Grant DCS storage access; better OBB errors.
DCS had been relying on the WRITE_MEDIA_STORAGE permission to access
OBBs on external storage, but that permission has been locked down,
and we need to use the real WRITE_EXTERNAL_STORAGE permission now.
Rework the OBB error reporting flow to bubble exact error codes up
from internals, so that we can return expected CTS error codes.
Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest
Bug: 73424392
Change-Id: Iecbc4132745d56ebf081868ad2f9c3efe1e3735f
diff --git a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
index 6308766..c5cfb8e 100644
--- a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
+++ b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
@@ -16,7 +16,7 @@
package com.android.server.pm.permission;
-import static com.android.server.pm.PackageManagerServiceUtils.compareSignatures;
+import static android.os.Process.FIRST_APPLICATION_UID;
import android.Manifest;
import android.annotation.NonNull;
@@ -28,15 +28,14 @@
import android.content.Context;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
-import android.content.pm.IPackageManager;
import android.content.pm.PackageList;
import android.content.pm.PackageManager;
import android.content.pm.PackageManagerInternal;
+import android.content.pm.PackageManagerInternal.PackagesProvider;
+import android.content.pm.PackageManagerInternal.SyncAdapterPackagesProvider;
import android.content.pm.PackageParser;
import android.content.pm.ProviderInfo;
import android.content.pm.ResolveInfo;
-import android.content.pm.PackageManagerInternal.PackagesProvider;
-import android.content.pm.PackageManagerInternal.SyncAdapterPackagesProvider;
import android.media.RingtoneManager;
import android.net.Uri;
import android.os.Binder;
@@ -52,15 +51,17 @@
import android.provider.ContactsContract;
import android.provider.MediaStore;
import android.provider.Telephony.Sms.Intents;
-import android.telephony.TelephonyManager;
import android.security.Credentials;
+import android.telephony.TelephonyManager;
import android.util.ArrayMap;
import android.util.ArraySet;
import android.util.Log;
import android.util.Slog;
import android.util.Xml;
+
import com.android.internal.util.XmlUtils;
import com.android.server.LocalServices;
+import com.android.server.pm.PackageManagerService;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;
@@ -71,14 +72,11 @@
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
-import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Set;
-import static android.os.Process.FIRST_APPLICATION_UID;
-
/**
* This class is the policy for granting runtime permissions to
* platform components and default handlers in the system such
@@ -433,6 +431,13 @@
grantRuntimePermissions(storagePackage, STORAGE_PERMISSIONS, true, userId);
}
+ // Container service
+ PackageParser.Package containerPackage = getSystemPackage(
+ PackageManagerService.DEFAULT_CONTAINER_PACKAGE);
+ if (containerPackage != null) {
+ grantRuntimePermissions(containerPackage, STORAGE_PERMISSIONS, true, userId);
+ }
+
// CertInstaller
Intent certInstallerIntent = new Intent(Credentials.INSTALL_ACTION);
PackageParser.Package certInstallerPackage = getDefaultSystemHandlerActivityPackage(