Merge "Fix privileged permission handling for ODM apps." into main
This commit is contained in:
Treehugger Robot
Android (Google) Code Review
commit
a7488d7230
@ -1262,7 +1262,7 @@ class AppIdPermissionPolicy : SchemePolicy() {
|
|||||||
val apexModuleName = packageState.apexModuleName
|
val apexModuleName = packageState.apexModuleName
|
||||||
val packageName = packageState.packageName
|
val packageName = packageState.packageName
|
||||||
return when {
|
return when {
|
||||||
packageState.isVendor ->
|
packageState.isVendor || packageState.isOdm ->
|
||||||
permissionAllowlist.getVendorPrivilegedAppAllowlistState(
|
permissionAllowlist.getVendorPrivilegedAppAllowlistState(
|
||||||
packageName,
|
packageName,
|
||||||
permissionName
|
permissionName
|
||||||
@ -1471,12 +1471,15 @@ class AppIdPermissionPolicy : SchemePolicy() {
|
|||||||
// In any case, don't grant a privileged permission to privileged vendor apps,
|
// In any case, don't grant a privileged permission to privileged vendor apps,
|
||||||
// if the permission's protectionLevel does not have the extra vendorPrivileged
|
// if the permission's protectionLevel does not have the extra vendorPrivileged
|
||||||
// flag.
|
// flag.
|
||||||
if (packageState.isVendor && !permission.isVendorPrivileged) {
|
if (
|
||||||
|
(packageState.isVendor || packageState.isOdm) &&
|
||||||
|
!permission.isVendorPrivileged
|
||||||
|
) {
|
||||||
Slog.w(
|
Slog.w(
|
||||||
LOG_TAG,
|
LOG_TAG,
|
||||||
"Permission $permissionName cannot be granted to privileged" +
|
"Permission $permissionName cannot be granted to privileged" +
|
||||||
" vendor app $packageName because it isn't a vendorPrivileged" +
|
" vendor (or odm) app $packageName because it isn't a" +
|
||||||
" permission"
|
" vendorPrivileged permission"
|
||||||
)
|
)
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user