Move mPermissionGroups (460f28c2) · Commits · e / os / android_frameworks_base

core/java/android/content/pm/PackageManagerInternal.java

+0 −3

Original line number	Diff line number	Diff line
		@@ -467,7 +467,4 @@ public abstract class PackageManagerInternal {
		/** Updates the flags for the given permission. */
		public abstract void updatePermissionFlagsTEMP(@NonNull String permName,
		@NonNull String packageName, int flagMask, int flagValues, int userId);
		/** Returns a PermissionGroup. */
		public abstract @Nullable PackageParser.PermissionGroup getPermissionGroupTEMP(
		@NonNull String groupName);
		}

services/core/java/com/android/server/pm/PackageManagerService.java

+16 −88

Original line number	Diff line number	Diff line
		@@ -938,10 +938,6 @@ public class PackageManagerService extends IPackageManager.Stub
		final ArrayMap<ComponentName, PackageParser.Instrumentation> mInstrumentation =
		new ArrayMap<ComponentName, PackageParser.Instrumentation>();

		// Mapping from permission names to info about them.
		final ArrayMap<String, PackageParser.PermissionGroup> mPermissionGroups =
		new ArrayMap<String, PackageParser.PermissionGroup>();

		// Packages whose data we have transfered into another package, thus
		// should no longer exist.
		final ArraySet<String> mTransferedPackages = new ArraySet<String>();
		@@ -4228,44 +4224,22 @@ public class PackageManagerService extends IPackageManager.Stub
		@Override
		public @Nullable ParceledListSlice<PermissionInfo> queryPermissionsByGroup(String groupName,
		int flags) {
		// TODO Move this to PermissionManager when mPermissionGroups is moved there
		synchronized (mPackages) {
		if (groupName != null && !mPermissionGroups.containsKey(groupName)) {
		// This is thrown as NameNotFoundException
		return null;
		}
		}
		return new ParceledListSlice<>(
		mPermissionManager.getPermissionInfoByGroup(groupName, flags, getCallingUid()));
		final List<PermissionInfo> permissionList =
		mPermissionManager.getPermissionInfoByGroup(groupName, flags, getCallingUid());
		return (permissionList == null) ? null : new ParceledListSlice<>(permissionList);
		}

		@Override
		public PermissionGroupInfo getPermissionGroupInfo(String name, int flags) {
		if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
		return null;
		}
		// reader
		synchronized (mPackages) {
		return PackageParser.generatePermissionGroupInfo(
		mPermissionGroups.get(name), flags);
		}
		public PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags) {
		return mPermissionManager.getPermissionGroupInfo(groupName, flags, getCallingUid());
		}

		@Override
		public @NonNull ParceledListSlice<PermissionGroupInfo> getAllPermissionGroups(int flags) {
		if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
		return ParceledListSlice.emptyList();
		}
		// reader
		synchronized (mPackages) {
		final int N = mPermissionGroups.size();
		ArrayList<PermissionGroupInfo> out
		= new ArrayList<PermissionGroupInfo>(N);
		for (PackageParser.PermissionGroup pg : mPermissionGroups.values()) {
		out.add(PackageParser.generatePermissionGroupInfo(pg, flags));
		}
		return new ParceledListSlice<>(out);
		}
		final List<PermissionGroupInfo> permissionList =
		mPermissionManager.getAllPermissionGroups(flags, getCallingUid());
		return (permissionList == null)
		? ParceledListSlice.emptyList() : new ParceledListSlice<>(permissionList);
		}

		private ApplicationInfo generateApplicationInfoFromSettingsLPw(String packageName, int flags,
		@@ -11156,54 +11130,15 @@ public class PackageManagerService extends IPackageManager.Stub
		if (DEBUG_PACKAGE_SCANNING) Log.d(TAG, " Activities: " + r);
		}

