Create PackageInstalledParams for onPackageInstalled(). (dbf57296) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/pm/PackageManagerService.java

+25 −17

Original line number	Original line	Diff line number	Diff line
	@@ -2203,22 +2203,27 @@ public class PackageManagerService extends IPackageManager.Stub
	res.removedInfo.sendPackageRemovedBroadcasts(killApp, false /removedBySystem/);		res.removedInfo.sendPackageRemovedBroadcasts(killApp, false /removedBySystem/);
	}		}

			final PermissionManagerServiceInternal.PackageInstalledParams.Builder
			permissionParamsBuilder =
			new PermissionManagerServiceInternal.PackageInstalledParams.Builder();
	final List<String> grantedPermissionsList;		final List<String> grantedPermissionsList;
	if (grantPermissions) {		if (grantPermissions) {
	if (grantedPermissions != null) {		if (grantedPermissions != null) {
	grantedPermissionsList = Arrays.asList(grantedPermissions);		permissionParamsBuilder.setGrantedPermissions(Arrays.asList(
			grantedPermissions));
	} else {		} else {
	grantedPermissionsList = res.pkg.getRequestedPermissions();		permissionParamsBuilder.setGrantedPermissions(
			res.pkg.getRequestedPermissions());
	}		}
	} else {
	grantedPermissionsList = Collections.emptyList();
	}		}
	if (allowlistedRestrictedPermissions == null) {		if (allowlistedRestrictedPermissions != null) {
	allowlistedRestrictedPermissions = Collections.emptyList();		permissionParamsBuilder.setAllowlistedRestrictedPermissions(
			allowlistedRestrictedPermissions);
	}		}
			permissionParamsBuilder.setAutoRevokePermissionsMode(autoRevokePermissionsMode);
	for (final int userId : res.newUsers) {		for (final int userId : res.newUsers) {
	mPermissionManager.onPackageInstalled(res.pkg, grantedPermissionsList,		mPermissionManager.onPackageInstalled(res.pkg, permissionParamsBuilder.build(),
	allowlistedRestrictedPermissions, autoRevokePermissionsMode, userId);		userId);
	}		}

	final String installerPackageName =		final String installerPackageName =
	@@ -3918,8 +3923,9 @@ public class PackageManagerService extends IPackageManager.Stub
	}		}
	final int[] userIds = mUserManager.getUserIds();		final int[] userIds = mUserManager.getUserIds();
	for (final int userId : userIds) {		for (final int userId : userIds) {
	mPermissionManager.onPackageInstalled(pkg, Collections.emptyList(),		mPermissionManager.onPackageInstalled(pkg,
	Collections.emptyList(), MODE_DEFAULT, userId);		PermissionManagerServiceInternal.PackageInstalledParams.DEFAULT,
			userId);
	}		}
	writeSettingsLPrTEMP();		writeSettingsLPrTEMP();
	}		}
	@@ -13664,14 +13670,16 @@ public class PackageManagerService extends IPackageManager.Stub

	if (installed) {		if (installed) {
	if (pkgSetting.pkg != null) {		if (pkgSetting.pkg != null) {
			final PermissionManagerServiceInternal.PackageInstalledParams.Builder
			permissionParamsBuilder =
			new PermissionManagerServiceInternal.PackageInstalledParams.Builder();
	if ((installFlags & PackageManager.INSTALL_ALL_WHITELIST_RESTRICTED_PERMISSIONS)		if ((installFlags & PackageManager.INSTALL_ALL_WHITELIST_RESTRICTED_PERMISSIONS)
	!= 0) {		!= 0) {
	allowlistedRestrictedPermissions = pkgSetting.pkg.getRequestedPermissions();		permissionParamsBuilder.setAllowlistedRestrictedPermissions(
	} else if (allowlistedRestrictedPermissions == null) {		pkgSetting.pkg.getRequestedPermissions());
	allowlistedRestrictedPermissions = Collections.emptyList();
	}		}
	mPermissionManager.onPackageInstalled(pkgSetting.pkg, Collections.emptyList(),		mPermissionManager.onPackageInstalled(pkgSetting.pkg,
	allowlistedRestrictedPermissions, MODE_DEFAULT, userId);		permissionParamsBuilder.build(), userId);
	}		}

