Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 76ad1a3c212d09a2c843c1d845c20a4ec5bfd6e4 / . / services / core / java / com / android / server / pm / permission / DefaultPermissionGrantPolicy.java
blob: 23aea3cf3180ebc4034ec19192c7a68d90f333d1 [file] [log] [blame]
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]1/*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server.pm.permission;
18
Jeff Sharkey0095a822018-02-15 13:06:53 -0700[diff] [blame]19import static android.os.Process.FIRST_APPLICATION_UID;
Todd Kennedy7c4c55d2017-11-02 10:01:39 -0700[diff] [blame]20
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]21import android.Manifest;
22import android.annotation.NonNull;
Todd Kennedy0eb97382017-10-03 16:57:22 -0700[diff] [blame]23import android.annotation.Nullable;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]24import android.app.ActivityManager;
25import android.app.DownloadManager;
26import android.app.admin.DevicePolicyManager;
27import android.companion.CompanionDeviceManager;
Abodunrinwa Toki2c01b6c2018-02-13 17:47:48 +0000[diff] [blame]28import android.content.ComponentName;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]29import android.content.Context;
30import android.content.Intent;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]31import android.content.pm.ApplicationInfo;
Todd Kennedy42d61602017-12-12 14:44:19 -0800[diff] [blame]32import android.content.pm.PackageList;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]33import android.content.pm.PackageManager;
34import android.content.pm.PackageManagerInternal;
Jeff Sharkey0095a822018-02-15 13:06:53 -0700[diff] [blame]35import android.content.pm.PackageManagerInternal.PackagesProvider;
36import android.content.pm.PackageManagerInternal.SyncAdapterPackagesProvider;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]37import android.content.pm.PackageParser;
38import android.content.pm.ProviderInfo;
39import android.content.pm.ResolveInfo;
40import android.media.RingtoneManager;
41import android.net.Uri;
42import android.os.Binder;
43import android.os.Build;
44import android.os.Environment;
45import android.os.Handler;
46import android.os.Looper;
47import android.os.Message;
48import android.os.UserHandle;
49import android.os.storage.StorageManager;
50import android.print.PrintManager;
51import android.provider.CalendarContract;
52import android.provider.ContactsContract;
53import android.provider.MediaStore;
54import android.provider.Telephony.Sms.Intents;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]55import android.security.Credentials;
Abodunrinwa Toki2c01b6c2018-02-13 17:47:48 +0000[diff] [blame]56import android.service.textclassifier.TextClassifierService;
Jeff Sharkey0095a822018-02-15 13:06:53 -0700[diff] [blame]57import android.telephony.TelephonyManager;
Ye Wen8e8b2d52018-03-14 11:48:24 -0700[diff] [blame]58import android.text.TextUtils;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]59import android.util.ArrayMap;
60import android.util.ArraySet;
61import android.util.Log;
62import android.util.Slog;
63import android.util.Xml;
Jeff Sharkey0095a822018-02-15 13:06:53 -0700[diff] [blame]64
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]65import com.android.internal.util.XmlUtils;
66import com.android.server.LocalServices;
Jeff Sharkey0095a822018-02-15 13:06:53 -0700[diff] [blame]67import com.android.server.pm.PackageManagerService;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]68
69import org.xmlpull.v1.XmlPullParser;
70import org.xmlpull.v1.XmlPullParserException;
71
72import java.io.BufferedInputStream;
73import java.io.File;
74import java.io.FileInputStream;
75import java.io.IOException;
76import java.io.InputStream;
77import java.util.ArrayList;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]78import java.util.Collections;
79import java.util.List;
80import java.util.Map;
81import java.util.Set;
82
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]83/**
84 * This class is the policy for granting runtime permissions to
85 * platform components and default handlers in the system such
86 * that the device is usable out-of-the-box. For example, the
87 * shell UID is a part of the system and the Phone app should
88 * have phone related permission by default.
89 * <p>
90 * NOTE: This class is at the wrong abstraction level. It is a part of the package manager
91 * service but knows about lots of higher level subsystems. The correct way to do this is
92 * to have an interface defined in the package manager but have the impl next to other
93 * policy stuff like PhoneWindowManager
94 */
95public final class DefaultPermissionGrantPolicy {
96 private static final String TAG = "DefaultPermGrantPolicy"; // must be <= 23 chars
97 private static final boolean DEBUG = false;
98
99 private static final int DEFAULT_FLAGS =
100 PackageManager.MATCH_DIRECT_BOOT_AWARE | PackageManager.MATCH_DIRECT_BOOT_UNAWARE
101 | PackageManager.MATCH_UNINSTALLED_PACKAGES;
102
103 private static final String AUDIO_MIME_TYPE = "audio/mpeg";
104
105 private static final String TAG_EXCEPTIONS = "exceptions";
106 private static final String TAG_EXCEPTION = "exception";
107 private static final String TAG_PERMISSION = "permission";
108 private static final String ATTR_PACKAGE = "package";
109 private static final String ATTR_NAME = "name";
110 private static final String ATTR_FIXED = "fixed";
111
112 private static final Set<String> PHONE_PERMISSIONS = new ArraySet<>();
113 static {
114 PHONE_PERMISSIONS.add(Manifest.permission.READ_PHONE_STATE);
115 PHONE_PERMISSIONS.add(Manifest.permission.CALL_PHONE);
116 PHONE_PERMISSIONS.add(Manifest.permission.READ_CALL_LOG);
117 PHONE_PERMISSIONS.add(Manifest.permission.WRITE_CALL_LOG);
118 PHONE_PERMISSIONS.add(Manifest.permission.ADD_VOICEMAIL);
119 PHONE_PERMISSIONS.add(Manifest.permission.USE_SIP);
120 PHONE_PERMISSIONS.add(Manifest.permission.PROCESS_OUTGOING_CALLS);
121 }
122
123 private static final Set<String> CONTACTS_PERMISSIONS = new ArraySet<>();
124 static {
125 CONTACTS_PERMISSIONS.add(Manifest.permission.READ_CONTACTS);
126 CONTACTS_PERMISSIONS.add(Manifest.permission.WRITE_CONTACTS);
127 CONTACTS_PERMISSIONS.add(Manifest.permission.GET_ACCOUNTS);
128 }
129
130 private static final Set<String> LOCATION_PERMISSIONS = new ArraySet<>();
131 static {
132 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_FINE_LOCATION);
133 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_COARSE_LOCATION);
134 }
135
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]136 private static final Set<String> COARSE_LOCATION_PERMISSIONS = new ArraySet<>();
137 static {
138 COARSE_LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_COARSE_LOCATION);
139 }
140
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]141 private static final Set<String> CALENDAR_PERMISSIONS = new ArraySet<>();
142 static {
143 CALENDAR_PERMISSIONS.add(Manifest.permission.READ_CALENDAR);
144 CALENDAR_PERMISSIONS.add(Manifest.permission.WRITE_CALENDAR);
145 }
146
147 private static final Set<String> SMS_PERMISSIONS = new ArraySet<>();
148 static {
149 SMS_PERMISSIONS.add(Manifest.permission.SEND_SMS);
150 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_SMS);
151 SMS_PERMISSIONS.add(Manifest.permission.READ_SMS);
152 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_WAP_PUSH);
153 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_MMS);
154 SMS_PERMISSIONS.add(Manifest.permission.READ_CELL_BROADCASTS);
155 }
156
157 private static final Set<String> MICROPHONE_PERMISSIONS = new ArraySet<>();
158 static {
159 MICROPHONE_PERMISSIONS.add(Manifest.permission.RECORD_AUDIO);
160 }
161
162 private static final Set<String> CAMERA_PERMISSIONS = new ArraySet<>();
163 static {
164 CAMERA_PERMISSIONS.add(Manifest.permission.CAMERA);
165 }
166
167 private static final Set<String> SENSORS_PERMISSIONS = new ArraySet<>();
168 static {
169 SENSORS_PERMISSIONS.add(Manifest.permission.BODY_SENSORS);
170 }
171
172 private static final Set<String> STORAGE_PERMISSIONS = new ArraySet<>();
173 static {
174 STORAGE_PERMISSIONS.add(Manifest.permission.READ_EXTERNAL_STORAGE);
175 STORAGE_PERMISSIONS.add(Manifest.permission.WRITE_EXTERNAL_STORAGE);
176 }
177
178 private static final int MSG_READ_DEFAULT_PERMISSION_EXCEPTIONS = 1;
179
180 private static final String ACTION_TRACK = "com.android.fitness.TRACK";
181
182 private final Handler mHandler;
183
184 private PackagesProvider mLocationPackagesProvider;
185 private PackagesProvider mVoiceInteractionPackagesProvider;
186 private PackagesProvider mSmsAppPackagesProvider;
