Loading services/core/java/com/android/server/pm/PackageManagerService.java +2 −59 Original line number Diff line number Diff line Loading @@ -753,9 +753,6 @@ public class PackageManagerService extends IPackageManager.Stub PackageManagerInternal.ExternalSourcesPolicy mExternalSourcesPolicy; // System configuration read by SystemConfig. final int[] mGlobalGids; final SparseArray<ArraySet<String>> mSystemPermissions; @GuardedBy("mAvailableFeatures") final ArrayMap<String, FeatureInfo> mAvailableFeatures; Loading Loading @@ -2430,8 +2427,6 @@ public class PackageManagerService extends IPackageManager.Stub Trace.traceBegin(TRACE_TAG_PACKAGE_MANAGER, "get system config"); SystemConfig systemConfig = SystemConfig.getInstance(); mGlobalGids = systemConfig.getGlobalGids(); mSystemPermissions = systemConfig.getSystemPermissions(); mAvailableFeatures = systemConfig.getAvailableFeatures(); Trace.traceEnd(TRACE_TAG_PACKAGE_MANAGER); Loading Loading @@ -5112,59 +5107,7 @@ public class PackageManagerService extends IPackageManager.Stub @Override public int checkUidPermission(String permName, int uid) { final int callingUid = Binder.getCallingUid(); final int callingUserId = UserHandle.getUserId(callingUid); final boolean isCallerInstantApp = getInstantAppPackageName(callingUid) != null; final boolean isUidInstantApp = getInstantAppPackageName(uid) != null; final int userId = UserHandle.getUserId(uid); if (!sUserManager.exists(userId)) { return PackageManager.PERMISSION_DENIED; } synchronized (mPackages) { Object obj = mSettings.getUserIdLPr(UserHandle.getAppId(uid)); if (obj != null) { if (obj instanceof SharedUserSetting) { if (isCallerInstantApp) { return PackageManager.PERMISSION_DENIED; } } else if (obj instanceof PackageSetting) { final PackageSetting ps = (PackageSetting) obj; if (filterAppAccessLPr(ps, callingUid, callingUserId)) { return PackageManager.PERMISSION_DENIED; } } final SettingBase settingBase = (SettingBase) obj; final PermissionsState permissionsState = settingBase.getPermissionsState(); if (permissionsState.hasPermission(permName, userId)) { if (isUidInstantApp) { if (mSettings.mPermissions.isPermissionInstant(permName)) { return PackageManager.PERMISSION_GRANTED; } } else { return PackageManager.PERMISSION_GRANTED; } } // Special case: ACCESS_FINE_LOCATION permission includes ACCESS_COARSE_LOCATION if (Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName) && permissionsState .hasPermission(Manifest.permission.ACCESS_FINE_LOCATION, userId)) { return PackageManager.PERMISSION_GRANTED; } } else { ArraySet<String> perms = mSystemPermissions.get(uid); if (perms != null) { if (perms.contains(permName)) { return PackageManager.PERMISSION_GRANTED; } if (Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName) && perms .contains(Manifest.permission.ACCESS_FINE_LOCATION)) { return PackageManager.PERMISSION_GRANTED; } } } } return PackageManager.PERMISSION_DENIED; return mPermissionManager.checkUidPermission(permName, uid, getCallingUid()); } @Override Loading Loading @@ -12042,7 +11985,7 @@ public class PackageManagerService extends IPackageManager.Stub } } permissionsState.setGlobalGids(mGlobalGids); permissionsState.setGlobalGids(mPermissionManager.getGlobalGidsTEMP()); final int N = pkg.requestedPermissions.size(); for (int i=0; i<N; i++) { services/core/java/com/android/server/pm/permission/PermissionManagerInternal.java +2 −3 Original line number Diff line number Diff line Loading @@ -144,6 +144,7 @@ public abstract class PermissionManagerInternal { public abstract int checkPermission(@NonNull String permName, @NonNull String packageName, int callingUid, int userId); public abstract int checkUidPermission(String permName, int uid, int callingUid); /** * Enforces the request is from the system or an app that has INTERACT_ACROSS_USERS Loading @@ -159,8 +160,6 @@ public abstract class PermissionManagerInternal { public