Loading services/permission/java/com/android/server/permission/access/AccessCheckingService.kt +42 −41 Original line number Original line Diff line number Diff line Loading @@ -68,7 +68,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { LocalManagerRegistry.addManager( LocalManagerRegistry.addManager( PermissionManagerLocal::class.java, PermissionManagerLocal::class.java, PermissionManagerLocalImpl(this) PermissionManagerLocalImpl(this), ) ) } } Loading Loading @@ -100,7 +100,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { configPermissions, configPermissions, privilegedPermissionAllowlistPackages, privilegedPermissionAllowlistPackages, permissionAllowlist, permissionAllowlist, implicitToSourcePermissions implicitToSourcePermissions, ) ) persistence.initialize() persistence.initialize() persistence.read(state) persistence.read(state) Loading Loading @@ -153,7 +153,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { internal fun onStorageVolumeMounted( internal fun onStorageVolumeMounted( volumeUuid: String?, volumeUuid: String?, packageNames: List<String>, packageNames: List<String>, isSystemUpdated: Boolean isSystemUpdated: Boolean, ) { ) { val (packageStates, disabledSystemPackageStates) = packageManagerLocal.allPackageStates val (packageStates, disabledSystemPackageStates) = packageManagerLocal.allPackageStates val knownPackages = packageManagerInternal.knownPackages val knownPackages = packageManagerInternal.knownPackages Loading @@ -165,7 +165,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { knownPackages, knownPackages, volumeUuid, volumeUuid, packageNames, packageNames, isSystemUpdated isSystemUpdated, ) ) } } } } Loading @@ -180,7 +180,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { packageStates, packageStates, disabledSystemPackageStates, disabledSystemPackageStates, knownPackages, knownPackages, packageName packageName, ) ) } } } } Loading @@ -196,7 +196,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { disabledSystemPackageStates, disabledSystemPackageStates, knownPackages, knownPackages, packageName, packageName, appId appId, ) ) } } } } Loading @@ -212,7 +212,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { disabledSystemPackageStates, disabledSystemPackageStates, knownPackages, knownPackages, packageName, packageName, userId userId, ) ) } } } } Loading @@ -229,7 +229,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { knownPackages, knownPackages, packageName, packageName, appId, appId, userId userId, ) ) } } } } Loading @@ -246,39 +246,40 @@ class AccessCheckingService(context: Context) : SystemService(context) { private val PackageManagerInternal.knownPackages: IntMap<Array<String>> private val PackageManagerInternal.knownPackages: IntMap<Array<String>> get() = get() = MutableIntMap<Array<String>>().apply { MutableIntMap<Array<String>>().apply { this[KnownPackages.PACKAGE_INSTALLER] = getKnownPackageNames( this[KnownPackages.PACKAGE_INSTALLER] = KnownPackages.PACKAGE_INSTALLER, UserHandle.USER_SYSTEM getKnownPackageNames(KnownPackages.PACKAGE_INSTALLER, UserHandle.USER_SYSTEM) ) this[KnownPackages.PACKAGE_PERMISSION_CONTROLLER] = this[KnownPackages.PACKAGE_PERMISSION_CONTROLLER] = getKnownPackageNames( getKnownPackageNames( KnownPackages.PACKAGE_PERMISSION_CONTROLLER, UserHandle.USER_SYSTEM KnownPackages.PACKAGE_PERMISSION_CONTROLLER, ) UserHandle.USER_SYSTEM, this[KnownPackages.PACKAGE_VERIFIER] = getKnownPackageNames( KnownPackages.PACKAGE_VERIFIER, UserHandle.USER_SYSTEM ) this[KnownPackages.PACKAGE_SETUP_WIZARD] = getKnownPackageNames( KnownPackages.PACKAGE_SETUP_WIZARD, UserHandle.USER_SYSTEM ) this[KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER] = getKnownPackageNames( KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER, UserHandle.USER_SYSTEM ) this[KnownPackages.PACKAGE_CONFIGURATOR] = getKnownPackageNames( KnownPackages.PACKAGE_CONFIGURATOR, UserHandle.USER_SYSTEM ) this[KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER] = getKnownPackageNames( KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER, UserHandle.USER_SYSTEM ) this[KnownPackages.PACKAGE_APP_PREDICTOR] = getKnownPackageNames( KnownPackages.PACKAGE_APP_PREDICTOR, UserHandle.USER_SYSTEM ) ) this[KnownPackages.PACKAGE_COMPANION] = getKnownPackageNames( this[KnownPackages.PACKAGE_VERIFIER] = KnownPackages.PACKAGE_COMPANION, UserHandle.USER_SYSTEM getKnownPackageNames(KnownPackages.PACKAGE_VERIFIER, UserHandle.USER_SYSTEM) this[KnownPackages.PACKAGE_SETUP_WIZARD] = getKnownPackageNames(KnownPackages.PACKAGE_SETUP_WIZARD, UserHandle.USER_SYSTEM) this[KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER] = getKnownPackageNames( KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER, UserHandle.USER_SYSTEM, ) ) this[KnownPackages.PACKAGE_RETAIL_DEMO] = getKnownPackageNames( this[KnownPackages.PACKAGE_CONFIGURATOR] = KnownPackages.PACKAGE_RETAIL_DEMO, UserHandle.USER_SYSTEM getKnownPackageNames(KnownPackages.PACKAGE_CONFIGURATOR, UserHandle.USER_SYSTEM) this[KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER] = getKnownPackageNames( KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER, UserHandle.USER_SYSTEM, ) ) this[KnownPackages.PACKAGE_RECENTS] = getKnownPackageNames( this[KnownPackages.PACKAGE_APP_PREDICTOR] = KnownPackages.PACKAGE_RECENTS, UserHandle.USER_SYSTEM