diff options
| -rw-r--r-- | services/java/com/android/server/pm/PackageManagerService.java | 36 |
1 files changed, 28 insertions, 8 deletions
diff --git a/services/java/com/android/server/pm/PackageManagerService.java b/services/java/com/android/server/pm/PackageManagerService.java index 3f2387b..f5ea546 100644 --- a/services/java/com/android/server/pm/PackageManagerService.java +++ b/services/java/com/android/server/pm/PackageManagerService.java @@ -1715,6 +1715,7 @@ public class PackageManagerService extends IPackageManager.Stub { } public int[] getPackageGids(String packageName) { + final boolean enforcedDefault = isPermissionEnforcedDefault(READ_EXTERNAL_STORAGE); // reader synchronized (mPackages) { PackageParser.Package p = mPackages.get(packageName); @@ -1726,7 +1727,7 @@ public class PackageManagerService extends IPackageManager.Stub { int[] gids = suid != null ? suid.gids : ps.gids; // include GIDs for any unenforced permissions - if (!isPermissionEnforcedLocked(READ_EXTERNAL_STORAGE)) { + if (!isPermissionEnforcedLocked(READ_EXTERNAL_STORAGE, enforcedDefault)) { final BasePermission basePerm = mSettings.mPermissions.get( READ_EXTERNAL_STORAGE); gids = appendInts(gids, basePerm.gids); @@ -2054,6 +2055,7 @@ public class PackageManagerService extends IPackageManager.Stub { } public int checkPermission(String permName, String pkgName) { + final boolean enforcedDefault = isPermissionEnforcedDefault(permName); synchronized (mPackages) { PackageParser.Package p = mPackages.get(pkgName); if (p != null && p.mExtras != null) { @@ -2066,7 +2068,7 @@ public class PackageManagerService extends IPackageManager.Stub { return PackageManager.PERMISSION_GRANTED; } } - if (!isPermissionEnforcedLocked(permName)) { + if (!isPermissionEnforcedLocked(permName, enforcedDefault)) { return PackageManager.PERMISSION_GRANTED; } } @@ -2074,6 +2076,7 @@ public class PackageManagerService extends IPackageManager.Stub { } public int checkUidPermission(String permName, int uid) { + final boolean enforcedDefault = isPermissionEnforcedDefault(permName); synchronized (mPackages) { Object obj = mSettings.getUserIdLPr(UserHandle.getAppId(uid)); if (obj != null) { @@ -2087,7 +2090,7 @@ public class PackageManagerService extends IPackageManager.Stub { return PackageManager.PERMISSION_GRANTED; } } - if (!isPermissionEnforcedLocked(permName)) { + if (!isPermissionEnforcedLocked(permName, enforcedDefault)) { return PackageManager.PERMISSION_GRANTED; } } @@ -10124,19 +10127,36 @@ public class PackageManagerService extends IPackageManager.Stub { @Override public boolean isPermissionEnforced(String permission) { + final boolean enforcedDefault = isPermissionEnforcedDefault(permission); synchronized (mPackages) { - return isPermissionEnforcedLocked(permission); + return isPermissionEnforcedLocked(permission, enforcedDefault); } } - private boolean isPermissionEnforcedLocked(String permission) { + /** + * Check if given permission should be enforced by default. Should always be + * called outside of {@link #mPackages} lock. + */ + private boolean isPermissionEnforcedDefault(String permission) { + if (READ_EXTERNAL_STORAGE.equals(permission)) { + return Secure.getInt(mContext.getContentResolver(), + Secure.READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT, 0) != 0; + } else { + return true; + } + } + + /** + * Check if user has requested that given permission be enforced, using + * given default if undefined. + */ + private boolean isPermissionEnforcedLocked(String permission, boolean enforcedDefault) { if (READ_EXTERNAL_STORAGE.equals(permission)) { if (mSettings.mReadExternalStorageEnforced != null) { return mSettings.mReadExternalStorageEnforced; } else { - // if user hasn't defined, fall back to secure default - return Secure.getInt(mContext.getContentResolver(), - Secure.READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT, 0) != 0; + // User hasn't defined; fall back to secure default + return enforcedDefault; } } else { return true; |