abstract @NonNull DefaultPermissionGrantPolicy getDefaultPermissionGrantPolicy(); /** HACK HACK methods to allow for partial migration of data to the PermissionManager class */ public abstract Iterator<BasePermission> getPermissionIteratorTEMP(); public abstract @Nullable BasePermission getPermissionTEMP(@NonNull String permName); public abstract void putPermissionTEMP(@NonNull String permName, @NonNull BasePermission permission); public abstract @Nullable int[] getGlobalGidsTEMP(); } No newline at end of file services/core/java/com/android/server/pm/permission/PermissionManagerService.java +70 −8 Original line number Diff line number Diff line Loading @@ -18,6 +18,7 @@ package com.android.server.pm.permission; import static android.Manifest.permission.READ_EXTERNAL_STORAGE; import static android.Manifest.permission.WRITE_EXTERNAL_STORAGE; import static android.content.pm.PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED; import android.Manifest; import android.annotation.NonNull; Loading @@ -43,6 +44,7 @@ import android.util.ArrayMap; import android.util.ArraySet; import android.util.Log; import android.util.Slog; import android.util.SparseArray; import com.android.internal.R; import com.android.internal.logging.MetricsLogger; Loading @@ -58,6 +60,7 @@ import com.android.server.pm.PackageManagerServiceUtils; import com.android.server.pm.PackageSetting; import com.android.server.pm.ProcessLoggingHandler; import com.android.server.pm.SharedUserSetting; import com.android.server.pm.UserManagerService; import com.android.server.pm.permission.DefaultPermissionGrantPolicy.DefaultPermissionGrantedCallback; import com.android.server.pm.permission.PermissionManagerInternal.PermissionCallback; import com.android.server.pm.permission.PermissionsState.PermissionState; Loading Loading @@ -122,6 +125,10 @@ public class PermissionManagerService { /** Default permission policy to provide proper behaviour out-of-the-box */ private final DefaultPermissionGrantPolicy mDefaultPermissionGrantPolicy; // System configuration read by SystemConfig. private final SparseArray<ArraySet<String>> mSystemPermissions; private final int[] mGlobalGids; /** Internal storage for permissions and related settings */ private final PermissionSettings mSettings; Loading @@ -146,6 +153,9 @@ public class PermissionManagerService { mDefaultPermissionGrantPolicy = new DefaultPermissionGrantPolicy( context, mHandlerThread.getLooper(), defaultGrantCallback, this); SystemConfig systemConfig = SystemConfig.getInstance(); mSystemPermissions = systemConfig.getSystemPermissions(); mGlobalGids = systemConfig.getGlobalGids(); // propagate permission configuration final ArrayMap<String, SystemConfig.PermissionEntry> permConfig = Loading Loading @@ -230,6 +240,60 @@ public class PermissionManagerService { return PackageManager.PERMISSION_DENIED; } private int checkUidPermission(String permName, int uid, int callingUid) { final int callingUserId = UserHandle.getUserId(callingUid); final boolean isCallerInstantApp = mPackageManagerInt.getInstantAppPackageName(callingUid) != null; final boolean isUidInstantApp = mPackageManagerInt.getInstantAppPackageName(uid) != null; final int userId = UserHandle.getUserId(uid); if (!mUserManagerInt.exists(userId)) { return PackageManager.PERMISSION_DENIED; } final String[] packages = mContext.getPackageManager().getPackagesForUid(uid); if (packages != null && packages.length > 0) { final PackageParser.Package pkg = mPackageManagerInt.getPackage(packages[0]); if (pkg.mSharedUserId != null) { if (isCallerInstantApp) { return PackageManager.PERMISSION_DENIED; } } else { if (mPackageManagerInt.filterAppAccess(pkg, callingUid, callingUserId)) { return PackageManager.PERMISSION_DENIED; } } final PermissionsState permissionsState = ((PackageSetting) pkg.mExtras).getPermissionsState(); if (permissionsState.hasPermission(permName, userId)) { if (isUidInstantApp) { if (mSettings.isPermissionInstant(permName)) { return PackageManager.PERMISSION_GRANTED; } } else { return PackageManager.PERMISSION_GRANTED; } } // Special case: ACCESS_FINE_LOCATION permission includes ACCESS_COARSE_LOCATION if (Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName) && permissionsState .hasPermission(Manifest.permission.ACCESS_FINE_LOCATION, userId)) { return PackageManager.PERMISSION_GRANTED; } } else { ArraySet<String> perms = mSystemPermissions.get(uid); if (perms != null) { if (perms.contains(permName)) { return PackageManager.PERMISSION_GRANTED; } if (Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName) && perms .contains(Manifest.permission.ACCESS_FINE_LOCATION)) { return PackageManager.PERMISSION_GRANTED; } } } return PackageManager.PERMISSION_DENIED; } private PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags, int callingUid) { if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) { Loading Loading @@ -1320,6 +1384,10 @@ public class PermissionManagerService { permName, packageName, callingUid, userId); } @Override public int checkUidPermission(String permName, int uid, int callingUid) { return PermissionManagerService.this.checkUidPermission(permName, uid, callingUid); } @Override public PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags, int callingUid) { return PermissionManagerService.this.getPermissionGroupInfo( Loading Loading @@ -1355,15 +1423,9 @@ public class PermissionManagerService { } } @Override public void putPermissionTEMP(String permName, BasePermission permission) { synchronized (PermissionManagerService.this.mLock) { mSettings.putPermissionLocked(permName, (BasePermission) permission); } } @Override public Iterator<BasePermission> getPermissionIteratorTEMP() { public int[] getGlobalGidsTEMP() { synchronized (PermissionManagerService.this.mLock) { return mSettings.getAllPermissionsLocked().iterator(); return mGlobalGids; } } } Loading Loading
services/core/java/com/android/server/pm/PackageManagerService.java +2 −59 Original line number Diff line number Diff line Loading @@ -753,9 +753,6 @@ public class PackageManagerService extends IPackageManager.Stub PackageManagerInternal.ExternalSourcesPolicy mExternalSourcesPolicy; // System configuration read by SystemConfig. final int[] mGlobalGids; final SparseArray<ArraySet<String>> mSystemPermissions; @GuardedBy("mAvailableFeatures") final ArrayMap<String, FeatureInfo> mAvailableFeatures; Loading Loading @@ -2430,8 +2427,6 @@ public class PackageManagerService extends IPackageManager.Stub Trace.traceBegin(TRACE_TAG_PACKAGE_MANAGER, "get system config"); SystemConfig systemConfig = SystemConfig.getInstance(); mGlobalGids = systemConfig.getGlobalGids(); mSystemPermissions = systemConfig.getSystemPermissions(); mAvailableFeatures = systemConfig.getAvailableFeatures(); Trace.traceEnd(TRACE_TAG_PACKAGE_MANAGER); Loading Loading @@ -5112,59 +5107,7 @@ public class PackageManagerService extends IPackageManager.Stub @Override public int checkUidPermission(String permName, int uid) { final int callingUid = Binder.getCallingUid(); final int callingUserId = UserHandle.getUserId(callingUid); final boolean isCallerInstantApp = getInstantAppPackageName(callingUid) != null; final boolean isUidInstantApp = getInstantAppPackageName(uid) != null; final int userId = UserHandle.getUserId(uid); if (!sUserManager.exists(userId)) { return PackageManager.PERMISSION_DENIED; } synchronized (mPackages) { Object obj = mSettings.getUserIdLPr(UserHandle.getAppId(uid)); if (obj != null) { if (obj instanceof SharedUserSetting) { if (isCallerInstantApp) { return PackageManager.PERMISSION_DENIED; } } else if (obj instanceof PackageSetting) { final PackageSetting ps = (PackageSetting) obj; if (filterAppAccessLPr(ps, callingUid, callingUserId)) { return PackageManager.PERMISSION_DENIED; } } final SettingBase settingBase = (SettingBase) obj; final