Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 200d494b93e8920c61f3795c6c8fc8aac99f99b9 / . / services / core / java / com / android / server / pm / DefaultPermissionGrantPolicy.java
blob: 4ec825acd0af0ed2af475dbea11281c07bfb8fc7 [file] [log] [blame]
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]1/*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server.pm;
18
19import android.Manifest;
Dianne Hackbornca8e6da2015-06-24 15:19:17 -0700[diff] [blame]20import android.app.DownloadManager;
Dianne Hackborn388cd2c2015-06-26 17:32:36 -0700[diff] [blame]21import android.app.admin.DevicePolicyManager;
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]22import android.content.Intent;
23import android.content.pm.ApplicationInfo;
24import android.content.pm.PackageManager;
25import android.content.pm.PackageManagerInternal.PackagesProvider;
26import android.content.pm.PackageParser;
Dianne Hackbornca8e6da2015-06-24 15:19:17 -0700[diff] [blame]27import android.content.pm.ProviderInfo;
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]28import android.content.pm.ResolveInfo;
29import android.net.Uri;
30import android.os.Build;
31import android.os.UserHandle;
Dianne Hackborn388cd2c2015-06-26 17:32:36 -0700[diff] [blame]32import android.provider.CalendarContract;
33import android.provider.ContactsContract;
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]34import android.provider.MediaStore;
35import android.util.ArraySet;
36import android.util.Log;
37
38import java.io.File;
39import java.util.ArrayList;
40import java.util.List;
41import java.util.Set;
42
43import static android.os.Process.FIRST_APPLICATION_UID;
44
45/**
46 * This class is the policy for granting runtime permissions to
47 * platform components and default handlers in the system such
48 * that the device is usable out-of-the-box. For example, the
49 * shell UID is a part of the system and the Phone app should
50 * have phone related permission by default.
51 */
52final class DefaultPermissionGrantPolicy {
Jeff Davidson2a880312015-06-22 16:54:34 -0700[diff] [blame]53 private static final String TAG = "DefaultPermGrantPolicy"; // must be <= 23 chars
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]54 private static final boolean DEBUG = false;
55
56 private static final String PACKAGE_MIME_TYPE = "application/vnd.android.package-archive";
Jeff Sharkey7186dd32015-06-30 17:32:45 -0700[diff] [blame]57 private static final String AUDIO_MIME_TYPE = "audio/mpeg";
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]58
59 private static final Set<String> PHONE_PERMISSIONS = new ArraySet<>();
60 static {
61 PHONE_PERMISSIONS.add(Manifest.permission.READ_PHONE_STATE);
62 PHONE_PERMISSIONS.add(Manifest.permission.CALL_PHONE);
Dianne Hackborn388cd2c2015-06-26 17:32:36 -0700[diff] [blame]63 PHONE_PERMISSIONS.add(Manifest.permission.READ_CALL_LOG);
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]64 PHONE_PERMISSIONS.add(Manifest.permission.WRITE_CALL_LOG);
65 PHONE_PERMISSIONS.add(Manifest.permission.ADD_VOICEMAIL);
66 PHONE_PERMISSIONS.add(Manifest.permission.USE_SIP);
67 PHONE_PERMISSIONS.add(Manifest.permission.PROCESS_OUTGOING_CALLS);
68 }
69
70 private static final Set<String> CONTACTS_PERMISSIONS = new ArraySet<>();
71 static {
72 CONTACTS_PERMISSIONS.add(Manifest.permission.READ_CONTACTS);
73 CONTACTS_PERMISSIONS.add(Manifest.permission.WRITE_CONTACTS);
74 }
75
76 private static final Set<String> LOCATION_PERMISSIONS = new ArraySet<>();
77 static {
78 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_FINE_LOCATION);
79 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_COARSE_LOCATION);
80 }
81
82 private static final Set<String> CALENDAR_PERMISSIONS = new ArraySet<>();
83 static {
84 CALENDAR_PERMISSIONS.add(Manifest.permission.READ_CALENDAR);
85 CALENDAR_PERMISSIONS.add(Manifest.permission.WRITE_CALENDAR);
86 }
87
88 private static final Set<String> SMS_PERMISSIONS = new ArraySet<>();
89 static {
90 SMS_PERMISSIONS.add(Manifest.permission.SEND_SMS);
91 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_SMS);
92 SMS_PERMISSIONS.add(Manifest.permission.READ_SMS);
93 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_WAP_PUSH);
