Loading core/java/android/content/pm/PackageManagerInternal.java +0 −3 Original line number Diff line number Diff line Loading @@ -467,7 +467,4 @@ public abstract class PackageManagerInternal { /** Updates the flags for the given permission. */ public abstract void updatePermissionFlagsTEMP(@NonNull String permName, @NonNull String packageName, int flagMask, int flagValues, int userId); /** Returns a PermissionGroup. */ public abstract @Nullable PackageParser.PermissionGroup getPermissionGroupTEMP( @NonNull String groupName); } services/core/java/com/android/server/pm/PackageManagerService.java +16 −88 Original line number Diff line number Diff line Loading @@ -938,10 +938,6 @@ public class PackageManagerService extends IPackageManager.Stub final ArrayMap<ComponentName, PackageParser.Instrumentation> mInstrumentation = new ArrayMap<ComponentName, PackageParser.Instrumentation>(); // Mapping from permission names to info about them. final ArrayMap<String, PackageParser.PermissionGroup> mPermissionGroups = new ArrayMap<String, PackageParser.PermissionGroup>(); // Packages whose data we have transfered into another package, thus // should no longer exist. final ArraySet<String> mTransferedPackages = new ArraySet<String>(); Loading Loading @@ -4228,44 +4224,22 @@ public class PackageManagerService extends IPackageManager.Stub @Override public @Nullable ParceledListSlice<PermissionInfo> queryPermissionsByGroup(String groupName, int flags) { // TODO Move this to PermissionManager when mPermissionGroups is moved there synchronized (mPackages) { if (groupName != null && !mPermissionGroups.containsKey(groupName)) { // This is thrown as NameNotFoundException return null; } } return new ParceledListSlice<>( mPermissionManager.getPermissionInfoByGroup(groupName, flags, getCallingUid())); final List<PermissionInfo> permissionList = mPermissionManager.getPermissionInfoByGroup(groupName, flags, getCallingUid()); return (permissionList == null) ? null : new ParceledListSlice<>(permissionList); } @Override public PermissionGroupInfo getPermissionGroupInfo(String name, int flags) { if (getInstantAppPackageName(Binder.getCallingUid()) != null) { return null; } // reader synchronized (mPackages) { return PackageParser.generatePermissionGroupInfo( mPermissionGroups.get(name), flags); } public PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags) { return mPermissionManager.getPermissionGroupInfo(groupName, flags, getCallingUid()); } @Override public @NonNull ParceledListSlice<PermissionGroupInfo> getAllPermissionGroups(int flags) { if (getInstantAppPackageName(Binder.getCallingUid()) != null) { return ParceledListSlice.emptyList(); } // reader synchronized (mPackages) { final int N = mPermissionGroups.size(); ArrayList<PermissionGroupInfo> out = new ArrayList<PermissionGroupInfo>(N); for (PackageParser.PermissionGroup pg : mPermissionGroups.values()) { out.add(PackageParser.generatePermissionGroupInfo(pg, flags)); } return new ParceledListSlice<>(out); } final List<PermissionGroupInfo> permissionList = mPermissionManager.getAllPermissionGroups(flags, getCallingUid()); return (permissionList == null) ? ParceledListSlice.emptyList() : new ParceledListSlice<>(permissionList); } private ApplicationInfo generateApplicationInfoFromSettingsLPw(String packageName, int flags, Loading Loading @@ -11156,54 +11130,15 @@ public class PackageManagerService extends IPackageManager.Stub if (DEBUG_PACKAGE_SCANNING) Log.d(TAG, " Activities: " + r); } N = pkg.permissionGroups.size(); r = null; for (i=0; i<N; i++) { PackageParser.PermissionGroup pg = pkg.permissionGroups.get(i); PackageParser.PermissionGroup cur = mPermissionGroups.get(pg.info.name); final String curPackageName = cur == null ? null : cur.info.packageName; // Dont allow ephemeral apps to define new permission groups. // Don't allow ephemeral applications to define new permissions groups. if ((scanFlags & SCAN_AS_INSTANT_APP) != 0) { Slog.w(TAG, "Permission group " + pg.info.name + " from package " + pg.info.packageName Slog.w(TAG, "Permission groups from package " + pkg.packageName + " ignored: instant apps cannot define new permission groups."); continue; } final