Ensure only runtime permissions marked user sensitive (61b3937d) · Commits · e / os / android_packages_apps_PackageInstaller

src/com/android/permissioncontroller/permission/data/UserSensitivityLiveData.kt

+15 −1

Original line number	Original line	Diff line number	Diff line
	@@ -101,6 +101,8 @@ class UserSensitivityLiveData private constructor(
	// map of <uid, userSensitiveState>		// map of <uid, userSensitiveState>
	val sensitiveStatePerUid = mutableMapOf<Int, UidSensitivityState>()		val sensitiveStatePerUid = mutableMapOf<Int, UidSensitivityState>()

			val runtimePerms = getAllRuntimePermNames()

	for (pkg in pkgs) {		for (pkg in pkgs) {
	// sensitivityState for one uid		// sensitivityState for one uid
	val userSensitiveState = sensitiveStatePerUid.getOrPut(pkg.uid) {		val userSensitiveState = sensitiveStatePerUid.getOrPut(pkg.uid) {
	@@ -110,7 +112,8 @@ class UserSensitivityLiveData private constructor(

	val pkgHasLauncherIcon = pkgsWithLauncherIcon.contains(pkg.packageName)		val pkgHasLauncherIcon = pkgsWithLauncherIcon.contains(pkg.packageName)
	val pkgIsSystemApp = pkg.appFlags and ApplicationInfo.FLAG_SYSTEM != 0		val pkgIsSystemApp = pkg.appFlags and ApplicationInfo.FLAG_SYSTEM != 0
	for (perm in pkg.requestedPermissions) {		// Iterate through all runtime perms, setting their keys
			for (perm in pkg.requestedPermissions.intersect(runtimePerms)) {
	/*		/*
	* Permissions are considered user sensitive for a package, when		* Permissions are considered user sensitive for a package, when
	* - the package has a launcher icon, or		* - the package has a launcher icon, or
	@@ -156,6 +159,17 @@ class UserSensitivityLiveData private constructor(
	postValue(sensitiveStatePerUid)		postValue(sensitiveStatePerUid)
	}		}

			private suspend fun getAllRuntimePermNames(): Set<String> {
			val permNames = mutableSetOf<String>()
			val allGroups = Utils.getPlatformPermissionGroups()
			allGroups.addAll(CustomPermGroupNamesLiveData.getInitializedValue())
			for (groupName in allGroups) {
			val permGroup = PermGroupLiveData[groupName].getInitializedValue() ?: continue
			permNames.addAll(permGroup.permissionInfos.keys)
			}
			return permNames
			}

	private fun getAndObservePackageLiveDatas() {		private fun getAndObservePackageLiveDatas() {
	val packageNames = app.packageManager.getPackagesForUid(uid)?.toList() ?: emptyList()		val packageNames = app.packageManager.getPackagesForUid(uid)?.toList() ?: emptyList()
	val (toAdd, toRemove) = KotlinUtils.getMapAndListDifferences(packageNames, packageLiveDatas)		val (toAdd, toRemove) = KotlinUtils.getMapAndListDifferences(packageNames, packageLiveDatas)

src/com/android/permissioncontroller/permission/utils/UserSensitiveFlagsUtils.kt

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -69,7 +69,7 @@ private suspend fun updateUserSensitiveForUidsInternal(
	jobs.add(GlobalScope.launch(IO) {		jobs.add(GlobalScope.launch(IO) {
	for (pkg in uidState.packages) {		for (pkg in uidState.packages) {
	for (perm in pkg.requestedPermissions) {		for (perm in pkg.requestedPermissions) {
	val flags = uidState.permStates[perm] ?: 0		val flags = uidState.permStates[perm] ?: continue

	try {		try {
	pm.updatePermissionFlags(perm, pkg.packageName, FLAGS_ALWAYS_USER_SENSITIVE,		pm.updatePermissionFlags(perm, pkg.packageName, FLAGS_ALWAYS_USER_SENSITIVE,