Loading core/java/android/app/ActivityManagerInternal.java +2 −1 Original line number Diff line number Diff line Loading @@ -31,6 +31,7 @@ import android.content.pm.ActivityInfo; import android.content.pm.ActivityPresentationInfo; import android.content.pm.ApplicationInfo; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.pm.UserInfo; import android.net.Uri; import android.os.Bundle; Loading Loading @@ -294,7 +295,7 @@ public abstract class ActivityManagerInternal { /** Checks if the calling binder pid as the permission. */ @PermissionMethod public abstract void enforceCallingPermission(String permission, String func); public abstract void enforceCallingPermission(@PermissionName String permission, String func); /** Returns the current user id. */ public abstract int getCurrentUserId(); Loading core/java/android/content/Context.java +8 −6 Original line number Diff line number Diff line Loading @@ -52,6 +52,7 @@ import android.compat.annotation.UnsupportedAppUsage; import android.content.pm.ApplicationInfo; import android.content.pm.PackageManager; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.res.AssetManager; import android.content.res.ColorStateList; import android.content.res.Configuration; Loading Loading @@ -6088,7 +6089,8 @@ public abstract class Context { @CheckResult(suggest="#enforcePermission(String,int,int,String)") @PackageManager.PermissionResult @PermissionMethod public abstract int checkPermission(@NonNull String permission, int pid, int uid); public abstract int checkPermission( @NonNull @PermissionName String permission, int pid, int uid); /** @hide */ @SuppressWarnings("HiddenAbstractMethod") Loading Loading @@ -6121,7 +6123,7 @@ public abstract class Context { @CheckResult(suggest="#enforceCallingPermission(String,String)") @PackageManager.PermissionResult @PermissionMethod public abstract int checkCallingPermission(@NonNull String permission); public abstract int checkCallingPermission(@NonNull @PermissionName String permission); /** * Determine whether the calling process of an IPC <em>or you</em> have been Loading @@ -6142,7 +6144,7 @@ public abstract class Context { @CheckResult(suggest="#enforceCallingOrSelfPermission(String,String)") @PackageManager.PermissionResult @PermissionMethod public abstract int checkCallingOrSelfPermission(@NonNull String permission); public abstract int checkCallingOrSelfPermission(@NonNull @PermissionName String permission); /** * Determine whether <em>you</em> have been granted a particular permission. Loading Loading @@ -6172,7 +6174,7 @@ public abstract class Context { */ @PermissionMethod public abstract void enforcePermission( @NonNull String permission, int pid, int uid, @Nullable String message); @NonNull @PermissionName String permission, int pid, int uid, @Nullable String message); /** * If the calling process of an IPC you are handling has not been Loading @@ -6194,7 +6196,7 @@ public abstract class Context { */ @PermissionMethod public abstract void enforceCallingPermission( @NonNull String permission, @Nullable String message); @NonNull @PermissionName String permission, @Nullable String message); /** * If neither you nor the calling process of an IPC you are Loading @@ -6211,7 +6213,7 @@ public abstract class Context { */ @PermissionMethod public abstract void enforceCallingOrSelfPermission( @NonNull String permission, @Nullable String message); @NonNull @PermissionName String permission, @Nullable String message); /** * Grant permission to access a specific Uri to another package, regardless Loading core/java/android/content/pm/PermissionMethod.java +1 −1 Original line number Diff line number Diff line Loading @@ -26,7 +26,7 @@ import java.lang.annotation.Target; * Documents that the subject method's job is to look * up whether the provided or calling uid/pid has the requested permission. * * Methods should either return `void`, but potentially throw {@link SecurityException}, * <p>Methods should either return `void`, but potentially throw {@link SecurityException}, * or return {@link android.content.pm.PackageManager.PermissionResult} `int`. * * @hide Loading core/java/android/content/pm/PermissionName.java 0 → 100644 +35 −0 Original line number Diff line number Diff line /* * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.content.pm; import static java.lang.annotation.ElementType.FIELD; import static java.lang.annotation.ElementType.LOCAL_VARIABLE; import static java.lang.annotation.ElementType.METHOD; import static java.lang.annotation.ElementType.PARAMETER; import static java.lang.annotation.RetentionPolicy.CLASS; import java.lang.annotation.Retention; import java.lang.annotation.Target; /** * Denotes that the annotated {@link String} represents a permission name. * * @hide */ @Retention(CLASS) @Target({PARAMETER, METHOD, LOCAL_VARIABLE, FIELD}) public @interface PermissionName {} services/core/java/com/android/server/am/ActivityManagerService.java +8 −6 Original line number Diff line number Diff line Loading @@ -247,6 +247,7 @@ import android.content.pm.PackageManagerInternal; import android.content.pm.ParceledListSlice; import android.content.pm.PermissionInfo; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.pm.ProcessInfo; import