94 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_MMS);
95 SMS_PERMISSIONS.add(Manifest.permission.READ_CELL_BROADCASTS);
96 }
97
98 private static final Set<String> MICROPHONE_PERMISSIONS = new ArraySet<>();
99 static {
100 MICROPHONE_PERMISSIONS.add(Manifest.permission.RECORD_AUDIO);
101 }
102
103 private static final Set<String> CAMERA_PERMISSIONS = new ArraySet<>();
104 static {
105 CAMERA_PERMISSIONS.add(Manifest.permission.CAMERA);
106 }
107
108 private static final Set<String> SENSORS_PERMISSIONS = new ArraySet<>();
109 static {
110 SENSORS_PERMISSIONS.add(Manifest.permission.BODY_SENSORS);
111 }
112
113 private static final Set<String> STORAGE_PERMISSIONS = new ArraySet<>();
114 static {
Svet Ganov975fa472015-06-22 20:45:31 -0700[diff] [blame]115 STORAGE_PERMISSIONS.add(Manifest.permission.READ_EXTERNAL_STORAGE);
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]116 STORAGE_PERMISSIONS.add(Manifest.permission.WRITE_EXTERNAL_STORAGE);
117 }
118
Dianne Hackborn388cd2c2015-06-26 17:32:36 -0700[diff] [blame]119 private static final Set<String> ACCOUNTS_PERMISSIONS = new ArraySet<>();
120 static {
Dianne Hackborn82143332015-06-29 23:45:45 -0700[diff] [blame]121 //ACCOUNTS_PERMISSIONS.add(Manifest.permission.GET_ACCOUNTS);
Dianne Hackborn388cd2c2015-06-26 17:32:36 -0700[diff] [blame]122 }
123
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]124 private static final Set<String> SETTINGS_PERMISSIONS = new ArraySet<>();
125 static {
126 SETTINGS_PERMISSIONS.add(Manifest.permission.WRITE_SETTINGS);
127 }
128
129 private static final Set<String> INSTALLER_PERMISSIONS = new ArraySet<>();
130 static {
131 INSTALLER_PERMISSIONS.add(Manifest.permission.GRANT_REVOKE_PERMISSIONS);
132 INSTALLER_PERMISSIONS.add(Manifest.permission.INTERACT_ACROSS_USERS_FULL);
133 INSTALLER_PERMISSIONS.add(Manifest.permission.CLEAR_APP_USER_DATA);
134 INSTALLER_PERMISSIONS.add(Manifest.permission.KILL_UID);
135 }
136
137 private static final Set<String> VERIFIER_PERMISSIONS = new ArraySet<>();
138 static {
139 INSTALLER_PERMISSIONS.add(Manifest.permission.GRANT_REVOKE_PERMISSIONS);
140 }
141
142 private final PackageManagerService mService;
143
144 private PackagesProvider mImePackagesProvider;
145 private PackagesProvider mLocationPackagesProvider;
146 private PackagesProvider mVoiceInteractionPackagesProvider;
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]147 private PackagesProvider mSmsAppPackagesProvider;
148 private PackagesProvider mDialerAppPackagesProvider;
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]149
150 public DefaultPermissionGrantPolicy(PackageManagerService service) {
151 mService = service;
152 }
153
154 public void setImePackagesProviderLPr(PackagesProvider provider) {
155 mImePackagesProvider = provider;
156 }
157
158 public void setLocationPackagesProviderLPw(PackagesProvider provider) {
159 mLocationPackagesProvider = provider;
160 }
161
162 public void setVoiceInteractionPackagesProviderLPw(PackagesProvider provider) {
163 mVoiceInteractionPackagesProvider = provider;
164 }
165
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]166 public void setSmsAppPackagesProviderLPw(PackagesProvider provider) {
167 mSmsAppPackagesProvider = provider;
168 }
169
170 public void setDialerAppPackagesProviderLPw(PackagesProvider provider) {
171 mDialerAppPackagesProvider = provider;
Jeff Davidson2a880312015-06-22 16:54:34 -0700[diff] [blame]172 }
173
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]174 public void grantDefaultPermissions(int userId) {
175 grantPermissionsToSysComponentsAndPrivApps(userId);
176 grantDefaultSystemHandlerPermissions(userId);
177 }
178
179 private void grantPermissionsToSysComponentsAndPrivApps(int userId) {
Jeff Sharkey7186dd32015-06-30 17:32:45 -0700[diff] [blame]180 Log.i(TAG, "Granting permissions to platform components for user " + userId);
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]181
182 synchronized (mService.mPackages) {
183 for (PackageParser.Package pkg : mService.mPackages.values()) {
184 if (!isSysComponentOrPersistentPrivApp(pkg)
185 || !doesPackageSupportRuntimePermissions(pkg)) {
186 continue;
187 }
188 final int permissionCount = pkg.requestedPermissions.size();
189 for (int i = 0; i < permissionCount; i++) {
