Merge changes from topic "perm_query"
* changes:
Move add/remove permission
Move permission info queries
diff --git a/core/java/android/app/ApplicationPackageManager.java b/core/java/android/app/ApplicationPackageManager.java
index 1c123de..1641afb 100644
--- a/core/java/android/app/ApplicationPackageManager.java
+++ b/core/java/android/app/ApplicationPackageManager.java
@@ -321,30 +321,60 @@
}
@Override
- public PermissionInfo getPermissionInfo(String name, int flags)
+ @SuppressWarnings("unchecked")
+ public List<PermissionGroupInfo> getAllPermissionGroups(int flags) {
+ try {
+ final ParceledListSlice<PermissionGroupInfo> parceledList =
+ mPermissionManager.getAllPermissionGroups(flags);
+ if (parceledList == null) {
+ return Collections.emptyList();
+ }
+ return parceledList.getList();
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ }
+
+ @Override
+ public PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags)
throws NameNotFoundException {
try {
- PermissionInfo pi = mPM.getPermissionInfo(name,
- mContext.getOpPackageName(), flags);
+ final PermissionGroupInfo pgi =
+ mPermissionManager.getPermissionGroupInfo(groupName, flags);
+ if (pgi != null) {
+ return pgi;
+ }
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ throw new NameNotFoundException(groupName);
+ }
+
+ @Override
+ public PermissionInfo getPermissionInfo(String permName, int flags)
+ throws NameNotFoundException {
+ try {
+ final String packageName = mContext.getOpPackageName();
+ final PermissionInfo pi =
+ mPermissionManager.getPermissionInfo(permName, packageName, flags);
if (pi != null) {
return pi;
}
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
-
- throw new NameNotFoundException(name);
+ throw new NameNotFoundException(permName);
}
@Override
@SuppressWarnings("unchecked")
- public List<PermissionInfo> queryPermissionsByGroup(String group, int flags)
+ public List<PermissionInfo> queryPermissionsByGroup(String groupName, int flags)
throws NameNotFoundException {
try {
- ParceledListSlice<PermissionInfo> parceledList =
- mPM.queryPermissionsByGroup(group, flags);
+ final ParceledListSlice<PermissionInfo> parceledList =
+ mPermissionManager.queryPermissionsByGroup(groupName, flags);
if (parceledList != null) {
- List<PermissionInfo> pi = parceledList.getList();
+ final List<PermissionInfo> pi = parceledList.getList();
if (pi != null) {
return pi;
}
@@ -352,8 +382,7 @@
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
-
- throw new NameNotFoundException(group);
+ throw new NameNotFoundException(groupName);
}
@Override
@@ -369,36 +398,6 @@
}
@Override
- public PermissionGroupInfo getPermissionGroupInfo(String name,
- int flags) throws NameNotFoundException {
- try {
- PermissionGroupInfo pgi = mPM.getPermissionGroupInfo(name, flags);
- if (pgi != null) {
- return pgi;
- }
- } catch (RemoteException e) {
- throw e.rethrowFromSystemServer();
- }
-
- throw new NameNotFoundException(name);
- }
-
- @Override
- @SuppressWarnings("unchecked")
- public List<PermissionGroupInfo> getAllPermissionGroups(int flags) {
- try {
- ParceledListSlice<PermissionGroupInfo> parceledList =
- mPM.getAllPermissionGroups(flags);
- if (parceledList == null) {
- return Collections.emptyList();
- }
- return parceledList.getList();
- } catch (RemoteException e) {
- throw e.rethrowFromSystemServer();
- }
- }
-
- @Override
public ApplicationInfo getApplicationInfo(String packageName, int flags)
throws NameNotFoundException {
return getApplicationInfoAsUser(packageName, flags, getUserId());
@@ -662,7 +661,7 @@
@Override
public boolean addPermission(PermissionInfo info) {
try {
- return mPM.addPermission(info);
