Loading core/api/system-current.txt +1 −0 Original line number Diff line number Diff line Loading @@ -3772,6 +3772,7 @@ package android.content.pm { field @Deprecated public static final int PROTECTION_FLAG_DOCUMENTER = 262144; // 0x40000 field public static final int PROTECTION_FLAG_INCIDENT_REPORT_APPROVER = 1048576; // 0x100000 field public static final int PROTECTION_FLAG_KNOWN_SIGNER = 134217728; // 0x8000000 field public static final int PROTECTION_FLAG_MODULE = 4194304; // 0x400000 field public static final int PROTECTION_FLAG_OEM = 16384; // 0x4000 field public static final int PROTECTION_FLAG_RECENTS = 33554432; // 0x2000000 field public static final int PROTECTION_FLAG_RETAIL_DEMO = 16777216; // 0x1000000 core/java/android/content/pm/PermissionInfo.java +14 −0 Original line number Diff line number Diff line Loading @@ -248,6 +248,16 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { @SystemApi public static final int PROTECTION_FLAG_APP_PREDICTOR = 0x200000; /** * Additional flag for {@link #protectionLevel}, corresponding * to the <code>module</code> value of * {@link android.R.attr#protectionLevel}. * * @hide */ @SystemApi public static final int PROTECTION_FLAG_MODULE = 0x400000; /** * Additional flag for {@link #protectionLevel}, corresponding * to the <code>companion</code> value of Loading Loading @@ -320,6 +330,7 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { PROTECTION_FLAG_RECENTS, PROTECTION_FLAG_ROLE, PROTECTION_FLAG_KNOWN_SIGNER, PROTECTION_FLAG_MODULE, }) @Retention(RetentionPolicy.SOURCE) public @interface ProtectionFlags {} Loading Loading @@ -593,6 +604,9 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { if ((level & PermissionInfo.PROTECTION_FLAG_KNOWN_SIGNER) != 0) { protLevel.append("|knownSigner"); } if ((level & PermissionInfo.PROTECTION_FLAG_MODULE) != 0) { protLevel.append(("|module")); } return protLevel.toString(); } Loading core/res/res/values/attrs_manifest.xml +3 −0 Original line number Diff line number Diff line Loading @@ -294,6 +294,9 @@ <!-- Additional flag from base permission type: this permission can be automatically granted to the system app predictor --> <flag name="appPredictor" value="0x200000" /> <!-- Additional flag from base permission type: this permission can also be granted if the requesting application is included in the mainline module}. --> <flag name="module" value="0x400000" /> <!-- Additional flag from base permission type: this permission can be automatically granted to the system companion device manager service --> <flag name="companion" value="0x800000" /> Loading services/core/java/com/android/server/pm/permission/Permission.java +4 −0 Original line number Diff line number Diff line Loading @@ -322,6 +322,10 @@ public final class Permission { return (mPermissionInfo.protectionLevel & PermissionInfo.PROTECTION_FLAG_COMPANION) != 0; } public boolean isModule() { return (mPermissionInfo.protectionLevel & PermissionInfo.PROTECTION_FLAG_MODULE) != 0; } public boolean isRetailDemo() { return (mPermissionInfo.protectionLevel & PermissionInfo.PROTECTION_FLAG_RETAIL_DEMO) != 0; } Loading services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java +10 −4 Original line number Diff line number Diff line Loading @@ -238,6 +238,8 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt NOTIFICATION_PERMISSIONS.add(Manifest.permission.POST_NOTIFICATIONS); } @NonNull private final ApexManager mApexManager; /** Set of source package names for Privileged Permission Allowlist */ private final ArraySet<String> mPrivilegedPermissionAllowlistSourcePackageNames = new ArraySet<>(); Loading Loading @@ -421,6 +423,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt mPackageManagerInt = LocalServices.getService(PackageManagerInternal.class); mUserManagerInt = LocalServices.getService(UserManagerInternal.class); mIsLeanback = availableFeatures.containsKey(PackageManager.FEATURE_LEANBACK); mApexManager = ApexManager.getInstance(); mPrivilegedPermissionAllowlistSourcePackageNames.add(PLATFORM_PACKAGE_NAME); // PackageManager.hasSystemFeature() is not used here because PackageManagerService Loading Loading @@ -3309,9 +3312,8 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt return true; } final String permissionName = permission.getName(); final ApexManager apexManager = ApexManager.getInstance(); final String containingApexPackageName = apexManager.getActiveApexPackageNameContainingPackage(packageName); mApexManager.getActiveApexPackageNameContainingPackage(packageName); if (isInSystemConfigPrivAppPermissions(pkg, permissionName, containingApexPackageName)) { return true; Loading Loading @@ -3365,8 +3367,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt } else if (pkg.isSystemExt()) { permissions = systemConfig.getSystemExtPrivAppPermissions(pkg.getPackageName()); } else if (containingApexPackageName != null) { final ApexManager apexManager = ApexManager.getInstance(); final String apexName = apexManager.getApexModuleNameForPackageName( final String apexName = mApexManager.getApexModuleNameForPackageName( containingApexPackageName); final Set<String> privAppPermissions = systemConfig.getPrivAppPermissions( pkg.getPackageName()); Loading Loading @@ -3582,6 +3583,11 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt // Special permission for the recents app. allowed = true; } if (!allowed && bp.isModule() && mApexManager.getActiveApexPackageNameContainingPackage( pkg.getPackageName()) != null) { // Special permission granted for APKs inside APEX modules. allowed = true; } return allowed; } Loading Loading