		N = pkg.permissionGroups.size();
		r = null;
		for (i=0; i<N; i++) {
		PackageParser.PermissionGroup pg = pkg.permissionGroups.get(i);
		PackageParser.PermissionGroup cur = mPermissionGroups.get(pg.info.name);
		final String curPackageName = cur == null ? null : cur.info.packageName;
		// Dont allow ephemeral apps to define new permission groups.
		// Don't allow ephemeral applications to define new permissions groups.
		if ((scanFlags & SCAN_AS_INSTANT_APP) != 0) {
		Slog.w(TAG, "Permission group " + pg.info.name + " from package "
		+ pg.info.packageName
		Slog.w(TAG, "Permission groups from package " + pkg.packageName
		+ " ignored: instant apps cannot define new permission groups.");
		continue;
		}
		final boolean isPackageUpdate = pg.info.packageName.equals(curPackageName);
		if (cur == null \|\| isPackageUpdate) {
		mPermissionGroups.put(pg.info.name, pg);
		if (chatty) {
		if (r == null) {
		r = new StringBuilder(256);
		} else {
		r.append(' ');
		}
		if (isPackageUpdate) {
		r.append("UPD:");
		}
		r.append(pg.info.name);
		}
		} else {
		Slog.w(TAG, "Permission group " + pg.info.name + " from package "
		+ pg.info.packageName + " ignored: original from "
		+ cur.info.packageName);
		if (chatty) {
		if (r == null) {
		r = new StringBuilder(256);
		} else {
		r.append(' ');
		mPermissionManager.addAllPermissionGroups(pkg, chatty);
		}
		r.append("DUP:");
		r.append(pg.info.name);
		}
		}
		}
		if (r != null) {
		if (DEBUG_PACKAGE_SCANNING) Log.d(TAG, " Permission Groups: " + r);
		}


		// Dont allow ephemeral apps to define new permissions.
		// Don't allow ephemeral applications to define new permissions.
		if ((scanFlags & SCAN_AS_INSTANT_APP) != 0) {
		Slog.w(TAG, "Permissions from package " + pkg.packageName
		+ " ignored: instant apps cannot define new permissions.");
		@@ -23605,13 +23540,6 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
		return PackageManagerService.this.getPermissionFlags(permName, packageName, userId);
		}

		@Override
		public PackageParser.PermissionGroup getPermissionGroupTEMP(String groupName) {
		synchronized (mPackages) {
		return mPermissionGroups.get(groupName);
		}
		}

		@Override
		public boolean isInstantApp(String packageName, int userId) {
		return PackageManagerService.this.isInstantApp(packageName, userId);

services/core/java/com/android/server/pm/permission/PermissionManagerInternal.java

+12 −0

Original line number	Diff line number	Diff line
		@@ -19,6 +19,7 @@ package com.android.server.pm.permission;
		import android.annotation.NonNull;
		import android.annotation.Nullable;
		import android.content.pm.PackageParser;
		import android.content.pm.PermissionGroupInfo;
		import android.content.pm.PermissionInfo;
		import android.content.pm.PackageManager.NameNotFoundException;
		import android.content.pm.PackageManager.PermissionInfoFlags;
		@@ -89,6 +90,7 @@ public abstract class PermissionManagerInternal {
		* the permission settings.
		*/
		public abstract void addAllPermissions(@NonNull PackageParser.Package pkg, boolean chatty);
		public abstract void addAllPermissionGroups(@NonNull PackageParser.Package pkg, boolean chatty);
		public abstract void removeAllPermissions(@NonNull PackageParser.Package pkg, boolean chatty);
		public abstract boolean addDynamicPermission(@NonNull PermissionInfo info, boolean async,
		int callingUid, @Nullable PermissionCallback callback);
		@@ -104,6 +106,16 @@ public abstract class PermissionManagerInternal {

		public abstract int getPermissionFlags(@NonNull String permName,
		@NonNull String packageName, int callingUid, int userId);
		/**
		* Retrieve all of the information we know about a particular group of permissions.
		*/
		public abstract @Nullable PermissionGroupInfo getPermissionGroupInfo(
		@NonNull String groupName, int flags, int callingUid);
		/**
		* Retrieve all of the known permission groups in the system.
		*/
		public abstract @Nullable List<PermissionGroupInfo> getAllPermissionGroups(int flags,
		int callingUid);
		/**
		* Retrieve all of the information we know about a particular permission.
		*/

services/core/java/com/android/server/pm/permission/PermissionManagerService.java

