diff options
author | Christopher Tate <ctate@google.com> | 2013-10-22 15:36:01 -0700 |
---|---|---|
committer | The Android Automerger <android-build@google.com> | 2013-10-22 18:23:20 -0700 |
commit | b8db47488253a08d279b061603d1c69c84554284 (patch) | |
tree | 4bb71dc9670fcd9e7808108b8e819fffeabb9297 | |
parent | b840bd2b601f4df4eb8750a00be7132bf4d26c2e (diff) | |
download | base-b8db47488253a08d279b061603d1c69c84554284.tar.gz |
Edge case: overriden system package moved & became privileged in OTA
Because properly continuing permission grants post-OTA has changed
policy to include privilege considerations based on install location,
make sure that we re-evaluate when we determine that the apk has
moved from its pre-OTA location.
Bug 11271490
Change-Id: I6c09986e2851a67504268b289932588457c05dfc
-rwxr-xr-x | services/java/com/android/server/pm/PackageManagerService.java | 8 | ||||
-rw-r--r-- | services/java/com/android/server/pm/Settings.java | 12 |
2 files changed, 13 insertions, 7 deletions
diff --git a/services/java/com/android/server/pm/PackageManagerService.java b/services/java/com/android/server/pm/PackageManagerService.java index 95dc3738d0bc..e075862a2cc2 100755 --- a/services/java/com/android/server/pm/PackageManagerService.java +++ b/services/java/com/android/server/pm/PackageManagerService.java @@ -3585,7 +3585,13 @@ public class PackageManagerService extends IPackageManager.Stub { + ps.name + " changing from " + updatedPkg.codePathString + " to " + scanFile); updatedPkg.codePath = scanFile; - updatedPkg.codePathString = scanFile.toString(); + updatedPkg.codePathString = scanFile.toString(); + // This is the point at which we know that the system-disk APK + // for this package has moved during a reboot (e.g. due to an OTA), + // so we need to reevaluate it for privilege policy. + if (locationIsPrivileged(scanFile)) { + updatedPkg.pkgFlags |= ApplicationInfo.FLAG_PRIVILEGED; + } } updatedPkg.pkg = pkg; mLastScanError = PackageManager.INSTALL_FAILED_DUPLICATE_PACKAGE; diff --git a/services/java/com/android/server/pm/Settings.java b/services/java/com/android/server/pm/Settings.java index 3b4393a894af..b0cfd7eaa798 100644 --- a/services/java/com/android/server/pm/Settings.java +++ b/services/java/com/android/server/pm/Settings.java @@ -426,12 +426,12 @@ final class Settings { + "; replacing with new"); p = null; } else { - if ((pkgFlags&ApplicationInfo.FLAG_SYSTEM) != 0) { - // If what we are scanning is a system package, then - // make it so, regardless of whether it was previously - // installed only in the data partition. - p.pkgFlags |= ApplicationInfo.FLAG_SYSTEM; - } + // If what we are scanning is a system (and possibly privileged) package, + // then make it so, regardless of whether it was previously installed only + // in the data partition. + final int sysPrivFlags = pkgFlags + & (ApplicationInfo.FLAG_SYSTEM | ApplicationInfo.FLAG_PRIVILEGED); + p.pkgFlags |= sysPrivFlags; } } if (p == null) { |