Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8f844a46 authored by Roman Birg's avatar Roman Birg Committed by Adnan Begovic
Browse files

Allow permissions to be granted via whitelisted signatures 

When an application defines a permission, it can now add a new
attribute "allowViaWhitelist", a boolean value. If set to true,
the permission may be granted to a package signed with a predefined key,
if it is defined via <allow-permission> in
/system/etc/permissions/someapp.xml.

Since this is a hidden attribute, it must use the prv namespace XML
declaration. E.g.: add the following to the <manifest> tag:

       xmlns:androidprv="http://schemas.android.com/apk/prv/res/android

"

In the permission declaration:

        <permission
            android:name=""
            android:protectionLevel="signature"
            androidprv:allowViaWhitelist"true" />

And a corresponding entry in /system/etc/permissions/someapp.xml:

        <allow-permission
            name="some.android.PERMISSION"
            signature="<known public signature>" />

Note: if the permission never declares "allowViaWhitelist", then the
whitelisted permissions will be ignored.

Change-Id: Ie4597a07eb0a193375fa2724bd9cf468184a7926
Signed-off-by: default avatarRoman Birg <roman@cyngn.com>
parent 75f9e244

core/java/android/content/pm/PackageParser.java

+4 −0
Original line number Diff line number Diff line
@@ -2256,6 +2256,10 @@ public class PackageParser { 
        perm.info.flags = sa.getInt(

                com.android.internal.R.styleable.AndroidManifestPermission_permissionFlags, 0);



        perm.info.allowViaWhitelist = sa.getBoolean(

                com.android.internal.R.styleable.AndroidManifestPermission_allowViaWhitelist,

                false);



        sa.recycle();



        if (perm.info.protectionLevel == -1) {

core/java/android/content/pm/PermissionInfo.java

+11 −0
Original line number Diff line number Diff line
@@ -178,6 +178,14 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { 
     */

    public CharSequence nonLocalizedDescription;



    /**

     * Whether this permission will be granted to apps signed with white-listed keys in

     * /system/etc/permissions/someapp.xml

     *

     * @hide

     */

    public boolean allowViaWhitelist;



    /** @hide */

    public static int fixProtectionLevel(int level) {

        if (level == PROTECTION_SIGNATURE_OR_SYSTEM) {
@@ -237,6 +245,7 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { 
        group = orig.group;

        descriptionRes = orig.descriptionRes;

        nonLocalizedDescription = orig.nonLocalizedDescription;

        allowViaWhitelist = orig.allowViaWhitelist;

    }



    /**
@@ -279,6 +288,7 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { 
        dest.writeInt(flags);

        dest.writeString(group);

        dest.writeInt(descriptionRes);

        dest.writeInt(allowViaWhitelist ? 1 : 0);

        TextUtils.writeToParcel(nonLocalizedDescription, dest, parcelableFlags);

    }
@@ -298,6 +308,7 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { 
        flags = source.readInt();

        group = source.readString();

        descriptionRes = source.readInt();

        allowViaWhitelist = source.readInt() == 1;

        nonLocalizedDescription = TextUtils.CHAR_SEQUENCE_CREATOR.createFromParcel(source);

    }

}

core/res/res/values/attrs_manifest.xml

+3 −0
Original line number Diff line number Diff line
@@ -1289,6 +1289,9 @@ 
        <attr name="description" />

        <attr name="protectionLevel" />

        <attr name="permissionFlags" />

        <!--  @hide Allows permissions to be granted to specific application signatures,

              which are defined in /system/etc/permissions/someapp.xml. -->

        <attr name="allowViaWhitelist" format="boolean" />

    </declare-styleable>

    

    <!-- The <code>permission-group</code> tag declares a logical grouping of

services/core/java/com/android/server/pm/BasePermission.java

+2 −0
Original line number Diff line number Diff line
@@ -53,6 +53,8 @@ final class BasePermission { 
     */

    private boolean perUser;



    boolean allowViaWhitelist;



    BasePermission(String _name, String _sourcePackage, int _type) {

        name = _name;

        sourcePackage = _sourcePackage;

services/core/java/com/android/server/pm/PackageManagerService.java

+6 −0
Original line number Diff line number Diff line
@@ -3327,6 +3327,7 @@ public class PackageManagerService extends IPackageManager.Stub { 
        if (!compareStrings(pi1.nonLocalizedLabel, pi2.nonLocalizedLabel)) return false;

        // We'll take care of setting this one.

        if (!compareStrings(pi1.packageName, pi2.packageName)) return false;

        if (pi1.allowViaWhitelist != pi2.allowViaWhitelist) return false;

        // These are not currently stored in settings.

        //if (!compareStrings(pi1.group, pi2.group)) return false;

        //if (!compareStrings(pi1.nonLocalizedDescription, pi2.nonLocalizedDescription)) return false;
@@ -7441,6 +7442,7 @@ public class PackageManagerService extends IPackageManager.Stub { 
                            bp.perm = p;

                            bp.uid = pkg.applicationInfo.uid;

                            bp.sourcePackage = p.info.packageName;

                            bp.allowViaWhitelist = p.info.allowViaWhitelist;

                            p.info.flags |= PermissionInfo.FLAG_INSTALLED;

                        } else if (!currentOwnerIsSystem) {

                            String msg = "New decl " + p.owner + " of permission  "
@@ -7454,6 +7456,7 @@ public class PackageManagerService extends IPackageManager.Stub { 
                if (bp == null) {

                    bp = new BasePermission(p.info.name, p.info.packageName,

                            BasePermission.TYPE_NORMAL);

                    bp.allowViaWhitelist = p.info.allowViaWhitelist;

                    permissionMap.put(p.info.name, bp);

                }










@@ -8696,6 +8699,9 @@ public class PackageManagerService extends IPackageManager.Stub {













                allowed = origPermissions.hasInstallPermission(perm);















            }















        }













        if (!allowed && bp.allowViaWhitelist) {













            allowed = isAllowedSignature(pkg, perm);













        }















        return allowed;















    }