boolean isPackageUpdate = pg.info.packageName.equals(curPackageName); if (cur == null || isPackageUpdate) { mPermissionGroups.put(pg.info.name, pg); if (chatty) { if (r == null) { r = new StringBuilder(256); } else { r.append(' '); } if (isPackageUpdate) { r.append("UPD:"); } r.append(pg.info.name); } } else { Slog.w(TAG, "Permission group " + pg.info.name + " from package " + pg.info.packageName + " ignored: original from " + cur.info.packageName); if (chatty) { if (r == null) { r = new StringBuilder(256); } else { r.append(' '); mPermissionManager.addAllPermissionGroups(pkg, chatty); } r.append("DUP:"); r.append(pg.info.name); } } } if (r != null) { if (DEBUG_PACKAGE_SCANNING) Log.d(TAG, " Permission Groups: " + r); } // Dont allow ephemeral apps to define new permissions. // Don't allow ephemeral applications to define new permissions. if ((scanFlags & SCAN_AS_INSTANT_APP) != 0) { Slog.w(TAG, "Permissions from package " + pkg.packageName + " ignored: instant apps cannot define new permissions."); Loading Loading @@ -23605,13 +23540,6 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName()); return PackageManagerService.this.getPermissionFlags(permName, packageName, userId); } @Override public PackageParser.PermissionGroup getPermissionGroupTEMP(String groupName) { synchronized (mPackages) { return mPermissionGroups.get(groupName); } } @Override public boolean isInstantApp(String packageName, int userId) { return PackageManagerService.this.isInstantApp(packageName, userId); services/core/java/com/android/server/pm/permission/PermissionManagerInternal.java +12 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,7 @@ package com.android.server.pm.permission; import android.annotation.NonNull; import android.annotation.Nullable; import android.content.pm.PackageParser; import android.content.pm.PermissionGroupInfo; import android.content.pm.PermissionInfo; import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.PackageManager.PermissionInfoFlags; Loading Loading @@ -89,6 +90,7 @@ public abstract class PermissionManagerInternal { * the permission settings. */ public abstract void addAllPermissions(@NonNull PackageParser.Package pkg, boolean chatty); public abstract void addAllPermissionGroups(@NonNull PackageParser.Package pkg, boolean chatty); public abstract void removeAllPermissions(@NonNull PackageParser.Package pkg, boolean chatty); public abstract boolean addDynamicPermission(@NonNull PermissionInfo info, boolean async, int callingUid, @Nullable PermissionCallback callback); Loading @@ -104,6 +106,16 @@ public abstract class PermissionManagerInternal { public abstract int getPermissionFlags(@NonNull String permName, @NonNull String packageName, int callingUid, int userId); /** * Retrieve all of the information we know about a particular group of permissions. */ public abstract @Nullable PermissionGroupInfo getPermissionGroupInfo( @NonNull String groupName, int flags, int callingUid); /** * Retrieve all of the known permission groups in the system. */ public abstract @Nullable List<PermissionGroupInfo> getAllPermissionGroups(int flags, int callingUid); /** * Retrieve all of the information we know about a particular permission. */ Loading services/core/java/com/android/server/pm/permission/PermissionManagerService.java +101 −23 Original line number Diff line number Diff line Loading @@ -27,7 +27,7 @@ import android.content.Context; import android.content.pm.PackageManager; import android.content.pm.PackageManagerInternal; import android.content.pm.PackageParser; import android.content.pm.ParceledListSlice; import android.content.pm.PermissionGroupInfo; import android.content.pm.PermissionInfo; import android.content.pm.PackageParser.Package; import android.os.Binder; Loading Loading @@ -230,14 +230,40 @@ public class PermissionManagerService { return PackageManager.PERMISSION_DENIED; } private PermissionInfo getPermissionInfo(String name, String packageName, int flags, private PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags, int callingUid) { if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) { return null; } synchronized (mLock) { return