	if (pkgSetting.pkg != null) {		if (pkgSetting.pkg != null) {
	@@ -19724,8 +19732,8 @@ public class PackageManagerService extends IPackageManager.Stub
	for (final int userId : allUserHandles) {		for (final int userId : allUserHandles) {
	// The method below will take care of removing obsolete permissions and granting		// The method below will take care of removing obsolete permissions and granting
	// install permissions.		// install permissions.
	mPermissionManager.onPackageInstalled(pkg, Collections.emptyList(),		mPermissionManager.onPackageInstalled(pkg,
	Collections.emptyList(), MODE_DEFAULT, userId);		PermissionManagerServiceInternal.PackageInstalledParams.DEFAULT, userId);
	if (applyUserRestrictions) {		if (applyUserRestrictions) {
	mSettings.writeRuntimePermissionsForUserLPr(userId, false);		mSettings.writeRuntimePermissionsForUserLPr(userId, false);
	}		}

services/core/java/com/android/server/pm/permission/PermissionManagerService.java

+8 −12

Original line number	Original line	Diff line number	Diff line
	@@ -4895,18 +4895,19 @@ public class PermissionManagerService extends IPermissionManager.Stub {
	}		}

	private void onPackageInstalledInternal(@NonNull AndroidPackage pkg,		private void onPackageInstalledInternal(@NonNull AndroidPackage pkg,
	@NonNull List<String> grantedPermissions,		@NonNull PermissionManagerServiceInternal.PackageInstalledParams params,
	@NonNull List<String> allowlistedRestrictedPermissions, int autoRevokePermissionsMode,
	@UserIdInt int userId) {		@UserIdInt int userId) {
	updatePermissions(pkg.getPackageName(), pkg);		updatePermissions(pkg.getPackageName(), pkg);
	addAllowlistedRestrictedPermissionsInternal(pkg, allowlistedRestrictedPermissions,		addAllowlistedRestrictedPermissionsInternal(pkg,
			params.getAllowlistedRestrictedPermissions(),
	FLAG_PERMISSION_WHITELIST_INSTALLER, userId);		FLAG_PERMISSION_WHITELIST_INSTALLER, userId);
			final int autoRevokePermissionsMode = params.getAutoRevokePermissionsMode();
	if (autoRevokePermissionsMode == AppOpsManager.MODE_ALLOWED		if (autoRevokePermissionsMode == AppOpsManager.MODE_ALLOWED
	\|\| autoRevokePermissionsMode == AppOpsManager.MODE_IGNORED) {		\|\| autoRevokePermissionsMode == AppOpsManager.MODE_IGNORED) {
	setAutoRevokeExemptedInternal(pkg,		setAutoRevokeExemptedInternal(pkg,
	autoRevokePermissionsMode == AppOpsManager.MODE_IGNORED, userId);		autoRevokePermissionsMode == AppOpsManager.MODE_IGNORED, userId);
	}		}
	grantRequestedRuntimePermissionsInternal(pkg, grantedPermissions, userId);		grantRequestedRuntimePermissionsInternal(pkg, params.getGrantedPermissions(), userId);
	}		}

	private void addAllowlistedRestrictedPermissionsInternal(@NonNull AndroidPackage pkg,		private void addAllowlistedRestrictedPermissionsInternal(@NonNull AndroidPackage pkg,
	@@ -5364,16 +5365,11 @@ public class PermissionManagerService extends IPermissionManager.Stub {

