Loading src/com/android/packageinstaller/role/service/RoleControllerServiceImpl.java +60 −3 Original line number Diff line number Diff line Loading @@ -30,6 +30,7 @@ import android.os.UserHandle; import android.util.ArrayMap; import android.util.ArraySet; import android.util.Log; import android.util.SparseArray; import androidx.annotation.NonNull; import androidx.annotation.WorkerThread; Loading Loading @@ -185,6 +186,18 @@ public class RoleControllerServiceImpl extends RoleControllerService { /** * Update the {@link PackageManager#FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED} and * {@link PackageManager#FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED} for all apps of this user. * * <p>For shared uids: * <dl> * <dt>For system UIDs</dt> * <dd>If there is any package for which the permission is not sensitive, the permission * is not sensitive for all packages with the same the UID</dd> * </dl> * <dl> * <dt>For app (not system) UIDs</dt> * <dd>If there is any package for which the permission is sensitive, the permission is * sensitive for all packages with the same the UID</dd> * </dl> */ private void updateUserSensitive() { PackageManager pm = getPackageManager(); Loading @@ -193,18 +206,40 @@ public class RoleControllerServiceImpl extends RoleControllerService { Set<String> platformPerms = Utils.getPlatformPermissions(); ArraySet<String> pkgsWithLauncherIcon = Utils.getLauncherPackages(this); // uid -> permission -> flags SparseArray<ArrayMap<String, Integer>> uidsPermissions = new SparseArray<>(); // Collect the flags and store it in 'uidsPermissions' int numPkgs = pkgs.size(); for (int pkgNum = 0; pkgNum < numPkgs; pkgNum++) { PackageInfo pkg = pkgs.get(pkgNum); boolean pkgHasLauncherIcon = pkgsWithLauncherIcon.contains(pkg.packageName); boolean pkgIsSystemApp = (pkg.applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) != 0; // permission -> flags ArrayMap<String, Integer> uidPermissions = uidsPermissions.get(pkg.applicationInfo.uid); if (uidPermissions == null) { uidPermissions = new ArrayMap<>(); uidsPermissions.put(pkg.applicationInfo.uid, uidPermissions); } for (String perm : platformPerms) { if (pkg.requestedPermissions == null || !ArrayUtils.contains( pkg.requestedPermissions, perm)) { continue; } Integer previousFlagsInt = uidPermissions.get(perm); int previousFlags; if (pkg.applicationInfo.uid < Process.FIRST_APPLICATION_UID) { previousFlags = previousFlagsInt == null ? PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED | PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED : previousFlagsInt; } else { previousFlags = previousFlagsInt == null ? 0 : previousFlagsInt; } int flags; if (pkgIsSystemApp && !pkgHasLauncherIcon) { boolean permGrantedByDefault = (pm.getPermissionFlags(perm, pkg.packageName, Loading @@ -220,10 +255,32 @@ public class RoleControllerServiceImpl extends RoleControllerService { | PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED; } pm.updatePermissionFlags(perm, pkg.packageName, if (pkg.applicationInfo.uid < Process.FIRST_APPLICATION_UID) { flags &= previousFlags; } else { flags |= previousFlags; } uidPermissions.put(perm, flags); } } // Apply the update int numUids = uidsPermissions.size(); for (int uidNum = 0; uidNum < numUids; uidNum++) { String[] uidPkgs = pm.getPackagesForUid(uidsPermissions.keyAt(uidNum)); if (uidPkgs == null) { continue; } ArrayMap<String, Integer> uidPermissions = uidsPermissions.valueAt(uidNum); int numPerms = uidPermissions.size(); for (int permNum = 0; permNum < numPerms; permNum++) { pm.updatePermissionFlags(uidPermissions.keyAt(permNum), uidPkgs[0], PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED | PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED, flags, user); | PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED, uidPermissions.valueAt(permNum), user); } } } Loading Loading
