Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 10952b0f authored by Pechetty Sravani's avatar Pechetty Sravani Committed by Android (Google) Code Review
Browse files

Revert "Perform device capability check when checking device aware permission on" 

This reverts commit 3c6a28b9.

Reason for revert: Potential culprit for b/332651868- verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.

Change-Id: I75a651006ea1e50415f712a4e8595ddbb5228d90
parent 3c6a28b9

core/java/android/app/ContextImpl.java

+1 −31
Original line number Diff line number Diff line
@@ -21,14 +21,12 @@ import static android.content.pm.PackageManager.PERMISSION_GRANTED; 
import static android.os.StrictMode.vmIncorrectContextUseEnabled;

import static android.view.WindowManager.LayoutParams.WindowType;



import android.Manifest;

import android.annotation.CallbackExecutor;

import android.annotation.IntDef;

import android.annotation.NonNull;

import android.annotation.Nullable;

import android.annotation.SuppressLint;

import android.annotation.UiContext;

import android.companion.virtual.VirtualDevice;

import android.companion.virtual.VirtualDeviceManager;

import android.compat.annotation.UnsupportedAppUsage;

import android.content.AttributionSource;
@@ -2290,35 +2288,7 @@ class ContextImpl extends Context { 
            Log.v(TAG, "Treating renounced permission " + permission + " as denied");

            return PERMISSION_DENIED;

        }



        // When checking a device-aware permission on a remote device, if the permission is CAMERA

        // or RECORD_AUDIO we need to check remote device's corresponding capability. If the remote

        // device doesn't have capability fall back to checking permission on the default device.

        // Note: we only perform permission check redirection when the device id is not explicitly

        // set in the context.

        int deviceId = getDeviceId();

        if (deviceId != Context.DEVICE_ID_DEFAULT

                && !mIsExplicitDeviceId

                && PermissionManager.DEVICE_AWARE_PERMISSIONS.contains(permission)) {

            VirtualDeviceManager virtualDeviceManager =

                    getSystemService(VirtualDeviceManager.class);

            VirtualDevice virtualDevice = virtualDeviceManager.getVirtualDevice(deviceId);

            if (virtualDevice != null) {

                if ((Objects.equals(permission, Manifest.permission.RECORD_AUDIO)

                                && !virtualDevice.hasCustomAudioInputSupport())

                        || (Objects.equals(permission, Manifest.permission.CAMERA)

                                && !virtualDevice.hasCustomCameraSupport())) {

                    deviceId = Context.DEVICE_ID_DEFAULT;

                }

            } else {

                Slog.e(

                        TAG,

                        "virtualDevice is not found when device id is not default. deviceId = "

                                + deviceId);

            }

        }



        return PermissionManager.checkPermission(permission, pid, uid, deviceId);

        return PermissionManager.checkPermission(permission, pid, uid, getDeviceId());

    }



    /** @hide */

core/java/android/permission/PermissionManager.java

+0 −10
Original line number Diff line number Diff line
@@ -240,16 +240,6 @@ public final class PermissionManager { 
    public static final String EXTRA_PERMISSION_USAGES =

            "android.permission.extra.PERMISSION_USAGES";



    /**

     * Specify what permissions are device aware. Only device aware permissions can be granted to

     * a remote device.

     * @hide

     */

    public static final Set<String> DEVICE_AWARE_PERMISSIONS =

            Flags.deviceAwarePermissionsEnabled()

                    ? Set.of(Manifest.permission.CAMERA, Manifest.permission.RECORD_AUDIO)

                    : Collections.emptySet();



    private final @NonNull Context mContext;



    private final IPackageManager mPackageManager;

services/permission/java/com/android/server/permission/access/permission/PermissionService.kt

+11 −2
Original line number Diff line number Diff line
@@ -1598,7 +1598,7 @@ class PermissionService(private val service: AccessCheckingService) : 
        ) {

            with(policy) { getPermissionFlags(appId, userId, permissionName) }

        } else {

            if (permissionName !in PermissionManager.DEVICE_AWARE_PERMISSIONS) {

            if (permissionName !in DEVICE_AWARE_PERMISSIONS) {

                Slog.i(

                    LOG_TAG,

                    "$permissionName is not device aware permission, " +
@@ -1623,7 +1623,7 @@ class PermissionService(private val service: AccessCheckingService) : 
        ) {

            with(policy) { setPermissionFlags(appId, userId, permissionName, flags) }

        } else {

            if (permissionName !in PermissionManager.DEVICE_AWARE_PERMISSIONS) {

            if (permissionName !in DEVICE_AWARE_PERMISSIONS) {

                Slog.i(

                    LOG_TAG,

                    "$permissionName is not device aware permission, " +
@@ -2820,6 +2820,15 @@ class PermissionService(private val service: AccessCheckingService) : 
                PackageManager.FLAG_PERMISSION_WHITELIST_SYSTEM or

                PackageManager.FLAG_PERMISSION_WHITELIST_INSTALLER



        /** These permissions are supported for virtual devices. */

        // TODO: b/298661870 - Use new API to get the list of device aware permissions.

        val DEVICE_AWARE_PERMISSIONS =

            if (Flags.deviceAwarePermissionsEnabled()) {

                setOf(Manifest.permission.CAMERA, Manifest.permission.RECORD_AUDIO)

            } else {

                emptySet<String>()

            }



        fun getFullerPermission(permissionName: String): String? =

            FULLER_PERMISSIONS[permissionName]

    }