187 private PackagesProvider mDialerAppPackagesProvider;
188 private PackagesProvider mSimCallManagerPackagesProvider;
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]189 private PackagesProvider mUseOpenWifiAppPackagesProvider;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]190 private SyncAdapterPackagesProvider mSyncAdapterPackagesProvider;
191
192 private ArrayMap<String, List<DefaultPermissionGrant>> mGrantExceptions;
193 private final Context mContext;
194 private final Object mLock = new Object();
195 private final PackageManagerInternal mServiceInternal;
Todd Kennedy0eb97382017-10-03 16:57:22 -0700[diff] [blame]196 private final PermissionManagerService mPermissionManager;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]197 private final DefaultPermissionGrantedCallback mPermissionGrantedCallback;
198 public interface DefaultPermissionGrantedCallback {
199 /** Callback when permissions have been granted */
200 public void onDefaultRuntimePermissionsGranted(int userId);
201 }
202
203 public DefaultPermissionGrantPolicy(Context context, Looper looper,
Todd Kennedy0eb97382017-10-03 16:57:22 -0700[diff] [blame]204 @Nullable DefaultPermissionGrantedCallback callback,
205 @NonNull PermissionManagerService permissionManager) {
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]206 mContext = context;
207 mHandler = new Handler(looper) {
208 @Override
209 public void handleMessage(Message msg) {
210 if (msg.what == MSG_READ_DEFAULT_PERMISSION_EXCEPTIONS) {
211 synchronized (mLock) {
212 if (mGrantExceptions == null) {
213 mGrantExceptions = readDefaultPermissionExceptionsLocked();
214 }
215 }
216 }
217 }
218 };
219 mPermissionGrantedCallback = callback;
Todd Kennedy0eb97382017-10-03 16:57:22 -0700[diff] [blame]220 mPermissionManager = permissionManager;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]221 mServiceInternal = LocalServices.getService(PackageManagerInternal.class);
222 }
223
224 public void setLocationPackagesProvider(PackagesProvider provider) {
225 synchronized (mLock) {
226 mLocationPackagesProvider = provider;
227 }
228 }
229
230 public void setVoiceInteractionPackagesProvider(PackagesProvider provider) {
231 synchronized (mLock) {
232 mVoiceInteractionPackagesProvider = provider;
233 }
234 }
235
236 public void setSmsAppPackagesProvider(PackagesProvider provider) {
237 synchronized (mLock) {
238 mSmsAppPackagesProvider = provider;
239 }
240 }
241
242 public void setDialerAppPackagesProvider(PackagesProvider provider) {
243 synchronized (mLock) {
244 mDialerAppPackagesProvider = provider;
245 }
246 }
247
248 public void setSimCallManagerPackagesProvider(PackagesProvider provider) {
249 synchronized (mLock) {
250 mSimCallManagerPackagesProvider = provider;
251 }
252 }
253
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]254 public void setUseOpenWifiAppPackagesProvider(PackagesProvider provider) {
255 synchronized (mLock) {
256 mUseOpenWifiAppPackagesProvider = provider;
257 }
258 }
259
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]260 public void setSyncAdapterPackagesProvider(SyncAdapterPackagesProvider provider) {
261 synchronized (mLock) {
262 mSyncAdapterPackagesProvider = provider;
263 }
264 }
265
Todd Kennedy42d61602017-12-12 14:44:19 -0800[diff] [blame]266 public void grantDefaultPermissions(int userId) {
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]267 if (mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_EMBEDDED, 0)) {
Todd Kennedy42d61602017-12-12 14:44:19 -0800[diff] [blame]268 grantAllRuntimePermissions(userId);
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]269 } else {
Todd Kennedy42d61602017-12-12 14:44:19 -0800[diff] [blame]270 grantPermissionsToSysComponentsAndPrivApps(userId);
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]271 grantDefaultSystemHandlerPermissions(userId);
272 grantDefaultPermissionExceptions(userId);
273 }
274 }
275
276 private void grantRuntimePermissionsForPackage(int userId, PackageParser.Package pkg) {
277 Set<String> permissions = new ArraySet<>();
278 for (String permission : pkg.requestedPermissions) {
Todd Kennedy0eb97382017-10-03 16:57:22 -0700[diff] [blame]279 final BasePermission bp = mPermissionManager.getPermission(permission);
280 if (bp == null) {
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]281 continue;
282 }
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]283 if (bp.isRuntime()) {
284 permissions.add(permission);
285 }
286 }
287 if (!permissions.isEmpty()) {
288 grantRuntimePermissions(pkg, permissions, true, userId);
289 }
290 }
291
Todd Kennedy42d61602017-12-12 14:44:19 -0800[diff] [blame]292 private void grantAllRuntimePermissions(int userId) {
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]293 Log.i(TAG, "Granting all runtime permissions for user " + userId);
Todd Kennedy42d61602017-12-12 14:44:19 -0800[diff] [blame]294 final PackageList packageList = mServiceInternal.getPackageList();
295 for (String packageName : packageList.getPackageNames()) {
296 final PackageParser.Package pkg = mServiceInternal.getPackage(packageName);
297 if (pkg == null) {
298 continue;
299 }
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]300 grantRuntimePermissionsForPackage(userId, pkg);
301 }
302 }
303
304 public void scheduleReadDefaultPermissionExceptions() {
305 mHandler.sendEmptyMessage(MSG_READ_DEFAULT_PERMISSION_EXCEPTIONS);
306 }
307
Todd Kennedy42d61602017-12-12 14:44:19 -0800[diff] [blame]308 private void grantPermissionsToSysComponentsAndPrivApps(int userId) {
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]309 Log.i(TAG, "Granting permissions to platform components for user " + userId);
Todd Kennedy42d61602017-12-12 14:44:19 -0800[diff] [blame]310 final PackageList packageList = mServiceInternal.getPackageList();
311 for (String packageName : packageList.getPackageNames()) {
312 final PackageParser.Package pkg = mServiceInternal.getPackage(packageName);
313 if (pkg == null) {
314 continue;
315 }
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]316 if (!isSysComponentOrPersistentPlatformSignedPrivApp(pkg)
317 || !doesPackageSupportRuntimePermissions(pkg)
318 || pkg.requestedPermissions.isEmpty()) {
319 continue;
320 }
321 grantRuntimePermissionsForPackage(userId, pkg);
322 }
323 }
324
325 private void grantDefaultSystemHandlerPermissions(int userId) {
326 Log.i(TAG, "Granting permissions to default platform handlers for user " + userId);
327
328 final PackagesProvider locationPackagesProvider;
329 final PackagesProvider voiceInteractionPackagesProvider;
330 final PackagesProvider smsAppPackagesProvider;
331 final PackagesProvider dialerAppPackagesProvider;
332 final PackagesProvider simCallManagerPackagesProvider;
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]333 final PackagesProvider useOpenWifiAppPackagesProvider;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]334 final SyncAdapterPackagesProvider syncAdapterPackagesProvider;
335
336 synchronized (mLock) {
337 locationPackagesProvider = mLocationPackagesProvider;
338 voiceInteractionPackagesProvider = mVoiceInteractionPackagesProvider;
339 smsAppPackagesProvider = mSmsAppPackagesProvider;
340 dialerAppPackagesProvider = mDialerAppPackagesProvider;
341 simCallManagerPackagesProvider = mSimCallManagerPackagesProvider;
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]342 useOpenWifiAppPackagesProvider = mUseOpenWifiAppPackagesProvider;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]343 syncAdapterPackagesProvider = mSyncAdapterPackagesProvider;
344 }
345
346 String[] voiceInteractPackageNames = (voiceInteractionPackagesProvider != null)
347 ? voiceInteractionPackagesProvider.getPackages(userId) : null;
348 String[] locationPackageNames = (locationPackagesProvider != null)
349 ? locationPackagesProvider.getPackages(userId) : null;
350 String[] smsAppPackageNames = (smsAppPackagesProvider != null)
351 ? smsAppPackagesProvider.getPackages(userId) : null;
352 String[] dialerAppPackageNames = (dialerAppPackagesProvider != null)
353 ? dialerAppPackagesProvider.getPackages(userId) : null;
354 String[] simCallManagerPackageNames = (simCallManagerPackagesProvider != null)
355 ? simCallManagerPackagesProvider.getPackages(userId) : null;
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]356 String[] useOpenWifiAppPackageNames = (useOpenWifiAppPackagesProvider != null)
357 ? useOpenWifiAppPackagesProvider.getPackages(userId) : null;
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]358 String[] contactsSyncAdapterPackages = (syncAdapterPackagesProvider != null) ?