190 String permission = pkg.requestedPermissions.get(i);
191 BasePermission bp = mService.mSettings.mPermissions.get(permission);
192 if (bp != null && bp.isRuntime()) {
193 final int flags = mService.getPermissionFlags(permission,
194 pkg.packageName, userId);
195 if ((flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) == 0) {
196 mService.grantRuntimePermission(pkg.packageName, permission, userId);
197 mService.updatePermissionFlags(permission, pkg.packageName,
198 PackageManager.MASK_PERMISSION_FLAGS,
199 PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, userId);
200 if (DEBUG) {
201 Log.i(TAG, "Granted " + permission + " to system component "
202 + pkg.packageName);
203 }
204 }
205 }
206 }
207 }
208 }
209 }
210
211 private void grantDefaultSystemHandlerPermissions(int userId) {
Jeff Sharkey7186dd32015-06-30 17:32:45 -0700[diff] [blame]212 Log.i(TAG, "Granting permissions to default platform handlers for user " + userId);
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]213
214 final PackagesProvider imePackagesProvider;
215 final PackagesProvider locationPackagesProvider;
216 final PackagesProvider voiceInteractionPackagesProvider;
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]217 final PackagesProvider smsAppPackagesProvider;
218 final PackagesProvider dialerAppPackagesProvider;
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]219
220 synchronized (mService.mPackages) {
221 imePackagesProvider = mImePackagesProvider;
222 locationPackagesProvider = mLocationPackagesProvider;
223 voiceInteractionPackagesProvider = mVoiceInteractionPackagesProvider;
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]224 smsAppPackagesProvider = mSmsAppPackagesProvider;
225 dialerAppPackagesProvider = mDialerAppPackagesProvider;
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]226 }
227
228 String[] imePackageNames = (imePackagesProvider != null)
229 ? imePackagesProvider.getPackages(userId) : null;
230 String[] voiceInteractPackageNames = (voiceInteractionPackagesProvider != null)
231 ? voiceInteractionPackagesProvider.getPackages(userId) : null;
232 String[] locationPackageNames = (locationPackagesProvider != null)
233 ? locationPackagesProvider.getPackages(userId) : null;
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]234 String[] smsAppPackageNames = (smsAppPackagesProvider != null)
235 ? smsAppPackagesProvider.getPackages(userId) : null;
236 String[] dialerAppPackageNames = (dialerAppPackagesProvider != null)
237 ? dialerAppPackagesProvider.getPackages(userId) : null;
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]238
239 synchronized (mService.mPackages) {
240 // Installers
241 Intent installerIntent = new Intent(Intent.ACTION_INSTALL_PACKAGE);
242 installerIntent.addCategory(Intent.CATEGORY_DEFAULT);
243 installerIntent.setDataAndType(Uri.fromFile(new File("foo.apk")),
244 PACKAGE_MIME_TYPE);
245 List<PackageParser.Package> installerPackages =
246 getPrivilegedHandlerActivityPackagesLPr(installerIntent, userId);
247 final int installerCount = installerPackages.size();
248 for (int i = 0; i < installerCount; i++) {
249 PackageParser.Package installPackage = installerPackages.get(i);
250 grantInstallPermissionsLPw(installPackage, INSTALLER_PERMISSIONS, userId);
Svet Ganov6a166af2015-06-30 10:15:44 -0700[diff] [blame]251 grantRuntimePermissionsLPw(installPackage, STORAGE_PERMISSIONS, true, userId);
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]252 }
253
254 // Verifiers
255 Intent verifierIntent = new Intent(Intent.ACTION_PACKAGE_NEEDS_VERIFICATION);
256 verifierIntent.setType(PACKAGE_MIME_TYPE);
257 List<PackageParser.Package> verifierPackages =
258 getPrivilegedHandlerReceiverPackagesLPr(verifierIntent, userId);
259 final int verifierCount = verifierPackages.size();
260 for (int i = 0; i < verifierCount; i++) {
261 PackageParser.Package verifierPackage = verifierPackages.get(i);
262 grantInstallPermissionsLPw(verifierPackage, VERIFIER_PERMISSIONS, userId);
Dianne Hackbornca8e6da2015-06-24 15:19:17 -0700[diff] [blame]263 grantRuntimePermissionsLPw(verifierPackage, STORAGE_PERMISSIONS, userId);
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]264 }
265
266 // SetupWizard