core/api/system-current.txt +1 −0 Original line number Diff line number Diff line Loading @@ -3772,6 +3772,7 @@ package android.content.pm { field @Deprecated public static final int PROTECTION_FLAG_DOCUMENTER = 262144; // 0x40000 field public static final int PROTECTION_FLAG_INCIDENT_REPORT_APPROVER = 1048576; // 0x100000 field public static final int PROTECTION_FLAG_KNOWN_SIGNER = 134217728; // 0x8000000 field public static final int PROTECTION_FLAG_MODULE = 4194304; // 0x400000 field public static final int PROTECTION_FLAG_OEM = 16384; // 0x4000 field public static final int PROTECTION_FLAG_RECENTS = 33554432; // 0x2000000 field public static final int PROTECTION_FLAG_RETAIL_DEMO = 16777216; // 0x1000000
core/java/android/content/pm/PermissionInfo.java +14 −0 Original line number Diff line number Diff line Loading @@ -248,6 +248,16 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { @SystemApi public static final int PROTECTION_FLAG_APP_PREDICTOR = 0x200000; /** * Additional flag for {@link #protectionLevel}, corresponding * to the <code>module</code> value of * {@link android.R.attr#protectionLevel}. * * @hide */ @SystemApi public static final int PROTECTION_FLAG_MODULE = 0x400000; /** * Additional flag for {@link #protectionLevel}, corresponding * to the <code>companion</code> value of Loading Loading @@ -320,6 +330,7 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { PROTECTION_FLAG_RECENTS, PROTECTION_FLAG_ROLE, PROTECTION_FLAG_KNOWN_SIGNER, PROTECTION_FLAG_MODULE, }) @Retention(RetentionPolicy.SOURCE) public @interface ProtectionFlags {} Loading Loading @@ -593,6 +604,9 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { if ((level & PermissionInfo.PROTECTION_FLAG_KNOWN_SIGNER) != 0) { protLevel.append("|knownSigner"); } if ((level & PermissionInfo.PROTECTION_FLAG_MODULE) != 0) { protLevel.append(("|module")); } return protLevel.toString(); } Loading
core/res/res/values/attrs_manifest.xml +3 −0 Original line number Diff line number Diff line Loading @@ -294,6 +294,9 @@ <!-- Additional flag from base permission type: this permission can be automatically granted to the system app predictor --> <flag name="appPredictor" value="0x200000" /> <!-- Additional flag from base permission type: this permission can also be granted if the requesting application is included in the mainline module}. --> <flag name="module" value="0x400000" /> <!-- Additional flag from base permission type: this permission can be automatically granted to the system companion device manager service --> <flag name="companion" value="0x800000" /> Loading
services/core/java/com/android/server/pm/permission/Permission.java +4 −0 Original line number Diff line number Diff line Loading @@ -322,6 +322,10 @@ public final class Permission { return (mPermissionInfo.protectionLevel & PermissionInfo.PROTECTION_FLAG_COMPANION) != 0; } public boolean isModule() { return (mPermissionInfo.protectionLevel & PermissionInfo.PROTECTION_FLAG_MODULE) != 0; } public boolean isRetailDemo() { return (mPermissionInfo.protectionLevel & PermissionInfo.PROTECTION_FLAG_RETAIL_DEMO) != 0; } Loading
services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java +10 −4 Original line number Diff line number Diff line Loading @@ -238,6 +238,8 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt NOTIFICATION_PERMISSIONS.add(Manifest.permission.POST_NOTIFICATIONS); } @NonNull private final ApexManager mApexManager; /** Set of source package names for Privileged Permission Allowlist */ private final ArraySet<String> mPrivilegedPermissionAllowlistSourcePackageNames = new ArraySet<>(); Loading Loading @@ -421,6 +423,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt mPackageManagerInt = LocalServices.getService(PackageManagerInternal.class); mUserManagerInt = LocalServices.getService(UserManagerInternal.class); mIsLeanback = availableFeatures.containsKey(PackageManager.FEATURE_LEANBACK); mApexManager = ApexManager.getInstance(); mPrivilegedPermissionAllowlistSourcePackageNames.add(PLATFORM_PACKAGE_NAME); // PackageManager.hasSystemFeature() is not used here because PackageManagerService Loading Loading @@ -3309,9 +3312,8 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt return true; } final String permissionName = permission.getName(); final ApexManager apexManager = ApexManager.getInstance(); final String containingApexPackageName = apexManager.getActiveApexPackageNameContainingPackage(packageName); mApexManager.getActiveApexPackageNameContainingPackage(packageName); if (isInSystemConfigPrivAppPermissions(pkg, permissionName, containingApexPackageName)) { return true; Loading Loading @@ -3365,8 +3367,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt } else if (pkg.isSystemExt()) { permissions = systemConfig.getSystemExtPrivAppPermissions(pkg.getPackageName()); } else if (containingApexPackageName != null) { final ApexManager apexManager = ApexManager.getInstance(); final String apexName = apexManager.getApexModuleNameForPackageName( final String apexName = mApexManager.getApexModuleNameForPackageName( containingApexPackageName); final Set<String> privAppPermissions = systemConfig.getPrivAppPermissions( pkg.getPackageName()); Loading Loading @@ -3582,6 +3583,11 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt // Special permission for the recents app. allowed = true; } if (!allowed && bp.isModule() && mApexManager.getActiveApexPackageNameContainingPackage( pkg.getPackageName()) != null) { // Special permission granted for APKs inside APEX modules. allowed = true; } return allowed; } Loading