getKnownPackageNames( KnownPackages.PACKAGE_APP_PREDICTOR, UserHandle.USER_SYSTEM, ) ) this[KnownPackages.PACKAGE_COMPANION] = getKnownPackageNames(KnownPackages.PACKAGE_COMPANION, UserHandle.USER_SYSTEM) this[KnownPackages.PACKAGE_RETAIL_DEMO] = getKnownPackageNames(KnownPackages.PACKAGE_RETAIL_DEMO, UserHandle.USER_SYSTEM) this[KnownPackages.PACKAGE_RECENTS] = getKnownPackageNames(KnownPackages.PACKAGE_RECENTS, UserHandle.USER_SYSTEM) } } @OptIn(ExperimentalContracts::class) @OptIn(ExperimentalContracts::class) Loading services/permission/java/com/android/server/permission/access/AccessPolicy.kt +10 −10 Original line number Original line Diff line number Diff line Loading @@ -71,7 +71,7 @@ private constructor( configPermissions: Map<String, SystemConfig.PermissionEntry>, configPermissions: Map<String, SystemConfig.PermissionEntry>, privilegedPermissionAllowlistPackages: IndexedListSet<String>, privilegedPermissionAllowlistPackages: IndexedListSet<String>, permissionAllowlist: PermissionAllowlist, permissionAllowlist: PermissionAllowlist, implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>> implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>>, ) { ) { state.mutateExternalState().apply { state.mutateExternalState().apply { mutateUserIds() += userIds mutateUserIds() += userIds Loading Loading @@ -125,7 +125,7 @@ private constructor( knownPackages: IntMap<Array<String>>, knownPackages: IntMap<Array<String>>, volumeUuid: String?, volumeUuid: String?, packageNames: List<String>, packageNames: List<String>, isSystemUpdated: Boolean isSystemUpdated: Boolean, ) { ) { val addedAppIds = MutableIntSet() val addedAppIds = MutableIntSet() newState.mutateExternalState().apply { newState.mutateExternalState().apply { Loading Loading @@ -175,7 +175,7 @@ private constructor( packageStates: Map<String, PackageState>, packageStates: Map<String, PackageState>, disabledSystemPackageStates: Map<String, PackageState>, disabledSystemPackageStates: Map<String, PackageState>, knownPackages: IntMap<Array<String>>, knownPackages: IntMap<Array<String>>, packageName: String packageName: String, ) { ) { val packageState = packageStates[packageName] val packageState = packageStates[packageName] checkNotNull(packageState) { checkNotNull(packageState) { Loading Loading @@ -206,7 +206,7 @@ private constructor( disabledSystemPackageStates: Map<String, PackageState>, disabledSystemPackageStates: Map<String, PackageState>, knownPackages: IntMap<Array<String>>, knownPackages: IntMap<Array<String>>, packageName: String, packageName: String, appId: Int appId: Int, ) { ) { check(packageName !in packageStates) { check(packageName !in packageStates) { "Removed package $packageName is still in packageStates in onPackageRemoved()" "Removed package $packageName is still in packageStates in onPackageRemoved()" Loading Loading @@ -240,7 +240,7 @@ private constructor( disabledSystemPackageStates: Map<String, PackageState>, disabledSystemPackageStates: Map<String, PackageState>, knownPackages: IntMap<Array<String>>, knownPackages: IntMap<Array<String>>, packageName: String, packageName: String, userId: Int userId: Int, ) { ) { newState.mutateExternalState().apply { newState.mutateExternalState().apply { setPackageStates(packageStates) setPackageStates(packageStates) Loading @@ -260,7 +260,7 @@ private constructor( knownPackages: IntMap<Array<String>>, knownPackages: IntMap<Array<String>>, packageName: String, packageName: String, appId: Int, appId: Int, userId: Int userId: Int, ) { ) { newState.mutateExternalState().apply { newState.mutateExternalState().apply { setPackageStates(packageStates) setPackageStates(packageStates) Loading Loading @@ -308,7 +308,7 @@ private constructor( Slog.w( Slog.w( LOG_TAG, LOG_TAG, "Unexpected version $version for package $packageName," + "Unexpected version $version for package $packageName," + "latest version is $VERSION_LATEST" "latest version is $VERSION_LATEST", ) ) } } } } Loading Loading @@ -346,7 +346,7 @@ private constructor( else -> { else -> { Slog.w( Slog.w( LOG_TAG, LOG_TAG, "Ignoring unknown tag $tagName when parsing user state for user $userId" "Ignoring unknown tag $tagName when parsing user state for user $userId", ) ) } } } } Loading Loading @@ -381,7 +381,7 @@ private constructor( private fun BinaryXmlPullParser.parseDefaultPermissionGrant( private fun BinaryXmlPullParser.parseDefaultPermissionGrant( state: MutableAccessState, state: MutableAccessState, userId: Int userId: Int, ) { ) { val userState = state.mutateUserState(userId, WriteMode.NONE)!! val userState = state.mutateUserState(userId, WriteMode.NONE)!! val fingerprint = getAttributeValueOrThrow(ATTR_FINGERPRINT).intern() val fingerprint = getAttributeValueOrThrow(ATTR_FINGERPRINT).intern() Loading Loading @@ -482,7 +482,7 @@ abstract class SchemePolicy { open fun MutateStateScope.upgradePackageState( open fun MutateStateScope.upgradePackageState( packageState: PackageState, packageState: PackageState, userId: Int, userId: Int, version: Int version: Int, ) {} ) {} open fun BinaryXmlPullParser.parseSystemState(state: MutableAccessState) {} open fun BinaryXmlPullParser.parseSystemState(state: MutableAccessState) {} Loading services/permission/java/com/android/server/permission/access/AccessState.kt +21 −20 Original line number Original line Diff line number Diff line Loading @@ -36,7 +36,7 @@ private typealias UserStatesReference = MutableReference<UserStates, MutableUser sealed class AccessState( sealed class