+ return mPermissionManager.addPermission(info, false);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
@@ -671,7 +670,7 @@
@Override
public boolean addPermissionAsync(PermissionInfo info) {
try {
- return mPM.addPermissionAsync(info);
+ return mPermissionManager.addPermission(info, true);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
@@ -680,7 +679,7 @@
@Override
public void removePermission(String name) {
try {
- mPM.removePermission(name);
+ mPermissionManager.removePermission(name);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
diff --git a/core/java/android/content/pm/IPackageManager.aidl b/core/java/android/content/pm/IPackageManager.aidl
index bd6ee76..277e41d 100644
--- a/core/java/android/content/pm/IPackageManager.aidl
+++ b/core/java/android/content/pm/IPackageManager.aidl
@@ -78,15 +78,6 @@
@UnsupportedAppUsage
String[] canonicalToCurrentPackageNames(in String[] names);
- PermissionInfo getPermissionInfo(String name, String packageName, int flags);
-
- ParceledListSlice queryPermissionsByGroup(String group, int flags);
-
- @UnsupportedAppUsage
- PermissionGroupInfo getPermissionGroupInfo(String name, int flags);
-
- ParceledListSlice getAllPermissionGroups(int flags);
-
@UnsupportedAppUsage
ApplicationInfo getApplicationInfo(String packageName, int flags ,int userId);
@@ -111,12 +102,6 @@
int checkUidPermission(String permName, int uid);
@UnsupportedAppUsage
- boolean addPermission(in PermissionInfo info);
-
- @UnsupportedAppUsage
- void removePermission(String name);
-
- @UnsupportedAppUsage
void grantRuntimePermission(String packageName, String permissionName, int userId);
void revokeRuntimePermission(String packageName, String permissionName, int userId);
@@ -623,9 +608,6 @@
int movePackage(in String packageName, in String volumeUuid);
int movePrimaryStorage(in String volumeUuid);
- @UnsupportedAppUsage
- boolean addPermissionAsync(in PermissionInfo info);
-
boolean setInstallLocation(int loc);
@UnsupportedAppUsage
int getInstallLocation();
@@ -777,4 +759,16 @@
//------------------------------------------------------------------------
@UnsupportedAppUsage
String[] getAppOpPermissionPackages(String permissionName);
+
+ @UnsupportedAppUsage
+ PermissionGroupInfo getPermissionGroupInfo(String name, int flags);
+
+ @UnsupportedAppUsage
+ boolean addPermission(in PermissionInfo info);
+
+ @UnsupportedAppUsage
+ boolean addPermissionAsync(in PermissionInfo info);
+
+ @UnsupportedAppUsage
+ void removePermission(String name);
}
diff --git a/core/java/android/content/pm/PackageManagerInternal.java b/core/java/android/content/pm/PackageManagerInternal.java
index 672994e..1c1d709 100644
--- a/core/java/android/content/pm/PackageManagerInternal.java
+++ b/core/java/android/content/pm/PackageManagerInternal.java
@@ -999,4 +999,11 @@
* Migrates legacy obb data to its new location.
*/
public abstract void migrateLegacyObbData();
+
+ /**
+ * Writes all package manager settings to disk. If {@code async} is {@code true}, the
+ * settings are written at some point in the future. Otherwise, the call blocks until
+ * the settings have been written.
+ */
+ public abstract void writeSettings(boolean async);
}
diff --git a/core/java/android/permission/IPermissionManager.aidl b/core/java/android/permission/IPermissionManager.aidl
index 67176e4..3b69b12 100644
--- a/core/java/android/permission/IPermissionManager.aidl
+++ b/core/java/android/permission/IPermissionManager.aidl
@@ -16,6 +16,10 @@
package android.permission;
+import android.content.pm.ParceledListSlice;
+import android.content.pm.PermissionGroupInfo;
+import android.content.pm.PermissionInfo;
+
/**
* Interface to communicate directly with the permission manager service.
