Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a805c6f5 authored by Nate Myren's avatar Nate Myren
Browse files

Grant Notifications to Carrier Provisioning App 

When the set of carrier privileged apps changes on the device, grant the
Carrier Provisioning app POST_NOTIFICATIONS

Fixes: 226201376
Test: atest DefaultPermissionGrantPolicyTest
Change-Id: I5ff732823404bd48eed076c32485331cf6efd797
parent e9a0acdf

core/java/android/permission/ILegacyPermissionManager.aidl

+2 −0
Original line number Diff line number Diff line
@@ -49,4 +49,6 @@ interface ILegacyPermissionManager { 
    void grantDefaultPermissionsToActiveLuiApp(in String packageName, int userId);



    void revokeDefaultPermissionsFromLuiApps(in String[] packageNames, int userId);



    void grantDefaultPermissionsToCarrierServiceApp(in String packageName, int userId);

}

core/java/android/permission/LegacyPermissionManager.java

+17 −0
Original line number Diff line number Diff line
@@ -22,6 +22,7 @@ import android.annotation.NonNull; 
import android.annotation.Nullable;

import android.annotation.RequiresPermission;

import android.annotation.SystemService;

import android.annotation.UserIdInt;

import android.content.Context;

import android.content.pm.PackageManager;

import android.os.RemoteException;
@@ -244,4 +245,20 @@ public final class LegacyPermissionManager { 
            e.rethrowFromSystemServer();

        }

    }



    /**

     * Grant permissions to a newly set Carrier Services app.

     * @param packageName The newly set Carrier Services app

     * @param userId The user for which to grant the permissions.

     * @hide

     */

    public void grantDefaultPermissionsToCarrierServiceApp(@NonNull String packageName,

            @UserIdInt int userId) {

        try {

            mLegacyPermissionManager.grantDefaultPermissionsToCarrierServiceApp(packageName,

                    userId);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

    }

}

services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java

+9 −0
Original line number Diff line number Diff line
@@ -21,6 +21,7 @@ import static android.os.Process.FIRST_APPLICATION_UID; 
import android.Manifest;

import android.annotation.NonNull;

import android.annotation.Nullable;

import android.annotation.UserIdInt;

import android.app.ActivityManager;

import android.app.DownloadManager;

import android.app.SearchManager;
@@ -1102,6 +1103,14 @@ final class DefaultPermissionGrantPolicy { 
        }

    }



    public void grantDefaultPermissionsToCarrierServiceApp(@NonNull String packageName,

            @UserIdInt int userId) {

        Log.i(TAG, "Grant permissions to Carrier Service app " + packageName + " for user:"

                + userId);

        grantPermissionsToPackage(NO_PM_CACHE, packageName, userId, /* ignoreSystemPackage */ false,

               /* whitelistRestricted */ true, NOTIFICATION_PERMISSIONS);

    }



    private String getDefaultSystemHandlerActivityPackage(PackageManagerWrapper pm,

            String intentAction, int userId) {

        return getDefaultSystemHandlerActivityPackage(pm, new Intent(intentAction), userId);

services/core/java/com/android/server/pm/permission/LegacyPermissionManagerService.java

+10 −0
Original line number Diff line number Diff line
@@ -18,6 +18,7 @@ package com.android.server.pm.permission; 


import android.annotation.NonNull;

import android.annotation.Nullable;

import android.annotation.UserIdInt;

import android.app.AppOpsManager;

import android.app.admin.DevicePolicyManager;

import android.content.Context;
@@ -247,6 +248,15 @@ public class LegacyPermissionManagerService extends ILegacyPermissionManager.Stu 
        return PackageManager.PERMISSION_GRANTED;

    }



    @Override

    public void grantDefaultPermissionsToCarrierServiceApp(@NonNull String packageName,

            @UserIdInt int userId) {

        PackageManagerServiceUtils.enforceSystemOrRoot(

                "grantDefaultPermissionsForCarrierServiceApp");

        Binder.withCleanCallingIdentity(() -> mDefaultPermissionGrantPolicy

                .grantDefaultPermissionsToCarrierServiceApp(packageName, userId));

    }



    @Override

    public void grantDefaultPermissionsToActiveLuiApp(String packageName, int userId) {

        final int callingUid = Binder.getCallingUid();

services/core/java/com/android/server/policy/PermissionPolicyService.java

+99 −0
Original line number Diff line number Diff line
@@ -66,11 +66,13 @@ import android.os.Process; 
import android.os.RemoteException;

import android.os.ServiceManager;

import android.os.UserHandle;

import android.permission.LegacyPermissionManager;

import android.permission.PermissionControllerManager;

import android.permission.PermissionManager;

import android.provider.Settings;

import android.provider.Telephony;

import android.telecom.TelecomManager;

import android.telephony.TelephonyManager;

import android.util.ArrayMap;

import android.util.ArraySet;

import android.util.Log;
@@ -106,6 +108,7 @@ import java.util.HashMap; 
import java.util.List;

import java.util.Map;

import java.util.Objects;

import java.util.Set;

import java.util.concurrent.ExecutionException;



