Keep read/write external storage as built-in permissions
These are permissions that were mapped to gids but we need
to keep them listed event though they are no longer mapped
to gis until an upgrade from L to the current version is to
be supported. These permissions are built-in and in L were
not stored in packages.xml as a result if they are not defined
in the platform.xml while parsing packages.xml we would
ignore these permissions being granted to apps and not
propagate the granted state.
From N we are storing the built-in permissions in packages.xml
as the saved storage is negligible (one tag with the permission)
compared to the fragility as one can remove a built-in permission
which no longer needs to be mapped to gids and break grant
propagation.
bug:27185272
Change-Id: I65e05c4f7edd9a934888b4d0974100aa4e9a9453
diff --git a/data/etc/platform.xml b/data/etc/platform.xml
index d412d7c..8a7d39b 100644
--- a/data/etc/platform.xml
+++ b/data/etc/platform.xml
@@ -111,6 +111,20 @@
<group gid="media" />
</permission>
+ <!-- These are permissions that were mapped to gids but we need
+ to keep them here until an upgrade from L to the current
+ version is to be supported. These permissions are built-in
+ and in L were not stored in packages.xml as a result if they
+ are not defined here while parsing packages.xml we would
+ ignore these permissions being granted to apps and not
+ propagate the granted state. From N we are storing the
+ built-in permissions in packages.xml as the saved storage
+ is negligible (one tag with the permission) compared to
+ the fragility as one can remove a built-in permission which
+ no longer needs to be mapped to gids and break grant propagation. -->
+ <permission name="android.permission.READ_EXTERNAL_STORAGE" />
+ <permission name="android.permission.WRITE_EXTERNAL_STORAGE" />
+
<!-- ================================================================== -->
<!-- ================================================================== -->
<!-- ================================================================== -->
diff --git a/services/core/java/com/android/server/pm/Settings.java b/services/core/java/com/android/server/pm/Settings.java
index 3c3c576..0176446 100644
--- a/services/core/java/com/android/server/pm/Settings.java
+++ b/services/core/java/com/android/server/pm/Settings.java
@@ -2672,7 +2672,7 @@
void writePermissionLPr(XmlSerializer serializer, BasePermission bp)
throws XmlPullParserException, java.io.IOException {
- if (bp.type != BasePermission.TYPE_BUILTIN && bp.sourcePackage != null) {
+ if (bp.sourcePackage != null) {
serializer.startTag(null, TAG_ITEM);
serializer.attribute(null, ATTR_NAME, bp.name);
serializer.attribute(null, "package", bp.sourcePackage);
@@ -3333,8 +3333,12 @@
final String ptype = parser.getAttributeValue(null, "type");
if (name != null && sourcePackage != null) {
final boolean dynamic = "dynamic".equals(ptype);
- final BasePermission bp = new BasePermission(name.intern(), sourcePackage,
- dynamic ? BasePermission.TYPE_DYNAMIC : BasePermission.TYPE_NORMAL);
+ BasePermission bp = out.get(name);
+ // If the permission is builtin, do not clobber it.
+ if (bp == null || bp.type != BasePermission.TYPE_BUILTIN) {
+ bp = new BasePermission(name.intern(), sourcePackage,
+ dynamic ? BasePermission.TYPE_DYNAMIC : BasePermission.TYPE_NORMAL);
+ }
bp.protectionLevel = readInt(parser, null, "protection",
PermissionInfo.PROTECTION_NORMAL);
bp.protectionLevel = PermissionInfo.fixProtectionLevel(bp.protectionLevel);