* @see PermissionManager
@@ -23,4 +27,16 @@
*/
interface IPermissionManager {
String[] getAppOpPermissionPackages(String permName);
+
+ ParceledListSlice getAllPermissionGroups(int flags);
+
+ PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags);
+
+ PermissionInfo getPermissionInfo(String permName, String packageName, int flags);
+
+ ParceledListSlice queryPermissionsByGroup(String groupName, int flags);
+
+ boolean addPermission(in PermissionInfo info, boolean async);
+
+ void removePermission(String name);
}
diff --git a/services/core/java/com/android/server/am/BroadcastQueue.java b/services/core/java/com/android/server/am/BroadcastQueue.java
index 746c250..56208a95 100644
--- a/services/core/java/com/android/server/am/BroadcastQueue.java
+++ b/services/core/java/com/android/server/am/BroadcastQueue.java
@@ -30,7 +30,6 @@
import android.content.Intent;
import android.content.IntentSender;
import android.content.pm.ActivityInfo;
-import android.content.pm.IPackageManager;
import android.content.pm.PackageManager;
import android.content.pm.PermissionInfo;
import android.content.pm.ResolveInfo;
@@ -44,6 +43,7 @@
import android.os.SystemClock;
import android.os.Trace;
import android.os.UserHandle;
+import android.permission.IPermissionManager;
import android.util.EventLog;
import android.util.Slog;
import android.util.SparseIntArray;
@@ -921,7 +921,7 @@
if (perms == null) {
return false;
}
- IPackageManager pm = AppGlobals.getPackageManager();
+ IPermissionManager pm = AppGlobals.getPermissionManager();
for (int i = perms.length-1; i >= 0; i--) {
try {
PermissionInfo pi = pm.getPermissionInfo(perms[i], "android", 0);
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index deaca84..232bca8 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -4630,30 +4630,15 @@
return null;
}
- @Override
- public PermissionInfo getPermissionInfo(String name, String packageName, int flags) {
- return mPermissionManager.getPermissionInfo(name, packageName, flags, getCallingUid());
- }
-
- @Override
- public @Nullable ParceledListSlice<PermissionInfo> queryPermissionsByGroup(String groupName,
- int flags) {
- final List<PermissionInfo> permissionList =
- mPermissionManager.getPermissionInfoByGroup(groupName, flags, getCallingUid());
- return (permissionList == null) ? null : new ParceledListSlice<>(permissionList);
- }
-
+ // NOTE: Can't remove due to unsupported app usage
@Override
public PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags) {
- return mPermissionManager.getPermissionGroupInfo(groupName, flags, getCallingUid());
- }
-
- @Override
- public @NonNull ParceledListSlice<PermissionGroupInfo> getAllPermissionGroups(int flags) {
- final List<PermissionGroupInfo> permissionList =
- mPermissionManager.getAllPermissionGroups(flags, getCallingUid());
- return (permissionList == null)
- ? ParceledListSlice.emptyList() : new ParceledListSlice<>(permissionList);
+ try {
+ // Because this is accessed via the package manager service AIDL,
+ // go through the permission manager service AIDL
+ return mPermissionManagerService.getPermissionGroupInfo(groupName, flags);
+ } catch (RemoteException ignore) { }
+ return null;
}
@GuardedBy("mPackages")
@@ -5710,37 +5695,36 @@
}
}
- private boolean addDynamicPermission(PermissionInfo info, final boolean async) {
- return mPermissionManager.addDynamicPermission(
- info, async, getCallingUid(), new PermissionCallback() {
- @Override
- public void onPermissionChanged() {
- if (!async) {
- mSettings.writeLPr();
- } else {
- scheduleWriteSettingsLocked();
- }
- }
- });
- }
-
+ // NOTE: Can't remove due to unsupported app usage
@Override
public boolean addPermission(PermissionInfo info) {
- synchronized (mPackages) {
- return addDynamicPermission(info, false);
- }
+ try {
+ // Because this is accessed via the package manager service AIDL,
+ // go through the permission manager service AIDL
+ return mPermissionManagerService.addPermission(info, false);
+ } catch (RemoteException ignore) { }
+ return false;
}
+ // NOTE: Can't remove due to unsupported app usage
@Override
public boolean addPermissionAsync(PermissionInfo info) {
- synchronized (mPackages) {
- return addDynamicPermission(info, true);
- }
+ try {
+ // Because this is accessed via the package manager service AIDL,
+ // go through the permission manager service AIDL
+ return mPermissionManagerService.addPermission(info, true);
+ } catch (RemoteException ignore) { }
+ return false;