AccessState( internal val externalStateReference: ExternalStateReference, internal val externalStateReference: ExternalStateReference, internal val systemStateReference: SystemStateReference, internal val systemStateReference: SystemStateReference, internal val userStatesReference: UserStatesReference internal val userStatesReference: UserStatesReference, ) : Immutable<MutableAccessState> { ) : Immutable<MutableAccessState> { val externalState: ExternalState val externalState: ExternalState get() = externalStateReference.get() get() = externalStateReference.get() Loading @@ -54,13 +54,13 @@ class MutableAccessState private constructor( private constructor( externalStateReference: ExternalStateReference, externalStateReference: ExternalStateReference, systemStateReference: SystemStateReference, systemStateReference: SystemStateReference, userStatesReference: UserStatesReference userStatesReference: UserStatesReference, ) : AccessState(externalStateReference, systemStateReference, userStatesReference) { ) : AccessState(externalStateReference, systemStateReference, userStatesReference) { constructor() : constructor() : this( this( ExternalStateReference(MutableExternalState()), ExternalStateReference(MutableExternalState()), SystemStateReference(MutableSystemState()), SystemStateReference(MutableSystemState()), UserStatesReference(MutableUserStates()) UserStatesReference(MutableUserStates()), ) ) internal constructor( internal constructor( Loading @@ -68,7 +68,7 @@ private constructor( ) : this( ) : this( accessState.externalStateReference.toImmutable(), accessState.externalStateReference.toImmutable(), accessState.systemStateReference.toImmutable(), accessState.systemStateReference.toImmutable(), accessState.userStatesReference.toImmutable() accessState.userStatesReference.toImmutable(), ) ) fun mutateExternalState(): MutableExternalState = externalStateReference.mutate() fun mutateExternalState(): MutableExternalState = externalStateReference.mutate() Loading Loading @@ -106,7 +106,7 @@ sealed class ExternalState( privilegedPermissionAllowlistPackages: IndexedListSet<String>, privilegedPermissionAllowlistPackages: IndexedListSet<String>, permissionAllowlist: PermissionAllowlist, permissionAllowlist: PermissionAllowlist, implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>>, implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>>, isSystemReady: Boolean isSystemReady: Boolean, ) : Immutable<MutableExternalState> { ) : Immutable<MutableExternalState> { val userIds: IntSet val userIds: IntSet get() = userIdsReference.get() get() = userIdsReference.get() Loading Loading @@ -158,7 +158,7 @@ private constructor( privilegedPermissionAllowlistPackages: IndexedListSet<String>, privilegedPermissionAllowlistPackages: IndexedListSet<String>, permissionAllowlist: PermissionAllowlist, permissionAllowlist: PermissionAllowlist, implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>>, implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>>, isSystemReady: Boolean isSystemReady: Boolean, ) : ) : ExternalState( ExternalState( userIdsReference, userIdsReference, Loading @@ -171,7 +171,7 @@ private constructor( privilegedPermissionAllowlistPackages, privilegedPermissionAllowlistPackages, permissionAllowlist, permissionAllowlist, implicitToSourcePermissions, implicitToSourcePermissions, isSystemReady isSystemReady, ) { ) { constructor() : constructor() : this( this( Loading @@ -185,7 +185,7 @@ private constructor( MutableIndexedListSet(), MutableIndexedListSet(), PermissionAllowlist(), PermissionAllowlist(), MutableIndexedMap(), MutableIndexedMap(), false false, ) ) internal constructor( internal constructor( Loading @@ -201,7 +201,7 @@ private constructor( externalState.privilegedPermissionAllowlistPackages, externalState.privilegedPermissionAllowlistPackages, externalState.permissionAllowlist, externalState.permissionAllowlist, externalState.implicitToSourcePermissions, externalState.implicitToSourcePermissions, externalState.isSystemReady externalState.isSystemReady, ) ) fun mutateUserIds(): MutableIntSet = userIdsReference.mutate() fun mutateUserIds(): MutableIntSet = userIdsReference.mutate() Loading Loading @@ -260,7 +260,8 @@ private constructor( private typealias PermissionGroupsReference = private typealias PermissionGroupsReference = MutableReference< MutableReference< IndexedMap<String, PermissionGroupInfo>, MutableIndexedMap<String, PermissionGroupInfo> IndexedMap<String, PermissionGroupInfo>, MutableIndexedMap<String, PermissionGroupInfo>, > > private typealias PermissionTreesReference = private typealias PermissionTreesReference = Loading @@ -273,7 +274,7 @@ sealed class SystemState( val permissionGroupsReference: PermissionGroupsReference, val permissionGroupsReference: PermissionGroupsReference, val permissionTreesReference: PermissionTreesReference, val permissionTreesReference: PermissionTreesReference, val permissionsReference: PermissionsReference, val permissionsReference: PermissionsReference, writeMode: Int writeMode: Int, ) : WritableState, Immutable<MutableSystemState> { ) : WritableState, Immutable<MutableSystemState> { val permissionGroups: IndexedMap<String, PermissionGroupInfo> val permissionGroups: IndexedMap<String, PermissionGroupInfo> get() = permissionGroupsReference.get() get() = permissionGroupsReference.get() Loading @@ -295,13 +296,13 @@ private constructor( permissionGroupsReference: PermissionGroupsReference, permissionGroupsReference: PermissionGroupsReference, permissionTreesReference: PermissionTreesReference, permissionTreesReference: PermissionTreesReference, permissionsReference: PermissionsReference, permissionsReference: PermissionsReference, writeMode: Int writeMode: Int, ) : ) : SystemState( SystemState( permissionGroupsReference, permissionGroupsReference, permissionTreesReference, permissionTreesReference, permissionsReference, permissionsReference, writeMode writeMode, ), ), MutableWritableState { MutableWritableState { constructor() : constructor() : Loading @@ -309,7 +310,7 @@ private constructor( PermissionGroupsReference(MutableIndexedMap()), PermissionGroupsReference(MutableIndexedMap()), PermissionTreesReference(MutableIndexedMap()), PermissionTreesReference(MutableIndexedMap()), PermissionsReference(MutableIndexedMap()), PermissionsReference(MutableIndexedMap()), WriteMode.NONE WriteMode.NONE, ) ) internal constructor( internal constructor( Loading @@ -318,7 +319,7 @@ private constructor( systemState.permissionGroupsReference.toImmutable(), systemState.permissionGroupsReference.toImmutable(), systemState.permissionTreesReference.toImmutable(), systemState.permissionTreesReference.toImmutable(), systemState.permissionsReference.toImmutable(), systemState.permissionsReference.toImmutable(), WriteMode.NONE WriteMode.NONE, ) ) fun mutatePermissionGroups(): MutableIndexedMap<String, PermissionGroupInfo> = fun mutatePermissionGroups(): MutableIndexedMap<String, PermissionGroupInfo> = Loading Loading @@ -385,7 +386,7 @@ sealed class UserState( internal val appIdAppOpModesReference: AppIdAppOpModesReference, internal val appIdAppOpModesReference: AppIdAppOpModesReference, internal val packageAppOpModesReference: PackageAppOpModesReference, internal val packageAppOpModesReference: PackageAppOpModesReference, defaultPermissionGrantFingerprint: String?, defaultPermissionGrantFingerprint: String?, writeMode: Int writeMode: Int, ) : WritableState, Immutable<MutableUserState> { ) : WritableState, Immutable<MutableUserState> { val packageVersions: IndexedMap<String, Int> val packageVersions: IndexedMap<String, Int> get() = packageVersionsReference.get() get() = packageVersionsReference.get() Loading Loading @@ -419,7 +420,7 @@ private constructor( appIdAppOpModesReference: AppIdAppOpModesReference, appIdAppOpModesReference: AppIdAppOpModesReference, packageAppOpModesReference: PackageAppOpModesReference, packageAppOpModesReference: PackageAppOpModesReference, defaultPermissionGrantFingerprint: String?, defaultPermissionGrantFingerprint: String?, writeMode: Int writeMode: Int, ) : ) : UserState( UserState( packageVersionsReference, packageVersionsReference, Loading @@ -428,7 +429,7 @@ private constructor( appIdAppOpModesReference, appIdAppOpModesReference, packageAppOpModesReference, packageAppOpModesReference, defaultPermissionGrantFingerprint, defaultPermissionGrantFingerprint, writeMode writeMode, ), ), MutableWritableState { MutableWritableState { constructor() : constructor() : Loading @@ -439,7 +440,7 @@ private constructor( AppIdAppOpModesReference(MutableAppIdAppOpModes()), AppIdAppOpModesReference(MutableAppIdAppOpModes()), PackageAppOpModesReference(MutablePackageAppOpModes()), PackageAppOpModesReference(MutablePackageAppOpModes()), null, null, WriteMode.NONE WriteMode.NONE, ) ) internal constructor( internal constructor( Loading @@ -451,7 +452,7 @@ private constructor( userState.appIdAppOpModesReference.toImmutable(), userState.appIdAppOpModesReference.toImmutable(), userState.packageAppOpModesReference.toImmutable(), userState.packageAppOpModesReference.toImmutable(), userState.defaultPermissionGrantFingerprint, userState.defaultPermissionGrantFingerprint, WriteMode.NONE WriteMode.NONE, ) ) fun mutatePackageVersions(): MutableIndexedMap<String, Int> = packageVersionsReference.mutate() fun mutatePackageVersions(): MutableIndexedMap<String, Int> = packageVersionsReference.mutate() Loading services/permission/java/com/android/server/permission/access/appop/AppIdAppOpPersistence.kt +1 −1 Original line number Original line Diff line number Diff line Loading @@ -83,7 +83,7 @@ class AppIdAppOpPersistence : BaseAppOpPersistence() { private fun BinaryXmlSerializer.serializeAppId( private fun BinaryXmlSerializer.serializeAppId( appId: Int, appId: Int, appOpModes: IndexedMap<String, Int> appOpModes: IndexedMap<String, Int>, ) { ) { tag(TAG_APP_ID) { tag(TAG_APP_ID) { attributeInt(ATTR_ID, appId) attributeInt(ATTR_ID, appId) Loading services/permission/java/com/android/server/permission/access/appop/AppIdAppOpPolicy.kt +2 −2 Original line number Original line Diff line number Diff line Loading @@ -83,7 +83,7 @@ class AppIdAppOpPolicy : BaseAppOpPolicy(AppIdAppOpPersistence()) { appId: Int, appId: Int, userId: Int, userId: Int, appOpName: String, appOpName: String, mode: Int mode: Int, ): Boolean { ): Boolean { if (userId !in newState.userStates) { if (userId !in newState.userStates) { Slog.e(LOG_TAG, "Unable to set app op mode for missing user $userId") Slog.e(LOG_TAG, "Unable to set app op mode for missing user $userId") Loading Loading @@ -147,7 +147,7 @@ class AppIdAppOpPolicy : BaseAppOpPolicy(AppIdAppOpPersistence()) { userId: Int, userId: Int, appOpName: String, appOpName: String, oldMode: Int, oldMode: Int, newMode: Int newMode: Int, ) ) /** /** Loading Loading