android.content.pm.ProviderInfo; import android.content.pm.ProviderInfoList; Loading Loading @@ -5987,8 +5988,9 @@ public class ActivityManagerService extends IActivityManager.Stub * provided non-{@code null} {@code permission} before. Otherwise calls into * {@link ActivityManager#checkComponentPermission(String, int, int, boolean)}. */ @PackageManager.PermissionResult @PermissionMethod public static int checkComponentPermission(String permission, int pid, int uid, public static int checkComponentPermission(@PermissionName String permission, int pid, int uid, int owningUid, boolean exported) { if (pid == MY_PID) { return PackageManager.PERMISSION_GRANTED; Loading Loading @@ -6035,7 +6037,7 @@ public class ActivityManagerService extends IActivityManager.Stub */ @Override @PermissionMethod public int checkPermission(String permission, int pid, int uid) { public int checkPermission(@PermissionName String permission, int pid, int uid) { if (permission == null) { return PackageManager.PERMISSION_DENIED; } Loading @@ -6047,7 +6049,7 @@ public class ActivityManagerService extends IActivityManager.Stub * This can be called with or without the global lock held. */ @PermissionMethod int checkCallingPermission(String permission) { int checkCallingPermission(@PermissionName String permission) { return checkPermission(permission, Binder.getCallingPid(), Binder.getCallingUid()); Loading @@ -6057,7 +6059,7 @@ public class ActivityManagerService extends IActivityManager.Stub * This can be called with or without the global lock held. */ @PermissionMethod void enforceCallingPermission(String permission, String func) { void enforceCallingPermission(@PermissionName String permission, String func) { if (checkCallingPermission(permission) == PackageManager.PERMISSION_GRANTED) { return; Loading @@ -6074,7 +6076,6 @@ public class ActivityManagerService extends IActivityManager.Stub /** * This can be called with or without the global lock held. */ @PermissionMethod private void enforceCallingHasAtLeastOnePermission(String func, String... permissions) { for (String permission : permissions) { if (checkCallingPermission(permission) == PackageManager.PERMISSION_GRANTED) { Loading @@ -6093,7 +6094,8 @@ public class ActivityManagerService extends IActivityManager.Stub /** * This can be called with or without the global lock held. */ void enforcePermission(String permission, int pid, int uid, String func) { @PermissionMethod void enforcePermission(@PermissionName String permission, int pid, int uid, String func) { if (checkPermission(permission, pid, uid) == PackageManager.PERMISSION_GRANTED) { return; } Loading Loading
core/java/android/app/ActivityManagerInternal.java +2 −1 Original line number Diff line number Diff line Loading @@ -31,6 +31,7 @@ import android.content.pm.ActivityInfo; import android.content.pm.ActivityPresentationInfo; import android.content.pm.ApplicationInfo; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.pm.UserInfo; import android.net.Uri; import android.os.Bundle; Loading Loading @@ -294,7 +295,7 @@ public abstract class ActivityManagerInternal { /** Checks if the calling binder pid as the permission. */ @PermissionMethod public abstract void enforceCallingPermission(String permission, String func); public abstract void enforceCallingPermission(@PermissionName String permission, String func); /** Returns the current user id. */ public abstract int getCurrentUserId(); Loading
core/java/android/content/Context.java +8 −6 Original line number Diff line number Diff line Loading @@ -52,6 +52,7 @@ import android.compat.annotation.UnsupportedAppUsage; import android.content.pm.ApplicationInfo; import android.content.pm.PackageManager; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.res.AssetManager; import android.content.res.ColorStateList; import android.content.res.Configuration; Loading Loading @@ -6088,7 +6089,8 @@ public abstract class Context { @CheckResult(suggest="#enforcePermission(String,int,int,String)") @PackageManager.PermissionResult @PermissionMethod public abstract int checkPermission(@NonNull String permission, int pid, int uid); public abstract int checkPermission( @NonNull @PermissionName String permission, int pid, int uid); /** @hide */ @SuppressWarnings("HiddenAbstractMethod") Loading Loading @@ -6121,7 +6123,7 @@ public abstract class Context { @CheckResult(suggest="#enforceCallingPermission(String,String)") @PackageManager.PermissionResult @PermissionMethod public abstract int checkCallingPermission(@NonNull String permission); public abstract int checkCallingPermission(@NonNull @PermissionName String permission); /** * Determine whether the calling process of an IPC <em>or you</em> have been Loading @@ -6142,7 +6144,7 @@ public abstract class Context { @CheckResult(suggest="#enforceCallingOrSelfPermission(String,String)") @PackageManager.PermissionResult @PermissionMethod public abstract int checkCallingOrSelfPermission(@NonNull String permission); public abstract int checkCallingOrSelfPermission(@NonNull @PermissionName String permission); /** * Determine whether <em>you</em> have been granted a particular permission. Loading Loading @@ -6172,7 +6174,7 @@ public abstract class Context { */ @PermissionMethod public abstract