359 syncAdapterPackagesProvider.getPackages(ContactsContract.AUTHORITY, userId) : null;
360 String[] calendarSyncAdapterPackages = (syncAdapterPackagesProvider != null) ?
361 syncAdapterPackagesProvider.getPackages(CalendarContract.AUTHORITY, userId) : null;
362
363 // Installer
364 final String installerPackageName = mServiceInternal.getKnownPackageName(
365 PackageManagerInternal.PACKAGE_INSTALLER, userId);
366 PackageParser.Package installerPackage = getSystemPackage(installerPackageName);
367 if (installerPackage != null
368 && doesPackageSupportRuntimePermissions(installerPackage)) {
369 grantRuntimePermissions(installerPackage, STORAGE_PERMISSIONS, true, userId);
370 }
371
372 // Verifier
373 final String verifierPackageName = mServiceInternal.getKnownPackageName(
374 PackageManagerInternal.PACKAGE_VERIFIER, userId);
375 PackageParser.Package verifierPackage = getSystemPackage(verifierPackageName);
376 if (verifierPackage != null
377 && doesPackageSupportRuntimePermissions(verifierPackage)) {
378 grantRuntimePermissions(verifierPackage, STORAGE_PERMISSIONS, true, userId);
379 grantRuntimePermissions(verifierPackage, PHONE_PERMISSIONS, false, userId);
380 grantRuntimePermissions(verifierPackage, SMS_PERMISSIONS, false, userId);
381 }
382
383 // SetupWizard
384 final String setupWizardPackageName = mServiceInternal.getKnownPackageName(
385 PackageManagerInternal.PACKAGE_SETUP_WIZARD, userId);
386 PackageParser.Package setupPackage = getSystemPackage(setupWizardPackageName);
387 if (setupPackage != null
388 && doesPackageSupportRuntimePermissions(setupPackage)) {
389 grantRuntimePermissions(setupPackage, PHONE_PERMISSIONS, userId);
390 grantRuntimePermissions(setupPackage, CONTACTS_PERMISSIONS, userId);
391 grantRuntimePermissions(setupPackage, LOCATION_PERMISSIONS, userId);
392 grantRuntimePermissions(setupPackage, CAMERA_PERMISSIONS, userId);
393 }
394
395 // Camera
396 Intent cameraIntent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE);
397 PackageParser.Package cameraPackage = getDefaultSystemHandlerActivityPackage(
398 cameraIntent, userId);
399 if (cameraPackage != null
400 && doesPackageSupportRuntimePermissions(cameraPackage)) {
401 grantRuntimePermissions(cameraPackage, CAMERA_PERMISSIONS, userId);
402 grantRuntimePermissions(cameraPackage, MICROPHONE_PERMISSIONS, userId);
403 grantRuntimePermissions(cameraPackage, STORAGE_PERMISSIONS, userId);
404 }
405
406 // Media provider
407 PackageParser.Package mediaStorePackage = getDefaultProviderAuthorityPackage(
408 MediaStore.AUTHORITY, userId);
409 if (mediaStorePackage != null) {
410 grantRuntimePermissions(mediaStorePackage, STORAGE_PERMISSIONS, true, userId);
Jerry Zhang27067df2017-10-18 11:51:54 -0700[diff] [blame]411 grantRuntimePermissions(mediaStorePackage, PHONE_PERMISSIONS, true, userId);
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]412 }
413
414 // Downloads provider
415 PackageParser.Package downloadsPackage = getDefaultProviderAuthorityPackage(
416 "downloads", userId);
417 if (downloadsPackage != null) {
418 grantRuntimePermissions(downloadsPackage, STORAGE_PERMISSIONS, true, userId);
419 }
420
421 // Downloads UI
422 Intent downloadsUiIntent = new Intent(DownloadManager.ACTION_VIEW_DOWNLOADS);
423 PackageParser.Package downloadsUiPackage = getDefaultSystemHandlerActivityPackage(
424 downloadsUiIntent, userId);
425 if (downloadsUiPackage != null
426 && doesPackageSupportRuntimePermissions(downloadsUiPackage)) {
427 grantRuntimePermissions(downloadsUiPackage, STORAGE_PERMISSIONS, true, userId);
428 }
429
430 // Storage provider
431 PackageParser.Package storagePackage = getDefaultProviderAuthorityPackage(
432 "com.android.externalstorage.documents", userId);
433 if (storagePackage != null) {
434 grantRuntimePermissions(storagePackage, STORAGE_PERMISSIONS, true, userId);
435 }
436
Jeff Sharkey0095a822018-02-15 13:06:53 -0700[diff] [blame]437 // Container service
438 PackageParser.Package containerPackage = getSystemPackage(
439 PackageManagerService.DEFAULT_CONTAINER_PACKAGE);
440 if (containerPackage != null) {
441 grantRuntimePermissions(containerPackage, STORAGE_PERMISSIONS, true, userId);
442 }
443
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]444 // CertInstaller
445 Intent certInstallerIntent = new Intent(Credentials.INSTALL_ACTION);
446 PackageParser.Package certInstallerPackage = getDefaultSystemHandlerActivityPackage(
447 certInstallerIntent, userId);
448 if (certInstallerPackage != null
449 && doesPackageSupportRuntimePermissions(certInstallerPackage)) {
450 grantRuntimePermissions(certInstallerPackage, STORAGE_PERMISSIONS, true, userId);
451 }
452
453 // Dialer
454 if (dialerAppPackageNames == null) {
455 Intent dialerIntent = new Intent(Intent.ACTION_DIAL);
456 PackageParser.Package dialerPackage = getDefaultSystemHandlerActivityPackage(
457 dialerIntent, userId);
458 if (dialerPackage != null) {
459 grantDefaultPermissionsToDefaultSystemDialerApp(dialerPackage, userId);
460 }
461 } else {
462 for (String dialerAppPackageName : dialerAppPackageNames) {
463 PackageParser.Package dialerPackage = getSystemPackage(dialerAppPackageName);
464 if (dialerPackage != null) {
465 grantDefaultPermissionsToDefaultSystemDialerApp(dialerPackage, userId);
466 }
467 }
468 }
469
470 // Sim call manager
471 if (simCallManagerPackageNames != null) {
472 for (String simCallManagerPackageName : simCallManagerPackageNames) {
473 PackageParser.Package simCallManagerPackage =
474 getSystemPackage(simCallManagerPackageName);
475 if (simCallManagerPackage != null) {
476 grantDefaultPermissionsToDefaultSimCallManager(simCallManagerPackage,
477 userId);
478 }
479 }
480 }
481
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]482 // Use Open Wifi
483 if (useOpenWifiAppPackageNames != null) {
484 for (String useOpenWifiPackageName : useOpenWifiAppPackageNames) {
485 PackageParser.Package useOpenWifiPackage =
486 getSystemPackage(useOpenWifiPackageName);
487 if (useOpenWifiPackage != null) {
488 grantDefaultPermissionsToDefaultSystemUseOpenWifiApp(useOpenWifiPackage,
489 userId);
490 }
491 }
492 }
493
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]494 // SMS
495 if (smsAppPackageNames == null) {
496 Intent smsIntent = new Intent(Intent.ACTION_MAIN);
497 smsIntent.addCategory(Intent.CATEGORY_APP_MESSAGING);
498 PackageParser.Package smsPackage = getDefaultSystemHandlerActivityPackage(
499 smsIntent, userId);
500 if (smsPackage != null) {
501 grantDefaultPermissionsToDefaultSystemSmsApp(smsPackage, userId);
502 }
503 } else {
504 for (String smsPackageName : smsAppPackageNames) {
505 PackageParser.Package smsPackage = getSystemPackage(smsPackageName);
506 if (smsPackage != null) {
507 grantDefaultPermissionsToDefaultSystemSmsApp(smsPackage, userId);
508 }
509 }
510 }
511
512 // Cell Broadcast Receiver
513 Intent cbrIntent = new Intent(Intents.SMS_CB_RECEIVED_ACTION);
514 PackageParser.Package cbrPackage =
515 getDefaultSystemHandlerActivityPackage(cbrIntent, userId);
516 if (cbrPackage != null && doesPackageSupportRuntimePermissions(cbrPackage)) {
517 grantRuntimePermissions(cbrPackage, SMS_PERMISSIONS, userId);
518 }
519
520 // Carrier Provisioning Service
521 Intent carrierProvIntent = new Intent(Intents.SMS_CARRIER_PROVISION_ACTION);
522 PackageParser.Package carrierProvPackage =
523 getDefaultSystemHandlerServicePackage(carrierProvIntent, userId);