PackageParser.generatePermissionGroupInfo( mSettings.mPermissionGroups.get(groupName), flags); } } private List<PermissionGroupInfo> getAllPermissionGroups(int flags, int callingUid) { if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) { return null; } synchronized (mLock) { final int N = mSettings.mPermissionGroups.size(); final ArrayList<PermissionGroupInfo> out = new ArrayList<PermissionGroupInfo>(N); for (PackageParser.PermissionGroup pg : mSettings.mPermissionGroups.values()) { out.add(PackageParser.generatePermissionGroupInfo(pg, flags)); } return out; } } private PermissionInfo getPermissionInfo(String permName, String packageName, int flags, int callingUid) { if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) { return null; } // reader synchronized (mLock) { final BasePermission bp = mSettings.getPermissionLocked(name); final BasePermission bp = mSettings.getPermissionLocked(permName); if (bp == null) { return null; } Loading @@ -252,14 +278,10 @@ public class PermissionManagerService { if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) { return null; } // reader synchronized (mLock) { // TODO Uncomment when mPermissionGroups moves to this class // if (groupName != null && !mPermissionGroups.containsKey(groupName)) { // // This is thrown as NameNotFoundException // return null; // } if (groupName != null && !mSettings.mPermissionGroups.containsKey(groupName)) { return null; } final ArrayList<PermissionInfo> out = new ArrayList<PermissionInfo>(10); for (BasePermission bp : mSettings.mPermissions.values()) { final PermissionInfo pi = bp.generatePermissionInfo(groupName, flags); Loading Loading @@ -314,12 +336,13 @@ public class PermissionManagerService { // Assume by default that we did not install this permission into the system. p.info.flags &= ~PermissionInfo.FLAG_INSTALLED; synchronized (PermissionManagerService.this.mLock) { // Now that permission groups have a special meaning, we ignore permission // groups for legacy apps to prevent unexpected behavior. In particular, // permissions for one app being granted to someone just because they happen // to be in a group defined by another app (before this had no implications). if (pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1) { p.group = mPackageManagerInt.getPermissionGroupTEMP(p.info.group); p.group = mSettings.mPermissionGroups.get(p.info.group); // Warn for a permission in an unknown group. if (PackageManagerService.DEBUG_PERMISSIONS && p.info.group != null && p.group == null) { Loading @@ -328,7 +351,6 @@ public class PermissionManagerService { } } synchronized (PermissionManagerService.this.mLock) { if (p.tree) { final BasePermission bp = BasePermission.createOrUpdate( mSettings.getPermissionTreeLocked(p.info.name), p, pkg, Loading @@ -344,6 +366,48 @@ public class PermissionManagerService { } } private void addAllPermissionGroups(PackageParser.Package pkg, boolean chatty) { final int N = pkg.permissionGroups.size(); StringBuilder r = null; for (int i=0; i<N; i++) { final PackageParser.PermissionGroup pg = pkg.permissionGroups.get(i); final PackageParser.PermissionGroup cur = mSettings.mPermissionGroups.get(pg.info.name); final String curPackageName = (cur == null) ? null : cur.info.packageName; final boolean isPackageUpdate = pg.info.packageName.equals(curPackageName); if (cur == null || isPackageUpdate) { mSettings.mPermissionGroups.put(pg.info.name, pg); if (chatty && PackageManagerService.DEBUG_PACKAGE_SCANNING) { if (r == null) { r = new StringBuilder(256); } else { r.append(' '); } if (isPackageUpdate) { r.append("UPD:"); } r.append(pg.info.name); } } else { Slog.w(TAG, "Permission group " + pg.info.name + " from package " + pg.info.packageName + " ignored: original from " + cur.info.packageName); if (chatty && PackageManagerService.DEBUG_PACKAGE_SCANNING) { if (r == null) { r = new StringBuilder(256); } else { r.append(' '); } r.append("DUP:"); r.append(pg.info.name); } } } if (r != null && PackageManagerService.DEBUG_PACKAGE_SCANNING) { Log.d(TAG, " Permission Groups: " + r); } } private void removeAllPermissions(PackageParser.Package pkg, boolean chatty) { synchronized (mLock) { int N = pkg.permissions.size(); Loading Loading @@ -1158,6 +1222,10 @@ public class PermissionManagerService { PermissionManagerService.this.addAllPermissions(pkg, chatty); } @Override public void addAllPermissionGroups(Package pkg, boolean chatty) { PermissionManagerService.this.addAllPermissionGroups(pkg, chatty); } @Override public void removeAllPermissions(Package pkg, boolean chatty) { PermissionManagerService.this.removeAllPermissions(pkg, chatty); } Loading Loading @@ -1252,6 +1320,16 @@ public class PermissionManagerService { permName, packageName, callingUid, userId); } @Override public PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags, int callingUid) { return PermissionManagerService.this.getPermissionGroupInfo( groupName, flags, callingUid); } @Override public List<PermissionGroupInfo> getAllPermissionGroups(int flags, int callingUid) { return PermissionManagerService.this.getAllPermissionGroups(flags, callingUid); } @Override public PermissionInfo getPermissionInfo(String permName, String packageName, int flags, int callingUid) { return PermissionManagerService.this.getPermissionInfo( Loading services/core/java/com/android/server/pm/permission/PermissionSettings.java +9 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,7 @@ package com.android.server.pm.permission; import android.annotation.NonNull; import android.annotation.Nullable; import android.content.Context; import android.content.pm.PackageParser; import android.util.ArrayMap; import android.util.ArraySet; import android.util.Log; Loading Loading @@ -63,6 +64,14 @@ public class PermissionSettings { final ArrayMap<String, BasePermission> mPermissionTrees = new ArrayMap<String, BasePermission>(); /** * All permisson groups know to the system. The mapping is from permission group * name to permission group object. */ @GuardedBy("mLock") final ArrayMap<String, PackageParser.PermissionGroup> mPermissionGroups = new ArrayMap<String, PackageParser.PermissionGroup>(); /** * Set of packages that request a particular app op. The mapping is from permission * name to package names. Loading Loading
core/java/android/content/pm/PackageManagerInternal.java +0 −3 Original line number Diff line number Diff line Loading @@ -467,7 +467,4 @@ public abstract class PackageManagerInternal { /** Updates the flags for the given permission. */ public abstract void updatePermissionFlagsTEMP(@NonNull String permName, @NonNull String packageName, int flagMask, int flagValues, int userId); /** Returns a PermissionGroup. */ public abstract @Nullable PackageParser.PermissionGroup getPermissionGroupTEMP( @NonNull String groupName); }
services/core/java/com/android/server/pm/PackageManagerService.java +16 −88 Original line number Diff line number Diff line Loading @@ -938,10 +938,6 @@ public class PackageManagerService extends IPackageManager.Stub final ArrayMap<ComponentName, PackageParser.Instrumentation> mInstrumentation = new ArrayMap<ComponentName, PackageParser.Instrumentation>(); // Mapping from permission names to info about them. final ArrayMap<String, PackageParser.PermissionGroup> mPermissionGroups = new ArrayMap<String, PackageParser.PermissionGroup>(); // Packages whose data we have transfered into another package, thus // should no longer exist. final ArraySet<String> mTransferedPackages = new ArraySet<String>(); Loading Loading @@ -4228,44 +4224,22 @@ public class PackageManagerService extends IPackageManager.Stub @Override public @Nullable ParceledListSlice<PermissionInfo> queryPermissionsByGroup(String groupName, int flags) { // TODO Move this to PermissionManager when mPermissionGroups is moved there synchronized (mPackages) { if (groupName != null && !mPermissionGroups.containsKey(groupName)) { // This is thrown as NameNotFoundException return null; } } return new ParceledListSlice<>( mPermissionManager.getPermissionInfoByGroup(groupName, flags, getCallingUid())); final List<PermissionInfo> permissionList = mPermissionManager.getPermissionInfoByGroup(groupName, flags, getCallingUid()); return (permissionList == null) ? null : new ParceledListSlice<>(permissionList); } @Override public PermissionGroupInfo getPermissionGroupInfo(String