Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 50a5a9bb authored by Hai Zhang's avatar Hai Zhang
Browse files

Add FLAG_PERMISSION_REVOKED_COMPAT. 

We used to store the actual permission state for pre-M apps in app
ops, which creates two different sources of permission state and is
hard to handle correctly. This change will allow us to store the
permission state for pre-M apps within permission as
FLAG_PERMISSION_REVOKED_COMPAT (and syncing app op state based on it),
and is part of the effort to support rollback of runtime permission
state managed by PermissionController.

Actually, we do set a REVOKE_ON_UPGRADE flag properly when user
grants/revokes a runtime permission for pre-M apps, so it can be used
for computing app op state. In the case where app ops are incorrectly
set to denied without setting this flag, the app won't get the
permission revoked upon upgrade to support runtime permissions, and is
stuck with the denied app op, so overriding the app op state in this
case is arguably fixing a bad state.

Since the proposed new flag will cover whatever REVOKE_ON_UPGRADE does
currently, and REVOKE_ON_UPGRADE did imply denying app op in its
javadoc, this change is simply adding our new flag by renaming
REVOKE_ON_UPGRADE.

Bug: 136503238
Test: manual
Change-Id: Ib910f4df543d2fd8de259a6675f043d870a6f4c1
parent 703ce15f

api/system-current.txt

+3 −2
Original line number Original line Diff line number Diff line
@@ -1662,7 +1662,8 @@ package android.content.pm { 
    field public static final int FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT = 4096; // 0x1000

    field public static final int FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT = 4096; // 0x1000

    field public static final int FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT = 8192; // 0x2000

    field public static final int FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT = 8192; // 0x2000

    field public static final int FLAG_PERMISSION_REVIEW_REQUIRED = 64; // 0x40

    field public static final int FLAG_PERMISSION_REVIEW_REQUIRED = 64; // 0x40

    field public static final int FLAG_PERMISSION_REVOKE_ON_UPGRADE = 8; // 0x8

    field public static final int FLAG_PERMISSION_REVOKED_COMPAT = 8; // 0x8

    field @Deprecated public static final int FLAG_PERMISSION_REVOKE_ON_UPGRADE = 8; // 0x8

    field public static final int FLAG_PERMISSION_SYSTEM_FIXED = 16; // 0x10

    field public static final int FLAG_PERMISSION_SYSTEM_FIXED = 16; // 0x10

    field public static final int FLAG_PERMISSION_USER_FIXED = 2; // 0x2

    field public static final int FLAG_PERMISSION_USER_FIXED = 2; // 0x2

    field public static final int FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED = 512; // 0x200

    field public static final int FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED = 512; // 0x200
@@ -1730,7 +1731,7 @@ package android.content.pm { 
    method public void onPermissionsChanged(int);

    method public void onPermissionsChanged(int);

  }

  }

















  @IntDef(prefix={"FLAG_PERMISSION_"}, value={android.content.pm.PackageManager.FLAG_PERMISSION_USER_SET, android.content.pm.PackageManager.FLAG_PERMISSION_USER_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_POLICY_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_REVOKE_ON_UPGRADE, android.content.pm.PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_APPLY_RESTRICTION, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_ROLE}) @java.lang.annotation.Retention(java.lang.annotation.RetentionPolicy.SOURCE) public static @interface PackageManager.PermissionFlags {







  @IntDef(prefix={"FLAG_PERMISSION_"}, value={android.content.pm.PackageManager.FLAG_PERMISSION_USER_SET, android.content.pm.PackageManager.FLAG_PERMISSION_USER_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_POLICY_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_REVOKE_ON_UPGRADE, android.content.pm.PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_APPLY_RESTRICTION, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_ROLE, android.content.pm.PackageManager.FLAG_PERMISSION_REVOKED_COMPAT}) @java.lang.annotation.Retention(java.lang.annotation.RetentionPolicy.SOURCE) public static @interface PackageManager.PermissionFlags {











  }







  }



























  public class PermissionGroupInfo extends android.content.pm.PackageItemInfo implements android.os.Parcelable {







  public class PermissionGroupInfo extends android.content.pm.PackageItemInfo implements android.os.Parcelable {

































api/test-current.txt



+2
−1




























Original line number
Original line
Diff line number
Diff line








@@ -739,7 +739,8 @@ package android.content.pm {









    field public static final int FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT = 4096; // 0x1000







    field public static final int FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT = 4096; // 0x1000











    field public static final int FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT = 8192; // 0x2000







    field public static final int FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT = 8192; // 0x2000