src/com/android/packageinstaller/role/service/RoleControllerServiceImpl.java +60 −3 Original line number Diff line number Diff line Loading @@ -30,6 +30,7 @@ import android.os.UserHandle; import android.util.ArrayMap; import android.util.ArraySet; import android.util.Log; import android.util.SparseArray; import androidx.annotation.NonNull; import androidx.annotation.WorkerThread; Loading Loading @@ -185,6 +186,18 @@ public class RoleControllerServiceImpl extends RoleControllerService { /** * Update the {@link PackageManager#FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED} and * {@link PackageManager#FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED} for all apps of this user. * * <p>For shared uids: * <dl> * <dt>For system UIDs</dt> * <dd>If there is any package for which the permission is not sensitive, the permission * is not sensitive for all packages with the same the UID</dd> * </dl> * <dl> * <dt>For app (not system) UIDs</dt> * <dd>If there is any package for which the permission is sensitive, the permission is * sensitive for all packages with the same the UID</dd> * </dl> */ private void updateUserSensitive() { PackageManager pm = getPackageManager(); Loading @@ -193,18 +206,40 @@ public class RoleControllerServiceImpl extends RoleControllerService { Set<String> platformPerms = Utils.getPlatformPermissions(); ArraySet<String> pkgsWithLauncherIcon = Utils.getLauncherPackages(this); // uid -> permission -> flags SparseArray<ArrayMap<String, Integer>> uidsPermissions = new SparseArray<>(); // Collect the flags and store it in 'uidsPermissions' int numPkgs = pkgs.size(); for (int pkgNum = 0; pkgNum < numPkgs; pkgNum++) { PackageInfo pkg = pkgs.get(pkgNum); boolean pkgHasLauncherIcon = pkgsWithLauncherIcon.contains(pkg.packageName); boolean pkgIsSystemApp = (pkg.applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) != 0; // permission -> flags ArrayMap<String, Integer> uidPermissions = uidsPermissions.get(pkg.applicationInfo.uid); if (uidPermissions == null) { uidPermissions = new ArrayMap<>(); uidsPermissions.put(pkg.applicationInfo.uid, uidPermissions); } for (String perm : platformPerms) { if (pkg.requestedPermissions == null || !ArrayUtils.contains( pkg.requestedPermissions, perm)) { continue; } Integer previousFlagsInt = uidPermissions.get(perm); int previousFlags; if (pkg.applicationInfo.uid < Process.FIRST_APPLICATION_UID) { previousFlags = previousFlagsInt == null ? PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED | PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED : previousFlagsInt; } else { previousFlags = previousFlagsInt == null ? 0 : previousFlagsInt; } int flags; if (pkgIsSystemApp && !pkgHasLauncherIcon) { boolean permGrantedByDefault = (pm.getPermissionFlags(perm, pkg.packageName, Loading @@ -220,10 +255,32 @@ public class RoleControllerServiceImpl extends RoleControllerService { | PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED; } pm.updatePermissionFlags(perm, pkg.packageName, if (pkg.applicationInfo.uid < Process.FIRST_APPLICATION_UID) { flags &= previousFlags; } else { flags |= previousFlags; } uidPermissions.put(perm, flags); } } // Apply the update int numUids = uidsPermissions.size(); for (int uidNum = 0; uidNum < numUids; uidNum++) { String[] uidPkgs = pm.getPackagesForUid(uidsPermissions.keyAt(uidNum)); if (uidPkgs == null) { continue; } ArrayMap<String, Integer> uidPermissions = uidsPermissions.valueAt(uidNum); int numPerms = uidPermissions.size(); for (int permNum = 0; permNum < numPerms; permNum++) { pm.updatePermissionFlags(uidPermissions.keyAt(permNum), uidPkgs[0], PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED | PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED, flags, user); | PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED, uidPermissions.valueAt(permNum), user); } } } Loading
