Loading core/java/android/content/pm/IPackageManager.aidl +3 −0 Original line number Diff line number Diff line Loading @@ -370,4 +370,7 @@ interface IPackageManager { boolean isFirstBoot(); List<UserInfo> getUsers(); void setPermissionEnforcement(String permission, int enforcement); int getPermissionEnforcement(String permission); } core/java/android/content/pm/PackageManager.java +5 −0 Original line number Diff line number Diff line Loading @@ -1090,6 +1090,11 @@ public abstract class PackageManager { public static final String EXTRA_VERIFICATION_INSTALL_FLAGS = "android.content.pm.extra.VERIFICATION_INSTALL_FLAGS"; /** {@hide} */ public static final int ENFORCEMENT_DEFAULT = 0; /** {@hide} */ public static final int ENFORCEMENT_YES = 1; /** * Retrieve overall information about an application package that is * installed on the system. Loading services/java/com/android/server/pm/PackageManagerService.java +50 −0 Original line number Diff line number Diff line Loading @@ -20,6 +20,10 @@ import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DEFAULT; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED_USER; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_ENABLED; import static android.content.pm.PackageManager.ENFORCEMENT_DEFAULT; import static android.content.pm.PackageManager.ENFORCEMENT_YES; import static android.Manifest.permission.READ_EXTERNAL_STORAGE; import static android.Manifest.permission.GRANT_REVOKE_PERMISSIONS; import static libcore.io.OsConstants.S_ISLNK; import com.android.internal.app.IMediaContainerService; Loading Loading @@ -1872,6 +1876,9 @@ public class PackageManagerService extends IPackageManager.Stub { return PackageManager.PERMISSION_GRANTED; } } if (!isPermissionEnforcedLocked(permName)) { return PackageManager.PERMISSION_GRANTED; } } return PackageManager.PERMISSION_DENIED; } Loading @@ -1890,6 +1897,9 @@ public class PackageManagerService extends IPackageManager.Stub { return PackageManager.PERMISSION_GRANTED; } } if (!isPermissionEnforcedLocked(permName)) { return PackageManager.PERMISSION_GRANTED; } } return PackageManager.PERMISSION_DENIED; } Loading Loading @@ -8835,4 +8845,44 @@ public class PackageManagerService extends IPackageManager.Stub { public List<UserInfo> getUsers() { return mUserManager.getUsers(); } @Override public void setPermissionEnforcement(String permission, int enforcement) { mContext.enforceCallingOrSelfPermission(GRANT_REVOKE_PERMISSIONS, null); if (READ_EXTERNAL_STORAGE.equals(permission)) { synchronized (mPackages) { if (mSettings.mReadExternalStorageEnforcement != enforcement) { mSettings.mReadExternalStorageEnforcement = enforcement; mSettings.writeLPr(); } } } else { throw new IllegalArgumentException("No selective enforcement for " + permission); } } @Override public int getPermissionEnforcement(String permission) { mContext.enforceCallingOrSelfPermission(GRANT_REVOKE_PERMISSIONS, null); if (READ_EXTERNAL_STORAGE.equals(permission)) { synchronized (mPackages) { return mSettings.mReadExternalStorageEnforcement; } } else { throw new IllegalArgumentException("No selective enforcement for " + permission); } } private boolean isPermissionEnforcedLocked(String permission) { if (READ_EXTERNAL_STORAGE.equals(permission)) { switch (mSettings.mReadExternalStorageEnforcement) { case ENFORCEMENT_DEFAULT: return false; case ENFORCEMENT_YES: return true; } } return true; } } services/java/com/android/server/pm/Settings.java +20 −1 Original line number Diff line number Diff line Loading @@ -20,6 +20,7 @@ import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DEFAULT; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED_USER; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_ENABLED; import