Loading core/java/android/companion/flags.aconfig +8 −0 Original line number Diff line number Diff line Loading @@ -39,3 +39,11 @@ flag { description: "Expose perm sync user consent API" bug: "309528663" } flag { name: "ongoing_perm_sync" is_exported: true namespace: "companion" description: "Enable ongoing perm sync" bug: "338469649" } No newline at end of file core/res/res/values/config.xml +13 −0 Original line number Diff line number Diff line Loading @@ -4652,6 +4652,19 @@ --> <string-array name="config_companionDeviceCerts" translatable="false"></string-array> <!-- A list of packages that auto-enable permissions sync feature. Note that config_companionPermSyncEnabledPackages and config_companionPermSyncEnabledCerts are parallel arrays. --> <string-array name="config_companionPermSyncEnabledPackages" translatable="false"></string-array> <!-- A list of SHA256 Certificates corresponding to config_companionPermSyncEnabledPackages. Note that config_companionPermSyncEnabledPackages and config_companionPermSyncEnabledCerts are parallel arrays. Example: "1A:2B:3C:4D" --> <string-array name="config_companionPermSyncEnabledCerts" translatable="false"></string-array> <!-- The package name for the default wellbeing app. This package must be trusted, as it has the permissions to control other applications on the device. Loading core/res/res/values/symbols.xml +2 −0 Original line number Diff line number Diff line Loading @@ -675,6 +675,8 @@ <java-symbol type="string" name="config_companionDeviceManagerPackage" /> <java-symbol type="array" name="config_companionDevicePackages" /> <java-symbol type="array" name="config_companionDeviceCerts" /> <java-symbol type="array" name="config_companionPermSyncEnabledPackages" /> <java-symbol type="array" name="config_companionPermSyncEnabledCerts" /> <java-symbol type="string" name="config_default_dns_server" /> <java-symbol type="string" name="config_ethernet_iface_regex" /> <java-symbol type="string" name="not_checked" /> Loading services/companion/java/com/android/server/companion/datatransfer/SystemDataTransferProcessor.java +1 −1 Original line number Diff line number Diff line Loading @@ -135,7 +135,7 @@ public class SystemDataTransferProcessor { */ public PendingIntent buildPermissionTransferUserConsentIntent(String packageName, @UserIdInt int userId, int associationId) { if (PackageUtils.isPackageAllowlisted(mContext, mPackageManager, packageName)) { if (PackageUtils.isPermSyncAutoEnabled(mContext, mPackageManager, packageName)) { Slog.i(LOG_TAG, "User consent Intent should be skipped. Returning null."); // Auto enable perm sync for the allowlisted packages, but don't override user decision PermissionSyncRequest request = getPermissionSyncRequest(associationId); Loading services/companion/java/com/android/server/companion/utils/PackageUtils.java +23 −3 Original line number Diff line number Diff line Loading @@ -21,6 +21,11 @@ import static android.content.pm.PackageManager.GET_CONFIGURATIONS; import static android.content.pm.PackageManager.GET_PERMISSIONS; import static android.os.Binder.getCallingUid; import static com.android.internal.R.array.config_companionDeviceCerts; import static com.android.internal.R.array.config_companionDevicePackages; import static com.android.internal.R.array.config_companionPermSyncEnabledCerts; import static com.android.internal.R.array.config_companionPermSyncEnabledPackages; import android.Manifest; import android.annotation.NonNull; import android.annotation.Nullable; Loading Loading @@ -185,15 +190,30 @@ public final class PackageUtils { */ public static boolean isPackageAllowlisted(Context context, PackageManagerInternal packageManagerInternal, @NonNull String packageName) { final String[] allowlistedPackages = context.getResources() .getStringArray(com.android.internal.R.array.config_companionDevicePackages); return isPackageAllowlisted(context, packageManagerInternal, packageName, config_companionDevicePackages, config_companionDeviceCerts); } /** * Check if perm sync is allowlisted and auto-enabled for the package. */ public static boolean isPermSyncAutoEnabled(Context context, PackageManagerInternal packageManagerInternal, String packageName) { return isPackageAllowlisted(context, packageManagerInternal, packageName, config_companionPermSyncEnabledPackages, config_companionPermSyncEnabledCerts); } private static boolean isPackageAllowlisted(Context context, PackageManagerInternal packageManagerInternal, String packageName, int packagesConfig, int certsConfig) { final String[] allowlistedPackages = context.getResources().getStringArray(packagesConfig); if (!ArrayUtils.contains(allowlistedPackages, packageName)) { Slog.d(TAG, packageName + " is not allowlisted."); return false; } final String[] allowlistedPackagesSignatureDigests = context.getResources() .getStringArray(com.android.internal.R.array.config_companionDeviceCerts); .getStringArray(certsConfig); final Set<String> allowlistedSignatureDigestsForRequestingPackage = new HashSet<>(); for (int i = 0; i < allowlistedPackages.length; i++) { if (allowlistedPackages[i].equals(packageName)) { Loading Loading
