Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2014 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.server; |
| 18 | |
Jeff Sharkey | b92b05b | 2016-01-28 09:50:00 -0700 | [diff] [blame] | 19 | import static com.android.internal.util.ArrayUtils.appendInt; |
| 20 | |
Dianne Hackborn | c0e4aaa | 2014-11-14 10:55:50 -0800 | [diff] [blame] | 21 | import android.app.ActivityManager; |
Ruben Brunk | 98576cf | 2016-03-07 18:54:28 -0800 | [diff] [blame] | 22 | import android.content.ComponentName; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 23 | import android.content.pm.FeatureInfo; |
Jeff Sharkey | b92b05b | 2016-01-28 09:50:00 -0700 | [diff] [blame] | 24 | import android.content.pm.PackageManager; |
| 25 | import android.os.Environment; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 26 | import android.os.Process; |
Jeff Sharkey | b92b05b | 2016-01-28 09:50:00 -0700 | [diff] [blame] | 27 | import android.os.storage.StorageManager; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 28 | import android.util.ArrayMap; |
| 29 | import android.util.ArraySet; |
| 30 | import android.util.Slog; |
| 31 | import android.util.SparseArray; |
| 32 | import android.util.Xml; |
Jeff Sharkey | 1c4ae80 | 2014-12-19 11:08:55 -0800 | [diff] [blame] | 33 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 34 | import com.android.internal.util.XmlUtils; |
Jeff Sharkey | 1c4ae80 | 2014-12-19 11:08:55 -0800 | [diff] [blame] | 35 | |
Jeff Sharkey | b92b05b | 2016-01-28 09:50:00 -0700 | [diff] [blame] | 36 | import libcore.io.IoUtils; |
| 37 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 38 | import org.xmlpull.v1.XmlPullParser; |
| 39 | import org.xmlpull.v1.XmlPullParserException; |
| 40 | |
| 41 | import java.io.File; |
| 42 | import java.io.FileNotFoundException; |
| 43 | import java.io.FileReader; |
| 44 | import java.io.IOException; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 45 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 46 | /** |
| 47 | * Loads global system configuration info. |
| 48 | */ |
| 49 | public class SystemConfig { |
| 50 | static final String TAG = "SystemConfig"; |
| 51 | |
| 52 | static SystemConfig sInstance; |
| 53 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 54 | // permission flag, determines which types of configuration are allowed to be read |
| 55 | private static final int ALLOW_FEATURES = 0x01; |
| 56 | private static final int ALLOW_LIBS = 0x02; |
| 57 | private static final int ALLOW_PERMISSIONS = 0x04; |
| 58 | private static final int ALLOW_APP_CONFIGS = 0x08; |
| 59 | private static final int ALLOW_ALL = ~0; |
| 60 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 61 | // Group-ids that are given to all packages as read from etc/permissions/*.xml. |
| 62 | int[] mGlobalGids; |
| 63 | |
| 64 | // These are the built-in uid -> permission mappings that were read from the |
| 65 | // system configuration files. |
Jeff Sharkey | 9f837a9 | 2014-10-24 12:07:24 -0700 | [diff] [blame] | 66 | final SparseArray<ArraySet<String>> mSystemPermissions = new SparseArray<>(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 67 | |
| 68 | // These are the built-in shared libraries that were read from the |
| 69 | // system configuration files. Keys are the library names; strings are the |
| 70 | // paths to the libraries. |
Dianne Hackborn | bb8aa5a | 2014-09-17 13:20:38 -0700 | [diff] [blame] | 71 | final ArrayMap<String, String> mSharedLibraries = new ArrayMap<>(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 72 | |
| 73 | // These are the features this devices supports that were read from the |
| 74 | // system configuration files. |
Jeff Sharkey | 9f837a9 | 2014-10-24 12:07:24 -0700 | [diff] [blame] | 75 | final ArrayMap<String, FeatureInfo> mAvailableFeatures = new ArrayMap<>(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 76 | |
Jeff Sharkey | 1c4ae80 | 2014-12-19 11:08:55 -0800 | [diff] [blame] | 77 | // These are the features which this device doesn't support; the OEM |
| 78 | // partition uses these to opt-out of features from the system image. |
| 79 | final ArraySet<String> mUnavailableFeatures = new ArraySet<>(); |
| 80 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 81 | public static final class PermissionEntry { |
| 82 | public final String name; |
| 83 | public int[] gids; |
Jeff Sharkey | 00f3904 | 2015-03-23 16:51:22 -0700 | [diff] [blame] | 84 | public boolean perUser; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 85 | |
Jeff Sharkey | 00f3904 | 2015-03-23 16:51:22 -0700 | [diff] [blame] | 86 | PermissionEntry(String name, boolean perUser) { |
| 87 | this.name = name; |
| 88 | this.perUser = perUser; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 89 | } |
| 90 | } |
| 91 | |
| 92 | // These are the permission -> gid mappings that were read from the |