PermissionsState permissionsState = settingBase.getPermissionsState(); if (permissionsState.hasPermission(permName, userId)) { if (isUidInstantApp) { if (mSettings.mPermissions.isPermissionInstant(permName)) { return PackageManager.PERMISSION_GRANTED; } } else { return PackageManager.PERMISSION_GRANTED; } } // Special case: ACCESS_FINE_LOCATION permission includes ACCESS_COARSE_LOCATION if (Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName) && permissionsState .hasPermission(Manifest.permission.ACCESS_FINE_LOCATION, userId)) { return PackageManager.PERMISSION_GRANTED; } } else { ArraySet<String> perms = mSystemPermissions.get(uid); if (perms != null) { if (perms.contains(permName)) { return PackageManager.PERMISSION_GRANTED; } if (Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName) && perms .contains(Manifest.permission.ACCESS_FINE_LOCATION)) { return PackageManager.PERMISSION_GRANTED; } } } } return PackageManager.PERMISSION_DENIED; return mPermissionManager.checkUidPermission(permName, uid, getCallingUid()); } @Override Loading Loading @@ -12042,7 +11985,7 @@ public class PackageManagerService extends IPackageManager.Stub } } permissionsState.setGlobalGids(mGlobalGids); permissionsState.setGlobalGids(mPermissionManager.getGlobalGidsTEMP()); final int N = pkg.requestedPermissions.size(); for (int i=0; i<N; i++) {
services/core/java/com/android/server/pm/permission/PermissionManagerInternal.java +2 −3 Original line number Diff line number Diff line Loading @@ -144,6 +144,7 @@ public abstract class PermissionManagerInternal { public abstract int checkPermission(@NonNull String permName, @NonNull String packageName, int callingUid, int userId); public abstract int checkUidPermission(String permName, int uid, int callingUid); /** * Enforces the request is from the system or an app that has INTERACT_ACROSS_USERS Loading @@ -159,8 +160,6 @@ public abstract class PermissionManagerInternal { public abstract @NonNull DefaultPermissionGrantPolicy getDefaultPermissionGrantPolicy(); /** HACK HACK methods to allow for partial migration of data to the PermissionManager class */ public abstract Iterator<BasePermission> getPermissionIteratorTEMP(); public abstract @Nullable BasePermission getPermissionTEMP(@NonNull String permName); public abstract void putPermissionTEMP(@NonNull String permName, @NonNull BasePermission permission); public abstract @Nullable int[] getGlobalGidsTEMP(); } No newline at end of file
services/core/java/com/android/server/pm/permission/PermissionManagerService.java +70 −8 Original line number Diff line number Diff line Loading @@ -18,6 +18,7 @@ package com.android.server.pm.permission; import static android.Manifest.permission.READ_EXTERNAL_STORAGE; import static android.Manifest.permission.WRITE_EXTERNAL_STORAGE; import static android.content.pm.PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED; import android.Manifest; import android.annotation.NonNull; Loading @@ -43,6 +44,7 @@ import android.util.ArrayMap; import android.util.ArraySet; import android.util.Log; import android.util.Slog; import android.util.SparseArray; import com.android.internal.R; import com.android.internal.logging.MetricsLogger; Loading @@ -58,6 +60,7 @@ import com.android.server.pm.PackageManagerServiceUtils; import com.android.server.pm.PackageSetting; import com.android.server.pm.ProcessLoggingHandler; import com.android.server.pm.SharedUserSetting; import com.android.server.pm.UserManagerService; import com.android.server.pm.permission.DefaultPermissionGrantPolicy.DefaultPermissionGrantedCallback; import com.android.server.pm.permission.PermissionManagerInternal.PermissionCallback; import com.android.server.pm.permission.PermissionsState.PermissionState; Loading Loading @@ -122,6 +125,10 @@ public class PermissionManagerService { /** Default permission policy to provide proper behaviour out-of-the-box */ private