name, int flags) { if (getInstantAppPackageName(Binder.getCallingUid()) != null) { return null; } // reader synchronized (mPackages) { return PackageParser.generatePermissionGroupInfo( mPermissionGroups.get(name), flags); } public PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags) { return mPermissionManager.getPermissionGroupInfo(groupName, flags, getCallingUid()); } @Override public @NonNull ParceledListSlice<PermissionGroupInfo> getAllPermissionGroups(int flags) { if (getInstantAppPackageName(Binder.getCallingUid()) != null) { return ParceledListSlice.emptyList(); } // reader synchronized (mPackages) { final int N = mPermissionGroups.size(); ArrayList<PermissionGroupInfo> out = new ArrayList<PermissionGroupInfo>(N); for (PackageParser.PermissionGroup pg : mPermissionGroups.values()) { out.add(PackageParser.generatePermissionGroupInfo(pg, flags)); } return new ParceledListSlice<>(out); } final List<PermissionGroupInfo> permissionList = mPermissionManager.getAllPermissionGroups(flags, getCallingUid()); return (permissionList == null) ? ParceledListSlice.emptyList() : new ParceledListSlice<>(permissionList); } private ApplicationInfo generateApplicationInfoFromSettingsLPw(String packageName, int flags, Loading Loading @@ -11156,54 +11130,15 @@ public class PackageManagerService extends IPackageManager.Stub if (DEBUG_PACKAGE_SCANNING) Log.d(TAG, " Activities: " + r); } N = pkg.permissionGroups.size(); r = null; for (i=0; i<N; i++) { PackageParser.PermissionGroup pg = pkg.permissionGroups.get(i); PackageParser.PermissionGroup cur = mPermissionGroups.get(pg.info.name); final String curPackageName = cur == null ? null : cur.info.packageName; // Dont allow ephemeral apps to define new permission groups. // Don't allow ephemeral applications to define new permissions groups. if ((scanFlags & SCAN_AS_INSTANT_APP) != 0) { Slog.w(TAG, "Permission group " + pg.info.name + " from package " + pg.info.packageName Slog.w(TAG, "Permission groups from package " + pkg.packageName + " ignored: instant apps cannot define new permission groups."); continue; } final boolean isPackageUpdate = pg.info.packageName.equals(curPackageName); if (cur == null || isPackageUpdate) { mPermissionGroups.put(pg.info.name, pg); if (chatty) { if (r == null) { r = new StringBuilder(256); } else { r.append(' '); } if (isPackageUpdate) { r.append("UPD:"); } r.append(pg.info.name); } } else { Slog.w(TAG, "Permission group " + pg.info.name + " from package " + pg.info.packageName + " ignored: original from " + cur.info.packageName); if (chatty) { if (r == null) { r = new StringBuilder(256); } else { r.append(' '); mPermissionManager.addAllPermissionGroups(pkg, chatty); } r.append("DUP:"); r.append(pg.info.name); } } } if (r != null) { if (DEBUG_PACKAGE_SCANNING) Log.d(TAG, " Permission Groups: " + r); } // Dont allow ephemeral apps to define new permissions. // Don't allow ephemeral applications to define new permissions. if ((scanFlags & SCAN_AS_INSTANT_APP) != 0) { Slog.w(TAG, "Permissions from package " + pkg.packageName + " ignored: instant apps cannot define new permissions."); Loading Loading @@ -23605,13 +23540,6 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName()); return PackageManagerService.this.getPermissionFlags(permName, packageName, userId); } @Override public PackageParser.PermissionGroup getPermissionGroupTEMP(String groupName) { synchronized (mPackages) { return mPermissionGroups.get(groupName); } } @Override public boolean isInstantApp(String packageName, int userId) { return PackageManagerService.this.isInstantApp(packageName, userId);