core/java/android/companion/flags.aconfig +8 −0 Original line number Diff line number Diff line Loading @@ -39,3 +39,11 @@ flag { description: "Expose perm sync user consent API" bug: "309528663" } flag { name: "ongoing_perm_sync" is_exported: true namespace: "companion" description: "Enable ongoing perm sync" bug: "338469649" } No newline at end of file
core/res/res/values/config.xml +13 −0 Original line number Diff line number Diff line Loading @@ -4652,6 +4652,19 @@ --> <string-array name="config_companionDeviceCerts" translatable="false"></string-array> <!-- A list of packages that auto-enable permissions sync feature. Note that config_companionPermSyncEnabledPackages and config_companionPermSyncEnabledCerts are parallel arrays. --> <string-array name="config_companionPermSyncEnabledPackages" translatable="false"></string-array> <!-- A list of SHA256 Certificates corresponding to config_companionPermSyncEnabledPackages. Note that config_companionPermSyncEnabledPackages and config_companionPermSyncEnabledCerts are parallel arrays. Example: "1A:2B:3C:4D" --> <string-array name="config_companionPermSyncEnabledCerts" translatable="false"></string-array> <!-- The package name for the default wellbeing app. This package must be trusted, as it has the permissions to control other applications on the device. Loading
core/res/res/values/symbols.xml +2 −0 Original line number Diff line number Diff line Loading @@ -675,6 +675,8 @@ <java-symbol type="string" name="config_companionDeviceManagerPackage" /> <java-symbol type="array" name="config_companionDevicePackages" /> <java-symbol type="array" name="config_companionDeviceCerts" /> <java-symbol type="array" name="config_companionPermSyncEnabledPackages" /> <java-symbol type="array" name="config_companionPermSyncEnabledCerts" /> <java-symbol type="string" name="config_default_dns_server" /> <java-symbol type="string" name="config_ethernet_iface_regex" /> <java-symbol type="string" name="not_checked" /> Loading
services/companion/java/com/android/server/companion/datatransfer/SystemDataTransferProcessor.java +1 −1 Original line number Diff line number Diff line Loading @@ -135,7 +135,7 @@ public class SystemDataTransferProcessor { */ public PendingIntent buildPermissionTransferUserConsentIntent(String packageName, @UserIdInt int userId, int associationId) { if (PackageUtils.isPackageAllowlisted(mContext, mPackageManager, packageName)) { if (PackageUtils.isPermSyncAutoEnabled(mContext, mPackageManager, packageName)) { Slog.i(LOG_TAG, "User consent Intent should be skipped. Returning null."); // Auto enable perm sync for the allowlisted packages, but don't override user decision PermissionSyncRequest request = getPermissionSyncRequest(associationId); Loading
services/companion/java/com/android/server/companion/utils/PackageUtils.java +23 −3 Original line number Diff line number Diff line Loading @@ -21,6 +21,11 @@ import static android.content.pm.PackageManager.GET_CONFIGURATIONS; import static android.content.pm.PackageManager.GET_PERMISSIONS; import static android.os.Binder.getCallingUid; import static com.android.internal.R.array.config_companionDeviceCerts; import static com.android.internal.R.array.config_companionDevicePackages; import static com.android.internal.R.array.config_companionPermSyncEnabledCerts; import static com.android.internal.R.array.config_companionPermSyncEnabledPackages; import android.Manifest; import android.annotation.NonNull; import android.annotation.Nullable; Loading Loading @@ -185,15 +190,30 @@ public final class PackageUtils { */ public static boolean isPackageAllowlisted(Context context, PackageManagerInternal packageManagerInternal, @NonNull String packageName) { final String[] allowlistedPackages = context.getResources() .getStringArray(com.android.internal.R.array.config_companionDevicePackages); return isPackageAllowlisted(context, packageManagerInternal, packageName, config_companionDevicePackages, config_companionDeviceCerts); } /** * Check if perm sync is allowlisted and auto-enabled for the package. */ public static boolean isPermSyncAutoEnabled(Context context, PackageManagerInternal packageManagerInternal, String packageName) { return isPackageAllowlisted(context, packageManagerInternal, packageName, config_companionPermSyncEnabledPackages, config_companionPermSyncEnabledCerts); } private static boolean isPackageAllowlisted(Context context, PackageManagerInternal packageManagerInternal, String packageName, int packagesConfig, int certsConfig) { final String[] allowlistedPackages = context.getResources().getStringArray(packagesConfig); if (!ArrayUtils.contains(allowlistedPackages, packageName)) { Slog.d(TAG, packageName + " is not allowlisted."); return false; } final String[] allowlistedPackagesSignatureDigests = context.getResources() .getStringArray(com.android.internal.R.array.config_companionDeviceCerts); .getStringArray(certsConfig); final Set<String> allowlistedSignatureDigestsForRequestingPackage = new HashSet<>(); for (int i = 0; i < allowlistedPackages.length; i++) { if (allowlistedPackages[i].equals(packageName)) { Loading