+101 −23

Original line number	Diff line number	Diff line
		@@ -27,7 +27,7 @@ import android.content.Context;
		import android.content.pm.PackageManager;
		import android.content.pm.PackageManagerInternal;
		import android.content.pm.PackageParser;
		import android.content.pm.ParceledListSlice;
		import android.content.pm.PermissionGroupInfo;
		import android.content.pm.PermissionInfo;
		import android.content.pm.PackageParser.Package;
		import android.os.Binder;
		@@ -230,14 +230,40 @@ public class PermissionManagerService {
		return PackageManager.PERMISSION_DENIED;
		}

		private PermissionInfo getPermissionInfo(String name, String packageName, int flags,
		private PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags,
		int callingUid) {
		if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
		return null;
		}
		synchronized (mLock) {
		return PackageParser.generatePermissionGroupInfo(
		mSettings.mPermissionGroups.get(groupName), flags);
		}
		}

		private List<PermissionGroupInfo> getAllPermissionGroups(int flags, int callingUid) {
		if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
		return null;
		}
		synchronized (mLock) {
		final int N = mSettings.mPermissionGroups.size();
		final ArrayList<PermissionGroupInfo> out
		= new ArrayList<PermissionGroupInfo>(N);
		for (PackageParser.PermissionGroup pg : mSettings.mPermissionGroups.values()) {
		out.add(PackageParser.generatePermissionGroupInfo(pg, flags));
		}
		return out;
		}
		}

		private PermissionInfo getPermissionInfo(String permName, String packageName, int flags,
		int callingUid) {
		if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
		return null;
		}
		// reader
		synchronized (mLock) {
		final BasePermission bp = mSettings.getPermissionLocked(name);
		final BasePermission bp = mSettings.getPermissionLocked(permName);
		if (bp == null) {
		return null;
		}
		@@ -252,14 +278,10 @@ public class PermissionManagerService {
		if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
		return null;
		}
		// reader
		synchronized (mLock) {
		// TODO Uncomment when mPermissionGroups moves to this class
		// if (groupName != null && !mPermissionGroups.containsKey(groupName)) {
		// // This is thrown as NameNotFoundException
		// return null;
		// }

		if (groupName != null && !mSettings.mPermissionGroups.containsKey(groupName)) {
		return null;
		}
		final ArrayList<PermissionInfo> out = new ArrayList<PermissionInfo>(10);
		for (BasePermission bp : mSettings.mPermissions.values()) {
		final PermissionInfo pi = bp.generatePermissionInfo(groupName, flags);
		@@ -314,12 +336,13 @@ public class PermissionManagerService {
		// Assume by default that we did not install this permission into the system.
		p.info.flags &= ~PermissionInfo.FLAG_INSTALLED;

		synchronized (PermissionManagerService.this.mLock) {
		// Now that permission groups have a special meaning, we ignore permission
		// groups for legacy apps to prevent unexpected behavior. In particular,
		// permissions for one app being granted to someone just because they happen
		// to be in a group defined by another app (before this had no implications).
		if (pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1) {
		p.group = mPackageManagerInt.getPermissionGroupTEMP(p.info.group);
		p.group = mSettings.mPermissionGroups.get(p.info.group);
		// Warn for a permission in an unknown group.
		if (PackageManagerService.DEBUG_PERMISSIONS
		&& p.info.group != null && p.group == null) {
		@@ -328,7 +351,6 @@ public class PermissionManagerService {
		}
		}

		synchronized (PermissionManagerService.this.mLock) {
		if (p.tree) {
		final BasePermission bp = BasePermission.createOrUpdate(
		mSettings.getPermissionTreeLocked(p.info.name), p, pkg,
		@@ -344,6 +366,48 @@ public class PermissionManagerService {
		}
		}

