Explicitly update permissions after pre-grants.

Up until now, the OS had been implicitly relying on the
scanAvailableAsecs() method kicked off by StorageManager to actually
update any pre-granted permissions.

This was uncovered as part of ripping out ASECs, so now we need to
explicitly update permissions after pre-grants have been applied.

Test: builds, boots, Camera permissions can be granted
Bug: 65544665
Change-Id: I51e6bc81d9cf40c681094ee6069bc84a2edefea3

diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 0369fe6..950fdd7 100644 (file)
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -22284,11 +22284,18 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
             mDefaultPermissionPolicy.grantDefaultPermissions(userId);
         }
 
-        // If we did not grant default permissions, we preload from this the
-        // default permission exceptions lazily to ensure we don't hit the
-        // disk on a new user creation.
         if (grantPermissionsUserIds == EMPTY_INT_ARRAY) {
+            // If we did not grant default permissions, we preload from this the
+            // default permission exceptions lazily to ensure we don't hit the
+            // disk on a new user creation.
             mDefaultPermissionPolicy.scheduleReadDefaultPermissionExceptions();
+        } else {
+            // Since we granted default permissions above, we need an update
+            // pass to apply those changes.
+            synchronized (mPackages) {
+                updatePermissionsLPw(null, null, StorageManager.UUID_PRIVATE_INTERNAL,
+                        UPDATE_PERMISSIONS_ALL);
+            }
         }
 
         // Kick off any messages waiting for system ready