    field public static final int FLAG_PERMISSION_REVIEW_REQUIRED = 64; // 0x40







    field public static final int FLAG_PERMISSION_REVIEW_REQUIRED = 64; // 0x40











    field public static final int FLAG_PERMISSION_REVOKE_ON_UPGRADE = 8; // 0x8







    field public static final int FLAG_PERMISSION_REVOKED_COMPAT = 8; // 0x8














    field @Deprecated public static final int FLAG_PERMISSION_REVOKE_ON_UPGRADE = 8; // 0x8











    field public static final int FLAG_PERMISSION_REVOKE_WHEN_REQUESTED = 128; // 0x80







    field public static final int FLAG_PERMISSION_REVOKE_WHEN_REQUESTED = 128; // 0x80











    field public static final int FLAG_PERMISSION_SYSTEM_FIXED = 16; // 0x10







    field public static final int FLAG_PERMISSION_SYSTEM_FIXED = 16; // 0x10











    field public static final int FLAG_PERMISSION_USER_FIXED = 2; // 0x2







    field public static final int FLAG_PERMISSION_USER_FIXED = 2; // 0x2

































core/java/android/content/pm/PackageManager.java



+20
−3




























Original line number
Original line
Diff line number
Diff line








@@ -3078,8 +3078,11 @@ public abstract class PackageManager {









     * because the app was updated to support runtime permissions, the







     * because the app was updated to support runtime permissions, the











     * the permission will be revoked in the upgrade process.







     * the permission will be revoked in the upgrade process.











     *







     *














     * @deprecated Renamed to {@link #FLAG_PERMISSION_REVOKED_COMPAT}.














     *











     * @hide







     * @hide











     */







     */














    @Deprecated











    @SystemApi







    @SystemApi











    @TestApi







    @TestApi











    public static final int FLAG_PERMISSION_REVOKE_ON_UPGRADE =  1 << 3;







    public static final int FLAG_PERMISSION_REVOKE_ON_UPGRADE =  1 << 3;










@@ -3201,6 +3204,18 @@ public abstract class PackageManager {









    @TestApi







    @TestApi











    public static final int FLAG_PERMISSION_GRANTED_BY_ROLE =  1 << 15;







    public static final int FLAG_PERMISSION_GRANTED_BY_ROLE =  1 << 15;


































    /**














     * Permission flag: The permission should have been revoked but is kept granted for














     * compatibility. The data protected by the permission should be protected by a no-op (empty














     * list, default error, etc) instead of crashing the client. The permission will be revoked if














     * the app is upgraded to supports it.














     *














     * @hide














     */














    @SystemApi














    @TestApi














    public static final int FLAG_PERMISSION_REVOKED_COMPAT =  FLAG_PERMISSION_REVOKE_ON_UPGRADE;


























    /**







    /**











     * Permission flags: Bitwise or of all permission flags allowing an







     * Permission flags: Bitwise or of all permission flags allowing an











     * exemption for a restricted permission.







     * exemption for a restricted permission.










@@ -3241,7 +3256,8 @@ public abstract class PackageManager {









            | FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT







            | FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT











            | FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT







            | FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT











            | FLAG_PERMISSION_APPLY_RESTRICTION







            | FLAG_PERMISSION_APPLY_RESTRICTION











            | FLAG_PERMISSION_GRANTED_BY_ROLE;







            | FLAG_PERMISSION_GRANTED_BY_ROLE














            | FLAG_PERMISSION_REVOKED_COMPAT;































    /**







    /**











     * Injected activity in app that forwards user to setting activity of that app.







     * Injected activity in app that forwards user to setting activity of that app.










@@ -4017,7 +4033,8 @@ public abstract class PackageManager {









            FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT,







            FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT,











            FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT,







            FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT,











            FLAG_PERMISSION_APPLY_RESTRICTION,







            FLAG_PERMISSION_APPLY_RESTRICTION,











            FLAG_PERMISSION_GRANTED_BY_ROLE







            FLAG_PERMISSION_GRANTED_BY_ROLE,














            FLAG_PERMISSION_REVOKED_COMPAT











    })







    })











    @Retention(RetentionPolicy.SOURCE)







    @Retention(RetentionPolicy.SOURCE)











    public @interface PermissionFlags {}







    public @interface PermissionFlags {}










@@ -7086,7 +7103,6 @@ public abstract class PackageManager {









            case FLAG_PERMISSION_POLICY_FIXED: return "POLICY_FIXED";







            case FLAG_PERMISSION_POLICY_FIXED: return "POLICY_FIXED";











            case FLAG_PERMISSION_SYSTEM_FIXED: return "SYSTEM_FIXED";







            case FLAG_PERMISSION_SYSTEM_FIXED: return "SYSTEM_FIXED";











            case FLAG_PERMISSION_USER_SET: return "USER_SET";







            case FLAG_PERMISSION_USER_SET: return "USER_SET";