void enforcePermission( @NonNull String permission, int pid, int uid, @Nullable String message); @NonNull @PermissionName String permission, int pid, int uid, @Nullable String message); /** * If the calling process of an IPC you are handling has not been Loading @@ -6194,7 +6196,7 @@ public abstract class Context { */ @PermissionMethod public abstract void enforceCallingPermission( @NonNull String permission, @Nullable String message); @NonNull @PermissionName String permission, @Nullable String message); /** * If neither you nor the calling process of an IPC you are Loading @@ -6211,7 +6213,7 @@ public abstract class Context { */ @PermissionMethod public abstract void enforceCallingOrSelfPermission( @NonNull String permission, @Nullable String message); @NonNull @PermissionName String permission, @Nullable String message); /** * Grant permission to access a specific Uri to another package, regardless Loading
core/java/android/content/pm/PermissionMethod.java +1 −1 Original line number Diff line number Diff line Loading @@ -26,7 +26,7 @@ import java.lang.annotation.Target; * Documents that the subject method's job is to look * up whether the provided or calling uid/pid has the requested permission. * * Methods should either return `void`, but potentially throw {@link SecurityException}, * <p>Methods should either return `void`, but potentially throw {@link SecurityException}, * or return {@link android.content.pm.PackageManager.PermissionResult} `int`. * * @hide Loading
core/java/android/content/pm/PermissionName.java 0 → 100644 +35 −0 Original line number Diff line number Diff line /* * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.content.pm; import static java.lang.annotation.ElementType.FIELD; import static java.lang.annotation.ElementType.LOCAL_VARIABLE; import static java.lang.annotation.ElementType.METHOD; import static java.lang.annotation.ElementType.PARAMETER; import static java.lang.annotation.RetentionPolicy.CLASS; import java.lang.annotation.Retention; import java.lang.annotation.Target; /** * Denotes that the annotated {@link String} represents a permission name. * * @hide */ @Retention(CLASS) @Target({PARAMETER, METHOD, LOCAL_VARIABLE, FIELD}) public @interface PermissionName {}
services/core/java/com/android/server/am/ActivityManagerService.java +8 −6 Original line number Diff line number Diff line Loading @@ -247,6 +247,7 @@ import android.content.pm.PackageManagerInternal; import android.content.pm.ParceledListSlice; import android.content.pm.PermissionInfo; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.pm.ProcessInfo; import android.content.pm.ProviderInfo; import android.content.pm.ProviderInfoList; Loading Loading @@ -5987,8 +5988,9 @@ public class ActivityManagerService extends IActivityManager.Stub * provided non-{@code null} {@code permission} before. Otherwise calls into * {@link ActivityManager#checkComponentPermission(String, int, int, boolean)}. */ @PackageManager.PermissionResult @PermissionMethod public static int checkComponentPermission(String permission, int pid, int uid, public static int checkComponentPermission(@PermissionName String permission, int pid, int uid, int owningUid, boolean exported) { if (pid == MY_PID) { return PackageManager.PERMISSION_GRANTED; Loading Loading @@ -6035,7 +6037,7 @@ public class ActivityManagerService extends IActivityManager.Stub */ @Override @PermissionMethod public int checkPermission(String permission, int pid, int uid) { public int checkPermission(@PermissionName String permission, int pid, int uid) { if (permission == null) { return PackageManager.PERMISSION_DENIED; } Loading @@ -6047,7 +6049,7 @@ public class ActivityManagerService extends IActivityManager.Stub * This can be called with or without the global lock held. */ @PermissionMethod int checkCallingPermission(String permission) { int checkCallingPermission(@PermissionName String permission) { return checkPermission(permission, Binder.getCallingPid(), Binder.getCallingUid()); Loading @@ -6057,7 +6059,7 @@ public class ActivityManagerService extends IActivityManager.Stub * This can be called with or without the global lock held. */ @PermissionMethod void enforceCallingPermission(String permission, String func) { void enforceCallingPermission(@PermissionName String permission, String func) { if (checkCallingPermission(permission) == PackageManager.PERMISSION_GRANTED) { return; Loading @@ -6074,7 +6076,6 @@ public class ActivityManagerService extends IActivityManager.Stub /** * This can be called with or without the global lock held. */ @PermissionMethod private void enforceCallingHasAtLeastOnePermission(String func, String... permissions) { for (String permission : permissions) { if (checkCallingPermission(permission) == PackageManager.PERMISSION_GRANTED) { Loading @@ -6093,7 +6094,8 @@ public class ActivityManagerService extends IActivityManager.Stub /** * This can be called with or without the global lock held. */ void enforcePermission(String permission, int pid, int uid, String func) { @PermissionMethod void enforcePermission(@PermissionName String permission, int pid, int uid, String func) { if (checkPermission(permission, pid, uid) == PackageManager.PERMISSION_GRANTED) { return; } Loading