524 if (carrierProvPackage != null
525 && doesPackageSupportRuntimePermissions(carrierProvPackage)) {
526 grantRuntimePermissions(carrierProvPackage, SMS_PERMISSIONS, false, userId);
527 }
528
529 // Calendar
530 Intent calendarIntent = new Intent(Intent.ACTION_MAIN);
531 calendarIntent.addCategory(Intent.CATEGORY_APP_CALENDAR);
532 PackageParser.Package calendarPackage = getDefaultSystemHandlerActivityPackage(
533 calendarIntent, userId);
534 if (calendarPackage != null
535 && doesPackageSupportRuntimePermissions(calendarPackage)) {
536 grantRuntimePermissions(calendarPackage, CALENDAR_PERMISSIONS, userId);
537 grantRuntimePermissions(calendarPackage, CONTACTS_PERMISSIONS, userId);
538 }
539
540 // Calendar provider
541 PackageParser.Package calendarProviderPackage = getDefaultProviderAuthorityPackage(
542 CalendarContract.AUTHORITY, userId);
543 if (calendarProviderPackage != null) {
544 grantRuntimePermissions(calendarProviderPackage, CONTACTS_PERMISSIONS, userId);
545 grantRuntimePermissions(calendarProviderPackage, CALENDAR_PERMISSIONS,
546 true, userId);
547 grantRuntimePermissions(calendarProviderPackage, STORAGE_PERMISSIONS, userId);
548 }
549
550 // Calendar provider sync adapters
551 List<PackageParser.Package> calendarSyncAdapters = getHeadlessSyncAdapterPackages(
552 calendarSyncAdapterPackages, userId);
553 final int calendarSyncAdapterCount = calendarSyncAdapters.size();
554 for (int i = 0; i < calendarSyncAdapterCount; i++) {
555 PackageParser.Package calendarSyncAdapter = calendarSyncAdapters.get(i);
556 if (doesPackageSupportRuntimePermissions(calendarSyncAdapter)) {
557 grantRuntimePermissions(calendarSyncAdapter, CALENDAR_PERMISSIONS, userId);
558 }
559 }
560
561 // Contacts
562 Intent contactsIntent = new Intent(Intent.ACTION_MAIN);
563 contactsIntent.addCategory(Intent.CATEGORY_APP_CONTACTS);
564 PackageParser.Package contactsPackage = getDefaultSystemHandlerActivityPackage(
565 contactsIntent, userId);
566 if (contactsPackage != null
567 && doesPackageSupportRuntimePermissions(contactsPackage)) {
568 grantRuntimePermissions(contactsPackage, CONTACTS_PERMISSIONS, userId);
569 grantRuntimePermissions(contactsPackage, PHONE_PERMISSIONS, userId);
570 }
571
572 // Contacts provider sync adapters
573 List<PackageParser.Package> contactsSyncAdapters = getHeadlessSyncAdapterPackages(
574 contactsSyncAdapterPackages, userId);
575 final int contactsSyncAdapterCount = contactsSyncAdapters.size();
576 for (int i = 0; i < contactsSyncAdapterCount; i++) {
577 PackageParser.Package contactsSyncAdapter = contactsSyncAdapters.get(i);
578 if (doesPackageSupportRuntimePermissions(contactsSyncAdapter)) {
579 grantRuntimePermissions(contactsSyncAdapter, CONTACTS_PERMISSIONS, userId);
580 }
581 }
582
583 // Contacts provider
584 PackageParser.Package contactsProviderPackage = getDefaultProviderAuthorityPackage(
585 ContactsContract.AUTHORITY, userId);
586 if (contactsProviderPackage != null) {
587 grantRuntimePermissions(contactsProviderPackage, CONTACTS_PERMISSIONS,
588 true, userId);
589 grantRuntimePermissions(contactsProviderPackage, PHONE_PERMISSIONS,
590 true, userId);
591 grantRuntimePermissions(contactsProviderPackage, STORAGE_PERMISSIONS, userId);
592 }
593
594 // Device provisioning
595 Intent deviceProvisionIntent = new Intent(
596 DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE);
597 PackageParser.Package deviceProvisionPackage =
598 getDefaultSystemHandlerActivityPackage(deviceProvisionIntent, userId);
599 if (deviceProvisionPackage != null
600 && doesPackageSupportRuntimePermissions(deviceProvisionPackage)) {
601 grantRuntimePermissions(deviceProvisionPackage, CONTACTS_PERMISSIONS, userId);
602 }
603
604 // Maps
605 Intent mapsIntent = new Intent(Intent.ACTION_MAIN);
606 mapsIntent.addCategory(Intent.CATEGORY_APP_MAPS);
607 PackageParser.Package mapsPackage = getDefaultSystemHandlerActivityPackage(
608 mapsIntent, userId);
609 if (mapsPackage != null
610 && doesPackageSupportRuntimePermissions(mapsPackage)) {
611 grantRuntimePermissions(mapsPackage, LOCATION_PERMISSIONS, userId);
612 }
613
614 // Gallery
615 Intent galleryIntent = new Intent(Intent.ACTION_MAIN);
616 galleryIntent.addCategory(Intent.CATEGORY_APP_GALLERY);
617 PackageParser.Package galleryPackage = getDefaultSystemHandlerActivityPackage(
618 galleryIntent, userId);
619 if (galleryPackage != null
620 && doesPackageSupportRuntimePermissions(galleryPackage)) {
621 grantRuntimePermissions(galleryPackage, STORAGE_PERMISSIONS, userId);
622 }
623
624 // Email
625 Intent emailIntent = new Intent(Intent.ACTION_MAIN);
626 emailIntent.addCategory(Intent.CATEGORY_APP_EMAIL);
627 PackageParser.Package emailPackage = getDefaultSystemHandlerActivityPackage(
628 emailIntent, userId);
629 if (emailPackage != null
630 && doesPackageSupportRuntimePermissions(emailPackage)) {
631 grantRuntimePermissions(emailPackage, CONTACTS_PERMISSIONS, userId);
632 grantRuntimePermissions(emailPackage, CALENDAR_PERMISSIONS, userId);
633 }
634
635 // Browser
636 PackageParser.Package browserPackage = null;
637 String defaultBrowserPackage = mServiceInternal.getKnownPackageName(
638 PackageManagerInternal.PACKAGE_BROWSER, userId);
639 if (defaultBrowserPackage != null) {
640 browserPackage = getPackage(defaultBrowserPackage);
641 }
642 if (browserPackage == null) {
643 Intent browserIntent = new Intent(Intent.ACTION_MAIN);
644 browserIntent.addCategory(Intent.CATEGORY_APP_BROWSER);
645 browserPackage = getDefaultSystemHandlerActivityPackage(
646 browserIntent, userId);
647 }
648 if (browserPackage != null
649 && doesPackageSupportRuntimePermissions(browserPackage)) {
650 grantRuntimePermissions(browserPackage, LOCATION_PERMISSIONS, userId);
651 }
652
653 // Voice interaction
654 if (voiceInteractPackageNames != null) {
655 for (String voiceInteractPackageName : voiceInteractPackageNames) {
656 PackageParser.Package voiceInteractPackage = getSystemPackage(
657 voiceInteractPackageName);
658 if (voiceInteractPackage != null
659 && doesPackageSupportRuntimePermissions(voiceInteractPackage)) {
660 grantRuntimePermissions(voiceInteractPackage,
661 CONTACTS_PERMISSIONS, userId);
662 grantRuntimePermissions(voiceInteractPackage,
663 CALENDAR_PERMISSIONS, userId);
664 grantRuntimePermissions(voiceInteractPackage,
665 MICROPHONE_PERMISSIONS, userId);
666 grantRuntimePermissions(voiceInteractPackage,
667 PHONE_PERMISSIONS, userId);
668 grantRuntimePermissions(voiceInteractPackage,
669 SMS_PERMISSIONS, userId);
670 grantRuntimePermissions(voiceInteractPackage,
671 LOCATION_PERMISSIONS, userId);
672 }
673 }
674 }
675
676 if (ActivityManager.isLowRamDeviceStatic()) {
677 // Allow voice search on low-ram devices
678 Intent globalSearchIntent = new Intent("android.search.action.GLOBAL_SEARCH");
679 PackageParser.Package globalSearchPickerPackage =
680 getDefaultSystemHandlerActivityPackage(globalSearchIntent, userId);
681
682 if (globalSearchPickerPackage != null
683 && doesPackageSupportRuntimePermissions(globalSearchPickerPackage)) {
684 grantRuntimePermissions(globalSearchPickerPackage,
Ng Zhi An202372d2017-12-19 11:19:30 -0800[diff] [blame]685 MICROPHONE_PERMISSIONS, false, userId);
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]686 grantRuntimePermissions(globalSearchPickerPackage,
Ng Zhi An202372d2017-12-19 11:19:30 -0800[diff] [blame]687 LOCATION_PERMISSIONS, false, userId);