static android.content.pm.PackageManager.ENFORCEMENT_DEFAULT; import com.android.internal.util.FastXmlSerializer; import com.android.internal.util.JournaledFile; Loading Loading @@ -74,6 +75,9 @@ final class Settings { private static final boolean DEBUG_STOPPED = false; private static final String TAG_READ_EXTERNAL_STORAGE = "read-external-storage"; private static final String ATTR_ENFORCEMENT = "enforcement"; private final File mSettingsFilename; private final File mBackupSettingsFilename; private final File mPackageListFilename; Loading @@ -91,6 +95,8 @@ final class Settings { int mInternalSdkPlatform; int mExternalSdkPlatform; int mReadExternalStorageEnforcement = ENFORCEMENT_DEFAULT; /** Device identity for the purpose of package verification. */ private VerifierDeviceIdentity mVerifierDeviceIdentity; Loading Loading @@ -871,6 +877,13 @@ final class Settings { serializer.endTag(null, "verifier"); } if (mReadExternalStorageEnforcement != ENFORCEMENT_DEFAULT) { serializer.startTag(null, TAG_READ_EXTERNAL_STORAGE); serializer.attribute( null, ATTR_ENFORCEMENT, Integer.toString(mReadExternalStorageEnforcement)); serializer.endTag(null, TAG_READ_EXTERNAL_STORAGE); } serializer.startTag(null, "permission-trees"); for (BasePermission bp : mPermissionTrees.values()) { writePermissionLPr(serializer, bp); Loading Loading @@ -1291,6 +1304,12 @@ final class Settings { Slog.w(PackageManagerService.TAG, "Discard invalid verifier device id: " + e.getMessage()); } } else if (TAG_READ_EXTERNAL_STORAGE.equals(tagName)) { final String enforcement = parser.getAttributeValue(null, ATTR_ENFORCEMENT); try { mReadExternalStorageEnforcement = Integer.parseInt(enforcement); } catch (NumberFormatException e) { } } else { Slog.w(PackageManagerService.TAG, "Unknown element under <packages>: " + parser.getName()); Loading Loading
core/java/android/content/pm/IPackageManager.aidl +3 −0 Original line number Diff line number Diff line Loading @@ -370,4 +370,7 @@ interface IPackageManager { boolean isFirstBoot(); List<UserInfo> getUsers(); void setPermissionEnforcement(String permission, int enforcement); int getPermissionEnforcement(String permission); }
core/java/android/content/pm/PackageManager.java +5 −0 Original line number Diff line number Diff line Loading @@ -1090,6 +1090,11 @@ public abstract class PackageManager { public static final String EXTRA_VERIFICATION_INSTALL_FLAGS = "android.content.pm.extra.VERIFICATION_INSTALL_FLAGS"; /** {@hide} */ public static final int ENFORCEMENT_DEFAULT = 0; /** {@hide} */ public static final int ENFORCEMENT_YES = 1; /** * Retrieve overall information about an application package that is * installed on the system. Loading
services/java/com/android/server/pm/PackageManagerService.java +50 −0 Original line number Diff line number Diff line Loading @@ -20,6 +20,10 @@ import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DEFAULT; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED_USER; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_ENABLED; import static android.content.pm.PackageManager.ENFORCEMENT_DEFAULT; import static android.content.pm.PackageManager.ENFORCEMENT_YES; import static android.Manifest.permission.READ_EXTERNAL_STORAGE; import static android.Manifest.permission.GRANT_REVOKE_PERMISSIONS; import static libcore.io.OsConstants.S_ISLNK; import com.android.internal.app.IMediaContainerService; Loading Loading @@ -1872,6 +1876,9 @@ public class PackageManagerService extends IPackageManager.Stub { return PackageManager.PERMISSION_GRANTED; } } if (!isPermissionEnforcedLocked(permName)) { return PackageManager.PERMISSION_GRANTED; } } return PackageManager.PERMISSION_DENIED; } Loading @@ -1890,6 +1897,9 @@ public class PackageManagerService extends IPackageManager.Stub { return PackageManager.PERMISSION_GRANTED; } } if (!isPermissionEnforcedLocked(permName)) { return PackageManager.PERMISSION_GRANTED; } } return PackageManager.PERMISSION_DENIED; } Loading Loading @@ -8835,4 +8845,44 @@ public class PackageManagerService extends IPackageManager.Stub { public List<UserInfo> getUsers() { return mUserManager.getUsers(); } @Override public void setPermissionEnforcement(String permission, int enforcement) { mContext.enforceCallingOrSelfPermission(GRANT_REVOKE_PERMISSIONS, null); if (READ_EXTERNAL_STORAGE.equals(permission)) { synchronized (mPackages) { if (mSettings.mReadExternalStorageEnforcement != enforcement) { mSettings.mReadExternalStorageEnforcement = enforcement; mSettings.writeLPr(); } } } else { throw new IllegalArgumentException("No selective enforcement for " + permission); } } @Override public int getPermissionEnforcement(String permission) { mContext.enforceCallingOrSelfPermission(GRANT_REVOKE_PERMISSIONS, null); if (READ_EXTERNAL_STORAGE.equals(permission)) { synchronized (mPackages) { return mSettings.mReadExternalStorageEnforcement; } } else { throw new IllegalArgumentException("No selective enforcement for " + permission); } } private boolean isPermissionEnforcedLocked(String permission) { if (READ_EXTERNAL_STORAGE.equals(permission)) { switch (mSettings.mReadExternalStorageEnforcement) { case ENFORCEMENT_DEFAULT: return false; case ENFORCEMENT_YES: return true; } } return true; } }
services/java/com/android/server/pm/Settings.java +20 −1 Original line number Diff line number Diff line Loading @@ -20,6 +20,7 @@ import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DEFAULT; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED_USER; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_ENABLED; import static android.content.pm.PackageManager.ENFORCEMENT_DEFAULT; import com.android.internal.util.FastXmlSerializer; import com.android.internal.util.JournaledFile; Loading Loading @@ -74,6 +75,9 @@ final class Settings { private static final boolean DEBUG_STOPPED = false; private static final String TAG_READ_EXTERNAL_STORAGE = "read-external-storage"; private static final String ATTR_ENFORCEMENT = "enforcement"; private final File mSettingsFilename; private final File mBackupSettingsFilename; private final File mPackageListFilename; Loading @@ -91,6 +95,8 @@ final class Settings { int mInternalSdkPlatform; int mExternalSdkPlatform; int mReadExternalStorageEnforcement = ENFORCEMENT_DEFAULT; /** Device identity for the purpose of package verification. */ private VerifierDeviceIdentity mVerifierDeviceIdentity; Loading Loading @@ -871,6 +877,13 @@ final class Settings { serializer.endTag(null, "verifier"); } if (mReadExternalStorageEnforcement != ENFORCEMENT_DEFAULT) { serializer.startTag(null, TAG_READ_EXTERNAL_STORAGE); serializer.attribute( null, ATTR_ENFORCEMENT, Integer.toString(mReadExternalStorageEnforcement)); serializer.endTag(null, TAG_READ_EXTERNAL_STORAGE); } serializer.startTag(null, "permission-trees"); for (BasePermission bp : mPermissionTrees.values()) { writePermissionLPr(serializer, bp); Loading Loading @@ -1291,6 +1304,12 @@ final class Settings { Slog.w(PackageManagerService.TAG, "Discard invalid verifier device id: " + e.getMessage()); } } else if (TAG_READ_EXTERNAL_STORAGE.equals(tagName)) { final String enforcement = parser.getAttributeValue(null, ATTR_ENFORCEMENT); try { mReadExternalStorageEnforcement = Integer.parseInt(enforcement); } catch (NumberFormatException e) { } } else { Slog.w(PackageManagerService.TAG, "Unknown element under <packages>: " + parser.getName()); Loading