		private void addAllPermissionGroups(PackageParser.Package pkg, boolean chatty) {
		final int N = pkg.permissionGroups.size();
		StringBuilder r = null;
		for (int i=0; i<N; i++) {
		final PackageParser.PermissionGroup pg = pkg.permissionGroups.get(i);
		final PackageParser.PermissionGroup cur = mSettings.mPermissionGroups.get(pg.info.name);
		final String curPackageName = (cur == null) ? null : cur.info.packageName;
		final boolean isPackageUpdate = pg.info.packageName.equals(curPackageName);
		if (cur == null \|\| isPackageUpdate) {
		mSettings.mPermissionGroups.put(pg.info.name, pg);
		if (chatty && PackageManagerService.DEBUG_PACKAGE_SCANNING) {
		if (r == null) {
		r = new StringBuilder(256);
		} else {
		r.append(' ');
		}
		if (isPackageUpdate) {
		r.append("UPD:");
		}
		r.append(pg.info.name);
		}
		} else {
		Slog.w(TAG, "Permission group " + pg.info.name + " from package "
		+ pg.info.packageName + " ignored: original from "
		+ cur.info.packageName);
		if (chatty && PackageManagerService.DEBUG_PACKAGE_SCANNING) {
		if (r == null) {
		r = new StringBuilder(256);
		} else {
		r.append(' ');
		}
		r.append("DUP:");
		r.append(pg.info.name);
		}
		}
		}
		if (r != null && PackageManagerService.DEBUG_PACKAGE_SCANNING) {
		Log.d(TAG, " Permission Groups: " + r);
		}

		}

		private void removeAllPermissions(PackageParser.Package pkg, boolean chatty) {
		synchronized (mLock) {
		int N = pkg.permissions.size();
		@@ -1158,6 +1222,10 @@ public class PermissionManagerService {
		PermissionManagerService.this.addAllPermissions(pkg, chatty);
		}
		@Override
		public void addAllPermissionGroups(Package pkg, boolean chatty) {
		PermissionManagerService.this.addAllPermissionGroups(pkg, chatty);
		}
		@Override
		public void removeAllPermissions(Package pkg, boolean chatty) {
		PermissionManagerService.this.removeAllPermissions(pkg, chatty);
		}
		@@ -1252,6 +1320,16 @@ public class PermissionManagerService {
		permName, packageName, callingUid, userId);
		}
		@Override
		public PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags,
		int callingUid) {
		return PermissionManagerService.this.getPermissionGroupInfo(
		groupName, flags, callingUid);
		}
		@Override
		public List<PermissionGroupInfo> getAllPermissionGroups(int flags, int callingUid) {
		return PermissionManagerService.this.getAllPermissionGroups(flags, callingUid);
		}
		@Override
		public PermissionInfo getPermissionInfo(String permName, String packageName, int flags,
		int callingUid) {
		return PermissionManagerService.this.getPermissionInfo(

services/core/java/com/android/server/pm/permission/PermissionSettings.java

+9 −0

Original line number	Diff line number	Diff line
		@@ -19,6 +19,7 @@ package com.android.server.pm.permission;
		import android.annotation.NonNull;
		import android.annotation.Nullable;
		import android.content.Context;
		import android.content.pm.PackageParser;
		import android.util.ArrayMap;
		import android.util.ArraySet;
		import android.util.Log;
		@@ -63,6 +64,14 @@ public class PermissionSettings {
		final ArrayMap<String, BasePermission> mPermissionTrees =
		new ArrayMap<String, BasePermission>();

		/**
		* All permisson groups know to the system. The mapping is from permission group
		* name to permission group object.
		*/
		@GuardedBy("mLock")
		final ArrayMap<String, PackageParser.PermissionGroup> mPermissionGroups =
		new ArrayMap<String, PackageParser.PermissionGroup>();

		/**
		* Set of packages that request a particular app op. The mapping is from permission
		* name to package names.