            case FLAG_PERMISSION_REVOKE_ON_UPGRADE: return "REVOKE_ON_UPGRADE";














            case FLAG_PERMISSION_USER_FIXED: return "USER_FIXED";







            case FLAG_PERMISSION_USER_FIXED: return "USER_FIXED";











            case FLAG_PERMISSION_REVIEW_REQUIRED: return "REVIEW_REQUIRED";







            case FLAG_PERMISSION_REVIEW_REQUIRED: return "REVIEW_REQUIRED";











            case FLAG_PERMISSION_REVOKE_WHEN_REQUESTED: return "REVOKE_WHEN_REQUESTED";







            case FLAG_PERMISSION_REVOKE_WHEN_REQUESTED: return "REVOKE_WHEN_REQUESTED";









@@ -7097,6 +7113,7 @@ public abstract class PackageManager {









            case FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT: return "RESTRICTION_UPGRADE_EXEMPT";







            case FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT: return "RESTRICTION_UPGRADE_EXEMPT";











            case FLAG_PERMISSION_APPLY_RESTRICTION: return "APPLY_RESTRICTION";







            case FLAG_PERMISSION_APPLY_RESTRICTION: return "APPLY_RESTRICTION";











            case FLAG_PERMISSION_GRANTED_BY_ROLE: return "GRANTED_BY_ROLE";







            case FLAG_PERMISSION_GRANTED_BY_ROLE: return "GRANTED_BY_ROLE";














            case FLAG_PERMISSION_REVOKED_COMPAT: return "REVOKED_COMPAT";











            default: return Integer.toString(flag);







            default: return Integer.toString(flag);











        }







        }











    }







    }

































services/core/java/com/android/server/pm/PackageManagerService.java



+2
−2




























Original line number
Original line
Diff line number
Diff line








@@ -37,7 +37,7 @@ import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_ENABLED;









import static android.content.pm.PackageManager.DELETE_KEEP_DATA;







import static android.content.pm.PackageManager.DELETE_KEEP_DATA;











import static android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT;







import static android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT;











import static android.content.pm.PackageManager.FLAG_PERMISSION_POLICY_FIXED;







import static android.content.pm.PackageManager.FLAG_PERMISSION_POLICY_FIXED;











import static android.content.pm.PackageManager.FLAG_PERMISSION_REVOKE_ON_UPGRADE;







import static android.content.pm.PackageManager.FLAG_PERMISSION_REVOKED_COMPAT;











import static android.content.pm.PackageManager.FLAG_PERMISSION_SYSTEM_FIXED;







import static android.content.pm.PackageManager.FLAG_PERMISSION_SYSTEM_FIXED;











import static android.content.pm.PackageManager.FLAG_PERMISSION_USER_FIXED;







import static android.content.pm.PackageManager.FLAG_PERMISSION_USER_FIXED;











import static android.content.pm.PackageManager.FLAG_PERMISSION_USER_SET;







import static android.content.pm.PackageManager.FLAG_PERMISSION_USER_SET;










@@ -1582,7 +1582,7 @@ public class PackageManagerService extends IPackageManager.Stub









    private static final int USER_RUNTIME_GRANT_MASK =







    private static final int USER_RUNTIME_GRANT_MASK =











            FLAG_PERMISSION_USER_SET







            FLAG_PERMISSION_USER_SET











            | FLAG_PERMISSION_USER_FIXED







            | FLAG_PERMISSION_USER_FIXED











            | FLAG_PERMISSION_REVOKE_ON_UPGRADE;







            | FLAG_PERMISSION_REVOKED_COMPAT;



























    final @Nullable String mRequiredVerifierPackage;







    final @Nullable String mRequiredVerifierPackage;











    final @NonNull String mRequiredInstallerPackage;







    final @NonNull String mRequiredInstallerPackage;

























services/core/java/com/android/server/pm/permission/PermissionManagerService.java



+8
−8




























Original line number
Original line
Diff line number
Diff line








@@ -24,7 +24,7 @@ import static android.content.pm.PackageManager.FLAG_PERMISSION_APPLY_RESTRICTIO









import static android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT;







import static android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT;











import static android.content.pm.PackageManager.FLAG_PERMISSION_POLICY_FIXED;







import static android.content.pm.PackageManager.FLAG_PERMISSION_POLICY_FIXED;











import static android.content.pm.PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED;







import static android.content.pm.PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED;











import static android.content.pm.PackageManager.FLAG_PERMISSION_REVOKE_ON_UPGRADE;







import static android.content.pm.PackageManager.FLAG_PERMISSION_REVOKED_COMPAT;











import static android.content.pm.PackageManager.FLAG_PERMISSION_REVOKE_WHEN_REQUESTED;







import static android.content.pm.PackageManager.FLAG_PERMISSION_REVOKE_WHEN_REQUESTED;











import static android.content.pm.PackageManager.FLAG_PERMISSION_SYSTEM_FIXED;







import static android.content.pm.PackageManager.FLAG_PERMISSION_SYSTEM_FIXED;











import static android.content.pm.PackageManager.FLAG_PERMISSION_USER_FIXED;







import static android.content.pm.PackageManager.FLAG_PERMISSION_USER_FIXED;










@@ -1495,7 +1495,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {









        // These are flags that can change base on user actions.







