Revoke permission on non-runtime -> runtime upgrade
Not only on normal -> runtime.
Test: atest android.appsecurity.cts.PermissionsHostTest#testNoPermissionEscalationAfterReboot
Bug: 154505240, 168319670
Change-Id: If3b420067b4d7111dcf67ae6f98e42176158b679
Merged-In: If3b420067b4d7111dcf67ae6f98e42176158b679
diff --git a/services/core/java/com/android/server/pm/permission/BasePermission.java b/services/core/java/com/android/server/pm/permission/BasePermission.java
index 6b550f2..61b43c6 100644
--- a/services/core/java/com/android/server/pm/permission/BasePermission.java
+++ b/services/core/java/com/android/server/pm/permission/BasePermission.java
@@ -321,7 +321,7 @@
if (bp == null) {
bp = new BasePermission(p.info.name, p.info.packageName, TYPE_NORMAL);
}
- boolean wasNormal = bp.isNormal();
+ boolean wasNonRuntime = !bp.isRuntime();
StringBuilder r = null;
if (bp.perm == null) {
if (bp.sourcePackageName == null
@@ -365,7 +365,7 @@
if (bp.perm == p) {
bp.protectionLevel = p.info.protectionLevel;
}
- if (bp.isRuntime() && (ownerChanged || wasNormal)) {
+ if (bp.isRuntime() && (ownerChanged || wasNonRuntime)) {
// If this is a runtime permission and the owner has changed, or this was a normal
// permission, then permission state should be cleaned up
bp.mPermissionDefinitionChanged = true;