Merge "Implement permission revoke with reason" into rvc-dev am: cee666eba9 am: 8ce472840e (ebd42f9d) · Commits · e / os / android_frameworks_base

core/java/android/app/ApplicationPackageManager.java

+9 −8

Original line number	Diff line number	Diff line
		@@ -763,25 +763,26 @@ public class ApplicationPackageManager extends PackageManager {

		@Override
		public void revokeRuntimePermission(String packageName, String permName, UserHandle user) {
		revokeRuntimePermission(packageName, permName, user, null);
		}

		@Override
		public void revokeRuntimePermission(String packageName, String permName, UserHandle user,
		String reason) {
		if (DEBUG_TRACE_PERMISSION_UPDATES
		&& shouldTraceGrant(packageName, permName, user.getIdentifier())) {
		Log.i(TAG, "App " + mContext.getPackageName() + " is revoking " + packageName + " "
		+ permName + " for user " + user.getIdentifier(), new RuntimeException());
		+ permName + " for user " + user.getIdentifier() + " with reason " + reason,
		new RuntimeException());
		}
		try {
		mPermissionManager
		.revokeRuntimePermission(packageName, permName, user.getIdentifier());
		.revokeRuntimePermission(packageName, permName, user.getIdentifier(), reason);
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}
		}

		@Override
		public void revokeRuntimePermission(String packageName, String permName, UserHandle user,
		String reason) {
		// TODO evanseverson: impl
		}

		@Override
		public int getPermissionFlags(String permName, String packageName, UserHandle user) {
		try {

core/java/android/app/IActivityManager.aidl

+6 −0

Original line number	Diff line number	Diff line
		@@ -677,4 +677,10 @@ interface IActivityManager {
		* Return whether the app freezer is supported (true) or not (false) by this system.
		*/
		boolean isAppFreezerSupported();


		/**
		* Kills uid with the reason of permission change.
		*/
		void killUidForPermissionChange(int appId, int userId, String reason);
		}

core/java/android/app/UiAutomationConnection.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -294,7 +294,7 @@ public final class UiAutomationConnection extends IUiAutomationConnection.Stub {
		}
		final long identity = Binder.clearCallingIdentity();
		try {
		mPermissionManager.revokeRuntimePermission(packageName, permission, userId);
		mPermissionManager.revokeRuntimePermission(packageName, permission, userId, null);
		} finally {
		Binder.restoreCallingIdentity(identity);
		}

core/java/android/permission/IPermissionManager.aidl

+1 −1

Original line number	Diff line number	Diff line
		@@ -71,7 +71,7 @@ interface IPermissionManager {

		void grantRuntimePermission(String packageName, String permName, int userId);

		void revokeRuntimePermission(String packageName, String permName, int userId);
		void revokeRuntimePermission(String packageName, String permName, int userId, String reason);

		void resetRuntimePermissions();

services/core/java/com/android/server/am/ActivityManagerService.java

+21 −8

Original line number	Diff line number	Diff line
		@@ -82,8 +82,6 @@ import static android.os.Process.removeAllProcessGroups;
		import static android.os.Process.sendSignal;
		import static android.os.Process.setThreadPriority;
		import static android.os.Process.setThreadScheduler;
		import static android.permission.PermissionManager.KILL_APP_REASON_GIDS_CHANGED;
		import static android.permission.PermissionManager.KILL_APP_REASON_PERMISSIONS_REVOKED;
		import static android.provider.Settings.Global.ALWAYS_FINISH_ACTIVITIES;
		import static android.provider.Settings.Global.DEBUG_APP;
		import static android.provider.Settings.Global.NETWORK_ACCESS_TIMEOUT_MS;
		@@ -9202,16 +9200,31 @@ public class ActivityManagerService extends IActivityManager.Stub
		synchronized (this) {
		final long identity = Binder.clearCallingIdentity();
		try {
		boolean permissionChange = KILL_APP_REASON_PERMISSIONS_REVOKED.equals(reason)
		\|\| KILL_APP_REASON_GIDS_CHANGED.equals(reason);
		mProcessList.killPackageProcessesLocked(null /* packageName */, appId, userId,
		ProcessList.PERSISTENT_PROC_ADJ, false /* callerWillRestart */,
		true /* callerWillRestart /, true / doit /, true / evenPersistent */,
		false /* setRemoved */,
		permissionChange ? ApplicationExitInfo.REASON_PERMISSION_CHANGE
		: ApplicationExitInfo.REASON_OTHER,
		permissionChange ? ApplicationExitInfo.SUBREASON_UNKNOWN
		: ApplicationExitInfo.SUBREASON_KILL_UID,
		ApplicationExitInfo.REASON_OTHER,
		ApplicationExitInfo.SUBREASON_KILL_UID,
		reason != null ? reason : "kill uid");
		} finally {
		Binder.restoreCallingIdentity(identity);
		}
		}
		}

		@Override
		public void killUidForPermissionChange(int appId, int userId, String reason) {
		enforceCallingPermission(Manifest.permission.KILL_UID, "killUid");
		synchronized (this) {
		final long identity = Binder.clearCallingIdentity();
		try {
		mProcessList.killPackageProcessesLocked(null /* packageName */, appId, userId,
		ProcessList.PERSISTENT_PROC_ADJ, false /* callerWillRestart */,
		true /* callerWillRestart /, true / doit /, true / evenPersistent */,
		false /* setRemoved */,
		ApplicationExitInfo.REASON_PERMISSION_CHANGE,
		ApplicationExitInfo.SUBREASON_UNKNOWN,
		reason != null ? reason : "kill uid");
		} finally {
		Binder.restoreCallingIdentity(identity);