/**
@@ -163,6 +166,7 @@ public final class PermissionPolicyService extends SystemService { 
    private PackageManagerInternal mPackageManagerInternal;

    private PermissionManagerServiceInternal mPermissionManagerInternal;

    private NotificationManagerInternal mNotificationManager;

    private TelephonyManager mTelephonyManager;

    private final KeyguardManager mKeyguardManager;

    private final PackageManager mPackageManager;

    private final Handler mHandler;
@@ -384,6 +388,13 @@ public final class PermissionPolicyService extends SystemService { 
    public void onBootPhase(int phase) {

        if (DEBUG) Slog.i(LOG_TAG, "onBootPhase(" + phase + ")");



        if (phase == PHASE_DEVICE_SPECIFIC_SERVICES_READY) {

            registerCarrierPrivilegesCallbacks();

            IntentFilter filter =

                    new IntentFilter(TelephonyManager.ACTION_MULTI_SIM_CONFIG_CHANGED);

            mContext.registerReceiver(mSimConfigBroadcastReceiver, filter);

        }



        if (phase == PHASE_ACTIVITY_MANAGER_READY) {

            final UserManagerInternal um = LocalServices.getService(UserManagerInternal.class);
@@ -408,6 +419,94 @@ public final class PermissionPolicyService extends SystemService { 


    }



    private void initTelephonyManagerIfNeeded() {

        if (mTelephonyManager == null) {

            mTelephonyManager = TelephonyManager.from(mContext);

        }

    }



    private void registerCarrierPrivilegesCallbacks() {

        initTelephonyManagerIfNeeded();

        if (mTelephonyManager == null) {

            return;

        }



        int numPhones = mTelephonyManager.getActiveModemCount();

        for (int i = 0; i < numPhones; i++) {

            PhoneCarrierPrivilegesCallback callback = new PhoneCarrierPrivilegesCallback(i);

            mPhoneCarrierPrivilegesCallbacks.add(callback);

            mTelephonyManager.registerCarrierPrivilegesCallback(i, mContext.getMainExecutor(),

                    callback);

        }

    }



    private void unregisterCarrierPrivilegesCallback() {

        initTelephonyManagerIfNeeded();

        if (mTelephonyManager == null) {

            return;

        }



        for (int i = 0; i < mPhoneCarrierPrivilegesCallbacks.size(); i++) {

            PhoneCarrierPrivilegesCallback callback = mPhoneCarrierPrivilegesCallbacks.get(i);

            if (callback != null) {

                mTelephonyManager.unregisterCarrierPrivilegesCallback(callback);

            }

        }

        mPhoneCarrierPrivilegesCallbacks.clear();

    }



    private final class PhoneCarrierPrivilegesCallback

            implements TelephonyManager.CarrierPrivilegesCallback {

        private int mPhoneId;



        PhoneCarrierPrivilegesCallback(int phoneId) {

            mPhoneId = phoneId;

        }

        @Override

        public void onCarrierPrivilegesChanged(

                @NonNull Set<String> privilegedPackageNames,

                @NonNull Set<Integer> privilegedUids) {

            initTelephonyManagerIfNeeded();

            if (mTelephonyManager == null) {

                Log.e(LOG_TAG, "Cannot grant default permissions to Carrier Service app. "

                        + "TelephonyManager is null");

                return;

            }



            String servicePkg = mTelephonyManager.getCarrierServicePackageNameForLogicalSlot(

                    mPhoneId);

            if (servicePkg == null) {

                return;

            }

            int[] users = LocalServices.getService(UserManagerInternal.class).getUserIds();

            LegacyPermissionManager legacyPermManager =

                    mContext.getSystemService(LegacyPermissionManager.class);

            for (int i = 0; i < users.length; i++) {

                try {

                    mPackageManager.getPackageInfoAsUser(servicePkg, 0, users[i]);

                    legacyPermManager.grantDefaultPermissionsToCarrierServiceApp(

                            servicePkg, users[i]);

                } catch (PackageManager.NameNotFoundException e) {

                    // Do nothing if the package does not exist for the specified user

                }

            }

        }

    }



    private final ArrayList<PhoneCarrierPrivilegesCallback> mPhoneCarrierPrivilegesCallbacks =

            new ArrayList<>();



    private final BroadcastReceiver mSimConfigBroadcastReceiver = new BroadcastReceiver() {

        @Override

        public void onReceive(Context context, Intent intent) {

            if (!TelephonyManager.ACTION_MULTI_SIM_CONFIG_CHANGED.equals(intent.getAction())) {

                return;

            }

            unregisterCarrierPrivilegesCallback();

            registerCarrierPrivilegesCallbacks();

        }

    };



    /**

     * @return Whether the user is started but not yet stopped

     */