Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 15707b3f authored by Jeff Sharkey's avatar Jeff Sharkey
Browse files

Define protection level for document manager. 

Similar to what we've done for services like the installer, verifier,
and text classifier, we're creating a new permission protection level
for the "document manager" on the device, called the "documenter" in
this change.

There should be exactly one "documenter" on the device, since it
handles the sensitive MANAGE_DOCUMENTS permission.

Bug: 117745631
Test: atest CtsPermission2TestCases
Test: atest android.permission.cts.ProviderPermissionTest
Change-Id: I92c9fcfee24feae8dc3a7516cde093e8f3bf0e56
parent 52fe5dd9

api/system-current.txt

+2 −0
Original line number Diff line number Diff line
@@ -172,6 +172,7 @@ package android { 
    field public static final java.lang.String REGISTER_CONNECTION_MANAGER = "android.permission.REGISTER_CONNECTION_MANAGER";

    field public static final java.lang.String REGISTER_SIM_SUBSCRIPTION = "android.permission.REGISTER_SIM_SUBSCRIPTION";

    field public static final java.lang.String REMOVE_DRM_CERTIFICATES = "android.permission.REMOVE_DRM_CERTIFICATES";

    field public static final java.lang.String REMOVE_TASKS = "android.permission.REMOVE_TASKS";

    field public static final java.lang.String RESET_PASSWORD = "android.permission.RESET_PASSWORD";

    field public static final java.lang.String RESTRICTED_VR_ACCESS = "android.permission.RESTRICTED_VR_ACCESS";

    field public static final java.lang.String RETRIEVE_WINDOW_CONTENT = "android.permission.RETRIEVE_WINDOW_CONTENT";
@@ -1354,6 +1355,7 @@ package android.content.pm { 


  public class PermissionInfo extends android.content.pm.PackageItemInfo implements android.os.Parcelable {

    field public static final int FLAG_REMOVED = 2; // 0x2

    field public static final int PROTECTION_FLAG_DOCUMENTER = 262144; // 0x40000

    field public static final int PROTECTION_FLAG_OEM = 16384; // 0x4000

    field public static final int PROTECTION_FLAG_SYSTEM_TEXT_CLASSIFIER = 65536; // 0x10000

    field public static final int PROTECTION_FLAG_WELLBEING = 131072; // 0x20000

api/test-current.txt

+3 −0
Original line number Diff line number Diff line
@@ -10,6 +10,8 @@ package android { 
    field public static final java.lang.String FORCE_STOP_PACKAGES = "android.permission.FORCE_STOP_PACKAGES";

    field public static final java.lang.String MANAGE_ACTIVITY_STACKS = "android.permission.MANAGE_ACTIVITY_STACKS";

    field public static final java.lang.String READ_CELL_BROADCASTS = "android.permission.READ_CELL_BROADCASTS";

    field public static final java.lang.String REMOVE_TASKS = "android.permission.REMOVE_TASKS";

    field public static final java.lang.String WRITE_OBB = "android.permission.WRITE_OBB";

  }



}
@@ -372,6 +374,7 @@ package android.content.pm { 
  }



  public class PermissionInfo extends android.content.pm.PackageItemInfo implements android.os.Parcelable {

    field public static final int PROTECTION_FLAG_DOCUMENTER = 262144; // 0x40000

    field public static final int PROTECTION_FLAG_SYSTEM_TEXT_CLASSIFIER = 65536; // 0x10000

    field public static final int PROTECTION_FLAG_VENDOR_PRIVILEGED = 32768; // 0x8000

    field public static final int PROTECTION_FLAG_WELLBEING = 131072; // 0x20000

core/java/android/content/pm/PackageManagerInternal.java

+2 −0
Original line number Diff line number Diff line
@@ -54,6 +54,7 @@ public abstract class PackageManagerInternal { 
    public static final int PACKAGE_SYSTEM_TEXT_CLASSIFIER = 5;

    public static final int PACKAGE_PERMISSION_CONTROLLER = 6;

    public static final int PACKAGE_WELLBEING = 7;

    public static final int PACKAGE_DOCUMENTER = 8;

    @IntDef(value = {

        PACKAGE_SYSTEM,

        PACKAGE_SETUP_WIZARD,
@@ -63,6 +64,7 @@ public abstract class PackageManagerInternal { 
        PACKAGE_SYSTEM_TEXT_CLASSIFIER,

        PACKAGE_PERMISSION_CONTROLLER,

        PACKAGE_WELLBEING,

        PACKAGE_DOCUMENTER,

    })

    @Retention(RetentionPolicy.SOURCE)

    public @interface KnownPackage {}

core/java/android/content/pm/PermissionInfo.java

+15 −0
Original line number Diff line number Diff line
@@ -192,6 +192,17 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { 
    @TestApi

    public static final int PROTECTION_FLAG_WELLBEING = 0x20000;



    /**

     * Additional flag for {@link #protectionLevel}, corresponding to the

     * {@code documenter} value of {@link android.R.attr#protectionLevel}.

     *

     * @hide

     */

    @SystemApi

    @TestApi

    public static final int PROTECTION_FLAG_DOCUMENTER = 0x40000;





    /** @hide */

    @IntDef(flag = true, prefix = { "PROTECTION_FLAG_" }, value = {

            PROTECTION_FLAG_PRIVILEGED,
@@ -209,6 +220,7 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { 
            PROTECTION_FLAG_VENDOR_PRIVILEGED,

            PROTECTION_FLAG_SYSTEM_TEXT_CLASSIFIER,

            PROTECTION_FLAG_WELLBEING,

            PROTECTION_FLAG_DOCUMENTER,

    })

    @Retention(RetentionPolicy.SOURCE)

    public @interface ProtectionFlags {}
@@ -401,6 +413,9 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { 
        if ((level & PermissionInfo.PROTECTION_FLAG_WELLBEING) != 0) {

            protLevel += "|wellbeing";

        }

        if ((level & PermissionInfo.PROTECTION_FLAG_DOCUMENTER) != 0) {

            protLevel += "|documenter";

        }

        return protLevel;

    }

core/res/AndroidManifest.xml

+4 −5
Original line number Diff line number Diff line
@@ -897,7 +897,7 @@ 
        android:protectionLevel="dangerous"

        android:usageInfoRequired="true" />



    <!-- @hide @SystemApi

    <!-- @hide @SystemApi @TestApi

         Allows an application to modify OBB files visible to other apps. -->

    <permission android:name="android.permission.WRITE_OBB"

        android:protectionLevel="signature|privileged" />
@@ -2087,10 +2087,9 @@ 
         <p>This permission should <em>only</em> be requested by the platform

         document management app.  This permission cannot be granted to

         third-party apps.

         <p>Protection level: signature

    -->

    <permission android:name="android.permission.MANAGE_DOCUMENTS"

        android:protectionLevel="signature" />

        android:protectionLevel="signature|documenter" />



    <!-- @hide Allows an application to cache content.

         <p>Not for use by third-party applications.
@@ -2206,9 +2205,9 @@ 
        android:description="@string/permdesc_reorderTasks"

        android:protectionLevel="normal" />



    <!-- @hide Allows an application to change to remove/kill tasks -->

    <!-- @SystemApi @TestApi @hide Allows an application to change to remove/kill tasks -->

    <permission android:name="android.permission.REMOVE_TASKS"

        android:protectionLevel="signature" />

        android:protectionLevel="signature|documenter" />



    <!-- @SystemApi @TestApi @hide Allows an application to create/manage/remove stacks -->

    <permission android:name="android.permission.MANAGE_ACTIVITY_STACKS"