Skip to content
Commit 3ce38499 authored by Zim's avatar Zim Committed by Nandana Dutt
Browse files

Enforce the preserveLegacyExternalStorage manifest attribute

In Q, a manifest flag requestLegacyExternalStorage was
introduced to grant legacy apps full access to external storage.

This flag was sticky across app updates so an app already installed on
a users device would typically always have the legacy_storage appop
even if it received an update to stop requesting the manifest flag.

With the R scoped storage model, we would like to break this
stickiness for 2 reasons:
1. Increase the impact of the storage restrictions
2. Ease testing. Because of the stickyness it is difficult
for apps targeting R to actually lose their legacy_storage appop

Unfortunately, we have to still provide a path for apps who care about
migirating their data on external storage from unreachable locations
on R devices. The canonical example is an app with 3 versions:
(1) Qcannot_migrate, (2) Qcan_migrate, (3) Rcannot_migrate

An update from: 1 -> 2 -> 3 will be fine because (2) will migrate the
apps data. However, apps can very well update from (1) - (3) thereby
losing access to their data in unreachable storage locations on R devices.

To facilitate this migration, apps (targeting R) can explicitly
request the preserveLegacyExternalStorage manifest flag. This will
ensure that if they get updated on a device with a previous version of
their app with the legacy_storage appop, they'll keep legacy_storage
status. Of course, fresh installs (of target R apps) will not have the
legacy_storage appop even if they have requestLegacyExternalStorage
and preserveLegacyExternalStorage flags.

By default, this new flag will be false, legacy status will *not* be
preserved (the legacy_storage appop will *not* be sticky). But apps
that care about migrating data can set the flag to true and
will preserve whatever legacy status they had on an existing install.

Test: atest RestrictedPermissionsTest
Test: atest RestrictedStoragePermissionSharedUidTest
Bug: 148944140
Change-Id: Ifd3410ed1a60f4c0e8414fce904139b539e13ad8
parent b14fba21
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment