Loading core/java/android/app/ActivityManagerInternal.java +2 −1 Original line number Original line Diff line number Diff line Loading @@ -31,6 +31,7 @@ import android.content.pm.ActivityInfo; import android.content.pm.ActivityPresentationInfo; import android.content.pm.ActivityPresentationInfo; import android.content.pm.ApplicationInfo; import android.content.pm.ApplicationInfo; import android.content.pm.PermissionMethod; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.pm.UserInfo; import android.content.pm.UserInfo; import android.net.Uri; import android.net.Uri; import android.os.Bundle; import android.os.Bundle; Loading Loading @@ -294,7 +295,7 @@ public abstract class ActivityManagerInternal { /** Checks if the calling binder pid as the permission. */ /** Checks if the calling binder pid as the permission. */ @PermissionMethod @PermissionMethod public abstract void enforceCallingPermission(String permission, String func); public abstract void enforceCallingPermission(@PermissionName String permission, String func); /** Returns the current user id. */ /** Returns the current user id. */ public abstract int getCurrentUserId(); public abstract int getCurrentUserId(); Loading core/java/android/content/Context.java +8 −6 Original line number Original line Diff line number Diff line Loading @@ -52,6 +52,7 @@ import android.compat.annotation.UnsupportedAppUsage; import android.content.pm.ApplicationInfo; import android.content.pm.ApplicationInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManager; import android.content.pm.PermissionMethod; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.res.AssetManager; import android.content.res.AssetManager; import android.content.res.ColorStateList; import android.content.res.ColorStateList; import android.content.res.Configuration; import android.content.res.Configuration; Loading Loading @@ -6088,7 +6089,8 @@ public abstract class Context { @CheckResult(suggest="#enforcePermission(String,int,int,String)") @CheckResult(suggest="#enforcePermission(String,int,int,String)") @PackageManager.PermissionResult @PackageManager.PermissionResult @PermissionMethod @PermissionMethod public abstract int checkPermission(@NonNull String permission, int pid, int uid); public abstract int checkPermission( @NonNull @PermissionName String permission, int pid, int uid); /** @hide */ /** @hide */ @SuppressWarnings("HiddenAbstractMethod") @SuppressWarnings("HiddenAbstractMethod") Loading Loading @@ -6121,7 +6123,7 @@ public abstract class Context { @CheckResult(suggest="#enforceCallingPermission(String,String)") @CheckResult(suggest="#enforceCallingPermission(String,String)") @PackageManager.PermissionResult @PackageManager.PermissionResult @PermissionMethod @PermissionMethod public abstract int checkCallingPermission(@NonNull String permission); public abstract int checkCallingPermission(@NonNull @PermissionName String permission); /** /** * Determine whether the calling process of an IPC <em>or you</em> have been * Determine whether the calling process of an IPC <em>or you</em> have been Loading @@ -6142,7 +6144,7 @@ public abstract class Context { @CheckResult(suggest="#enforceCallingOrSelfPermission(String,String)") @CheckResult(suggest="#enforceCallingOrSelfPermission(String,String)") @PackageManager.PermissionResult @PackageManager.PermissionResult @PermissionMethod @PermissionMethod public abstract int checkCallingOrSelfPermission(@NonNull String permission); public abstract int checkCallingOrSelfPermission(@NonNull @PermissionName String permission); /** /** * Determine whether <em>you</em> have been granted a particular permission. * Determine whether <em>you</em> have been granted a particular permission. Loading Loading @@ -6172,7 +6174,7 @@ public abstract class Context { */ */ @PermissionMethod @PermissionMethod public abstract void enforcePermission( public abstract void enforcePermission( @NonNull String permission, int pid, int uid, @Nullable String message); @NonNull @PermissionName String permission, int pid, int uid, @Nullable String message); /** /** * If the calling process of an IPC you are handling has not been * If the calling process of an IPC you are handling has not been Loading @@ -6194,7 +6196,7 @@ public abstract class Context { */ */ @PermissionMethod @PermissionMethod public abstract void enforceCallingPermission( public abstract void enforceCallingPermission( @NonNull String permission, @Nullable String message); @NonNull @PermissionName String permission, @Nullable String message); /** /** * If neither you nor the calling process of an IPC you are * If neither you nor the calling process of an IPC you are Loading @@ -6211,7 +6213,7 @@ public abstract class Context { */ */ @PermissionMethod @PermissionMethod public abstract void enforceCallingOrSelfPermission( public abstract void enforceCallingOrSelfPermission( @NonNull String permission, @Nullable String message); @NonNull @PermissionName String permission, @Nullable String message); /** /** * Grant permission to access a specific Uri to another package, regardless * Grant permission to access a specific Uri to another package, regardless Loading core/java/android/content/pm/PermissionMethod.java +1 −1 Original line number Original line Diff line number Diff line Loading @@ -26,7 +26,7 @@ import java.lang.annotation.Target; * Documents that the subject method's job is to look * Documents that the subject method's job is to look * up whether the provided or calling uid/pid has the requested permission. * up whether the provided or calling uid/pid has the requested permission. * * * Methods should either return `void`, but potentially throw {@link SecurityException}, * <p>Methods should either return `void`, but potentially throw {@link SecurityException}, * or return {@link android.content.pm.PackageManager.PermissionResult} `int`. * or return {@link android.content.pm.PackageManager.PermissionResult} `int`. * * * @hide * @hide Loading core/java/android/content/pm/PermissionName.java 0 → 100644 +35 −0 Original line number Original line Diff line number Diff line /* * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.content.pm; import static java.lang.annotation.ElementType.FIELD; import static java.lang.annotation.ElementType.LOCAL_VARIABLE; import static java.lang.annotation.ElementType.METHOD; import static java.lang.annotation.ElementType.PARAMETER; import static java.lang.annotation.RetentionPolicy.CLASS; import java.lang.annotation.Retention; import java.lang.annotation.Target; /** * Denotes that the annotated {@link String} represents a permission name. * * @hide */ @Retention(CLASS) @Target({PARAMETER, METHOD, LOCAL_VARIABLE, FIELD}) public @interface PermissionName {} services/core/java/com/android/server/am/ActivityManagerService.java +8 −6 Original line number Original line Diff line number Diff line Loading @@ -247,6 +247,7 @@ import android.content.pm.PackageManagerInternal; import android.content.pm.ParceledListSlice; import android.content.pm.ParceledListSlice; import android.content.pm.PermissionInfo; import android.content.pm.PermissionInfo; import android.content.pm.PermissionMethod; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.pm.ProcessInfo; import android.content.pm.ProcessInfo; import android.content.pm.ProviderInfo; import android.content.pm.ProviderInfo; import android.content.pm.ProviderInfoList; import android.content.pm.ProviderInfoList; Loading Loading @@ -5987,8 +5988,9 @@ public class ActivityManagerService extends IActivityManager.Stub * provided non-{@code null} {@code permission} before. Otherwise calls into * provided non-{@code null} {@code permission} before. Otherwise calls into * {@link ActivityManager#checkComponentPermission(String, int, int, boolean)}. * {@link ActivityManager#checkComponentPermission(String, int, int, boolean)}. */ */ @PackageManager.PermissionResult @PermissionMethod @PermissionMethod public static int checkComponentPermission(String permission, int pid, int uid, public static int checkComponentPermission(@PermissionName String permission, int pid, int uid, int owningUid, boolean exported) { int owningUid, boolean exported) { if (pid == MY_PID) { if (pid == MY_PID) { return PackageManager.PERMISSION_GRANTED; return PackageManager.PERMISSION_GRANTED; Loading Loading @@ -6035,7 +6037,7 @@ public class ActivityManagerService extends IActivityManager.Stub */ */ @Override @Override @PermissionMethod @PermissionMethod public int checkPermission(String permission, int pid, int uid) { public int checkPermission(@PermissionName String permission, int pid, int uid) { if (permission == null) { if (permission == null) { return PackageManager.PERMISSION_DENIED; return PackageManager.PERMISSION_DENIED; } } Loading @@ -6047,7 +6049,7 @@ public class ActivityManagerService extends IActivityManager.Stub * This can be called with or without the global lock held. * This can be called with or without the global lock held. */ */ @PermissionMethod @PermissionMethod int checkCallingPermission(String permission) { int checkCallingPermission(@PermissionName String permission) { return checkPermission(permission, return checkPermission(permission, Binder.getCallingPid(), Binder.getCallingPid(), Binder.getCallingUid()); Binder.getCallingUid()); Loading @@ -6057,7 +6059,7 @@ public class ActivityManagerService extends IActivityManager.Stub * This can be called with or without the global lock held. * This can be called with or without the global lock held. */ */ @PermissionMethod @PermissionMethod void enforceCallingPermission(String permission, String func) { void enforceCallingPermission(@PermissionName String permission, String func) { if (checkCallingPermission(permission) if (checkCallingPermission(permission) == PackageManager.PERMISSION_GRANTED) { == PackageManager.PERMISSION_GRANTED) { return; return; Loading @@ -6074,7 +6076,6 @@ public class ActivityManagerService extends IActivityManager.Stub /** /** * This can be called with or without the global lock held. * This can be called with or without the global lock held. */ */ @PermissionMethod private void enforceCallingHasAtLeastOnePermission(String func, String... permissions) { private void enforceCallingHasAtLeastOnePermission(String func, String... permissions) { for (String permission : permissions) { for (String permission : permissions) { if (checkCallingPermission(permission) == PackageManager.PERMISSION_GRANTED) { if (checkCallingPermission(permission) == PackageManager.PERMISSION_GRANTED) { Loading @@ -6093,7 +6094,8 @@ public class ActivityManagerService extends IActivityManager.Stub /** /** * This can be called with or without the global lock held. * This can be called with or without the global lock held. */ */ void enforcePermission(String permission, int pid, int uid, String func) { @PermissionMethod void enforcePermission(@PermissionName String permission, int pid, int uid, String func) { if (checkPermission(permission, pid, uid) == PackageManager.PERMISSION_GRANTED) { if (checkPermission(permission, pid, uid) == PackageManager.PERMISSION_GRANTED) { return; return; } } Loading Loading
core/java/android/app/ActivityManagerInternal.java +2 −1 Original line number Original line Diff line number Diff line Loading @@ -31,6 +31,7 @@ import android.content.pm.ActivityInfo; import android.content.pm.ActivityPresentationInfo; import android.content.pm.ActivityPresentationInfo; import android.content.pm.ApplicationInfo; import android.content.pm.ApplicationInfo; import android.content.pm.PermissionMethod; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.pm.UserInfo; import android.content.pm.UserInfo; import android.net.Uri; import android.net.Uri; import android.os.Bundle; import android.os.Bundle; Loading Loading @@ -294,7 +295,7 @@ public abstract class ActivityManagerInternal { /** Checks if the calling binder pid as the permission. */ /** Checks if the calling binder pid as the permission. */ @PermissionMethod @PermissionMethod public abstract void enforceCallingPermission(String permission, String func); public abstract void enforceCallingPermission(@PermissionName String permission, String func); /** Returns the current user id. */ /** Returns the current user id. */ public abstract int getCurrentUserId(); public abstract int getCurrentUserId(); Loading
core/java/android/content/Context.java +8 −6 Original line number Original line Diff line number Diff line Loading @@ -52,6 +52,7 @@ import android.compat.annotation.UnsupportedAppUsage; import android.content.pm.ApplicationInfo; import android.content.pm.ApplicationInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManager; import android.content.pm.PermissionMethod; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.res.AssetManager; import android.content.res.AssetManager; import android.content.res.ColorStateList; import android.content.res.ColorStateList; import android.content.res.Configuration; import android.content.res.Configuration; Loading Loading @@ -6088,7 +6089,8 @@ public abstract class Context { @CheckResult(suggest="#enforcePermission(String,int,int,String)") @CheckResult(suggest="#enforcePermission(String,int,int,String)") @PackageManager.PermissionResult @PackageManager.PermissionResult @PermissionMethod @PermissionMethod public abstract int checkPermission(@NonNull String permission, int pid, int uid); public abstract int checkPermission( @NonNull @PermissionName String permission, int pid, int uid); /** @hide */ /** @hide */ @SuppressWarnings("HiddenAbstractMethod") @SuppressWarnings("HiddenAbstractMethod") Loading Loading @@ -6121,7 +6123,7 @@ public abstract class Context { @CheckResult(suggest="#enforceCallingPermission(String,String)") @CheckResult(suggest="#enforceCallingPermission(String,String)") @PackageManager.PermissionResult @PackageManager.PermissionResult @PermissionMethod @PermissionMethod public abstract int checkCallingPermission(@NonNull String permission); public abstract int checkCallingPermission(@NonNull @PermissionName String permission); /** /** * Determine whether the calling process of an IPC <em>or you</em> have been * Determine whether the calling process of an IPC <em>or you</em> have been Loading @@ -6142,7 +6144,7 @@ public abstract class Context { @CheckResult(suggest="#enforceCallingOrSelfPermission(String,String)") @CheckResult(suggest="#enforceCallingOrSelfPermission(String,String)") @PackageManager.PermissionResult @PackageManager.PermissionResult @PermissionMethod @PermissionMethod public abstract int checkCallingOrSelfPermission(@NonNull String permission); public abstract int checkCallingOrSelfPermission(@NonNull @PermissionName String permission); /** /** * Determine whether <em>you</em> have been granted a particular permission. * Determine whether <em>you</em> have been granted a particular permission. Loading Loading @@ -6172,7 +6174,7 @@ public abstract class Context { */ */ @PermissionMethod @PermissionMethod public abstract void enforcePermission( public abstract void enforcePermission( @NonNull String permission, int pid, int uid, @Nullable String message); @NonNull @PermissionName String permission, int pid, int uid, @Nullable String message); /** /** * If the calling process of an IPC you are handling has not been * If the calling process of an IPC you are handling has not been Loading @@ -6194,7 +6196,7 @@ public abstract class Context { */ */ @PermissionMethod @PermissionMethod public abstract void enforceCallingPermission( public abstract void enforceCallingPermission( @NonNull String permission, @Nullable String message); @NonNull @PermissionName String permission, @Nullable String message); /** /** * If neither you nor the calling process of an IPC you are * If neither you nor the calling process of an IPC you are Loading @@ -6211,7 +6213,7 @@ public abstract class Context { */ */ @PermissionMethod @PermissionMethod public abstract void enforceCallingOrSelfPermission( public abstract void enforceCallingOrSelfPermission( @NonNull String permission, @Nullable String message); @NonNull @PermissionName String permission, @Nullable String message); /** /** * Grant permission to access a specific Uri to another package, regardless * Grant permission to access a specific Uri to another package, regardless Loading
core/java/android/content/pm/PermissionMethod.java +1 −1 Original line number Original line Diff line number Diff line Loading @@ -26,7 +26,7 @@ import java.lang.annotation.Target; * Documents that the subject method's job is to look * Documents that the subject method's job is to look * up whether the provided or calling uid/pid has the requested permission. * up whether the provided or calling uid/pid has the requested permission. * * * Methods should either return `void`, but potentially throw {@link SecurityException}, * <p>Methods should either return `void`, but potentially throw {@link SecurityException}, * or return {@link android.content.pm.PackageManager.PermissionResult} `int`. * or return {@link android.content.pm.PackageManager.PermissionResult} `int`. * * * @hide * @hide Loading
core/java/android/content/pm/PermissionName.java 0 → 100644 +35 −0 Original line number Original line Diff line number Diff line /* * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.content.pm; import static java.lang.annotation.ElementType.FIELD; import static java.lang.annotation.ElementType.LOCAL_VARIABLE; import static java.lang.annotation.ElementType.METHOD; import static java.lang.annotation.ElementType.PARAMETER; import static java.lang.annotation.RetentionPolicy.CLASS; import java.lang.annotation.Retention; import java.lang.annotation.Target; /** * Denotes that the annotated {@link String} represents a permission name. * * @hide */ @Retention(CLASS) @Target({PARAMETER, METHOD, LOCAL_VARIABLE, FIELD}) public @interface PermissionName {}
