From 208e2f1243113563856021017a1577c1134ca4b5 Mon Sep 17 00:00:00 2001 From: Alex Buynytskyy Date: Thu, 4 Jan 2024 00:18:16 +0000 Subject: [PATCH] Stop marking apps as privileged if they are not signed properly. Fixes: 311374917 Test: atest android.content.pm.cts.PackageManagerTest (cherry picked from commit 3ee5dfdcba047051ce81dca0696d6ddfeafe2d98) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:06775341ad7d77410798f95117cbee7a1a02c201) Merged-In: I5b5b81cf43b06837a22c8dfd170a112106dd64c1 Change-Id: I5b5b81cf43b06837a22c8dfd170a112106dd64c1 --- .../java/com/android/server/pm/InstallPackageHelper.java | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/services/core/java/com/android/server/pm/InstallPackageHelper.java b/services/core/java/com/android/server/pm/InstallPackageHelper.java index fa392d7c28bc..a2c8303d2a07 100644 --- a/services/core/java/com/android/server/pm/InstallPackageHelper.java +++ b/services/core/java/com/android/server/pm/InstallPackageHelper.java @@ -4614,7 +4614,9 @@ private void assertOverlayIsValid(AndroidPackage pkg, private void assertPackageWithSharedUserIdIsPrivileged(AndroidPackage pkg) throws PackageManagerException { - if (!AndroidPackageLegacyUtils.isPrivileged(pkg) && (pkg.getSharedUserId() != null)) { + if (!AndroidPackageLegacyUtils.isPrivileged(pkg) + && (pkg.getSharedUserId() != null) + && !pkg.isLeavingSharedUser()) { SharedUserSetting sharedUserSetting = null; try { synchronized (mPm.mLock) { @@ -4654,7 +4656,8 @@ private void assertPackageWithSharedUserIdIsPrivileged(AndroidPackage pkg) if (((scanFlags & SCAN_AS_PRIVILEGED) == 0) && !AndroidPackageLegacyUtils.isPrivileged(pkg) && (pkg.getSharedUserId() != null) - && !skipVendorPrivilegeScan) { + && !skipVendorPrivilegeScan + && !pkg.isLeavingSharedUser()) { SharedUserSetting sharedUserSetting = null; synchronized (mPm.mLock) { try {