Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 114f018b authored by fayey's avatar fayey Committed by Faye Yan
Browse files

Create app op permission RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA to allow the 

privileged assistant apps to receive training data from the sandboxed hotword detection service.

Update the OP_RECEIVE_TRUSTED_PROCESS_TRAINING_DATA to
OP_RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA per API-review feedback.
The naming needs to be consistent with the existing HDS interface
SandboxedDetectionInitializer.

This permission protection level is internal|appop. The default
permission status is PERMISSION_DENIED and the op default mode is
MODE_DFAULT so initial access is PERMISSION_HARD_DENIED.

The access will only be changed by the users via UI toggles:
1) PERMISSION_GRANTED if the user swtich the op mode to MODE_ALLOWED.
2) PERMISSION_HARD_DENIDED if the user swtich the op mode to MODE_ERRORED.

Design option described in https://docs.google.com/document/d/15Rn363JZfe9NCexOWnPYzSkaAo4XqP4JBqCQuj9UyoY/edit?resourcekey=0-EM3T-DFn2ymF7C-1_p-3Ow#bookmark=id.jxt2yolkukk5

Bug: 304832368
Test: presubmit
Change-Id: Id9abd620125cf11183dc0d0141ac4fe92c64dba5
parent 95e3464b

core/api/system-current.txt

+1 −0
Original line number Diff line number Diff line
@@ -299,6 +299,7 @@ package android { 
    field public static final String RECEIVE_DATA_ACTIVITY_CHANGE = "android.permission.RECEIVE_DATA_ACTIVITY_CHANGE";

    field public static final String RECEIVE_DEVICE_CUSTOMIZATION_READY = "android.permission.RECEIVE_DEVICE_CUSTOMIZATION_READY";

    field public static final String RECEIVE_EMERGENCY_BROADCAST = "android.permission.RECEIVE_EMERGENCY_BROADCAST";

    field @FlaggedApi("android.permission.flags.voice_activation_permission_apis") public static final String RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA = "android.permission.RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA";

    field @FlaggedApi("android.permission.flags.voice_activation_permission_apis") public static final String RECEIVE_SANDBOX_TRIGGER_AUDIO = "android.permission.RECEIVE_SANDBOX_TRIGGER_AUDIO";

    field public static final String RECEIVE_WIFI_CREDENTIAL_CHANGE = "android.permission.RECEIVE_WIFI_CREDENTIAL_CHANGE";

    field public static final String RECORD_BACKGROUND_AUDIO = "android.permission.RECORD_BACKGROUND_AUDIO";

core/java/android/app/AppOpsManager.java

+16 −13
Original line number Diff line number Diff line
@@ -1487,13 +1487,13 @@ public class AppOpsManager { 
            AppProtoEnums.APP_OP_RECEIVE_SANDBOX_TRIGGER_AUDIO;



    /**

     * Allows the assistant app to get the training data from the trusted process to improve the

     * hotword training model.

     * Allows the privileged assistant app to receive the training data from the sandboxed hotword

     * detection service.

     *

     * @hide

     */

    public static final int OP_RECEIVE_TRUSTED_PROCESS_TRAINING_DATA =

            AppProtoEnums.APP_OP_RECEIVE_TRUSTED_PROCESS_TRAINING_DATA;

    public static final int OP_RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA =

            AppProtoEnums.APP_OP_RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA;



    /** @hide */

    @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
@@ -1641,7 +1641,7 @@ public class AppOpsManager { 
            OPSTR_CAMERA_SANDBOXED,

            OPSTR_RECORD_AUDIO_SANDBOXED,

            OPSTR_RECEIVE_SANDBOX_TRIGGER_AUDIO,

            OPSTR_RECEIVE_TRUSTED_PROCESS_TRAINING_DATA

            OPSTR_RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA

    })

    public @interface AppOpString {}
@@ -2262,13 +2262,13 @@ public class AppOpsManager { 
            "android:receive_sandbox_trigger_audio";



    /**

     * Allows the assistant app to get the training data from the trusted process to improve

     * the hotword training model.

     * Allows the privileged assistant app to receive training data from the sandboxed hotword

     * detection service.

     *

     * @hide

     */

    public static final String OPSTR_RECEIVE_TRUSTED_PROCESS_TRAINING_DATA =

            "android:receive_trusted_process_training_data";

    public static final String OPSTR_RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA =

            "android:RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA";



    /** {@link #sAppOpsToNote} not initialized yet for this op */

    private static final byte SHOULD_COLLECT_NOTE_OP_NOT_INITIALIZED = 0;
@@ -2381,7 +2381,8 @@ public class AppOpsManager { 
            OP_FOREGROUND_SERVICE_SPECIAL_USE,

            OP_CAPTURE_CONSENTLESS_BUGREPORT_ON_USERDEBUG_BUILD,

            OP_USE_FULL_SCREEN_INTENT,

            OP_RECEIVE_SANDBOX_TRIGGER_AUDIO

            OP_RECEIVE_SANDBOX_TRIGGER_AUDIO,

            OP_RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA

    };



    static final AppOpInfo[] sAppOpInfos = new AppOpInfo[]{
@@ -2814,9 +2815,11 @@ public class AppOpsManager { 
                "RECEIVE_SANDBOX_TRIGGER_AUDIO")

                .setPermission(Manifest.permission.RECEIVE_SANDBOX_TRIGGER_AUDIO)

                .setDefaultMode(AppOpsManager.MODE_DEFAULT).build(),

        new AppOpInfo.Builder(OP_RECEIVE_TRUSTED_PROCESS_TRAINING_DATA,

                OPSTR_RECEIVE_TRUSTED_PROCESS_TRAINING_DATA,

                "RECEIVE_TRUSTED_PROCESS_TRAINING_DATA").build()

        new AppOpInfo.Builder(OP_RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA,

                OPSTR_RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA,

                "RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA")

                .setPermission(Manifest.permission.RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA)

                .setDefaultMode(AppOpsManager.MODE_DEFAULT).build()

    };



    // The number of longs needed to form a full bitmask of app ops

core/res/AndroidManifest.xml

+11 −1
Original line number Diff line number Diff line
@@ -7235,13 +7235,23 @@ 


    <!-- @SystemApi Required for the privileged assistant apps targeting

         {@link android.os.Build.VERSION_CODES#VANILLA_ICE_CREAM}

         that receive voice trigger from the trusted hotword detection service.

         that receive voice trigger from a trusted hotword detection service.

         <p>Protection level: signature|privileged|appop

         @FlaggedApi("android.permission.flags.voice_activation_permission_apis")

         @hide -->

    <permission android:name="android.permission.RECEIVE_SANDBOX_TRIGGER_AUDIO"

                android:protectionLevel="signature|privileged|appop" />



    <!-- @SystemApi Required for the privileged assistant apps targeting

         {@link android.os.Build.VERSION_CODES#VANILLA_ICE_CREAM}

         that receive training data from the sandboxed hotword detection service or visual

         query detection service.

         <p>Protection level: internal|appop

         @FlaggedApi("android.permission.flags.voice_activation_permission_apis")

         @hide -->

    <permission android:name="android.permission.RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA"

                android:protectionLevel="internal|appop" />



    <!-- @SystemApi Allows requesting the framework broadcast the

         {@link Intent#ACTION_DEVICE_CUSTOMIZATION_READY} intent.

         @hide -->