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]688 }
689 }
690
691 // Voice recognition
692 Intent voiceRecoIntent = new Intent("android.speech.RecognitionService");
693 voiceRecoIntent.addCategory(Intent.CATEGORY_DEFAULT);
694 PackageParser.Package voiceRecoPackage = getDefaultSystemHandlerServicePackage(
695 voiceRecoIntent, userId);
696 if (voiceRecoPackage != null
697 && doesPackageSupportRuntimePermissions(voiceRecoPackage)) {
698 grantRuntimePermissions(voiceRecoPackage, MICROPHONE_PERMISSIONS, userId);
699 }
700
701 // Location
702 if (locationPackageNames != null) {
703 for (String packageName : locationPackageNames) {
704 PackageParser.Package locationPackage = getSystemPackage(packageName);
705 if (locationPackage != null
706 && doesPackageSupportRuntimePermissions(locationPackage)) {
707 grantRuntimePermissions(locationPackage, CONTACTS_PERMISSIONS, userId);
708 grantRuntimePermissions(locationPackage, CALENDAR_PERMISSIONS, userId);
709 grantRuntimePermissions(locationPackage, MICROPHONE_PERMISSIONS, userId);
710 grantRuntimePermissions(locationPackage, PHONE_PERMISSIONS, userId);
711 grantRuntimePermissions(locationPackage, SMS_PERMISSIONS, userId);
712 grantRuntimePermissions(locationPackage, LOCATION_PERMISSIONS,
713 true, userId);
714 grantRuntimePermissions(locationPackage, CAMERA_PERMISSIONS, userId);
715 grantRuntimePermissions(locationPackage, SENSORS_PERMISSIONS, userId);
716 grantRuntimePermissions(locationPackage, STORAGE_PERMISSIONS, userId);
717 }
718 }
719 }
720
721 // Music
722 Intent musicIntent = new Intent(Intent.ACTION_VIEW);
723 musicIntent.addCategory(Intent.CATEGORY_DEFAULT);
724 musicIntent.setDataAndType(Uri.fromFile(new File("foo.mp3")),
725 AUDIO_MIME_TYPE);
726 PackageParser.Package musicPackage = getDefaultSystemHandlerActivityPackage(
727 musicIntent, userId);
728 if (musicPackage != null
729 && doesPackageSupportRuntimePermissions(musicPackage)) {
730 grantRuntimePermissions(musicPackage, STORAGE_PERMISSIONS, userId);
731 }
732
733 // Home
734 Intent homeIntent = new Intent(Intent.ACTION_MAIN);
735 homeIntent.addCategory(Intent.CATEGORY_HOME);
736 homeIntent.addCategory(Intent.CATEGORY_LAUNCHER_APP);
737 PackageParser.Package homePackage = getDefaultSystemHandlerActivityPackage(
738 homeIntent, userId);
739 if (homePackage != null
740 && doesPackageSupportRuntimePermissions(homePackage)) {
741 grantRuntimePermissions(homePackage, LOCATION_PERMISSIONS, false, userId);
742 }
743
744 // Watches
745 if (mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_WATCH, 0)) {
746 // Home application on watches
747 Intent wearHomeIntent = new Intent(Intent.ACTION_MAIN);
748 wearHomeIntent.addCategory(Intent.CATEGORY_HOME_MAIN);
749
750 PackageParser.Package wearHomePackage = getDefaultSystemHandlerActivityPackage(
751 wearHomeIntent, userId);
752
753 if (wearHomePackage != null
754 && doesPackageSupportRuntimePermissions(wearHomePackage)) {
755 grantRuntimePermissions(wearHomePackage, CONTACTS_PERMISSIONS, false,
756 userId);
757 grantRuntimePermissions(wearHomePackage, PHONE_PERMISSIONS, true, userId);
758 grantRuntimePermissions(wearHomePackage, MICROPHONE_PERMISSIONS, false,
759 userId);
760 grantRuntimePermissions(wearHomePackage, LOCATION_PERMISSIONS, false,
761 userId);
762 }
763
764 // Fitness tracking on watches
765 Intent trackIntent = new Intent(ACTION_TRACK);
766 PackageParser.Package trackPackage = getDefaultSystemHandlerActivityPackage(
767 trackIntent, userId);
768 if (trackPackage != null
769 && doesPackageSupportRuntimePermissions(trackPackage)) {
770 grantRuntimePermissions(trackPackage, SENSORS_PERMISSIONS, false, userId);
771 grantRuntimePermissions(trackPackage, LOCATION_PERMISSIONS, false, userId);
772 }
773 }
774
775 // Print Spooler
776 PackageParser.Package printSpoolerPackage = getSystemPackage(
777 PrintManager.PRINT_SPOOLER_PACKAGE_NAME);
778 if (printSpoolerPackage != null
779 && doesPackageSupportRuntimePermissions(printSpoolerPackage)) {
780 grantRuntimePermissions(printSpoolerPackage, LOCATION_PERMISSIONS, true, userId);
781 }
782
783 // EmergencyInfo
784 Intent emergencyInfoIntent = new Intent(TelephonyManager.ACTION_EMERGENCY_ASSISTANCE);
785 PackageParser.Package emergencyInfoPckg = getDefaultSystemHandlerActivityPackage(
786 emergencyInfoIntent, userId);
787 if (emergencyInfoPckg != null
788 && doesPackageSupportRuntimePermissions(emergencyInfoPckg)) {
789 grantRuntimePermissions(emergencyInfoPckg, CONTACTS_PERMISSIONS, true, userId);
790 grantRuntimePermissions(emergencyInfoPckg, PHONE_PERMISSIONS, true, userId);
791 }
792
793 // NFC Tag viewer
794 Intent nfcTagIntent = new Intent(Intent.ACTION_VIEW);
795 nfcTagIntent.setType("vnd.android.cursor.item/ndef_msg");
796 PackageParser.Package nfcTagPkg = getDefaultSystemHandlerActivityPackage(
797 nfcTagIntent, userId);
798 if (nfcTagPkg != null
799 && doesPackageSupportRuntimePermissions(nfcTagPkg)) {
800 grantRuntimePermissions(nfcTagPkg, CONTACTS_PERMISSIONS, false, userId);
801 grantRuntimePermissions(nfcTagPkg, PHONE_PERMISSIONS, false, userId);
802 }
803
804 // Storage Manager
805 Intent storageManagerIntent = new Intent(StorageManager.ACTION_MANAGE_STORAGE);
806 PackageParser.Package storageManagerPckg = getDefaultSystemHandlerActivityPackage(
807 storageManagerIntent, userId);
808 if (storageManagerPckg != null
809 && doesPackageSupportRuntimePermissions(storageManagerPckg)) {
810 grantRuntimePermissions(storageManagerPckg, STORAGE_PERMISSIONS, true, userId);
811 }
812
813 // Companion devices
814 PackageParser.Package companionDeviceDiscoveryPackage = getSystemPackage(
815 CompanionDeviceManager.COMPANION_DEVICE_DISCOVERY_PACKAGE_NAME);
816 if (companionDeviceDiscoveryPackage != null
817 && doesPackageSupportRuntimePermissions(companionDeviceDiscoveryPackage)) {
818 grantRuntimePermissions(companionDeviceDiscoveryPackage,
819 LOCATION_PERMISSIONS, true, userId);
820 }
821
822 // Ringtone Picker
823 Intent ringtonePickerIntent = new Intent(RingtoneManager.ACTION_RINGTONE_PICKER);
824 PackageParser.Package ringtonePickerPackage =
825 getDefaultSystemHandlerActivityPackage(ringtonePickerIntent, userId);
826 if (ringtonePickerPackage != null
827 && doesPackageSupportRuntimePermissions(ringtonePickerPackage)) {
828 grantRuntimePermissions(ringtonePickerPackage,
829 STORAGE_PERMISSIONS, true, userId);
830 }
831
Abodunrinwa Toki2c01b6c2018-02-13 17:47:48 +0000[diff] [blame]832 // TextClassifier Service
Ye Wen8e8b2d52018-03-14 11:48:24 -0700[diff] [blame]833 String textClassifierPackageName =
834 mContext.getPackageManager().getSystemTextClassifierPackageName();
835 if (!TextUtils.isEmpty(textClassifierPackageName)) {
Abodunrinwa Toki2c01b6c2018-02-13 17:47:48 +0000[diff] [blame]836 PackageParser.Package textClassifierPackage =
Ye Wen8e8b2d52018-03-14 11:48:24 -0700[diff] [blame]837 getSystemPackage(textClassifierPackageName);
Abodunrinwa Toki2c01b6c2018-02-13 17:47:48 +0000[diff] [blame]838 if (textClassifierPackage != null
839 && doesPackageSupportRuntimePermissions(textClassifierPackage)) {
840 grantRuntimePermissions(textClassifierPackage, PHONE_PERMISSIONS, true, userId);
841 grantRuntimePermissions(textClassifierPackage, SMS_PERMISSIONS, true, userId);
842 grantRuntimePermissions(textClassifierPackage, CALENDAR_PERMISSIONS, true, userId);