services/permission/java/com/android/server/permission/access/AccessCheckingService.kt +42 −41 Original line number Original line Diff line number Diff line Loading @@ -68,7 +68,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { LocalManagerRegistry.addManager( LocalManagerRegistry.addManager( PermissionManagerLocal::class.java, PermissionManagerLocal::class.java, PermissionManagerLocalImpl(this) PermissionManagerLocalImpl(this), ) ) } } Loading Loading @@ -100,7 +100,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { configPermissions, configPermissions, privilegedPermissionAllowlistPackages, privilegedPermissionAllowlistPackages, permissionAllowlist, permissionAllowlist, implicitToSourcePermissions implicitToSourcePermissions, ) ) persistence.initialize() persistence.initialize() persistence.read(state) persistence.read(state) Loading Loading @@ -153,7 +153,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { internal fun onStorageVolumeMounted( internal fun onStorageVolumeMounted( volumeUuid: String?, volumeUuid: String?, packageNames: List<String>, packageNames: List<String>, isSystemUpdated: Boolean isSystemUpdated: Boolean, ) { ) { val (packageStates, disabledSystemPackageStates) = packageManagerLocal.allPackageStates val (packageStates, disabledSystemPackageStates) = packageManagerLocal.allPackageStates val knownPackages = packageManagerInternal.knownPackages val knownPackages = packageManagerInternal.knownPackages Loading @@ -165,7 +165,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { knownPackages, knownPackages, volumeUuid, volumeUuid, packageNames, packageNames, isSystemUpdated isSystemUpdated, ) ) } } } } Loading @@ -180,7 +180,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { packageStates, packageStates, disabledSystemPackageStates, disabledSystemPackageStates, knownPackages, knownPackages, packageName packageName, ) ) } } } } Loading @@ -196,7 +196,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { disabledSystemPackageStates, disabledSystemPackageStates, knownPackages, knownPackages, packageName, packageName, appId appId, ) ) } } } } Loading @@ -212,7 +212,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { disabledSystemPackageStates, disabledSystemPackageStates, knownPackages, knownPackages, packageName, packageName, userId userId, ) ) } } } } Loading @@ -229,7 +229,7 @@ class AccessCheckingService(context: Context) : SystemService(context) { knownPackages, knownPackages, packageName, packageName, appId, appId, userId userId, ) ) } } } } Loading @@ -246,39 +246,40 @@ class AccessCheckingService(context: Context) : SystemService(context) { private val PackageManagerInternal.knownPackages: IntMap<Array<String>> private val PackageManagerInternal.knownPackages: IntMap<Array<String>> get() = get() = MutableIntMap<Array<String>>().apply { MutableIntMap<Array<String>>().apply { this[KnownPackages.PACKAGE_INSTALLER] = getKnownPackageNames( this[KnownPackages.PACKAGE_INSTALLER] = KnownPackages.PACKAGE_INSTALLER, UserHandle.USER_SYSTEM getKnownPackageNames(KnownPackages.PACKAGE_INSTALLER, UserHandle.USER_SYSTEM) ) this[KnownPackages.PACKAGE_PERMISSION_CONTROLLER] = this[KnownPackages.PACKAGE_PERMISSION_CONTROLLER] = getKnownPackageNames( getKnownPackageNames( KnownPackages.PACKAGE_PERMISSION_CONTROLLER, UserHandle.USER_SYSTEM KnownPackages.PACKAGE_PERMISSION_CONTROLLER, ) UserHandle.USER_SYSTEM, this[KnownPackages.PACKAGE_VERIFIER] = getKnownPackageNames( KnownPackages.PACKAGE_VERIFIER, UserHandle.USER_SYSTEM ) this[KnownPackages.PACKAGE_SETUP_WIZARD] = getKnownPackageNames( KnownPackages.PACKAGE_SETUP_WIZARD, UserHandle.USER_SYSTEM ) this[KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER] = getKnownPackageNames( KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER, UserHandle.USER_SYSTEM ) this[KnownPackages.PACKAGE_CONFIGURATOR] = getKnownPackageNames( KnownPackages.PACKAGE_CONFIGURATOR, UserHandle.USER_SYSTEM ) this[KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER] = getKnownPackageNames( KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER, UserHandle.USER_SYSTEM ) this[KnownPackages.PACKAGE_APP_PREDICTOR] = getKnownPackageNames( KnownPackages.PACKAGE_APP_PREDICTOR, UserHandle.USER_SYSTEM ) ) this[KnownPackages.PACKAGE_COMPANION] = getKnownPackageNames( this[KnownPackages.PACKAGE_VERIFIER] = KnownPackages.PACKAGE_COMPANION, UserHandle.USER_SYSTEM getKnownPackageNames(KnownPackages.PACKAGE_VERIFIER, UserHandle.USER_SYSTEM) this[KnownPackages.PACKAGE_SETUP_WIZARD] = getKnownPackageNames(KnownPackages.PACKAGE_SETUP_WIZARD, UserHandle.USER_SYSTEM) this[KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER] = getKnownPackageNames( KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER, UserHandle.USER_SYSTEM, ) ) this[KnownPackages.PACKAGE_RETAIL_DEMO] = getKnownPackageNames( this[KnownPackages.PACKAGE_CONFIGURATOR] = KnownPackages.PACKAGE_RETAIL_DEMO, UserHandle.USER_SYSTEM getKnownPackageNames(KnownPackages.PACKAGE_CONFIGURATOR, UserHandle.USER_SYSTEM) this[KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER] = getKnownPackageNames( KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER, UserHandle.USER_SYSTEM, ) ) this[KnownPackages.PACKAGE_RECENTS] = getKnownPackageNames( this[KnownPackages.PACKAGE_APP_PREDICTOR] = KnownPackages.PACKAGE_RECENTS, UserHandle.USER_SYSTEM getKnownPackageNames( KnownPackages.PACKAGE_APP_PREDICTOR, UserHandle.USER_SYSTEM, ) ) this[KnownPackages.PACKAGE_COMPANION] = getKnownPackageNames(KnownPackages.PACKAGE_COMPANION, UserHandle.USER_SYSTEM) this[KnownPackages.PACKAGE_RETAIL_DEMO] = getKnownPackageNames(KnownPackages.PACKAGE_RETAIL_DEMO, UserHandle.USER_SYSTEM) this[KnownPackages.PACKAGE_RECENTS] = getKnownPackageNames(KnownPackages.PACKAGE_RECENTS, UserHandle.USER_SYSTEM) } } @OptIn(ExperimentalContracts::class) @OptIn(ExperimentalContracts::class) Loading
