Merge "Revert "Make all permissions per-user."" (c7eaa75e) · Commits · e / os / android_frameworks_base

core/res/res/values/attrs_manifest.xml

+1 −3

Original line number	Diff line number	Diff line
		@@ -239,9 +239,7 @@
		<!-- Old synonym for "privileged". Deprecated in API level 23. -->
		<flag name="system" value="0x10" />
		<!-- Additional flag from base permission type: this permission can also
		(optionally) be granted to development applications. Although undocumented, the
		permission state used to be shared by all users (including future users), but it is
		managed per-user since API level 31. -->
		(optionally) be granted to development applications. -->
		<flag name="development" value="0x20" />
		<!-- Additional flag from base permission type: this permission is closely
		associated with an app op for controlling access. -->

services/core/java/com/android/server/pm/PackageManagerService.java

+8 −8

Original line number	Diff line number	Diff line
		@@ -1849,7 +1849,7 @@ public class PackageManagerService extends IPackageManager.Stub
		Process.setThreadPriority(Process.THREAD_PRIORITY_DEFAULT);
		synchronized (mLock) {
		removeMessages(WRITE_PACKAGE_LIST);
		mPermissionManager.writeStateToPackageSettingsTEMP();
		mPermissionManager.writePermissionsStateToPackageSettingsTEMP();
		mSettings.writePackageListLPr(msg.arg1);
		}
		Process.setThreadPriority(Process.THREAD_PRIORITY_BACKGROUND);
		@@ -3520,7 +3520,7 @@ public class PackageManagerService extends IPackageManager.Stub
		+ ((SystemClock.uptimeMillis()-startTime)/1000f)
		+ " seconds");

		mPermissionManager.readStateFromPackageSettingsTEMP();
		mPermissionManager.readPermissionsStateFromPackageSettingsTEMP();
		// If the platform SDK has changed since the last time we booted,
		// we need to re-grant app permission to catch any new ones that
		// appear. This is really a hack, and means that apps can in some
		@@ -21827,7 +21827,7 @@ public class PackageManagerService extends IPackageManager.Stub
		protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
		if (!DumpUtils.checkDumpAndUsageStatsPermission(mContext, TAG, pw)) return;

		mPermissionManager.writeStateToPackageSettingsTEMP();
		mPermissionManager.writePermissionsStateToPackageSettingsTEMP();

		DumpState dumpState = new DumpState();
		boolean fullPreferred = false;
		@@ -23707,7 +23707,7 @@ public class PackageManagerService extends IPackageManager.Stub
		mDirtyUsers.remove(userId);
		mUserNeedsBadging.delete(userId);
		mPermissionManager.onUserRemoved(userId);
		mPermissionManager.writeStateToPackageSettingsTEMP();
		mPermissionManager.writePermissionsStateToPackageSettingsTEMP();
		mSettings.removeUserLPw(userId);
		mPendingBroadcasts.remove(userId);
		mInstantAppRegistry.onUserRemovedLPw(userId);
		@@ -23808,9 +23808,9 @@ public class PackageManagerService extends IPackageManager.Stub

		boolean readPermissionStateForUser(@UserIdInt int userId) {
		synchronized (mPackages) {
		mPermissionManager.writeStateToPackageSettingsTEMP();
		mPermissionManager.writePermissionsStateToPackageSettingsTEMP();
		mSettings.readPermissionStateForUserSyncLPr(userId);
		mPermissionManager.readStateFromPackageSettingsTEMP();
		mPermissionManager.readPermissionsStateFromPackageSettingsTEMP();
		return mPmInternal.isPermissionUpgradeNeeded(userId);
		}
		}
		@@ -25824,12 +25824,12 @@ public class PackageManagerService extends IPackageManager.Stub