843 grantRuntimePermissions(textClassifierPackage, LOCATION_PERMISSIONS, true, userId);
844 grantRuntimePermissions(textClassifierPackage, CONTACTS_PERMISSIONS, true, userId);
845 }
846 }
847
Todd Kennedy0eb97382017-10-03 16:57:22 -0700[diff] [blame]848 if (mPermissionGrantedCallback != null) {
849 mPermissionGrantedCallback.onDefaultRuntimePermissionsGranted(userId);
850 }
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]851 }
852
853 private void grantDefaultPermissionsToDefaultSystemDialerApp(
854 PackageParser.Package dialerPackage, int userId) {
855 if (doesPackageSupportRuntimePermissions(dialerPackage)) {
856 boolean isPhonePermFixed =
857 mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_WATCH, 0);
858 grantRuntimePermissions(
859 dialerPackage, PHONE_PERMISSIONS, isPhonePermFixed, userId);
860 grantRuntimePermissions(dialerPackage, CONTACTS_PERMISSIONS, userId);
861 grantRuntimePermissions(dialerPackage, SMS_PERMISSIONS, userId);
862 grantRuntimePermissions(dialerPackage, MICROPHONE_PERMISSIONS, userId);
863 grantRuntimePermissions(dialerPackage, CAMERA_PERMISSIONS, userId);
864 }
865 }
866
867 private void grantDefaultPermissionsToDefaultSystemSmsApp(
868 PackageParser.Package smsPackage, int userId) {
869 if (doesPackageSupportRuntimePermissions(smsPackage)) {
870 grantRuntimePermissions(smsPackage, PHONE_PERMISSIONS, userId);
871 grantRuntimePermissions(smsPackage, CONTACTS_PERMISSIONS, userId);
872 grantRuntimePermissions(smsPackage, SMS_PERMISSIONS, userId);
873 grantRuntimePermissions(smsPackage, STORAGE_PERMISSIONS, userId);
874 grantRuntimePermissions(smsPackage, MICROPHONE_PERMISSIONS, userId);
875 grantRuntimePermissions(smsPackage, CAMERA_PERMISSIONS, userId);
876 }
877 }
878
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]879 private void grantDefaultPermissionsToDefaultSystemUseOpenWifiApp(
880 PackageParser.Package useOpenWifiPackage, int userId) {
881 if (doesPackageSupportRuntimePermissions(useOpenWifiPackage)) {
882 grantRuntimePermissions(useOpenWifiPackage, COARSE_LOCATION_PERMISSIONS, userId);
883 }
884 }
885
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]886 public void grantDefaultPermissionsToDefaultSmsApp(String packageName, int userId) {
887 Log.i(TAG, "Granting permissions to default sms app for user:" + userId);
888 if (packageName == null) {
889 return;
890 }
891 PackageParser.Package smsPackage = getPackage(packageName);
892 if (smsPackage != null && doesPackageSupportRuntimePermissions(smsPackage)) {
893 grantRuntimePermissions(smsPackage, PHONE_PERMISSIONS, false, true, userId);
894 grantRuntimePermissions(smsPackage, CONTACTS_PERMISSIONS, false, true, userId);
895 grantRuntimePermissions(smsPackage, SMS_PERMISSIONS, false, true, userId);
896 grantRuntimePermissions(smsPackage, STORAGE_PERMISSIONS, false, true, userId);
897 grantRuntimePermissions(smsPackage, MICROPHONE_PERMISSIONS, false, true, userId);
898 grantRuntimePermissions(smsPackage, CAMERA_PERMISSIONS, false, true, userId);
899 }
900 }
901
902 public void grantDefaultPermissionsToDefaultDialerApp(String packageName, int userId) {
903 Log.i(TAG, "Granting permissions to default dialer app for user:" + userId);
904 if (packageName == null) {
905 return;
906 }
907 PackageParser.Package dialerPackage = getPackage(packageName);
908 if (dialerPackage != null
909 && doesPackageSupportRuntimePermissions(dialerPackage)) {
910 grantRuntimePermissions(dialerPackage, PHONE_PERMISSIONS, false, true, userId);
911 grantRuntimePermissions(dialerPackage, CONTACTS_PERMISSIONS, false, true, userId);
912 grantRuntimePermissions(dialerPackage, SMS_PERMISSIONS, false, true, userId);
913 grantRuntimePermissions(dialerPackage, MICROPHONE_PERMISSIONS, false, true, userId);
914 grantRuntimePermissions(dialerPackage, CAMERA_PERMISSIONS, false, true, userId);
915 }
916 }
917
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]918 public void grantDefaultPermissionsToDefaultUseOpenWifiApp(String packageName, int userId) {
919 Log.i(TAG, "Granting permissions to default Use Open WiFi app for user:" + userId);
920 if (packageName == null) {
921 return;
922 }
923 PackageParser.Package useOpenWifiPackage = getPackage(packageName);
924 if (useOpenWifiPackage != null
925 && doesPackageSupportRuntimePermissions(useOpenWifiPackage)) {
926 grantRuntimePermissions(
927 useOpenWifiPackage, COARSE_LOCATION_PERMISSIONS, false, true, userId);
928 }
929 }
930
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]931 private void grantDefaultPermissionsToDefaultSimCallManager(
932 PackageParser.Package simCallManagerPackage, int userId) {
933 Log.i(TAG, "Granting permissions to sim call manager for user:" + userId);
934 if (doesPackageSupportRuntimePermissions(simCallManagerPackage)) {
935 grantRuntimePermissions(simCallManagerPackage, PHONE_PERMISSIONS, userId);
936 grantRuntimePermissions(simCallManagerPackage, MICROPHONE_PERMISSIONS, userId);
937 }
938 }
939
940 public void grantDefaultPermissionsToDefaultSimCallManager(String packageName, int userId) {
941 if (packageName == null) {
942 return;
943 }
944 PackageParser.Package simCallManagerPackage = getPackage(packageName);
945 if (simCallManagerPackage != null) {
946 grantDefaultPermissionsToDefaultSimCallManager(simCallManagerPackage, userId);
947 }
948 }
949
950 public void grantDefaultPermissionsToEnabledCarrierApps(String[] packageNames, int userId) {
951 Log.i(TAG, "Granting permissions to enabled carrier apps for user:" + userId);
952 if (packageNames == null) {
953 return;
954 }
955 for (String packageName : packageNames) {
956 PackageParser.Package carrierPackage = getSystemPackage(packageName);
957 if (carrierPackage != null
958 && doesPackageSupportRuntimePermissions(carrierPackage)) {
959 grantRuntimePermissions(carrierPackage, PHONE_PERMISSIONS, userId);
960 grantRuntimePermissions(carrierPackage, LOCATION_PERMISSIONS, userId);
961 grantRuntimePermissions(carrierPackage, SMS_PERMISSIONS, userId);
962 }
963 }
964 }
965
966 public void grantDefaultPermissionsToEnabledImsServices(String[] packageNames, int userId) {
967 Log.i(TAG, "Granting permissions to enabled ImsServices for user:" + userId);
968 if (packageNames == null) {
969 return;
970 }
971 for (String packageName : packageNames) {
972 PackageParser.Package imsServicePackage = getSystemPackage(packageName);
973 if (imsServicePackage != null
974 && doesPackageSupportRuntimePermissions(imsServicePackage)) {
975 grantRuntimePermissions(imsServicePackage, PHONE_PERMISSIONS, userId);
976 grantRuntimePermissions(imsServicePackage, MICROPHONE_PERMISSIONS, userId);
977 grantRuntimePermissions(imsServicePackage, LOCATION_PERMISSIONS, userId);
978 grantRuntimePermissions(imsServicePackage, CAMERA_PERMISSIONS, userId);
979 }
980 }
981 }
982
Nathan Harold76ad1a32018-02-20 14:31:09 -0800[diff] [blame^]983 public void grantDefaultPermissionsToEnabledTelephonyDataServices(
984 String[] packageNames, int userId) {
985 Log.i(TAG, "Granting permissions to enabled data services for user:" + userId);
986 if (packageNames == null) {
987 return;
988 }
989 for (String packageName : packageNames) {
990 PackageParser.Package dataServicePackage = getSystemPackage(packageName);
991 if (dataServicePackage != null
992 && doesPackageSupportRuntimePermissions(dataServicePackage)) {
993 // Grant these permissions as system-fixed, so that nobody can accidentally
994 // break cellular data.
