Loading services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java +41 −0 Original line number Diff line number Diff line Loading @@ -302,6 +302,7 @@ public final class DefaultPermissionGrantPolicy { } public void grantDefaultPermissions(int userId) { removeSystemFixedStorage(userId); grantPermissionsToSysComponentsAndPrivApps(userId); grantDefaultSystemHandlerPermissions(userId); grantDefaultPermissionExceptions(userId); Loading @@ -310,6 +311,46 @@ public final class DefaultPermissionGrantPolicy { } } // STOPSHIP: This is meant to fix the devices messed up by storage permission model 2 and // should be removed once all devices were updated private void removeSystemFixedStorage(int userId) { List<PackageInfo> packages = mContext.getPackageManager().getInstalledPackagesAsUser( DEFAULT_PACKAGE_INFO_QUERY_FLAGS, userId); for (PackageInfo pkg : packages) { if (pkg == null || pkg.requestedPermissions == null) { continue; } for (String permission : pkg.requestedPermissions) { if (!(Manifest.permission.READ_EXTERNAL_STORAGE.equals(permission) || Manifest.permission.WRITE_EXTERNAL_STORAGE.equals(permission))) { continue; } int flags = mContext.getPackageManager().getPermissionFlags(permission, pkg.packageName, UserHandle.of(userId)); if ((flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) == 0) { continue; } Log.v(TAG, "Removing system fixed " + pkg.packageName + "/" + permission); mContext.getPackageManager().updatePermissionFlags(permission, pkg.packageName, PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, 0, UserHandle.of(userId)); if (!doesPackageSupportRuntimePermissions(pkg) || (flags & (PackageManager.FLAG_PERMISSION_USER_SET | PackageManager.FLAG_PERMISSION_POLICY_FIXED)) != 0) { continue; } Log.v(TAG, "Revoking " + pkg.packageName + "/" + permission); mContext.getPackageManager().revokeRuntimePermission(pkg.packageName, permission, UserHandle.of(userId)); } } } private void grantRuntimePermissionsForSystemPackage(int userId, PackageInfo pkg) { Set<String> permissions = new ArraySet<>(); for (String permission : pkg.requestedPermissions) { Loading Loading
services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java +41 −0 Original line number Diff line number Diff line Loading @@ -302,6 +302,7 @@ public final class DefaultPermissionGrantPolicy { } public void grantDefaultPermissions(int userId) { removeSystemFixedStorage(userId); grantPermissionsToSysComponentsAndPrivApps(userId); grantDefaultSystemHandlerPermissions(userId); grantDefaultPermissionExceptions(userId); Loading @@ -310,6 +311,46 @@ public final class DefaultPermissionGrantPolicy { } } // STOPSHIP: This is meant to fix the devices messed up by storage permission model 2 and // should be removed once all devices were updated private void removeSystemFixedStorage(int userId) { List<PackageInfo> packages = mContext.getPackageManager().getInstalledPackagesAsUser( DEFAULT_PACKAGE_INFO_QUERY_FLAGS, userId); for (PackageInfo pkg : packages) { if (pkg == null || pkg.requestedPermissions == null) { continue; } for (String permission : pkg.requestedPermissions) { if (!(Manifest.permission.READ_EXTERNAL_STORAGE.equals(permission) || Manifest.permission.WRITE_EXTERNAL_STORAGE.equals(permission))) { continue; } int flags = mContext.getPackageManager().getPermissionFlags(permission, pkg.packageName, UserHandle.of(userId)); if ((flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) == 0) { continue; } Log.v(TAG, "Removing system fixed " + pkg.packageName + "/" + permission); mContext.getPackageManager().updatePermissionFlags(permission, pkg.packageName, PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, 0, UserHandle.of(userId)); if (!doesPackageSupportRuntimePermissions(pkg) || (flags & (PackageManager.FLAG_PERMISSION_USER_SET | PackageManager.FLAG_PERMISSION_POLICY_FIXED)) != 0) { continue; } Log.v(TAG, "Revoking " + pkg.packageName + "/" + permission); mContext.getPackageManager().revokeRuntimePermission(pkg.packageName, permission, UserHandle.of(userId)); } } } private void grantRuntimePermissionsForSystemPackage(int userId, PackageInfo pkg) { Set<String> permissions = new ArraySet<>(); for (String permission : pkg.requestedPermissions) { Loading