		/**
		* Temporary method that wraps mSettings.writeLPr() and calls
		* mPermissionManager.writeStateToPackageSettingsTEMP() beforehand.
		* mPermissionManager.writePermissionsStateToPackageSettingsTEMP() beforehand.
		*
		* TODO(zhanghai): This should be removed once we finish migration of permission storage.
		*/
		private void writeSettingsLPrTEMP() {
		mPermissionManager.writeStateToPackageSettingsTEMP();
		mPermissionManager.writePermissionsStateToPackageSettingsTEMP();
		mSettings.writeLPr();
		}
		}

services/core/java/com/android/server/pm/permission/BasePermission.java

+2 −7

Original line number	Diff line number	Diff line
		@@ -36,7 +36,6 @@ import android.os.UserHandle;
		import android.util.Log;
		import android.util.Slog;

		import com.android.internal.util.ArrayUtils;
		import com.android.server.pm.DumpState;
		import com.android.server.pm.PackageManagerService;
		import com.android.server.pm.PackageSettingBase;
		@@ -140,10 +139,6 @@ public final class BasePermission {
		this.perm = perm;
		}

		public boolean hasGids() {
		return !ArrayUtils.isEmpty(gids);
		}

		public int[] computeGids(int userId) {
		if (perUser) {
		final int[] userGids = new int[gids.length];
		@@ -424,9 +419,9 @@ public final class BasePermission {
		}

		public void enforceDeclaredUsedAndRuntimeOrDevelopment(AndroidPackage pkg,
		UidPermissionState uidState) {
		PermissionsState permsState) {
		int index = pkg.getRequestedPermissions().indexOf(name);
		if (!uidState.hasRequestedPermission(name) && index == -1) {
		if (!permsState.hasRequestedPermission(name) && index == -1) {
		throw new SecurityException("Package " + pkg.getPackageName()
		+ " has not requested permission " + name);
		}

services/core/java/com/android/server/pm/permission/DevicePermissionState.java

deleted100644 → 0

+0 −77

Original line number	Diff line number	Diff line
		/*
		* Copyright (C) 2020 The Android Open Source Project
		*
		* Licensed under the Apache License, Version 2.0 (the "License");
		* you may not use this file except in compliance with the License.
		* You may obtain a copy of the License at
		*
		* http://www.apache.org/licenses/LICENSE-2.0
		*
		* Unless required by applicable law or agreed to in writing, software
		* distributed under the License is distributed on an "AS IS" BASIS,
		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		* See the License for the specific language governing permissions and
		* limitations under the License.
		*/

		package com.android.server.pm.permission;

		import android.annotation.NonNull;
		import android.annotation.Nullable;
		import android.annotation.UserIdInt;
		import android.util.SparseArray;

		import com.android.internal.annotations.GuardedBy;

		/**
		* Permission state for this device.
		*/
		public final class DevicePermissionState {
		@GuardedBy("mLock")
		@NonNull
		private final SparseArray<UserPermissionState> mUserStates = new SparseArray<>();

		@NonNull
		private final Object mLock;

		public DevicePermissionState(@NonNull Object lock) {
		mLock = lock;
		}

		@Nullable
		public UserPermissionState getUserState(@UserIdInt int userId) {
		synchronized (mLock) {
		return mUserStates.get(userId);
		}
		}

		@NonNull
		public UserPermissionState getOrCreateUserState(@UserIdInt int userId) {
		synchronized (mLock) {
		UserPermissionState userState = mUserStates.get(userId);
		if (userState == null) {
		userState = new UserPermissionState(mLock);
		mUserStates.put(userId, userState);
		}
		return userState;
		}
		}

		public void removeUserState(@UserIdInt int userId) {
		synchronized (mLock) {
		mUserStates.delete(userId);
		}
		}

		public int[] getUserIds() {
		synchronized (mLock) {
		final int userStatesSize = mUserStates.size();
		final int[] userIds = new int[userStatesSize];
		for (int i = 0; i < userStatesSize; i++) {
		final int userId = mUserStates.keyAt(i);
		userIds[i] = userId;
		}
		return userIds;
		}
		}
		}

services/core/java/com/android/server/pm/permission/PermissionManagerService.java

+528 −549

File changed.

Preview size limit exceeded, changes collapsed.