	@Override		@Override
	public void onPackageInstalled(@NonNull AndroidPackage pkg,		public void onPackageInstalled(@NonNull AndroidPackage pkg,
	@NonNull List<String> grantedPermissions,		@NonNull PackageInstalledParams params, @UserIdInt int userId) {
	@NonNull List<String> allowlistedRestrictedPermissions,
	int autoRevokePermissionsMode, @UserIdInt int userId) {
	Objects.requireNonNull(pkg, "pkg");		Objects.requireNonNull(pkg, "pkg");
	Objects.requireNonNull(grantedPermissions, "grantedPermissions");		Objects.requireNonNull(params, "params");
	Objects.requireNonNull(allowlistedRestrictedPermissions,
	"allowlistedRestrictedPermissions");
	Preconditions.checkArgumentNonNegative(userId, "userId");		Preconditions.checkArgumentNonNegative(userId, "userId");
	onPackageInstalledInternal(pkg, grantedPermissions, allowlistedRestrictedPermissions,		onPackageInstalledInternal(pkg, params, userId);
	autoRevokePermissionsMode, userId);
	}		}

	@Override		@Override

services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java

+133 −6

Original line number	Original line	Diff line number	Diff line
	@@ -20,13 +20,16 @@ import android.annotation.AppIdInt;
	import android.annotation.NonNull;		import android.annotation.NonNull;
	import android.annotation.Nullable;		import android.annotation.Nullable;
	import android.annotation.UserIdInt;		import android.annotation.UserIdInt;
			import android.app.AppOpsManager;
	import android.content.pm.PermissionInfo;		import android.content.pm.PermissionInfo;
	import android.permission.PermissionManagerInternal;		import android.permission.PermissionManagerInternal;

	import com.android.server.pm.parsing.pkg.AndroidPackage;		import com.android.server.pm.parsing.pkg.AndroidPackage;

	import java.util.ArrayList;		import java.util.ArrayList;
			import java.util.Collections;
	import java.util.List;		import java.util.List;
			import java.util.Objects;
	import java.util.Set;		import java.util.Set;
	import java.util.function.Consumer;		import java.util.function.Consumer;

	@@ -476,16 +479,12 @@ public abstract class PermissionManagerServiceInternal extends PermissionManager
	* Callback when a package has been installed for a user.		* Callback when a package has been installed for a user.
	*		*
	* @param pkg the installed package		* @param pkg the installed package
	* @param grantedPermissions the permissions to be granted		* @param params the parameters passed in for package installation
	* @param allowlistedRestrictedPermissions the restricted permissions to be allowlisted
	* @param autoRevokePermissionsMode the auto revoke permissions mode for this package
	* @param userId the user ID this package is installed for		* @param userId the user ID this package is installed for
	*/		*/
	//@SystemApi(client = SystemApi.Client.SYSTEM_SERVER)		//@SystemApi(client = SystemApi.Client.SYSTEM_SERVER)
	public abstract void onPackageInstalled(@NonNull AndroidPackage pkg,		public abstract void onPackageInstalled(@NonNull AndroidPackage pkg,
	@NonNull List<String> grantedPermissions,		@NonNull PackageInstalledParams params, @UserIdInt int userId);
	@NonNull List<String> allowlistedRestrictedPermissions,
	int autoRevokePermissionsMode, @UserIdInt int userId);

	/**		/**
	* Callback when a package has been removed.		* Callback when a package has been removed.
	@@ -521,4 +520,132 @@ public abstract class PermissionManagerServiceInternal extends PermissionManager
	* @return whether the permission can be propagated		* @return whether the permission can be propagated
	*/		*/
	public abstract boolean canPropagatePermissionToInstantApp(@NonNull String permissionName);		public abstract boolean canPropagatePermissionToInstantApp(@NonNull String permissionName);

			/**
			* The permission-related parameters passed in for package installation.
			*
			* @see android.content.pm.PackageInstaller.SessionParams
			*/
			//@SystemApi(client = SystemApi.Client.SYSTEM_SERVER)
			public static final class PackageInstalledParams {
			/**
			* A static instance whose parameters are all in their default state.
			*/
			public static final PackageInstalledParams DEFAULT = new Builder().build();