services/core/java/com/android/server/am/ActivityManagerService.java +8 −6 Original line number Original line Diff line number Diff line Loading @@ -247,6 +247,7 @@ import android.content.pm.PackageManagerInternal; import android.content.pm.ParceledListSlice; import android.content.pm.ParceledListSlice; import android.content.pm.PermissionInfo; import android.content.pm.PermissionInfo; import android.content.pm.PermissionMethod; import android.content.pm.PermissionMethod; import android.content.pm.PermissionName; import android.content.pm.ProcessInfo; import android.content.pm.ProcessInfo; import android.content.pm.ProviderInfo; import android.content.pm.ProviderInfo; import android.content.pm.ProviderInfoList; import android.content.pm.ProviderInfoList; Loading Loading @@ -5987,8 +5988,9 @@ public class ActivityManagerService extends IActivityManager.Stub * provided non-{@code null} {@code permission} before. Otherwise calls into * provided non-{@code null} {@code permission} before. Otherwise calls into * {@link ActivityManager#checkComponentPermission(String, int, int, boolean)}. * {@link ActivityManager#checkComponentPermission(String, int, int, boolean)}. */ */ @PackageManager.PermissionResult @PermissionMethod @PermissionMethod public static int checkComponentPermission(String permission, int pid, int uid, public static int checkComponentPermission(@PermissionName String permission, int pid, int uid, int owningUid, boolean exported) { int owningUid, boolean exported) { if (pid == MY_PID) { if (pid == MY_PID) { return PackageManager.PERMISSION_GRANTED; return PackageManager.PERMISSION_GRANTED; Loading Loading @@ -6035,7 +6037,7 @@ public class ActivityManagerService extends IActivityManager.Stub */ */ @Override @Override @PermissionMethod @PermissionMethod public int checkPermission(String permission, int pid, int uid) { public int checkPermission(@PermissionName String permission, int pid, int uid) { if (permission == null) { if (permission == null) { return PackageManager.PERMISSION_DENIED; return PackageManager.PERMISSION_DENIED; } } Loading @@ -6047,7 +6049,7 @@ public class ActivityManagerService extends IActivityManager.Stub * This can be called with or without the global lock held. * This can be called with or without the global lock held. */ */ @PermissionMethod @PermissionMethod int checkCallingPermission(String permission) { int checkCallingPermission(@PermissionName String permission) { return checkPermission(permission, return checkPermission(permission, Binder.getCallingPid(), Binder.getCallingPid(), Binder.getCallingUid()); Binder.getCallingUid()); Loading @@ -6057,7 +6059,7 @@ public class ActivityManagerService extends IActivityManager.Stub * This can be called with or without the global lock held. * This can be called with or without the global lock held. */ */ @PermissionMethod @PermissionMethod void enforceCallingPermission(String permission, String func) { void enforceCallingPermission(@PermissionName String permission, String func) { if (checkCallingPermission(permission) if (checkCallingPermission(permission) == PackageManager.PERMISSION_GRANTED) { == PackageManager.PERMISSION_GRANTED) { return; return; Loading @@ -6074,7 +6076,6 @@ public class ActivityManagerService extends IActivityManager.Stub /** /** * This can be called with or without the global lock held. * This can be called with or without the global lock held. */ */ @PermissionMethod private void enforceCallingHasAtLeastOnePermission(String func, String... permissions) { private void enforceCallingHasAtLeastOnePermission(String func, String... permissions) { for (String permission : permissions) { for (String permission : permissions) { if (checkCallingPermission(permission) == PackageManager.PERMISSION_GRANTED) { if (checkCallingPermission(permission) == PackageManager.PERMISSION_GRANTED) { Loading @@ -6093,7 +6094,8 @@ public class ActivityManagerService extends IActivityManager.Stub /** /** * This can be called with or without the global lock held. * This can be called with or without the global lock held. */ */ void enforcePermission(String permission, int pid, int uid, String func) { @PermissionMethod void enforcePermission(@PermissionName String permission, int pid, int uid, String func) { if (checkPermission(permission, pid, uid) == PackageManager.PERMISSION_GRANTED) { if (checkPermission(permission, pid, uid) == PackageManager.PERMISSION_GRANTED) { return; return; } } Loading
