Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e48fce6d authored by Steve Kondik's avatar Steve Kondik
Browse files

framework: Privacy Guard 

 * Introduce a new privacy feature which allows the user to run an
   application with reduced visibility into his or her personal data.
 * Adds a per-application flag and simple API to determine if this flag
   is enabled for the current or calling process.
 * This flag can be used by content providers to decide if they should
   return a limited/empty dataset.

Change-Id: Id7c54d728e63acb2b02a2a9322930b54949f6c5d
parent b429a083

core/java/android/app/ActivityManagerNative.java

+20 −0
Original line number Diff line number Diff line
@@ -1818,6 +1818,14 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM 
            return true;

        }



        case IS_PRIVACY_GUARD_ENABLED_TRANSACTION: {

            data.enforceInterface(IActivityManager.descriptor);

            int pid = data.readInt();

            boolean res = isPrivacyGuardEnabledForProcess(pid);

            reply.writeNoException();

            reply.writeInt(res ? 1 : 0);

            return true;

        }

        }



        return super.onTransact(code, data, reply, flags);
@@ -4149,5 +4157,17 @@ class ActivityManagerProxy implements IActivityManager 
        return res;

    }



    public boolean isPrivacyGuardEnabledForProcess(int pid) throws RemoteException {

        Parcel data = Parcel.obtain();

        Parcel reply = Parcel.obtain();

        data.writeInterfaceToken(IActivityManager.descriptor);

        data.writeInt(pid);

        mRemote.transact(IS_PRIVACY_GUARD_ENABLED_TRANSACTION, data, reply, 0);

        reply.readException();

        int res = reply.readInt();

        data.recycle();

        reply.recycle();

        return res == 1;

    }

    private IBinder mRemote;

}

core/java/android/app/ApplicationPackageManager.java

+20 −0
Original line number Diff line number Diff line
@@ -48,6 +48,7 @@ import android.content.res.Resources; 
import android.content.res.XmlResourceParser;

import android.graphics.drawable.Drawable;

import android.net.Uri;

import android.os.Binder;

import android.os.Process;

import android.os.RemoteException;

import android.util.Log;
@@ -1296,6 +1297,25 @@ final class ApplicationPackageManager extends PackageManager { 
        return PackageManager.COMPONENT_ENABLED_STATE_DEFAULT;

    }



    @Override

    public void setPrivacyGuardSetting(String packageName, boolean enabled) {

        try {

            mPM.setPrivacyGuardSetting(packageName, enabled, mContext.getUserId());

        } catch (RemoteException e) {

            // Should never happen!

        }

    }



    @Override

    public boolean getPrivacyGuardSetting(String packageName) {

        try {

            return mPM.getPrivacyGuardSetting(packageName, mContext.getUserId());

        } catch (RemoteException e) {

            // Should never happen!

        }

        return false;

    }



    /**

     * @hide

     */

core/java/android/app/ContextImpl.java

+10 −0
Original line number Diff line number Diff line
@@ -1549,6 +1549,16 @@ class ContextImpl extends Context { 
        return new DropBoxManager(service);

    }



    @Override

    public boolean isPrivacyGuardEnabled() {

        try {

            return ActivityManagerNative.getDefault().isPrivacyGuardEnabledForProcess(Binder.getCallingPid());

        } catch (RemoteException e) {

            Log.e(TAG, e.getMessage(), e);

        }

        return false;

    }



    @Override

    public int checkPermission(String permission, int pid, int uid) {

        if (permission == null) {

core/java/android/app/IActivityManager.java

+4 −1
Original line number Diff line number Diff line
@@ -191,6 +191,8 @@ public interface IActivityManager extends IInterface { 
    public void setProcessForeground(IBinder token, int pid,

            boolean isForeground) throws RemoteException;



    public boolean isPrivacyGuardEnabledForProcess(int pid) throws RemoteException;



    public int checkPermission(String permission, int pid, int uid)

            throws RemoteException;
@@ -624,4 +626,5 @@ public interface IActivityManager extends IInterface { 
    int INPUT_DISPATCHING_TIMED_OUT_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+158;

    int CLEAR_PENDING_BACKUP_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+159;

    int GET_INTENT_FOR_INTENT_SENDER_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+160;

    int IS_PRIVACY_GUARD_ENABLED_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+161;

}

core/java/android/content/Context.java

+10 −0
Original line number Diff line number Diff line
@@ -2266,6 +2266,16 @@ public abstract class Context { 
     */

    public static final String USER_SERVICE = "user";



    /**

     * Determine whether the application or calling application has

     * privacy guard. This is a privacy feature intended to permit the user

     * to control access to personal data. Applications and content providers

     * can check this value if they wish to honor privacy guard.

     *

     * @hide

     */

    public abstract boolean isPrivacyGuardEnabled();



    /**

     * Determine whether the given permission is allowed for a particular

     * process and user ID running in the system.