			@NonNull
			private final List<String> mGrantedPermissions;
			@NonNull
			private final List<String> mAllowlistedRestrictedPermissions;
			@NonNull
			private final int mAutoRevokePermissionsMode;

			private PackageInstalledParams(@NonNull List<String> grantedPermissions,
			@NonNull List<String> allowlistedRestrictedPermissions,
			int autoRevokePermissionsMode) {
			mGrantedPermissions = grantedPermissions;
			mAllowlistedRestrictedPermissions = allowlistedRestrictedPermissions;
			mAutoRevokePermissionsMode = autoRevokePermissionsMode;
			}

			/**
			* Get the permissions to be granted.
			*
			* @return the permissions to be granted
			*/
			@NonNull
			public List<String> getGrantedPermissions() {
			return mGrantedPermissions;
			}

			/**
			* Get the restricted permissions to be allowlisted.
			*
			* @return the restricted permissions to be allowlisted
			*/
			@NonNull
			public List<String> getAllowlistedRestrictedPermissions() {
			return mAllowlistedRestrictedPermissions;
			}

			/**
			* Get the mode for auto revoking permissions.
			*
			* @return the mode for auto revoking permissions
			*/
			public int getAutoRevokePermissionsMode() {
			return mAutoRevokePermissionsMode;
			}

			/**
			* Builder class for {@link PackageInstalledParams}.
			*/
			public static final class Builder {
			@NonNull
			private List<String> mGrantedPermissions = Collections.emptyList();
			@NonNull
			private List<String> mAllowlistedRestrictedPermissions = Collections.emptyList();
			@NonNull
			private int mAutoRevokePermissionsMode = AppOpsManager.MODE_DEFAULT;

			/**
			* Set the permissions to be granted.
			*
			* @param grantedPermissions the permissions to be granted
			*
			* @see android.content.pm.PackageInstaller.SessionParams#setGrantedRuntimePermissions(
			* java.lang.String[])
			*/
			public void setGrantedPermissions(@NonNull List<String> grantedPermissions) {
			Objects.requireNonNull(grantedPermissions);
			mGrantedPermissions = new ArrayList<>(grantedPermissions);
			}

			/**
			* Set the restricted permissions to be allowlisted.
			* <p>
			* Permissions that are not restricted are ignored, so one can just pass in all
			* requested permissions of a package to get all its restricted permissions allowlisted.
			*
			* @param allowlistedRestrictedPermissions the restricted permissions to be allowlisted
			*
			* @see android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)
			*/
			public void setAllowlistedRestrictedPermissions(
			@NonNull List<String> allowlistedRestrictedPermissions) {
			Objects.requireNonNull(mGrantedPermissions);
			mAllowlistedRestrictedPermissions = new ArrayList<>(
			allowlistedRestrictedPermissions);
			}

			/**
			* Set the mode for auto revoking permissions.
			* <p>
			* {@link AppOpsManager#MODE_ALLOWED} means the system is allowed to auto revoke
			* permissions from this package, and {@link AppOpsManager#MODE_IGNORED} means this
			* package should be ignored when auto revoking permissions.
			* {@link AppOpsManager#MODE_DEFAULT} means no changes will be made to the auto revoke
			* mode of this package.
			*
			* @param autoRevokePermissionsMode the mode for auto revoking permissions
			*
			* @see android.content.pm.PackageInstaller.SessionParams#setAutoRevokePermissionsMode(
			* boolean)
			*/
			public void setAutoRevokePermissionsMode(int autoRevokePermissionsMode) {
			mAutoRevokePermissionsMode = autoRevokePermissionsMode;
			}

			/**
			* Build a new instance of {@link PackageInstalledParams}.
			*
			* @return the {@link PackageInstalledParams} built
			*/
			@NonNull
			public PackageInstalledParams build() {
			return new PackageInstalledParams(mGrantedPermissions,
			mAllowlistedRestrictedPermissions, mAutoRevokePermissionsMode);
			}
			}
			}
	}		}