        // These are flags that can change base on user actions.











        final int userSettableMask = FLAG_PERMISSION_USER_SET







        final int userSettableMask = FLAG_PERMISSION_USER_SET











                | FLAG_PERMISSION_USER_FIXED







                | FLAG_PERMISSION_USER_FIXED











                | FLAG_PERMISSION_REVOKE_ON_UPGRADE







                | FLAG_PERMISSION_REVOKED_COMPAT











                | FLAG_PERMISSION_REVIEW_REQUIRED;







                | FLAG_PERMISSION_REVIEW_REQUIRED;































        final int policyOrSystemFlags = FLAG_PERMISSION_SYSTEM_FIXED







        final int policyOrSystemFlags = FLAG_PERMISSION_SYSTEM_FIXED










@@ -1605,7 +1605,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {









            final int uid = mPackageManagerInt.getPackageUid(packageName, 0, userId);







            final int uid = mPackageManagerInt.getPackageUid(packageName, 0, userId);











            final int targetSdk = mPackageManagerInt.getUidTargetSdkVersion(uid);







            final int targetSdk = mPackageManagerInt.getUidTargetSdkVersion(uid);











            final int flags = (targetSdk < Build.VERSION_CODES.M && bp.isRuntime())







            final int flags = (targetSdk < Build.VERSION_CODES.M && bp.isRuntime())











                    ? FLAG_PERMISSION_REVIEW_REQUIRED | FLAG_PERMISSION_REVOKE_ON_UPGRADE







                    ? FLAG_PERMISSION_REVIEW_REQUIRED | FLAG_PERMISSION_REVOKED_COMPAT











                    : 0;







                    : 0;































            updatePermissionFlagsInternal(







            updatePermissionFlagsInternal(










@@ -2517,8 +2517,8 @@ public class PermissionManagerService extends IPermissionManager.Stub {









                                        wasChanged = true;







                                        wasChanged = true;











                                    }







                                    }































                                    if ((flags & FLAG_PERMISSION_REVOKE_ON_UPGRADE) != 0) {







                                    if ((flags & FLAG_PERMISSION_REVOKED_COMPAT) != 0) {











                                        flags &= ~FLAG_PERMISSION_REVOKE_ON_UPGRADE;







                                        flags &= ~FLAG_PERMISSION_REVOKED_COMPAT;











                                        wasChanged = true;







                                        wasChanged = true;











                                    // Hard restricted permissions cannot be held.







                                    // Hard restricted permissions cannot be held.











                                    } else if (!permissionPolicyInitialized







                                    } else if (!permissionPolicyInitialized









@@ -2537,7 +2537,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {









                                                bp.getSourcePackageName())) {







                                                bp.getSourcePackageName())) {











                                            if (!bp.isRemoved()) {







                                            if (!bp.isRemoved()) {











                                                flags |= FLAG_PERMISSION_REVIEW_REQUIRED







                                                flags |= FLAG_PERMISSION_REVIEW_REQUIRED











                                                        | FLAG_PERMISSION_REVOKE_ON_UPGRADE;







                                                        | FLAG_PERMISSION_REVOKED_COMPAT;











                                                wasChanged = true;







                                                wasChanged = true;











                                            }







                                            }











                                        }







                                        }










@@ -2652,8 +2652,8 @@ public class PermissionManagerService extends IPermissionManager.Stub {









                                        wasChanged = true;







                                        wasChanged = true;











                                    }







                                    }































                                    if ((flags & FLAG_PERMISSION_REVOKE_ON_UPGRADE) != 0) {







                                    if ((flags & FLAG_PERMISSION_REVOKED_COMPAT) != 0) {











                                        flags &= ~FLAG_PERMISSION_REVOKE_ON_UPGRADE;







                                        flags &= ~FLAG_PERMISSION_REVOKED_COMPAT;











                                        wasChanged = true;







                                        wasChanged = true;











                                    // Hard restricted permissions cannot be held.







                                    // Hard restricted permissions cannot be held.











                                    } else if (!permissionPolicyInitialized ||







                                    } else if (!permissionPolicyInitialized ||