services/permission/java/com/android/server/permission/access/AccessPolicy.kt +10 −10 Original line number Original line Diff line number Diff line Loading @@ -71,7 +71,7 @@ private constructor( configPermissions: Map<String, SystemConfig.PermissionEntry>, configPermissions: Map<String, SystemConfig.PermissionEntry>, privilegedPermissionAllowlistPackages: IndexedListSet<String>, privilegedPermissionAllowlistPackages: IndexedListSet<String>, permissionAllowlist: PermissionAllowlist, permissionAllowlist: PermissionAllowlist, implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>> implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>>, ) { ) { state.mutateExternalState().apply { state.mutateExternalState().apply { mutateUserIds() += userIds mutateUserIds() += userIds Loading Loading @@ -125,7 +125,7 @@ private constructor( knownPackages: IntMap<Array<String>>, knownPackages: IntMap<Array<String>>, volumeUuid: String?, volumeUuid: String?, packageNames: List<String>, packageNames: List<String>, isSystemUpdated: Boolean isSystemUpdated: Boolean, ) { ) { val addedAppIds = MutableIntSet() val addedAppIds = MutableIntSet() newState.mutateExternalState().apply { newState.mutateExternalState().apply { Loading Loading @@ -175,7 +175,7 @@ private constructor( packageStates: Map<String, PackageState>, packageStates: Map<String, PackageState>, disabledSystemPackageStates: Map<String, PackageState>, disabledSystemPackageStates: Map<String, PackageState>, knownPackages: IntMap<Array<String>>, knownPackages: IntMap<Array<String>>, packageName: String packageName: String, ) { ) { val packageState = packageStates[packageName] val packageState = packageStates[packageName] checkNotNull(packageState) { checkNotNull(packageState) { Loading Loading @@ -206,7 +206,7 @@ private constructor( disabledSystemPackageStates: Map<String, PackageState>, disabledSystemPackageStates: Map<String, PackageState>, knownPackages: IntMap<Array<String>>, knownPackages: IntMap<Array<String>>, packageName: String, packageName: String, appId: Int appId: Int, ) { ) { check(packageName !in packageStates) { check(packageName !in packageStates) { "Removed package $packageName is still in packageStates in onPackageRemoved()" "Removed package $packageName is still in packageStates in onPackageRemoved()" Loading Loading @@ -240,7 +240,7 @@ private constructor( disabledSystemPackageStates: Map<String, PackageState>, disabledSystemPackageStates: Map<String, PackageState>, knownPackages: IntMap<Array<String>>, knownPackages: IntMap<Array<String>>, packageName: String, packageName: String, userId: Int userId: Int, ) { ) { newState.mutateExternalState().apply { newState.mutateExternalState().apply { setPackageStates(packageStates) setPackageStates(packageStates) Loading @@ -260,7 +260,7 @@ private constructor( knownPackages: IntMap<Array<String>>, knownPackages: IntMap<Array<String>>, packageName: String, packageName: String, appId: Int, appId: Int, userId: Int userId: Int, ) { ) { newState.mutateExternalState().apply { newState.mutateExternalState().apply { setPackageStates(packageStates) setPackageStates(packageStates) Loading Loading @@ -308,7 +308,7 @@ private constructor( Slog.w( Slog.w( LOG_TAG, LOG_TAG, "Unexpected version $version for package $packageName," + "Unexpected version $version for package $packageName," + "latest version is $VERSION_LATEST" "latest version is $VERSION_LATEST", ) ) } } } } Loading Loading @@ -346,7 +346,7 @@ private constructor( else -> { else -> { Slog.w( Slog.w( LOG_TAG, LOG_TAG, "Ignoring unknown tag $tagName when parsing user state for user $userId" "Ignoring unknown tag $tagName when parsing user state for user $userId", ) ) } } } } Loading Loading @@ -381,7 +381,7 @@ private constructor( private fun BinaryXmlPullParser.parseDefaultPermissionGrant( private fun BinaryXmlPullParser.parseDefaultPermissionGrant( state: MutableAccessState, state: MutableAccessState, userId: Int userId: Int, ) { ) { val userState = state.mutateUserState(userId, WriteMode.NONE)!! val userState = state.mutateUserState(userId, WriteMode.NONE)!! val fingerprint = getAttributeValueOrThrow(ATTR_FINGERPRINT).intern() val fingerprint = getAttributeValueOrThrow(ATTR_FINGERPRINT).intern() Loading Loading @@ -482,7 +482,7 @@ abstract class SchemePolicy { open fun MutateStateScope.upgradePackageState( open fun MutateStateScope.upgradePackageState( packageState: PackageState, packageState: PackageState, userId: Int, userId: Int, version: Int version: Int, ) {} ) {} open fun BinaryXmlPullParser.parseSystemState(state: MutableAccessState) {} open fun BinaryXmlPullParser.parseSystemState(state: MutableAccessState) {} Loading
