parent: 9ea0739c99036ad74a1180d51a39d1c3b553b388 [diff]
parent: ee4a2aee83257202725655e2915e92137180a580 [diff]
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index cb1c09a..bc904c1 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java

@@ -252,6 +252,7 @@
 import com.android.server.Watchdog;
 import com.android.server.net.NetworkPolicyManagerInternal;
 import com.android.server.pm.PermissionsState.PermissionState;
+import com.android.server.pm.PackageSetting;
 import com.android.server.pm.Settings.DatabaseVersion;
 import com.android.server.pm.Settings.VersionInfo;
 import com.android.server.storage.DeviceStorageMonitorInternal;
@@ -4029,8 +4030,10 @@
 
     private static void enforceDeclaredAsUsedAndRuntimeOrDevelopmentPermission(PackageParser.Package pkg,
             BasePermission bp) {
+        final PackageSetting pkgSetting = (PackageSetting) pkg.mExtras;
+        final PermissionsState permsState = pkgSetting.getPermissionsState();
         int index = pkg.requestedPermissions.indexOf(bp.name);
-        if (index == -1) {
+        if (!permsState.hasRequestedPermission(bp.name) && index == -1) {
             throw new SecurityException("Package " + pkg.packageName
                     + " has not requested permission " + bp.name);
         }

diff --git a/services/core/java/com/android/server/pm/PermissionsState.java b/services/core/java/com/android/server/pm/PermissionsState.java
index 8f9968ec..39194fe 100644
--- a/services/core/java/com/android/server/pm/PermissionsState.java
+++ b/services/core/java/com/android/server/pm/PermissionsState.java

@@ -261,6 +261,14 @@
     }
 
     /**
+     * Returns whether the state has any known request for the given permission name,
+     * whether or not it has been granted.
+     */
+    public boolean hasRequestedPermission(String name) {
+        return mPermissions != null && (mPermissions.get(name) != null);
+    }
+
+    /**
      * Gets all permissions for a given device user id regardless if they
      * are install time or runtime permissions.
      *
commit	879ecd17ab1e9645a9fff994e856fabeb68c8f96	[log] [tgz]
author	Android Build Merger (Role) <noreply-android-build-merger@google.com>	Fri Aug 24 22:45:36 2018 +0000
committer	Android Build Merger (Role) <noreply-android-build-merger@google.com>	Fri Aug 24 22:45:36 2018 +0000
tree	81f9d579049de0371cc2d7c8f3b0e49f499302e7
parent	9ea0739c99036ad74a1180d51a39d1c3b553b388 [diff]
parent	ee4a2aee83257202725655e2915e92137180a580 [diff]