}
+ // NOTE: Can't remove due to unsupported app usage
@Override
public void removePermission(String permName) {
- mPermissionManager.removeDynamicPermission(permName, getCallingUid(), mPermissionCallback);
+ try {
+ // Because this is accessed via the package manager service AIDL,
+ // go through the permission manager service AIDL
+ mPermissionManagerService.removePermission(permName);
+ } catch (RemoteException ignore) { }
}
@Override
@@ -6571,11 +6555,12 @@
return false;
}
+ // NOTE: Can't remove due to unsupported app usage
@Override
public String[] getAppOpPermissionPackages(String permName) {
try {
- // NOTE: Because this is defined in the package manager service AIDL, we want
- // ensure we also go through the permission manager service AIDL
+ // Because this is accessed via the package manager service AIDL,
+ // go through the permission manager service AIDL
return mPermissionManagerService.getAppOpPermissionPackages(permName);
} catch (RemoteException ignore) { }
return null;
@@ -21758,7 +21743,7 @@
public void onShellCommand(FileDescriptor in, FileDescriptor out,
FileDescriptor err, String[] args, ShellCallback callback,
ResultReceiver resultReceiver) {
- (new PackageManagerShellCommand(this)).exec(
+ (new PackageManagerShellCommand(this, mPermissionManagerService)).exec(
this, in, out, err, args, callback, resultReceiver);
}
@@ -25020,6 +25005,17 @@
Slog.wtf(TAG, e);
}
}
+
+ @Override
+ public void writeSettings(boolean async) {
+ synchronized (mPackages) {
+ if (async) {
+ scheduleWriteSettingsLocked();
+ } else {
+ mSettings.writeLPr();
+ }
+ }
+ }
}
@GuardedBy("mPackages")
diff --git a/services/core/java/com/android/server/pm/PackageManagerShellCommand.java b/services/core/java/com/android/server/pm/PackageManagerShellCommand.java
index 5b80556..a25c68f 100644
--- a/services/core/java/com/android/server/pm/PackageManagerShellCommand.java
+++ b/services/core/java/com/android/server/pm/PackageManagerShellCommand.java
@@ -87,6 +87,7 @@
import android.os.UserHandle;
import android.os.UserManager;
import android.os.storage.StorageManager;
+import android.permission.IPermissionManager;
import android.system.ErrnoException;
import android.system.Os;
import android.text.TextUtils;
@@ -132,6 +133,7 @@
private static final int DEFAULT_WAIT_MS = 60 * 1000;
final IPackageManager mInterface;
+ final IPermissionManager mPermissionManager;
final private WeakHashMap<String, Resources> mResourceCache =
new WeakHashMap<String, Resources>();
int mTargetUser;
@@ -139,8 +141,10 @@
boolean mComponents;
int mQueryFlags;
- PackageManagerShellCommand(PackageManagerService service) {
+ PackageManagerShellCommand(
+ PackageManagerService service, IPermissionManager permissionManager) {
mInterface = service;
+ mPermissionManager = permissionManager;
}
@Override
@@ -786,7 +790,8 @@
private int runListPermissionGroups() throws RemoteException {
final PrintWriter pw = getOutPrintWriter();
- final List<PermissionGroupInfo> pgs = mInterface.getAllPermissionGroups(0).getList();
+ final List<PermissionGroupInfo> pgs =
+ mPermissionManager.getAllPermissionGroups(0).getList();
final int count = pgs.size();
for (int p = 0; p < count ; p++) {
@@ -833,7 +838,7 @@
final ArrayList<String> groupList = new ArrayList<String>();
if (groups) {
final List<PermissionGroupInfo> infos =
- mInterface.getAllPermissionGroups(0 /*flags*/).getList();
+ mPermissionManager.getAllPermissionGroups(0 /*flags*/).getList();
final int count = infos.size();
for (int i = 0; i < count; i++) {
groupList.add(infos.get(i).name);
@@ -2933,8 +2938,8 @@
}
prefix = " ";
}
- List<PermissionInfo> ps =
- mInterface.queryPermissionsByGroup(groupList.get(i), 0 /*flags*/).getList();
+ List<PermissionInfo> ps = mPermissionManager
+ .queryPermissionsByGroup(groupList.get(i), 0 /*flags*/).getList();
final int count = ps.size();
boolean first = true;
for (int p = 0 ; p < count ; p++) {
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index 4035d0d..43a8373 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -51,10 +51,13 @@
import android.app.ApplicationPackageManager;
import android.content.Context;
import android.content.pm.PackageManager;
+import android.content.pm.PackageManager.PermissionGroupInfoFlags;
+import android.content.pm.PackageManager.PermissionInfoFlags;
import android.content.pm.PackageManager.PermissionWhitelistFlags;
import android.content.pm.PackageManagerInternal;
import android.content.pm.PackageParser;