267 Intent setupIntent = new Intent(Intent.ACTION_MAIN);
268 setupIntent.addCategory(Intent.CATEGORY_HOME);
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]269 PackageParser.Package setupPackage = getDefaultSystemHandlerActivityPackageLPr(
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]270 setupIntent, userId);
271 if (setupPackage != null
272 && doesPackageSupportRuntimePermissions(setupPackage)) {
273 grantRuntimePermissionsLPw(setupPackage, PHONE_PERMISSIONS, userId);
274 grantRuntimePermissionsLPw(setupPackage, CONTACTS_PERMISSIONS, userId);
275 grantRuntimePermissionsLPw(setupPackage, SETTINGS_PERMISSIONS, userId);
276 }
277
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]278 // Dialer
279 if (dialerAppPackageNames != null) {
280 for (String dialerAppPackageName : dialerAppPackageNames) {
281 PackageParser.Package dialerPackage = getPackageLPr(dialerAppPackageName);
282 if (dialerPackage != null
283 && doesPackageSupportRuntimePermissions(dialerPackage)) {
284 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, userId);
285 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, userId);
286 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, userId);
287 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, userId);
288 }
289 }
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]290 }
291
292 // Camera
293 Intent cameraIntent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE);
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]294 PackageParser.Package cameraPackage = getDefaultSystemHandlerActivityPackageLPr(
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]295 cameraIntent, userId);
296 if (cameraPackage != null
297 && doesPackageSupportRuntimePermissions(cameraPackage)) {
298 grantRuntimePermissionsLPw(cameraPackage, CAMERA_PERMISSIONS, userId);
299 grantRuntimePermissionsLPw(cameraPackage, MICROPHONE_PERMISSIONS, userId);
Dianne Hackbornca8e6da2015-06-24 15:19:17 -0700[diff] [blame]300 grantRuntimePermissionsLPw(cameraPackage, STORAGE_PERMISSIONS, userId);
301 }
302
303 // Media provider
304 PackageParser.Package mediaStorePackage = getDefaultProviderAuthorityPackageLPr(
305 MediaStore.AUTHORITY, userId);
306 if (mediaStorePackage != null) {
307 grantRuntimePermissionsLPw(mediaStorePackage, STORAGE_PERMISSIONS, userId);
308 }
309
310 // Downloads provider
311 PackageParser.Package downloadsPackage = getDefaultProviderAuthorityPackageLPr(
312 "downloads", userId);
313 if (downloadsPackage != null) {
314 grantRuntimePermissionsLPw(downloadsPackage, STORAGE_PERMISSIONS, userId);
315 }
316
317 // Downloads UI
318 Intent downloadsUiIntent = new Intent(DownloadManager.ACTION_VIEW_DOWNLOADS);
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]319 PackageParser.Package downloadsUiPackage = getDefaultSystemHandlerActivityPackageLPr(
Dianne Hackbornca8e6da2015-06-24 15:19:17 -0700[diff] [blame]320 downloadsUiIntent, userId);
321 if (downloadsUiPackage != null
322 && doesPackageSupportRuntimePermissions(downloadsUiPackage)) {
323 grantRuntimePermissionsLPw(downloadsUiPackage, STORAGE_PERMISSIONS, userId);
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]324 }
325
Jeff Sharkey7186dd32015-06-30 17:32:45 -0700[diff] [blame]326 // Storage provider
327 PackageParser.Package storagePackage = getDefaultProviderAuthorityPackageLPr(
328 "com.android.externalstorage.documents", userId);
329 if (storagePackage != null) {
330 grantRuntimePermissionsLPw(storagePackage, STORAGE_PERMISSIONS, userId);
331 }
332
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]333 // SMS
334 if (smsAppPackageNames != null) {
335 for (String smsPackageName : smsAppPackageNames) {
336 PackageParser.Package smsPackage = getPackageLPr(smsPackageName);
337 if (smsPackage != null
338 && doesPackageSupportRuntimePermissions(smsPackage)) {
339 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, userId);
340 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, userId);
341 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, userId);
342 }
343 }
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]344 }
345
346 // Calendar
347 Intent calendarIntent = new Intent(Intent.ACTION_MAIN);
348 calendarIntent.addCategory(Intent.CATEGORY_APP_CALENDAR);