995 grantRuntimePermissions(dataServicePackage, PHONE_PERMISSIONS, true, userId);
996 grantRuntimePermissions(dataServicePackage, LOCATION_PERMISSIONS, true, userId);
997 }
998 }
999 }
1000
1001 public void revokeDefaultPermissionsFromDisabledTelephonyDataServices(
1002 String[] packageNames, int userId) {
1003 Log.i(TAG, "Revoking permissions from disabled data services for user:" + userId);
1004 if (packageNames == null) {
1005 return;
1006 }
1007 for (String packageName : packageNames) {
1008 PackageParser.Package dataServicePackage = getSystemPackage(packageName);
1009 if (dataServicePackage != null
1010 && doesPackageSupportRuntimePermissions(dataServicePackage)) {
1011 revokeRuntimePermissions(dataServicePackage, PHONE_PERMISSIONS, true, userId);
1012 revokeRuntimePermissions(dataServicePackage, LOCATION_PERMISSIONS, true, userId);
1013 }
1014 }
1015 }
1016
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]1017 public void grantDefaultPermissionsToDefaultBrowser(String packageName, int userId) {
1018 Log.i(TAG, "Granting permissions to default browser for user:" + userId);
1019 if (packageName == null) {
1020 return;
1021 }
1022 PackageParser.Package browserPackage = getSystemPackage(packageName);
1023 if (browserPackage != null
1024 && doesPackageSupportRuntimePermissions(browserPackage)) {
1025 grantRuntimePermissions(browserPackage, LOCATION_PERMISSIONS, false, false, userId);
1026 }
1027 }
1028
1029 private PackageParser.Package getDefaultSystemHandlerActivityPackage(
1030 Intent intent, int userId) {
1031 ResolveInfo handler = mServiceInternal.resolveIntent(intent,
1032 intent.resolveType(mContext.getContentResolver()), DEFAULT_FLAGS, userId, false);
1033 if (handler == null || handler.activityInfo == null) {
1034 return null;
1035 }
1036 if (mServiceInternal.isResolveActivityComponent(handler.activityInfo)) {
1037 return null;
1038 }
1039 return getSystemPackage(handler.activityInfo.packageName);
1040 }
1041
1042 private PackageParser.Package getDefaultSystemHandlerServicePackage(
1043 Intent intent, int userId) {
1044 List<ResolveInfo> handlers = mServiceInternal.queryIntentServices(
1045 intent, DEFAULT_FLAGS, Binder.getCallingUid(), userId);
1046 if (handlers == null) {
1047 return null;
1048 }
1049 final int handlerCount = handlers.size();
1050 for (int i = 0; i < handlerCount; i++) {
1051 ResolveInfo handler = handlers.get(i);
1052 PackageParser.Package handlerPackage = getSystemPackage(
1053 handler.serviceInfo.packageName);
1054 if (handlerPackage != null) {
1055 return handlerPackage;
1056 }
1057 }
1058 return null;
1059 }
1060
1061 private List<PackageParser.Package> getHeadlessSyncAdapterPackages(
1062 String[] syncAdapterPackageNames, int userId) {
1063 List<PackageParser.Package> syncAdapterPackages = new ArrayList<>();
1064
1065 Intent homeIntent = new Intent(Intent.ACTION_MAIN);
1066 homeIntent.addCategory(Intent.CATEGORY_LAUNCHER);
1067
1068 for (String syncAdapterPackageName : syncAdapterPackageNames) {
1069 homeIntent.setPackage(syncAdapterPackageName);
1070
1071 ResolveInfo homeActivity = mServiceInternal.resolveIntent(homeIntent,
1072 homeIntent.resolveType(mContext.getContentResolver()), DEFAULT_FLAGS,
1073 userId, false);
1074 if (homeActivity != null) {
1075 continue;
1076 }
1077
1078 PackageParser.Package syncAdapterPackage = getSystemPackage(syncAdapterPackageName);
1079 if (syncAdapterPackage != null) {
1080 syncAdapterPackages.add(syncAdapterPackage);
1081 }
1082 }
1083
1084 return syncAdapterPackages;
1085 }
1086
1087 private PackageParser.Package getDefaultProviderAuthorityPackage(
1088 String authority, int userId) {
1089 ProviderInfo provider =
1090 mServiceInternal.resolveContentProvider(authority, DEFAULT_FLAGS, userId);
1091 if (provider != null) {
1092 return getSystemPackage(provider.packageName);
1093 }
1094 return null;
1095 }
1096
1097 private PackageParser.Package getPackage(String packageName) {
1098 return mServiceInternal.getPackage(packageName);
1099 }
1100
1101 private PackageParser.Package getSystemPackage(String packageName) {
1102 PackageParser.Package pkg = getPackage(packageName);
Todd Kennedyc29b11a2017-10-23 15:55:59 -0700[diff] [blame]1103 if (pkg != null && pkg.isSystem()) {
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]1104 return !isSysComponentOrPersistentPlatformSignedPrivApp(pkg) ? pkg : null;
1105 }
1106 return null;
1107 }
1108
1109 private void grantRuntimePermissions(PackageParser.Package pkg, Set<String> permissions,
1110 int userId) {
1111 grantRuntimePermissions(pkg, permissions, false, false, userId);
1112 }
1113
1114 private void grantRuntimePermissions(PackageParser.Package pkg, Set<String> permissions,
1115 boolean systemFixed, int userId) {
1116 grantRuntimePermissions(pkg, permissions, systemFixed, false, userId);
1117 }
1118
Nathan Haroldd66b9f32018-03-14 19:55:38 -0700[diff] [blame]1119 private void revokeRuntimePermissions(PackageParser.Package pkg, Set<String> permissions,
1120 boolean systemFixed, int userId) {
1121 if (pkg.requestedPermissions.isEmpty()) {
1122 return;
1123 }
1124 Set<String> revokablePermissions = new ArraySet<>(pkg.requestedPermissions);
1125
1126 for (String permission : permissions) {
1127 // We can't revoke what wasn't requested.
1128 if (!revokablePermissions.contains(permission)) {
1129 continue;
1130 }
1131
1132 final int flags = mServiceInternal.getPermissionFlagsTEMP(
1133 permission, pkg.packageName, userId);
1134
1135 // We didn't get this through the default grant policy. Move along.
1136 if ((flags & PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT) == 0) {
1137 continue;
1138 }
1139 // We aren't going to clobber device policy with a DefaultGrant.
1140 if ((flags & PackageManager.FLAG_PERMISSION_POLICY_FIXED) != 0) {
1141 continue;
1142 }
1143 // Do not revoke system fixed permissions unless caller set them that way;
1144 // there is no refcount for the number of sources of this, so there
1145 // should be at most one grantor doing SYSTEM_FIXED for any given package.
1146 if ((flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) != 0 && !systemFixed) {
1147 continue;
1148 }
1149 mServiceInternal.revokeRuntimePermission(pkg.packageName, permission, userId, false);
1150
1151 if (DEBUG) {
1152 Log.i(TAG, "revoked " + (systemFixed ? "fixed " : "not fixed ")
1153 + permission + " to " + pkg.packageName);
1154 }
1155
1156 // Remove the GRANTED_BY_DEFAULT flag without touching the others.
1157 // Note that we do not revoke FLAG_PERMISSION_SYSTEM_FIXED. That bit remains
1158 // sticky once set.
1159 mServiceInternal.updatePermissionFlagsTEMP(permission, pkg.packageName,
1160 PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, 0, userId);
1161 }
1162 }
1163
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]1164 private void grantRuntimePermissions(PackageParser.Package pkg, Set<String> permissions,
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]1165 boolean systemFixed, boolean ignoreSystemPackage, int userId) {
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]1166 if (pkg.requestedPermissions.isEmpty()) {
1167 return;
1168 }
1169
1170 List<String> requestedPermissions = pkg.requestedPermissions;
1171 Set<String> grantablePermissions = null;
1172
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]1173 // In some cases, like for the Phone or SMS app, we grant permissions regardless
1174 // of if the version on the system image declares the permission as used since
1175 // selecting the app as the default for that function the user makes a deliberate
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]1176 // choice to grant this app the permissions needed to function. For all other
1177 // apps, (default grants on first boot and user creation) we don't grant default
1178 // permissions if the version on the system image does not declare them.
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]1179 if (!ignoreSystemPackage && pkg.isUpdatedSystemApp()) {
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]1180 final PackageParser.Package disabledPkg =
1181 mServiceInternal.getDisabledPackage(pkg.packageName);
1182 if (disabledPkg != null) {
1183 if (disabledPkg.requestedPermissions.isEmpty()) {
1184 return;
1185 }
1186 if (!requestedPermissions.equals(disabledPkg.requestedPermissions)) {
1187 grantablePermissions = new ArraySet<>(requestedPermissions);
1188 requestedPermissions = disabledPkg.requestedPermissions;
1189 }
1190 }
1191 }
1192
1193 final int grantablePermissionCount = requestedPermissions.size();
1194 for (int i = 0; i < grantablePermissionCount; i++) {
1195 String permission = requestedPermissions.get(i);
1196
1197 // If there is a disabled system app it may request a permission the updated
1198 // version ot the data partition doesn't, In this case skip the permission.
1199 if (grantablePermissions != null && !grantablePermissions.contains(permission)) {
1200 continue;
1201 }
1202
1203 if (permissions.contains(permission)) {
1204 final int flags = mServiceInternal.getPermissionFlagsTEMP(
1205 permission, pkg.packageName, userId);
1206
1207 // If any flags are set to the permission, then it is either set in
1208 // its current state by the system or device/profile owner or the user.
1209 // In all these cases we do not want to clobber the current state.
1210 // Unless the caller wants to override user choices. The override is
1211 // to make sure we can grant the needed permission to the default
1212 // sms and phone apps after the user chooses this in the UI.
Eric Enslen1e423b92017-12-18 11:30:21 -0800[diff] [blame]1213 if (flags == 0 || ignoreSystemPackage) {
Nathan Haroldd66b9f32018-03-14 19:55:38 -0700[diff] [blame]1214 // Never clobber policy fixed permissions.
1215 // We must allow the grant of a system-fixed permission because
1216 // system-fixed is sticky, but the permission itself may be revoked.
1217 if ((flags & PackageManager.FLAG_PERMISSION_POLICY_FIXED) != 0) {
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]1218 continue;
1219 }
1220
1221 mServiceInternal.grantRuntimePermission(
1222 pkg.packageName, permission, userId, false);
1223 if (DEBUG) {
1224 Log.i(TAG, "Granted " + (systemFixed ? "fixed " : "not fixed ")
1225 + permission + " to default handler " + pkg.packageName);
1226 }
1227
1228 int newFlags = PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT;
1229 if (systemFixed) {
1230 newFlags |= PackageManager.FLAG_PERMISSION_SYSTEM_FIXED;
1231 }
1232
1233 mServiceInternal.updatePermissionFlagsTEMP(permission, pkg.packageName,
1234 newFlags, newFlags, userId);
1235 }
1236
1237 // If a component gets a permission for being the default handler A
1238 // and also default handler B, we grant the weaker grant form.