services/core/java/com/android/server/pm/permission/PermissionManagerInternal.java +12 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,7 @@ package com.android.server.pm.permission; import android.annotation.NonNull; import android.annotation.Nullable; import android.content.pm.PackageParser; import android.content.pm.PermissionGroupInfo; import android.content.pm.PermissionInfo; import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.PackageManager.PermissionInfoFlags; Loading Loading @@ -89,6 +90,7 @@ public abstract class PermissionManagerInternal { * the permission settings. */ public abstract void addAllPermissions(@NonNull PackageParser.Package pkg, boolean chatty); public abstract void addAllPermissionGroups(@NonNull PackageParser.Package pkg, boolean chatty); public abstract void removeAllPermissions(@NonNull PackageParser.Package pkg, boolean chatty); public abstract boolean addDynamicPermission(@NonNull PermissionInfo info, boolean async, int callingUid, @Nullable PermissionCallback callback); Loading @@ -104,6 +106,16 @@ public abstract class PermissionManagerInternal { public abstract int getPermissionFlags(@NonNull String permName, @NonNull String packageName, int callingUid, int userId); /** * Retrieve all of the information we know about a particular group of permissions. */ public abstract @Nullable PermissionGroupInfo getPermissionGroupInfo( @NonNull String groupName, int flags, int callingUid); /** * Retrieve all of the known permission groups in the system. */ public abstract @Nullable List<PermissionGroupInfo> getAllPermissionGroups(int flags, int callingUid); /** * Retrieve all of the information we know about a particular permission. */ Loading
services/core/java/com/android/server/pm/permission/PermissionManagerService.java +101 −23 Original line number Diff line number Diff line Loading @@ -27,7 +27,7 @@ import android.content.Context; import android.content.pm.PackageManager; import android.content.pm.PackageManagerInternal; import android.content.pm.PackageParser; import android.content.pm.ParceledListSlice; import android.content.pm.PermissionGroupInfo; import android.content.pm.PermissionInfo; import android.content.pm.PackageParser.Package; import android.os.Binder; Loading Loading @@ -230,14 +230,40 @@ public class PermissionManagerService { return PackageManager.PERMISSION_DENIED; } private PermissionInfo getPermissionInfo(String name, String packageName, int flags, private PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags, int callingUid) { if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) { return null; } synchronized (mLock) { return PackageParser.generatePermissionGroupInfo( mSettings.mPermissionGroups.get(groupName), flags); } } private List<PermissionGroupInfo> getAllPermissionGroups(int flags, int callingUid) { if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) { return null; } synchronized (mLock) { final int N = mSettings.mPermissionGroups.size(); final ArrayList<PermissionGroupInfo> out = new ArrayList<PermissionGroupInfo>(N); for (PackageParser.PermissionGroup pg : mSettings.mPermissionGroups.values()) { out.add(PackageParser.generatePermissionGroupInfo(pg, flags)); } return out; } } private PermissionInfo getPermissionInfo(String permName, String packageName, int flags, int callingUid) { if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) { return null; } // reader synchronized (mLock) { final BasePermission bp = mSettings.getPermissionLocked(name); final BasePermission bp = mSettings.getPermissionLocked(permName); if (bp == null) { return null; } Loading @@ -252,14 +278,10 @@ public class PermissionManagerService { if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) { return null; } // reader synchronized (mLock) { // TODO Uncomment when mPermissionGroups moves to this class // if (groupName != null && !mPermissionGroups.containsKey(groupName)) { // // This is thrown as NameNotFoundException // return null; // } if (groupName != null && !mSettings.mPermissionGroups.containsKey(groupName)) { return null; } final ArrayList<PermissionInfo> out = new ArrayList<PermissionInfo>(10); for (BasePermission bp : mSettings.mPermissions.values()) { final PermissionInfo pi = bp.generatePermissionInfo(groupName, flags); Loading Loading @@ -314,12 +336,13 @@ public class PermissionManagerService { // Assume by default that we did not install this permission into the system. p.info.flags &= ~PermissionInfo.FLAG_INSTALLED; synchronized (PermissionManagerService.this.mLock) { // Now that permission groups have a special meaning, we ignore permission // groups for legacy apps to prevent unexpected behavior. In particular, // permissions for one app being granted to someone just