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]349 PackageParser.Package calendarPackage = getDefaultSystemHandlerActivityPackageLPr(
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]350 calendarIntent, userId);
351 if (calendarPackage != null
352 && doesPackageSupportRuntimePermissions(calendarPackage)) {
353 grantRuntimePermissionsLPw(calendarPackage, CALENDAR_PERMISSIONS, userId);
354 grantRuntimePermissionsLPw(calendarPackage, CONTACTS_PERMISSIONS, userId);
Dianne Hackborn388cd2c2015-06-26 17:32:36 -0700[diff] [blame]355 grantRuntimePermissionsLPw(calendarPackage, ACCOUNTS_PERMISSIONS, userId);
356 }
357
358 // Calendar provider
359 PackageParser.Package calendarProviderPackage = getDefaultProviderAuthorityPackageLPr(
360 CalendarContract.AUTHORITY, userId);
361 if (calendarProviderPackage != null) {
362 grantRuntimePermissionsLPw(calendarProviderPackage, CONTACTS_PERMISSIONS, userId);
363 grantRuntimePermissionsLPw(calendarProviderPackage, CALENDAR_PERMISSIONS, userId);
364 grantRuntimePermissionsLPw(calendarProviderPackage, ACCOUNTS_PERMISSIONS, userId);
365 grantRuntimePermissionsLPw(calendarProviderPackage, STORAGE_PERMISSIONS, userId);
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]366 }
367
368 // Contacts
369 Intent contactsIntent = new Intent(Intent.ACTION_MAIN);
370 contactsIntent.addCategory(Intent.CATEGORY_APP_CONTACTS);
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]371 PackageParser.Package contactsPackage = getDefaultSystemHandlerActivityPackageLPr(
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]372 contactsIntent, userId);
373 if (contactsPackage != null
374 && doesPackageSupportRuntimePermissions(contactsPackage)) {
375 grantRuntimePermissionsLPw(contactsPackage, CONTACTS_PERMISSIONS, userId);
376 grantRuntimePermissionsLPw(contactsPackage, PHONE_PERMISSIONS, userId);
Dianne Hackborn388cd2c2015-06-26 17:32:36 -0700[diff] [blame]377 grantRuntimePermissionsLPw(contactsPackage, ACCOUNTS_PERMISSIONS, userId);
378 }
379
380 // Contacts provider
381 PackageParser.Package contactsProviderPackage = getDefaultProviderAuthorityPackageLPr(
382 ContactsContract.AUTHORITY, userId);
383 if (contactsProviderPackage != null) {
384 grantRuntimePermissionsLPw(contactsProviderPackage, CONTACTS_PERMISSIONS, userId);
385 grantRuntimePermissionsLPw(contactsProviderPackage, ACCOUNTS_PERMISSIONS, userId);
386 grantRuntimePermissionsLPw(contactsProviderPackage, STORAGE_PERMISSIONS, userId);
387 }
388
389 // Device provisioning
390 Intent deviceProvisionIntent = new Intent(
391 DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE);
Svet Ganovb6e00132015-06-29 20:19:25 -0700[diff] [blame]392 PackageParser.Package deviceProvisionPackage =
393 getDefaultSystemHandlerActivityPackageLPr(deviceProvisionIntent, userId);
Dianne Hackborn388cd2c2015-06-26 17:32:36 -0700[diff] [blame]394 if (deviceProvisionPackage != null
395 && doesPackageSupportRuntimePermissions(deviceProvisionPackage)) {
396 grantRuntimePermissionsLPw(contactsPackage, ACCOUNTS_PERMISSIONS, userId);
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]397 }
398
399 // Maps
400 Intent mapsIntent = new Intent(Intent.ACTION_MAIN);
401 mapsIntent.addCategory(Intent.CATEGORY_APP_MAPS);
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]402 PackageParser.Package mapsPackage = getDefaultSystemHandlerActivityPackageLPr(
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]403 mapsIntent, userId);
404 if (mapsPackage != null
405 && doesPackageSupportRuntimePermissions(mapsPackage)) {
406 grantRuntimePermissionsLPw(mapsPackage, LOCATION_PERMISSIONS, userId);
407 }
408
Svet Ganov200d4942015-07-01 20:46:02 -0700[diff] [blame^]409 // Gallery
410 Intent galleryIntent = new Intent(Intent.ACTION_MAIN);
411 galleryIntent.addCategory(Intent.CATEGORY_APP_GALLERY);
412 PackageParser.Package galleryPackage = getDefaultSystemHandlerActivityPackageLPr(
413 galleryIntent, userId);
414 if (galleryPackage != null
415 && doesPackageSupportRuntimePermissions(galleryPackage)) {
416 grantRuntimePermissionsLPw(galleryPackage, STORAGE_PERMISSIONS, userId);
417 }
418
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]419 // Email
420 Intent emailIntent = new Intent(Intent.ACTION_MAIN);