final DefaultPermissionGrantPolicy mDefaultPermissionGrantPolicy; // System configuration read by SystemConfig. private final SparseArray<ArraySet<String>> mSystemPermissions; private final int[] mGlobalGids; /** Internal storage for permissions and related settings */ private final PermissionSettings mSettings; Loading @@ -146,6 +153,9 @@ public class PermissionManagerService { mDefaultPermissionGrantPolicy = new DefaultPermissionGrantPolicy( context, mHandlerThread.getLooper(), defaultGrantCallback, this); SystemConfig systemConfig = SystemConfig.getInstance(); mSystemPermissions = systemConfig.getSystemPermissions(); mGlobalGids = systemConfig.getGlobalGids(); // propagate permission configuration final ArrayMap<String, SystemConfig.PermissionEntry> permConfig = Loading Loading @@ -230,6 +240,60 @@ public class PermissionManagerService { return PackageManager.PERMISSION_DENIED; } private int checkUidPermission(String permName, int uid, int callingUid) { final int callingUserId = UserHandle.getUserId(callingUid); final boolean isCallerInstantApp = mPackageManagerInt.getInstantAppPackageName(callingUid) != null; final boolean isUidInstantApp = mPackageManagerInt.getInstantAppPackageName(uid) != null; final int userId = UserHandle.getUserId(uid); if (!mUserManagerInt.exists(userId)) { return PackageManager.PERMISSION_DENIED; } final String[] packages = mContext.getPackageManager().getPackagesForUid(uid); if (packages != null && packages.length > 0) { final PackageParser.Package pkg = mPackageManagerInt.getPackage(packages[0]); if (pkg.mSharedUserId != null) { if (isCallerInstantApp) { return PackageManager.PERMISSION_DENIED; } } else { if (mPackageManagerInt.filterAppAccess(pkg, callingUid, callingUserId)) { return PackageManager.PERMISSION_DENIED; } } final PermissionsState permissionsState = ((PackageSetting) pkg.mExtras).getPermissionsState(); if (permissionsState.hasPermission(permName, userId)) { if (isUidInstantApp) { if (mSettings.isPermissionInstant(permName)) { return PackageManager.PERMISSION_GRANTED; } } else { return PackageManager.PERMISSION_GRANTED; } } // Special case: ACCESS_FINE_LOCATION permission includes ACCESS_COARSE_LOCATION if (Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName) && permissionsState .hasPermission(Manifest.permission.ACCESS_FINE_LOCATION, userId)) { return PackageManager.PERMISSION_GRANTED; } } else { ArraySet<String> perms = mSystemPermissions.get(uid); if (perms != null) { if (perms.contains(permName)) { return PackageManager.PERMISSION_GRANTED; } if (Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName) && perms .contains(Manifest.permission.ACCESS_FINE_LOCATION)) { return PackageManager.PERMISSION_GRANTED; } } } return PackageManager.PERMISSION_DENIED; } private PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags, int callingUid) { if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) { Loading Loading @@ -1320,6 +1384,10 @@ public class PermissionManagerService { permName, packageName, callingUid, userId); } @Override public int checkUidPermission(String permName, int uid, int callingUid) { return PermissionManagerService.this.checkUidPermission(permName, uid, callingUid); } @Override public PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags, int callingUid) { return PermissionManagerService.this.getPermissionGroupInfo( Loading Loading @@ -1355,15 +1423,9 @@ public class PermissionManagerService { } } @Override public void putPermissionTEMP(String permName, BasePermission permission) { synchronized (PermissionManagerService.this.mLock) { mSettings.putPermissionLocked(permName, (BasePermission) permission); } } @Override public Iterator<BasePermission> getPermissionIteratorTEMP() { public int[] getGlobalGidsTEMP() { synchronized (PermissionManagerService.this.mLock) { return mSettings.getAllPermissionsLocked().iterator(); return mGlobalGids; } } } Loading