services/permission/java/com/android/server/permission/access/AccessState.kt +21 −20 Original line number Original line Diff line number Diff line Loading @@ -36,7 +36,7 @@ private typealias UserStatesReference = MutableReference<UserStates, MutableUser sealed class AccessState( sealed class AccessState( internal val externalStateReference: ExternalStateReference, internal val externalStateReference: ExternalStateReference, internal val systemStateReference: SystemStateReference, internal val systemStateReference: SystemStateReference, internal val userStatesReference: UserStatesReference internal val userStatesReference: UserStatesReference, ) : Immutable<MutableAccessState> { ) : Immutable<MutableAccessState> { val externalState: ExternalState val externalState: ExternalState get() = externalStateReference.get() get() = externalStateReference.get() Loading @@ -54,13 +54,13 @@ class MutableAccessState private constructor( private constructor( externalStateReference: ExternalStateReference, externalStateReference: ExternalStateReference, systemStateReference: SystemStateReference, systemStateReference: SystemStateReference, userStatesReference: UserStatesReference userStatesReference: UserStatesReference, ) : AccessState(externalStateReference, systemStateReference, userStatesReference) { ) : AccessState(externalStateReference, systemStateReference, userStatesReference) { constructor() : constructor() : this( this( ExternalStateReference(MutableExternalState()), ExternalStateReference(MutableExternalState()), SystemStateReference(MutableSystemState()), SystemStateReference(MutableSystemState()), UserStatesReference(MutableUserStates()) UserStatesReference(MutableUserStates()), ) ) internal constructor( internal constructor( Loading @@ -68,7 +68,7 @@ private constructor( ) : this( ) : this( accessState.externalStateReference.toImmutable(), accessState.externalStateReference.toImmutable(), accessState.systemStateReference.toImmutable(), accessState.systemStateReference.toImmutable(), accessState.userStatesReference.toImmutable() accessState.userStatesReference.toImmutable(), ) ) fun mutateExternalState(): MutableExternalState = externalStateReference.mutate() fun mutateExternalState(): MutableExternalState = externalStateReference.mutate() Loading Loading @@ -106,7 +106,7 @@ sealed class ExternalState( privilegedPermissionAllowlistPackages: IndexedListSet<String>, privilegedPermissionAllowlistPackages: IndexedListSet<String>, permissionAllowlist: PermissionAllowlist, permissionAllowlist: PermissionAllowlist, implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>>, implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>>, isSystemReady: Boolean isSystemReady: Boolean, ) : Immutable<MutableExternalState> { ) : Immutable<MutableExternalState> { val userIds: IntSet val userIds: IntSet get() = userIdsReference.get() get() = userIdsReference.get() Loading Loading @@ -158,7 +158,7 @@ private constructor( privilegedPermissionAllowlistPackages: IndexedListSet<String>, privilegedPermissionAllowlistPackages: IndexedListSet<String>, permissionAllowlist: PermissionAllowlist, permissionAllowlist: PermissionAllowlist, implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>>, implicitToSourcePermissions: IndexedMap<String, IndexedListSet<String>>, isSystemReady: Boolean isSystemReady: Boolean, ) : ) : ExternalState( ExternalState( userIdsReference, userIdsReference, Loading @@ -171,7 +171,7 @@ private constructor( privilegedPermissionAllowlistPackages, privilegedPermissionAllowlistPackages, permissionAllowlist, permissionAllowlist, implicitToSourcePermissions, implicitToSourcePermissions, isSystemReady isSystemReady, ) { ) { constructor() : constructor() : this( this( Loading @@ -185,7 +185,7 @@ private constructor( MutableIndexedListSet(), MutableIndexedListSet(), PermissionAllowlist(), PermissionAllowlist(), MutableIndexedMap(), MutableIndexedMap(), false false, ) ) internal constructor( internal constructor( Loading @@ -201,7 +201,7 @@ private constructor( externalState.privilegedPermissionAllowlistPackages, externalState.privilegedPermissionAllowlistPackages, externalState.permissionAllowlist, externalState.permissionAllowlist, externalState.implicitToSourcePermissions, externalState.implicitToSourcePermissions, externalState.isSystemReady externalState.isSystemReady, ) ) fun mutateUserIds(): MutableIntSet = userIdsReference.mutate() fun mutateUserIds(): MutableIntSet = userIdsReference.mutate() Loading Loading @@ -260,7 +260,8 @@ private constructor( private typealias PermissionGroupsReference = private typealias PermissionGroupsReference = MutableReference< MutableReference< IndexedMap<String, PermissionGroupInfo>, MutableIndexedMap<String, PermissionGroupInfo> IndexedMap<String, PermissionGroupInfo>, MutableIndexedMap<String, PermissionGroupInfo>, > > private typealias PermissionTreesReference = private typealias PermissionTreesReference = Loading @@ -273,7 +274,7 @@ sealed class SystemState( val permissionGroupsReference: PermissionGroupsReference, val permissionGroupsReference: PermissionGroupsReference, val permissionTreesReference: PermissionTreesReference, val permissionTreesReference: PermissionTreesReference, val permissionsReference: PermissionsReference, val permissionsReference: PermissionsReference, writeMode: Int writeMode: Int, ) : WritableState, Immutable<MutableSystemState> { ) : WritableState, Immutable<MutableSystemState> { val permissionGroups: IndexedMap<String, PermissionGroupInfo> val permissionGroups: IndexedMap<String, PermissionGroupInfo> get() = permissionGroupsReference.get() get() = permissionGroupsReference.get() Loading @@ -295,13 +296,13 @@ private