421 emailIntent.addCategory(Intent.CATEGORY_APP_EMAIL);
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]422 PackageParser.Package emailPackage = getDefaultSystemHandlerActivityPackageLPr(
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]423 emailIntent, userId);
424 if (emailPackage != null
425 && doesPackageSupportRuntimePermissions(emailPackage)) {
426 grantRuntimePermissionsLPw(emailPackage, CONTACTS_PERMISSIONS, userId);
427 }
428
429 // Browser
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]430 PackageParser.Package browserPackage = null;
431 String defaultBrowserPackage = mService.getDefaultBrowserPackageName(userId);
432 if (defaultBrowserPackage != null) {
433 browserPackage = getPackageLPr(defaultBrowserPackage);
434 }
435 if (browserPackage == null) {
436 Intent browserIntent = new Intent(Intent.ACTION_MAIN);
437 browserIntent.addCategory(Intent.CATEGORY_APP_BROWSER);
438 browserPackage = getDefaultSystemHandlerActivityPackageLPr(
439 browserIntent, userId);
440 }
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]441 if (browserPackage != null
442 && doesPackageSupportRuntimePermissions(browserPackage)) {
443 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, userId);
444 }
445
446 // IME
447 if (imePackageNames != null) {
448 for (String imePackageName : imePackageNames) {
449 PackageParser.Package imePackage = getSystemPackageLPr(imePackageName);
450 if (imePackage != null
451 && doesPackageSupportRuntimePermissions(imePackage)) {
452 grantRuntimePermissionsLPw(imePackage, CONTACTS_PERMISSIONS, userId);
453 }
454 }
455 }
456
457 // Voice interaction
458 if (voiceInteractPackageNames != null) {
459 for (String voiceInteractPackageName : voiceInteractPackageNames) {
460 PackageParser.Package voiceInteractPackage = getSystemPackageLPr(
461 voiceInteractPackageName);
462 if (voiceInteractPackage != null
463 && doesPackageSupportRuntimePermissions(voiceInteractPackage)) {
464 grantRuntimePermissionsLPw(voiceInteractPackage,
465 CONTACTS_PERMISSIONS, userId);
466 grantRuntimePermissionsLPw(voiceInteractPackage,
467 CALENDAR_PERMISSIONS, userId);
468 grantRuntimePermissionsLPw(voiceInteractPackage,
469 MICROPHONE_PERMISSIONS, userId);
470 grantRuntimePermissionsLPw(voiceInteractPackage,
471 PHONE_PERMISSIONS, userId);
472 grantRuntimePermissionsLPw(voiceInteractPackage,
473 SMS_PERMISSIONS, userId);
474 grantRuntimePermissionsLPw(voiceInteractPackage,
475 LOCATION_PERMISSIONS, userId);
476 }
477 }
478 }
479
480 // Location
481 if (locationPackageNames != null) {
482 for (String packageName : locationPackageNames) {
483 PackageParser.Package locationPackage = getSystemPackageLPr(packageName);
484 if (locationPackage != null
485 && doesPackageSupportRuntimePermissions(locationPackage)) {
486 grantRuntimePermissionsLPw(locationPackage, CONTACTS_PERMISSIONS, userId);
487 grantRuntimePermissionsLPw(locationPackage, CALENDAR_PERMISSIONS, userId);
488 grantRuntimePermissionsLPw(locationPackage, MICROPHONE_PERMISSIONS, userId);
489 grantRuntimePermissionsLPw(locationPackage, PHONE_PERMISSIONS, userId);
490 grantRuntimePermissionsLPw(locationPackage, SMS_PERMISSIONS, userId);
491 grantRuntimePermissionsLPw(locationPackage, LOCATION_PERMISSIONS, userId);
492 grantRuntimePermissionsLPw(locationPackage, CAMERA_PERMISSIONS, userId);
493 grantRuntimePermissionsLPw(locationPackage, SENSORS_PERMISSIONS, userId);
494 grantRuntimePermissionsLPw(locationPackage, STORAGE_PERMISSIONS, userId);
495 }
496 }
497 }
Jeff Davidson2a880312015-06-22 16:54:34 -0700[diff] [blame]498
Jeff Sharkey7186dd32015-06-30 17:32:45 -0700[diff] [blame]499 // Music
500 Intent musicIntent = new Intent(Intent.ACTION_VIEW);
501 musicIntent.addCategory(Intent.CATEGORY_DEFAULT);
502 musicIntent.setDataAndType(Uri.fromFile(new File("foo.mp3")),
503 AUDIO_MIME_TYPE);
504 PackageParser.Package musicPackage = getDefaultSystemHandlerActivityPackageLPr(
505 musicIntent, userId);
506 if (musicPackage != null
507 && doesPackageSupportRuntimePermissions(musicPackage)) {
508 grantRuntimePermissionsLPw(musicPackage, STORAGE_PERMISSIONS, userId);
509 }
510
Svet Ganovba3ba812015-06-26 10:54:06 -0700[diff] [blame]511 mService.mSettings.onDefaultRuntimePermissionsGrantedLPr(userId);
