diff options
| author | TreeHugger Robot <treehugger-gerrit@google.com> | 2019-04-09 20:29:24 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2019-04-09 20:29:24 +0000 |
| commit | 41b582936f6dbd92a32d84141411f06be8945637 (patch) | |
| tree | 17c180aac510849de8a69c75e373e5f7000bbdc6 /core/java/android | |
| parent | f332fa83229a192cc5294f99bf50ae2378b20273 (diff) | |
| parent | 45810afbeab450b38b6c8612890a72e042c27b3b (diff) | |
Merge "Don't use noteop for preflight checks" into qt-dev
Diffstat (limited to 'core/java/android')
| -rw-r--r-- | core/java/android/os/Environment.java | 4 | ||||
| -rw-r--r-- | core/java/android/os/storage/StorageManager.java | 36 |
2 files changed, 37 insertions, 3 deletions
diff --git a/core/java/android/os/Environment.java b/core/java/android/os/Environment.java index 9e9e68dbf3fe..ed5c1b1e2277 100644 --- a/core/java/android/os/Environment.java +++ b/core/java/android/os/Environment.java @@ -1148,9 +1148,9 @@ public class Environment { final Context context = AppGlobals.getInitialApplication(); final AppOpsManager appOps = context.getSystemService(AppOpsManager.class); - final boolean hasLegacy = appOps.noteOpNoThrow(AppOpsManager.OP_LEGACY_STORAGE, + final boolean hasLegacy = appOps.checkOpNoThrow(AppOpsManager.OP_LEGACY_STORAGE, context.getApplicationInfo().uid, - context.getPackageName()) == AppOpsManager.MODE_ALLOWED; + context.getOpPackageName()) == AppOpsManager.MODE_ALLOWED; // STOPSHIP: only use app-op once permission model has fully landed final boolean requestedLegacy = !AppGlobals.getInitialApplication().getApplicationInfo() diff --git a/core/java/android/os/storage/StorageManager.java b/core/java/android/os/storage/StorageManager.java index c57bf9141248..075b650ed8f4 100644 --- a/core/java/android/os/storage/StorageManager.java +++ b/core/java/android/os/storage/StorageManager.java @@ -1652,6 +1652,26 @@ public class StorageManager { */ public static boolean checkPermissionAndAppOp(Context context, boolean enforce, int pid, int uid, String packageName, String permission, int op) { + return checkPermissionAndAppOp(context, enforce, pid, uid, packageName, permission, op, + true); + } + + /** + * Check that given app holds both permission and appop but do not noteOp. + * @hide + */ + public static boolean checkPermissionAndCheckOp(Context context, boolean enforce, + int pid, int uid, String packageName, String permission, int op) { + return checkPermissionAndAppOp(context, enforce, pid, uid, packageName, permission, op, + false); + } + + /** + * Check that given app holds both permission and appop. + * @hide + */ + private static boolean checkPermissionAndAppOp(Context context, boolean enforce, + int pid, int uid, String packageName, String permission, int op, boolean note) { if (context.checkPermission(permission, pid, uid) != PERMISSION_GRANTED) { if (enforce) { throw new SecurityException( @@ -1662,7 +1682,21 @@ public class StorageManager { } AppOpsManager appOps = context.getSystemService(AppOpsManager.class); - final int mode = appOps.noteOpNoThrow(op, uid, packageName); + final int mode; + if (note) { + mode = appOps.noteOpNoThrow(op, uid, packageName); + } else { + try { + appOps.checkPackage(uid, packageName); + } catch (SecurityException e) { + if (enforce) { + throw e; + } else { + return false; + } + } + mode = appOps.checkOpNoThrow(op, uid, packageName); + } switch (mode) { case AppOpsManager.MODE_ALLOWED: return true; |