constructor( permissionGroupsReference: PermissionGroupsReference, permissionGroupsReference: PermissionGroupsReference, permissionTreesReference: PermissionTreesReference, permissionTreesReference: PermissionTreesReference, permissionsReference: PermissionsReference, permissionsReference: PermissionsReference, writeMode: Int writeMode: Int, ) : ) : SystemState( SystemState( permissionGroupsReference, permissionGroupsReference, permissionTreesReference, permissionTreesReference, permissionsReference, permissionsReference, writeMode writeMode, ), ), MutableWritableState { MutableWritableState { constructor() : constructor() : Loading @@ -309,7 +310,7 @@ private constructor( PermissionGroupsReference(MutableIndexedMap()), PermissionGroupsReference(MutableIndexedMap()), PermissionTreesReference(MutableIndexedMap()), PermissionTreesReference(MutableIndexedMap()), PermissionsReference(MutableIndexedMap()), PermissionsReference(MutableIndexedMap()), WriteMode.NONE WriteMode.NONE, ) ) internal constructor( internal constructor( Loading @@ -318,7 +319,7 @@ private constructor( systemState.permissionGroupsReference.toImmutable(), systemState.permissionGroupsReference.toImmutable(), systemState.permissionTreesReference.toImmutable(), systemState.permissionTreesReference.toImmutable(), systemState.permissionsReference.toImmutable(), systemState.permissionsReference.toImmutable(), WriteMode.NONE WriteMode.NONE, ) ) fun mutatePermissionGroups(): MutableIndexedMap<String, PermissionGroupInfo> = fun mutatePermissionGroups(): MutableIndexedMap<String, PermissionGroupInfo> = Loading Loading @@ -385,7 +386,7 @@ sealed class UserState( internal val appIdAppOpModesReference: AppIdAppOpModesReference, internal val appIdAppOpModesReference: AppIdAppOpModesReference, internal val packageAppOpModesReference: PackageAppOpModesReference, internal val packageAppOpModesReference: PackageAppOpModesReference, defaultPermissionGrantFingerprint: String?, defaultPermissionGrantFingerprint: String?, writeMode: Int writeMode: Int, ) : WritableState, Immutable<MutableUserState> { ) : WritableState, Immutable<MutableUserState> { val packageVersions: IndexedMap<String, Int> val packageVersions: IndexedMap<String, Int> get() = packageVersionsReference.get() get() = packageVersionsReference.get() Loading Loading @@ -419,7 +420,7 @@ private constructor( appIdAppOpModesReference: AppIdAppOpModesReference, appIdAppOpModesReference: AppIdAppOpModesReference, packageAppOpModesReference: PackageAppOpModesReference, packageAppOpModesReference: PackageAppOpModesReference, defaultPermissionGrantFingerprint: String?, defaultPermissionGrantFingerprint: String?, writeMode: Int writeMode: Int, ) : ) : UserState( UserState( packageVersionsReference, packageVersionsReference, Loading @@ -428,7 +429,7 @@ private constructor( appIdAppOpModesReference, appIdAppOpModesReference, packageAppOpModesReference, packageAppOpModesReference, defaultPermissionGrantFingerprint, defaultPermissionGrantFingerprint, writeMode writeMode, ), ), MutableWritableState { MutableWritableState { constructor() : constructor() : Loading @@ -439,7 +440,7 @@ private constructor( AppIdAppOpModesReference(MutableAppIdAppOpModes()), AppIdAppOpModesReference(MutableAppIdAppOpModes()), PackageAppOpModesReference(MutablePackageAppOpModes()), PackageAppOpModesReference(MutablePackageAppOpModes()), null, null, WriteMode.NONE WriteMode.NONE, ) ) internal constructor( internal constructor( Loading @@ -451,7 +452,7 @@ private constructor( userState.appIdAppOpModesReference.toImmutable(), userState.appIdAppOpModesReference.toImmutable(), userState.packageAppOpModesReference.toImmutable(), userState.packageAppOpModesReference.toImmutable(), userState.defaultPermissionGrantFingerprint, userState.defaultPermissionGrantFingerprint, WriteMode.NONE WriteMode.NONE, ) ) fun mutatePackageVersions(): MutableIndexedMap<String, Int> = packageVersionsReference.mutate() fun mutatePackageVersions(): MutableIndexedMap<String, Int> = packageVersionsReference.mutate() Loading
services/permission/java/com/android/server/permission/access/appop/AppIdAppOpPersistence.kt +1 −1 Original line number Original line Diff line number Diff line Loading @@ -83,7 +83,7 @@ class AppIdAppOpPersistence : BaseAppOpPersistence() { private fun BinaryXmlSerializer.serializeAppId( private fun BinaryXmlSerializer.serializeAppId( appId: Int, appId: Int, appOpModes: IndexedMap<String, Int> appOpModes: IndexedMap<String, Int>, ) { ) { tag(TAG_APP_ID) { tag(TAG_APP_ID) { attributeInt(ATTR_ID, appId) attributeInt(ATTR_ID, appId) Loading
services/permission/java/com/android/server/permission/access/appop/AppIdAppOpPolicy.kt +2 −2 Original line number Original line Diff line number Diff line Loading @@ -83,7 +83,7 @@ class AppIdAppOpPolicy : BaseAppOpPolicy(AppIdAppOpPersistence()) { appId: Int, appId: Int, userId: Int, userId: Int, appOpName: String, appOpName: String, mode: Int mode: Int, ): Boolean { ): Boolean { if (userId !in newState.userStates) { if (userId !in newState.userStates) { Slog.e(LOG_TAG, "Unable to set app op mode for missing user $userId") Slog.e(LOG_TAG, "Unable to set app op mode for missing user $userId") Loading Loading @@ -147,7 +147,7 @@ class AppIdAppOpPolicy : BaseAppOpPolicy(AppIdAppOpPersistence()) { userId: Int, userId: Int, appOpName: String, appOpName: String, oldMode: Int, oldMode: Int, newMode: Int newMode: Int, ) ) /** /** Loading