because they happen // to be in a group defined by another app (before this had no implications). if (pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1) { p.group = mPackageManagerInt.getPermissionGroupTEMP(p.info.group); p.group = mSettings.mPermissionGroups.get(p.info.group); // Warn for a permission in an unknown group. if (PackageManagerService.DEBUG_PERMISSIONS && p.info.group != null && p.group == null) { Loading @@ -328,7 +351,6 @@ public class PermissionManagerService { } } synchronized (PermissionManagerService.this.mLock) { if (p.tree) { final BasePermission bp = BasePermission.createOrUpdate( mSettings.getPermissionTreeLocked(p.info.name), p, pkg, Loading @@ -344,6 +366,48 @@ public class PermissionManagerService { } } private void addAllPermissionGroups(PackageParser.Package pkg, boolean chatty) { final int N = pkg.permissionGroups.size(); StringBuilder r = null; for (int i=0; i<N; i++) { final PackageParser.PermissionGroup pg = pkg.permissionGroups.get(i); final PackageParser.PermissionGroup cur = mSettings.mPermissionGroups.get(pg.info.name); final String curPackageName = (cur == null) ? null : cur.info.packageName; final boolean isPackageUpdate = pg.info.packageName.equals(curPackageName); if (cur == null || isPackageUpdate) { mSettings.mPermissionGroups.put(pg.info.name, pg); if (chatty && PackageManagerService.DEBUG_PACKAGE_SCANNING) { if (r == null) { r = new StringBuilder(256); } else { r.append(' '); } if (isPackageUpdate) { r.append("UPD:"); } r.append(pg.info.name); } } else { Slog.w(TAG, "Permission group " + pg.info.name + " from package " + pg.info.packageName + " ignored: original from " + cur.info.packageName); if (chatty && PackageManagerService.DEBUG_PACKAGE_SCANNING) { if (r == null) { r = new StringBuilder(256); } else { r.append(' '); } r.append("DUP:"); r.append(pg.info.name); } } } if (r != null && PackageManagerService.DEBUG_PACKAGE_SCANNING) { Log.d(TAG, " Permission Groups: " + r); } } private void removeAllPermissions(PackageParser.Package pkg, boolean chatty) { synchronized (mLock) { int N = pkg.permissions.size(); Loading Loading @@ -1158,6 +1222,10 @@ public class PermissionManagerService { PermissionManagerService.this.addAllPermissions(pkg, chatty); } @Override public void addAllPermissionGroups(Package pkg, boolean chatty) { PermissionManagerService.this.addAllPermissionGroups(pkg, chatty); } @Override public void removeAllPermissions(Package pkg, boolean chatty) { PermissionManagerService.this.removeAllPermissions(pkg, chatty); } Loading Loading @@ -1252,6 +1320,16 @@ public class PermissionManagerService { permName, packageName, callingUid, userId); } @Override public PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags, int callingUid) { return PermissionManagerService.this.getPermissionGroupInfo( groupName, flags, callingUid); } @Override public List<PermissionGroupInfo> getAllPermissionGroups(int flags, int callingUid) { return PermissionManagerService.this.getAllPermissionGroups(flags, callingUid); } @Override public PermissionInfo getPermissionInfo(String permName, String packageName, int flags, int callingUid) { return PermissionManagerService.this.getPermissionInfo( Loading
services/core/java/com/android/server/pm/permission/PermissionSettings.java +9 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,7 @@ package com.android.server.pm.permission; import android.annotation.NonNull; import android.annotation.Nullable; import android.content.Context; import android.content.pm.PackageParser; import android.util.ArrayMap; import android.util.ArraySet; import android.util.Log; Loading Loading @@ -63,6 +64,14 @@ public class PermissionSettings { final ArrayMap<String, BasePermission> mPermissionTrees = new ArrayMap<String, BasePermission>(); /** * All permisson groups know to the system. The mapping is from permission group * name to permission group object. */ @GuardedBy("mLock") final ArrayMap<String, PackageParser.PermissionGroup> mPermissionGroups = new ArrayMap<String, PackageParser.PermissionGroup>(); /** * Set of packages that request a particular app op. The mapping is from permission * name to package names. Loading