import android.content.pm.PackageParser.Package;
+import android.content.pm.ParceledListSlice;
import android.content.pm.PermissionGroupInfo;
import android.content.pm.PermissionInfo;
import android.metrics.LogMaker;
@@ -319,6 +322,140 @@
}
}
+ @Override
+ @NonNull
+ public ParceledListSlice<PermissionGroupInfo> getAllPermissionGroups(
+ @PermissionGroupInfoFlags int flags) {
+ final int callingUid = getCallingUid();
+ if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
+ return ParceledListSlice.emptyList();
+ }
+ synchronized (mLock) {
+ final int n = mSettings.mPermissionGroups.size();
+ final ArrayList<PermissionGroupInfo> out =
+ new ArrayList<PermissionGroupInfo>(n);
+ for (PackageParser.PermissionGroup pg : mSettings.mPermissionGroups.values()) {
+ out.add(PackageParser.generatePermissionGroupInfo(pg, flags));
+ }
+ return new ParceledListSlice<>(out);
+ }
+ }
+
+
+ @Override
+ @Nullable
+ public PermissionGroupInfo getPermissionGroupInfo(String groupName,
+ @PermissionGroupInfoFlags int flags) {
+ final int callingUid = getCallingUid();
+ if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
+ return null;
+ }
+ synchronized (mLock) {
+ return PackageParser.generatePermissionGroupInfo(
+ mSettings.mPermissionGroups.get(groupName), flags);
+ }
+ }
+
+
+ @Override
+ @Nullable
+ public PermissionInfo getPermissionInfo(String permName, String packageName,
+ @PermissionInfoFlags int flags) {
+ final int callingUid = getCallingUid();
+ if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
+ return null;
+ }
+ synchronized (mLock) {
+ final BasePermission bp = mSettings.getPermissionLocked(permName);
+ if (bp == null) {
+ return null;
+ }
+ final int adjustedProtectionLevel = adjustPermissionProtectionFlagsLocked(
+ bp.getProtectionLevel(), packageName, callingUid);
+ return bp.generatePermissionInfo(adjustedProtectionLevel, flags);
+ }
+ }
+
+ @Override
+ @Nullable
+ public ParceledListSlice<PermissionInfo> queryPermissionsByGroup(String groupName,
+ @PermissionInfoFlags int flags) {
+ final int callingUid = getCallingUid();
+ if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
+ return null;
+ }
+ synchronized (mLock) {
+ if (groupName != null && !mSettings.mPermissionGroups.containsKey(groupName)) {
+ return null;
+ }
+ final ArrayList<PermissionInfo> out = new ArrayList<PermissionInfo>(10);
+ for (BasePermission bp : mSettings.mPermissions.values()) {
+ final PermissionInfo pi = bp.generatePermissionInfo(groupName, flags);
+ if (pi != null) {
+ out.add(pi);
+ }
+ }
+ return new ParceledListSlice<>(out);
+ }
+ }
+
+ @Override
+ public boolean addPermission(PermissionInfo info, boolean async) {
+ final int callingUid = getCallingUid();
+ if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
+ throw new SecurityException("Instant apps can't add permissions");
+ }
+ if (info.labelRes == 0 && info.nonLocalizedLabel == null) {
+ throw new SecurityException("Label must be specified in permission");
+ }
+ final BasePermission tree = mSettings.enforcePermissionTree(info.name, callingUid);
+ final boolean added;
+ final boolean changed;
+ synchronized (mLock) {
+ BasePermission bp = mSettings.getPermissionLocked(info.name);
+ added = bp == null;
+ int fixedLevel = PermissionInfo.fixProtectionLevel(info.protectionLevel);
+ if (added) {
+ enforcePermissionCapLocked(info, tree);
+ bp = new BasePermission(info.name, tree.getSourcePackageName(),
+ BasePermission.TYPE_DYNAMIC);
+ } else if (!bp.isDynamic()) {
+ throw new SecurityException("Not allowed to modify non-dynamic permission "
+ + info.name);
+ }
+ changed = bp.addToTree(fixedLevel, info, tree);
+ if (added) {
+ mSettings.putPermissionLocked(info.name, bp);
+ }
+ }
+ if (changed) {
+ mPackageManagerInt.writeSettings(async);
+ }
+ return added;
+ }
+
+ @Override
+ public void removePermission(String permName) {
+ final int callingUid = getCallingUid();
+ if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
+ throw new SecurityException("Instant applications don't have access to this method");
+ }
+ final BasePermission tree = mSettings.enforcePermissionTree(permName, callingUid);
+ synchronized (mLock) {
+ final BasePermission bp = mSettings.getPermissionLocked(permName);
+ if (bp == null) {
+ return;
+ }
+ if (bp.isDynamic()) {
+ // TODO: switch this back to SecurityException
+ Slog.wtf(TAG, "Not allowed to modify non-dynamic permission "
+ + permName);
+ }
+ mSettings.removePermissionLocked(permName);
