Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b940fee2 authored by Scarlett Song's avatar Scarlett Song
Browse files

Split permission: Check feature flag when SystemConfig parses xml tag 

Also replaces param XmlResourceParser with XmlPullParser because the latter is a broader interface and satisfies all requirements in the calling method skipCurrentElement.

Testing: Manually on a device. Verified that split-permissions behind a disabled feature flag were absent. Override the flag in device config to enable it, rebooted, then the split-permission was present. More details in https://docs.google.com/document/d/19Yg1s1dRahnSfiRMqDukcT4XD3fD8tVZCdSRaVyKlyY/edit?tab=t.0
Bug: 364642090
Bug: 364638912
Flag: android.permission.flags.replace_body_sensor_permission_enabled
Change-Id: Ideeb989a3836b9c5695b6044cc9909ba15ed3ef4
parent 8a7945fa

core/java/com/android/internal/pm/pkg/component/AconfigFlags.java

+20 −3
Original line number Diff line number Diff line
@@ -214,13 +214,30 @@ public class AconfigFlags { 
     * @param parser XML parser object currently parsing an element

     * @return true if the element is disabled because of its feature flag

     */

    public boolean skipCurrentElement(@Nullable ParsingPackage pkg, @NonNull XmlPullParser parser) {

        return skipCurrentElement(pkg, parser, /* allowNoNamespace= */ false);

    }



    /**

     * Check if the element in {@code parser} should be skipped because of the feature flag.

     * @param pkg The package being parsed

     * @param parser XML parser object currently parsing an element

     * @param allowNoNamespace Whether to allow namespace null

     * @return true if the element is disabled because of its feature flag

     */

    public boolean skipCurrentElement(

            @NonNull ParsingPackage pkg,

            @NonNull XmlResourceParser parser) {

        @Nullable ParsingPackage pkg,

        @NonNull XmlPullParser parser,

        boolean allowNoNamespace

    ) {

        if (!Flags.manifestFlagging()) {

            return false;

        }

        String featureFlag = parser.getAttributeValue(ANDROID_RES_NAMESPACE, "featureFlag");

        // If allow no namespace, make another attempt to parse feature flag with null namespace.

        if (featureFlag == null && allowNoNamespace) {

            featureFlag = parser.getAttributeValue(null, "featureFlag");

        }

        if (featureFlag == null) {

            return false;

        }
@@ -242,7 +259,7 @@ public class AconfigFlags { 
                    + " behind feature flag " + featureFlag + " = " + flagValue);

            shouldSkip = true;

        }

        if (android.content.pm.Flags.includeFeatureFlagsInPackageCacher()) {

        if (pkg != null && android.content.pm.Flags.includeFeatureFlagsInPackageCacher()) {

            pkg.addFeatureFlag(featureFlag, flagValue);

        }

        return shouldSkip;

services/core/java/com/android/server/SystemConfig.java

+8 −0
Original line number Diff line number Diff line
@@ -47,6 +47,7 @@ import android.util.Xml; 


import com.android.internal.annotations.VisibleForTesting;

import com.android.internal.pm.RoSystemFeatures;

import com.android.internal.pm.pkg.parsing.ParsingPackageUtils;

import com.android.internal.util.XmlUtils;

import com.android.modules.utils.build.UnboundedSdkLevel;

import com.android.server.pm.permission.PermissionAllowlist;
@@ -2000,6 +2001,13 @@ public class SystemConfig { 


    private void readSplitPermission(XmlPullParser parser, File permFile)

            throws IOException, XmlPullParserException {

        // If trunkstable feature flag disabled for this split permission, skip this tag.

        if (ParsingPackageUtils.getAconfigFlags()

            .skipCurrentElement(/* pkg= */ null, parser, /* allowNoNamespace= */ true)) {

            XmlUtils.skipCurrentTag(parser);

            return;

        }



        String splitPerm = parser.getAttributeValue(null, "name");

        if (splitPerm == null) {

            Slog.w(TAG, "<split-permission> without name in " + permFile + " at "