1239 if ((flags & PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0
1240 && (flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) != 0
1241 && !systemFixed) {
1242 if (DEBUG) {
1243 Log.i(TAG, "Granted not fixed " + permission + " to default handler "
1244 + pkg.packageName);
1245 }
1246 mServiceInternal.updatePermissionFlagsTEMP(permission, pkg.packageName,
1247 PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, 0, userId);
1248 }
1249 }
1250 }
1251 }
1252
1253 private boolean isSysComponentOrPersistentPlatformSignedPrivApp(PackageParser.Package pkg) {
1254 if (UserHandle.getAppId(pkg.applicationInfo.uid) < FIRST_APPLICATION_UID) {
1255 return true;
1256 }
Todd Kennedyc29b11a2017-10-23 15:55:59 -0700[diff] [blame]1257 if (!pkg.isPrivileged()) {
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]1258 return false;
1259 }
1260 final PackageParser.Package disabledPkg =
1261 mServiceInternal.getDisabledPackage(pkg.packageName);
1262 if (disabledPkg != null) {
1263 if ((disabledPkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) {
1264 return false;
1265 }
1266 } else if ((pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) {
1267 return false;
1268 }
1269 final String systemPackageName = mServiceInternal.getKnownPackageName(
1270 PackageManagerInternal.PACKAGE_SYSTEM, UserHandle.USER_SYSTEM);
1271 final PackageParser.Package systemPackage = getPackage(systemPackageName);
Dan Cashman1dbe6d02018-01-23 11:18:28 -0800[diff] [blame]1272 return pkg.mSigningDetails.hasAncestorOrSelf(systemPackage.mSigningDetails)
1273 || systemPackage.mSigningDetails.checkCapability(pkg.mSigningDetails,
1274 PackageParser.SigningDetails.CertCapabilities.PERMISSION);
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]1275 }
1276
1277 private void grantDefaultPermissionExceptions(int userId) {
1278 mHandler.removeMessages(MSG_READ_DEFAULT_PERMISSION_EXCEPTIONS);
1279
1280 synchronized (mLock) {
1281 // mGrantExceptions is null only before the first read and then
1282 // it serves as a cache of the default grants that should be
1283 // performed for every user. If there is an entry then the app
1284 // is on the system image and supports runtime permissions.
1285 if (mGrantExceptions == null) {
1286 mGrantExceptions = readDefaultPermissionExceptionsLocked();
1287 }
1288 }
1289
1290 Set<String> permissions = null;
1291 final int exceptionCount = mGrantExceptions.size();
1292 for (int i = 0; i < exceptionCount; i++) {
1293 String packageName = mGrantExceptions.keyAt(i);
1294 PackageParser.Package pkg = getSystemPackage(packageName);
1295 List<DefaultPermissionGrant> permissionGrants = mGrantExceptions.valueAt(i);
1296 final int permissionGrantCount = permissionGrants.size();
1297 for (int j = 0; j < permissionGrantCount; j++) {
1298 DefaultPermissionGrant permissionGrant = permissionGrants.get(j);
1299 if (permissions == null) {
1300 permissions = new ArraySet<>();
1301 } else {
1302 permissions.clear();
1303 }
1304 permissions.add(permissionGrant.name);
1305 grantRuntimePermissions(pkg, permissions,
1306 permissionGrant.fixed, userId);
1307 }
1308 }
1309 }
1310
1311 private File[] getDefaultPermissionFiles() {
1312 ArrayList<File> ret = new ArrayList<File>();
1313 File dir = new File(Environment.getRootDirectory(), "etc/default-permissions");
1314 if (dir.isDirectory() && dir.canRead()) {
1315 Collections.addAll(ret, dir.listFiles());
1316 }
1317 dir = new File(Environment.getVendorDirectory(), "etc/default-permissions");
1318 if (dir.isDirectory() && dir.canRead()) {
1319 Collections.addAll(ret, dir.listFiles());
1320 }
Jiyong Park0989e382018-03-13 10:26:47 +0900[diff] [blame]1321 dir = new File(Environment.getOdmDirectory(), "etc/default-permissions");
1322 if (dir.isDirectory() && dir.canRead()) {
1323 Collections.addAll(ret, dir.listFiles());
1324 }
Jaekyun Seok1713d9e2018-01-12 21:47:26 +0900[diff] [blame]1325 dir = new File(Environment.getProductDirectory(), "etc/default-permissions");
1326 if (dir.isDirectory() && dir.canRead()) {
1327 Collections.addAll(ret, dir.listFiles());
1328 }
Todd Kennedy82b08422017-09-28 13:32:05 -0700[diff] [blame]1329 return ret.isEmpty() ? null : ret.toArray(new File[0]);
1330 }
1331
1332 private @NonNull ArrayMap<String, List<DefaultPermissionGrant>>
1333 readDefaultPermissionExceptionsLocked() {
1334 File[] files = getDefaultPermissionFiles();
1335 if (files == null) {
1336 return new ArrayMap<>(0);
1337 }
1338
1339 ArrayMap<String, List<DefaultPermissionGrant>> grantExceptions = new ArrayMap<>();
1340
1341 // Iterate over the files in the directory and scan .xml files
1342 for (File file : files) {
1343 if (!file.getPath().endsWith(".xml")) {
1344 Slog.i(TAG, "Non-xml file " + file
1345 + " in " + file.getParent() + " directory, ignoring");
1346 continue;
1347 }
1348 if (!file.canRead()) {
1349 Slog.w(TAG, "Default permissions file " + file + " cannot be read");
1350 continue;
1351 }
1352 try (
1353 InputStream str = new BufferedInputStream(new FileInputStream(file))
1354 ) {
1355 XmlPullParser parser = Xml.newPullParser();
1356 parser.setInput(str, null);
1357 parse(parser, grantExceptions);
1358 } catch (XmlPullParserException | IOException e) {
1359 Slog.w(TAG, "Error reading default permissions file " + file, e);
1360 }
1361 }
1362
1363 return grantExceptions;
1364 }
1365
1366 private void parse(XmlPullParser parser, Map<String, List<DefaultPermissionGrant>>
1367 outGrantExceptions) throws IOException, XmlPullParserException {
1368 final int outerDepth = parser.getDepth();
1369 int type;
1370 while ((type = parser.next()) != XmlPullParser.END_DOCUMENT
1371 && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) {
1372 if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) {
1373 continue;
1374 }
1375 if (TAG_EXCEPTIONS.equals(parser.getName())) {
1376 parseExceptions(parser, outGrantExceptions);
1377 } else {
1378 Log.e(TAG, "Unknown tag " + parser.getName());
1379 }
1380 }
1381 }
1382
1383 private void parseExceptions(XmlPullParser parser, Map<String, List<DefaultPermissionGrant>>
1384 outGrantExceptions) throws IOException, XmlPullParserException {
1385 final int outerDepth = parser.getDepth();
1386 int type;
1387 while ((type = parser.next()) != XmlPullParser.END_DOCUMENT
1388 && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) {
1389 if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) {
1390 continue;
1391 }
1392 if (TAG_EXCEPTION.equals(parser.getName())) {
1393 String packageName = parser.getAttributeValue(null, ATTR_PACKAGE);
1394
1395 List<DefaultPermissionGrant> packageExceptions =
1396 outGrantExceptions.get(packageName);
1397 if (packageExceptions == null) {
1398 // The package must be on the system image
1399 PackageParser.Package pkg = getSystemPackage(packageName);
1400 if (pkg == null) {
1401 Log.w(TAG, "Unknown package:" + packageName);
1402 XmlUtils.skipCurrentTag(parser);
1403 continue;
1404 }
1405
1406 // The package must support runtime permissions
1407 if (!doesPackageSupportRuntimePermissions(pkg)) {
1408 Log.w(TAG, "Skipping non supporting runtime permissions package:"
1409 + packageName);
1410 XmlUtils.skipCurrentTag(parser);
1411 continue;
1412 }
1413 packageExceptions = new ArrayList<>();
1414 outGrantExceptions.put(packageName, packageExceptions);
1415 }
1416
1417 parsePermission(parser, packageExceptions);
1418 } else {
1419 Log.e(TAG, "Unknown tag " + parser.getName() + "under <exceptions>");
1420 }
1421 }
1422 }
1423
1424 private void parsePermission(XmlPullParser parser, List<DefaultPermissionGrant>
1425 outPackageExceptions) throws IOException, XmlPullParserException {
1426 final int outerDepth = parser.getDepth();
1427 int type;
1428 while ((type = parser.next()) != XmlPullParser.END_DOCUMENT
1429 && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) {
1430 if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) {
1431 continue;
1432 }
1433
1434 if (TAG_PERMISSION.contains(parser.getName())) {
1435 String name = parser.getAttributeValue(null, ATTR_NAME);
1436 if (name == null) {
1437 Log.w(TAG, "Mandatory name attribute missing for permission tag");
1438 XmlUtils.skipCurrentTag(parser);
1439 continue;
1440 }
1441
1442 final boolean fixed = XmlUtils.readBooleanAttribute(parser, ATTR_FIXED);
1443
1444 DefaultPermissionGrant exception = new DefaultPermissionGrant(name, fixed);
1445 outPackageExceptions.add(exception);
1446 } else {
1447 Log.e(TAG, "Unknown tag " + parser.getName() + "under <exception>");
1448 }
1449 }
1450 }
1451
1452 private static boolean doesPackageSupportRuntimePermissions(PackageParser.Package pkg) {
1453 return pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1;
1454 }
1455
1456 private static final class DefaultPermissionGrant {
1457 final String name;
1458 final boolean fixed;
1459
1460 public DefaultPermissionGrant(String name, boolean fixed) {
1461 this.name = name;
1462 this.fixed = fixed;
1463 }
1464 }
1465}