+ mPackageManagerInt.writeSettings(false);
+ }
+ }
+
private int checkPermission(String permName, String pkgName, int callingUid, int userId) {
if (!mUserManagerInt.exists(userId)) {
return PackageManager.PERMISSION_DENIED;
@@ -517,69 +654,6 @@
&& permissionsState.hasPermission(FULLER_PERMISSION_MAP.get(permName), userId);
}
- private PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags,
- int callingUid) {
- if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
- return null;
- }
- synchronized (mLock) {
- return PackageParser.generatePermissionGroupInfo(
- mSettings.mPermissionGroups.get(groupName), flags);
- }
- }
-
- private List<PermissionGroupInfo> getAllPermissionGroups(int flags, int callingUid) {
- if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
- return null;
- }
- synchronized (mLock) {
- final int N = mSettings.mPermissionGroups.size();
- final ArrayList<PermissionGroupInfo> out
- = new ArrayList<PermissionGroupInfo>(N);
- for (PackageParser.PermissionGroup pg : mSettings.mPermissionGroups.values()) {
- out.add(PackageParser.generatePermissionGroupInfo(pg, flags));
- }
- return out;
- }
- }
-
- private PermissionInfo getPermissionInfo(String permName, String packageName, int flags,
- int callingUid) {
- if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
- return null;
- }
- // reader
- synchronized (mLock) {
- final BasePermission bp = mSettings.getPermissionLocked(permName);
- if (bp == null) {
- return null;
- }
- final int adjustedProtectionLevel = adjustPermissionProtectionFlagsLocked(
- bp.getProtectionLevel(), packageName, callingUid);
- return bp.generatePermissionInfo(adjustedProtectionLevel, flags);
- }
- }
-
- private List<PermissionInfo> getPermissionInfoByGroup(
- String groupName, int flags, int callingUid) {
- if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
- return null;
- }
- synchronized (mLock) {
- if (groupName != null && !mSettings.mPermissionGroups.containsKey(groupName)) {
- return null;
- }
- final ArrayList<PermissionInfo> out = new ArrayList<PermissionInfo>(10);
- for (BasePermission bp : mSettings.mPermissions.values()) {
- final PermissionInfo pi = bp.generatePermissionInfo(groupName, flags);
- if (pi != null) {
- out.add(pi);
- }
- }
- return out;
- }
- }
-
private int adjustPermissionProtectionFlagsLocked(
int protectionLevel, String packageName, int uid) {
// Signature permission flags area always reported
@@ -825,63 +899,6 @@
}
}
- private boolean addDynamicPermission(
- PermissionInfo info, int callingUid, PermissionCallback callback) {
- if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
- throw new SecurityException("Instant apps can't add permissions");
- }
- if (info.labelRes == 0 && info.nonLocalizedLabel == null) {
- throw new SecurityException("Label must be specified in permission");
- }
- final BasePermission tree = mSettings.enforcePermissionTree(info.name, callingUid);
- final boolean added;
- final boolean changed;
- synchronized (mLock) {
- BasePermission bp = mSettings.getPermissionLocked(info.name);
- added = bp == null;
- int fixedLevel = PermissionInfo.fixProtectionLevel(info.protectionLevel);
- if (added) {
- enforcePermissionCapLocked(info, tree);
- bp = new BasePermission(info.name, tree.getSourcePackageName(),
- BasePermission.TYPE_DYNAMIC);
- } else if (!bp.isDynamic()) {
- throw new SecurityException("Not allowed to modify non-dynamic permission "
- + info.name);
- }
- changed = bp.addToTree(fixedLevel, info, tree);
- if (added) {
- mSettings.putPermissionLocked(info.name, bp);
- }
- }
- if (changed && callback != null) {
- callback.onPermissionChanged();
- }
- return added;
- }
-
- private void removeDynamicPermission(
- String permName, int callingUid, PermissionCallback callback) {
- if (mPackageManagerInt.getInstantAppPackageName(callingUid) != null) {
- throw new SecurityException("Instant applications don't have access to this method");
- }
- final BasePermission tree = mSettings.enforcePermissionTree(permName, callingUid);
- synchronized (mLock) {
- final BasePermission bp = mSettings.getPermissionLocked(permName);
- if (bp == null) {
- return;
- }
- if (bp.isDynamic()) {
- // TODO: switch this back to SecurityException
- Slog.wtf(TAG, "Not allowed to modify non-dynamic permission "
- + permName);
- }
- mSettings.removePermissionLocked(permName);
- if (callback != null) {
- callback.onPermissionRemoved();
- }
- }
- }
-
/**
* Restore the permission state for a package.