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]512 }
513 }
514
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]515 public void grantDefaultPermissionsToDefaultSmsAppLPr(String packageName, int userId) {
516 Log.i(TAG, "Granting permissions to default sms app for user:" + userId);
517 if (packageName == null) {
518 return;
519 }
520 PackageParser.Package smsPackage = getPackageLPr(packageName);
521 if (smsPackage != null && doesPackageSupportRuntimePermissions(smsPackage)) {
522 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, userId);
523 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, userId);
524 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, userId);
525 }
526 }
527
528 public void grantDefaultPermissionsToDefaultDialerAppLPr(String packageName, int userId) {
529 Log.i(TAG, "Granting permissions to default dialer app for user:" + userId);
530 if (packageName == null) {
531 return;
532 }
533 PackageParser.Package dialerPackage = getPackageLPr(packageName);
534 if (dialerPackage != null
535 && doesPackageSupportRuntimePermissions(dialerPackage)) {
536 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, userId);
537 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, userId);
538 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, userId);
539 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, userId);
540 }
541 }
542
543 public void grantDefaultPermissionsToEnabledCarrierAppsLPr(String[] packageNames, int userId) {
544 Log.i(TAG, "Granting permissions to enabled carrier apps for user:" + userId);
545 if (packageNames == null) {
546 return;
547 }
548 for (String packageName : packageNames) {
549 PackageParser.Package carrierPackage = getSystemPackageLPr(packageName);
550 if (carrierPackage != null
551 && doesPackageSupportRuntimePermissions(carrierPackage)) {
552 grantRuntimePermissionsLPw(carrierPackage, PHONE_PERMISSIONS, userId);
553 grantRuntimePermissionsLPw(carrierPackage, LOCATION_PERMISSIONS, userId);
554 }
555 }
556 }
557
558 public void grantDefaultPermissionsToDefaultBrowserLPr(String packageName, int userId) {
559 Log.i(TAG, "Granting permissions to default browser for user:" + userId);
560 if (packageName == null) {
561 return;
562 }
563 PackageParser.Package browserPackage = getSystemPackageLPr(packageName);
564 if (browserPackage != null
565 && doesPackageSupportRuntimePermissions(browserPackage)) {
566 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, userId);
567 }
568 }
569
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]570 private List<PackageParser.Package> getPrivilegedHandlerReceiverPackagesLPr(
571 Intent intent, int userId) {
572 List<ResolveInfo> handlers = mService.queryIntentReceivers(
573 intent, intent.resolveTypeIfNeeded(mService.mContext.getContentResolver()),
574 0, userId);
575 return getPrivilegedPackages(handlers);
576 }
577
578 private List<PackageParser.Package> getPrivilegedHandlerActivityPackagesLPr(
579 Intent intent, int userId) {
580 List<ResolveInfo> handlers = mService.queryIntentActivities(
581 intent, intent.resolveTypeIfNeeded(mService.mContext.getContentResolver()),
582 0, userId);
583 return getPrivilegedPackages(handlers);
584 }
585
586 private List<PackageParser.Package> getPrivilegedPackages(List<ResolveInfo> resolveInfos) {
587 List<PackageParser.Package> handlerPackages = new ArrayList<>();
588 final int handlerCount = resolveInfos.size();
589 for (int i = 0; i < handlerCount; i++) {
590 ResolveInfo handler = resolveInfos.get(i);
591 PackageParser.Package handlerPackage = getPrivilegedPackageLPr(
592 handler.activityInfo.packageName);
593 if (handlerPackage != null) {
594 handlerPackages.add(handlerPackage);
595 }
596 }
597 return handlerPackages;
598 }
599
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]600 private PackageParser.Package getDefaultSystemHandlerActivityPackageLPr(
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]601 Intent intent, int userId) {
602 List<ResolveInfo> handlers = mService.queryIntentActivities(intent, null, 0, userId);
603 final int handlerCount = handlers.size();
604 for (int i = 0; i < handlerCount; i++) {
605 ResolveInfo handler = handlers.get(i);
606 // TODO: This is a temporary hack to figure out the setup app.
607 PackageParser.Package handlerPackage = getSystemPackageLPr(
608 handler.activityInfo.packageName);
609 if (handlerPackage != null) {
610 return handlerPackage;
611 }
612 }
613 return null;
614 }
615
Dianne Hackbornca8e6da2015-06-24 15:19:17 -0700[diff] [blame]616 private PackageParser.Package getDefaultProviderAuthorityPackageLPr(
617 String authority, int userId) {
618 ProviderInfo provider = mService.resolveContentProvider(authority, 0, userId);
619 if (provider != null) {
620 return getSystemPackageLPr(provider.packageName);
621 }
622 return null;
623 }
624
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]625 private PackageParser.Package getPackageLPr(String packageName) {
626 return mService.mPackages.get(packageName);
627 }
628
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]629 private PackageParser.Package getSystemPackageLPr(String packageName) {
Svetoslavcdfd2302015-06-25 19:07:31 -0700[diff] [blame]630 PackageParser.Package pkg = getPackageLPr(packageName);
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]631 if (pkg != null && pkg.isSystemApp()) {
632 return !isSysComponentOrPersistentPrivApp(pkg) ? pkg : null;
633 }
634 return null;
635 }
636
637 private PackageParser.Package getPrivilegedPackageLPr(String packageName) {
638 PackageParser.Package pkg = mService.mPackages.get(packageName);
639 if (pkg != null && pkg.applicationInfo.isPrivilegedApp()) {
640 return !isSysComponentOrPersistentPrivApp(pkg) ? pkg : null;
641 }
642 return null;
643 }
644
645 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions,
646 int userId) {
Svet Ganov6a166af2015-06-30 10:15:44 -0700[diff] [blame]647 grantRuntimePermissionsLPw(pkg, permissions, false, userId);
648
649 }
650
651 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions,
652 boolean systemFixed, int userId) {
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]653 List<String> requestedPermissions = pkg.requestedPermissions;
654
655 if (pkg.isUpdatedSystemApp()) {
656 PackageSetting sysPs = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName);
657 if (sysPs != null) {
658 requestedPermissions = sysPs.pkg.requestedPermissions;
659 }
660 }
661
662 final int permissionCount = requestedPermissions.size();
663 for (int i = 0; i < permissionCount; i++) {
664 String permission = requestedPermissions.get(i);
665 if (permissions.contains(permission)) {
666 final int flags = mService.getPermissionFlags(permission, pkg.packageName, userId);
667
668 // If any flags are set to the permission, then it is either set in
669 // its current state by the system or device/profile owner or the user.
670 // In all these cases we do not want to clobber the current state.
671 if (flags == 0) {
672 mService.grantRuntimePermission(pkg.packageName, permission, userId);
673 if (DEBUG) {
674 Log.i(TAG, "Granted " + permission + " to default handler "
675 + pkg.packageName);
676 }
Svet Ganov6a166af2015-06-30 10:15:44 -0700[diff] [blame]677
678 if (systemFixed) {
679 mService.updatePermissionFlags(permission, pkg.packageName,
680 PackageManager.FLAG_PERMISSION_SYSTEM_FIXED,
681 PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, userId);
682 }
Svet Ganovadc1cf42015-06-15 16:36:24 -0700[diff] [blame]683 }
684 }
685 }
686 }
687
688 private void grantInstallPermissionsLPw(PackageParser.Package pkg, Set<String> permissions,
689 int userId) {
690 List<String> requestedPermissions = pkg.requestedPermissions;
691
692 if (pkg.isUpdatedSystemApp()) {
693 PackageSetting sysPs = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName);
694 if (sysPs != null) {
695 requestedPermissions = sysPs.pkg.requestedPermissions;
696 }
697 }
698
699 final int permissionCount = requestedPermissions.size();
700 for (int i = 0; i < permissionCount; i++) {
701 String permission = requestedPermissions.get(i);
702 if (permissions.contains(permission)) {
703 final int flags = mService.getPermissionFlags(permission, pkg.packageName, userId);
704
705 // If any flags are set to the permission, then it is either set in
706 // its current state by the system or device/profile owner or the user.
707 // In all these cases we do not want to clobber the current state.
708 if (flags == 0) {
709 mService.grantInstallPermissionLPw(permission, pkg);
710 if (DEBUG) {
711 Log.i(TAG, "Granted install " + permission + " to " + pkg.packageName);
712 }
713 }
714 }
715 }
716 }
717
718 private static boolean isSysComponentOrPersistentPrivApp(PackageParser.Package pkg) {
719 return UserHandle.getAppId(pkg.applicationInfo.uid) < FIRST_APPLICATION_UID
720 || ((pkg.applicationInfo.privateFlags
721 & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) != 0
722 && (pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) != 0);
723 }
724
725 private static boolean doesPackageSupportRuntimePermissions(PackageParser.Package pkg) {
726 return pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1;
727 }
728}