*
@@ -3146,16 +3163,6 @@
PermissionManagerService.this.removeAllPermissions(pkg, chatty);
}
@Override
- public boolean addDynamicPermission(PermissionInfo info, boolean async, int callingUid,
- PermissionCallback callback) {
- return PermissionManagerService.this.addDynamicPermission(info, callingUid, callback);
- }
- @Override
- public void removeDynamicPermission(String permName, int callingUid,
- PermissionCallback callback) {
- PermissionManagerService.this.removeDynamicPermission(permName, callingUid, callback);
- }
- @Override
public void grantRuntimePermission(String permName, String packageName,
boolean overridePolicy, int callingUid, int userId,
PermissionCallback callback) {
@@ -3262,27 +3269,6 @@
return PermissionManagerService.this.checkUidPermission(permName, pkg, uid, callingUid);
}
@Override
- public PermissionGroupInfo getPermissionGroupInfo(String groupName, int flags,
- int callingUid) {
- return PermissionManagerService.this.getPermissionGroupInfo(
- groupName, flags, callingUid);
- }
- @Override
- public List<PermissionGroupInfo> getAllPermissionGroups(int flags, int callingUid) {
- return PermissionManagerService.this.getAllPermissionGroups(flags, callingUid);
- }
- @Override
- public PermissionInfo getPermissionInfo(String permName, String packageName, int flags,
- int callingUid) {
- return PermissionManagerService.this.getPermissionInfo(
- permName, packageName, flags, callingUid);
- }
- @Override
- public List<PermissionInfo> getPermissionInfoByGroup(String group, int flags,
- int callingUid) {
- return PermissionManagerService.this.getPermissionInfoByGroup(group, flags, callingUid);
- }
- @Override
public PermissionSettings getPermissionSettings() {
return mSettings;
}
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java
index 8cc6d76..23d0114 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java
@@ -20,9 +20,7 @@
import android.annotation.Nullable;
import android.annotation.UserIdInt;
import android.content.pm.PackageManager;
-import android.content.pm.PackageManager.PermissionInfoFlags;
import android.content.pm.PackageParser;
-import android.content.pm.PermissionGroupInfo;
import android.content.pm.PermissionInfo;
import android.permission.PermissionManagerInternal;
@@ -150,10 +148,6 @@
public abstract void addAllPermissions(@NonNull PackageParser.Package pkg, boolean chatty);
public abstract void addAllPermissionGroups(@NonNull PackageParser.Package pkg, boolean chatty);
public abstract void removeAllPermissions(@NonNull PackageParser.Package pkg, boolean chatty);
- public abstract boolean addDynamicPermission(@NonNull PermissionInfo info, boolean async,
- int callingUid, @Nullable PermissionCallback callback);
- public abstract void removeDynamicPermission(@NonNull String permName, int callingUid,
- @Nullable PermissionCallback callback);
/** Retrieve the packages that have requested the given app op permission */
public abstract @Nullable String[] getAppOpPermissionPackages(
@@ -161,26 +155,6 @@
public abstract int getPermissionFlags(@NonNull String permName,
@NonNull String packageName, int callingUid, int userId);
- /**
- * Retrieve all of the information we know about a particular group of permissions.
- */
- public abstract @Nullable PermissionGroupInfo getPermissionGroupInfo(
- @NonNull String groupName, int flags, int callingUid);
- /**
- * Retrieve all of the known permission groups in the system.
- */
- public abstract @Nullable List<PermissionGroupInfo> getAllPermissionGroups(int flags,
- int callingUid);
- /**
- * Retrieve all of the information we know about a particular permission.
- */
- public abstract @Nullable PermissionInfo getPermissionInfo(@NonNull String permName,
- @NonNull String packageName, @PermissionInfoFlags int flags, int callingUid);
- /**
- * Retrieve all of the permissions associated with a particular group.
- */
- public abstract @Nullable List<PermissionInfo> getPermissionInfoByGroup(@NonNull String group,
- @PermissionInfoFlags int flags, int callingUid);
/**
* Updates the flags associated with a permission by replacing the flags in