| 93 | // system configuration files. |
Dianne Hackborn | bb8aa5a | 2014-09-17 13:20:38 -0700 | [diff] [blame] | 94 | final ArrayMap<String, PermissionEntry> mPermissions = new ArrayMap<>(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 95 | |
| 96 | // These are the packages that are white-listed to be able to run in the |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 97 | // background while in power save mode (but not whitelisted from device idle modes), |
| 98 | // as read from the configuration files. |
| 99 | final ArraySet<String> mAllowInPowerSaveExceptIdle = new ArraySet<>(); |
| 100 | |
| 101 | // These are the packages that are white-listed to be able to run in the |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 102 | // background while in power save mode, as read from the configuration files. |
Dianne Hackborn | bb8aa5a | 2014-09-17 13:20:38 -0700 | [diff] [blame] | 103 | final ArraySet<String> mAllowInPowerSave = new ArraySet<>(); |
| 104 | |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 105 | // These are the packages that are white-listed to be able to run in the |
| 106 | // background while in data-usage save mode, as read from the configuration files. |
| 107 | final ArraySet<String> mAllowInDataUsageSave = new ArraySet<>(); |
| 108 | |
Christopher Tate | 01e1864 | 2015-07-07 18:10:38 -0700 | [diff] [blame] | 109 | // These are the package names of apps which should be in the 'always' |
| 110 | // URL-handling state upon factory reset. |
| 111 | final ArraySet<String> mLinkedApps = new ArraySet<>(); |
| 112 | |
Fyodor Kupolov | 7db5af1 | 2015-07-31 16:50:27 -0700 | [diff] [blame] | 113 | // These are the packages that are whitelisted to be able to run as system user |
| 114 | final ArraySet<String> mSystemUserWhitelistedApps = new ArraySet<>(); |
| 115 | |
| 116 | // These are the packages that should not run under system user |
| 117 | final ArraySet<String> mSystemUserBlacklistedApps = new ArraySet<>(); |
| 118 | |
Ruben Brunk | 98576cf | 2016-03-07 18:54:28 -0800 | [diff] [blame] | 119 | // These are the components that are enabled by default as VR mode listener services. |
| 120 | final ArraySet<ComponentName> mDefaultVrComponents = new ArraySet<>(); |
| 121 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 122 | public static SystemConfig getInstance() { |
| 123 | synchronized (SystemConfig.class) { |
| 124 | if (sInstance == null) { |
| 125 | sInstance = new SystemConfig(); |
| 126 | } |
| 127 | return sInstance; |
| 128 | } |
| 129 | } |
| 130 | |
| 131 | public int[] getGlobalGids() { |
| 132 | return mGlobalGids; |
| 133 | } |
| 134 | |
Jeff Sharkey | 9f837a9 | 2014-10-24 12:07:24 -0700 | [diff] [blame] | 135 | public SparseArray<ArraySet<String>> getSystemPermissions() { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 136 | return mSystemPermissions; |
| 137 | } |
| 138 | |
| 139 | public ArrayMap<String, String> getSharedLibraries() { |
| 140 | return mSharedLibraries; |
| 141 | } |
| 142 | |
Jeff Sharkey | 9f837a9 | 2014-10-24 12:07:24 -0700 | [diff] [blame] | 143 | public ArrayMap<String, FeatureInfo> getAvailableFeatures() { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 144 | return mAvailableFeatures; |
| 145 | } |
| 146 | |
| 147 | public ArrayMap<String, PermissionEntry> getPermissions() { |
| 148 | return mPermissions; |
| 149 | } |
| 150 | |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 151 | public ArraySet<String> getAllowInPowerSaveExceptIdle() { |
| 152 | return mAllowInPowerSaveExceptIdle; |
| 153 | } |
| 154 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 155 | public ArraySet<String> getAllowInPowerSave() { |
| 156 | return mAllowInPowerSave; |
| 157 | } |
| 158 | |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 159 | public ArraySet<String> getAllowInDataUsageSave() { |
| 160 | return mAllowInDataUsageSave; |
| 161 | } |
| 162 | |
Christopher Tate | 01e1864 | 2015-07-07 18:10:38 -0700 | [diff] [blame] | 163 | public ArraySet<String> getLinkedApps() { |
| 164 | return mLinkedApps; |
| 165 | } |
| 166 | |
Fyodor Kupolov | 7db5af1 | 2015-07-31 16:50:27 -0700 | [diff] [blame] | 167 | public ArraySet<String> getSystemUserWhitelistedApps() { |
| 168 | return mSystemUserWhitelistedApps; |
| 169 | } |
| 170 | |
| 171 | public ArraySet<String> getSystemUserBlacklistedApps() { |
| 172 | return mSystemUserBlacklistedApps; |
| 173 | } |
| 174 | |
Ruben Brunk | 98576cf | 2016-03-07 18:54:28 -0800 | [diff] [blame] | 175 | public ArraySet<ComponentName> getDefaultVrComponents() { |
| 176 | return mDefaultVrComponents; |
| 177 | } |
| 178 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 179 | SystemConfig() { |
| 180 | // Read configuration from system |
| 181 | readPermissions(Environment.buildPath( |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 182 | Environment.getRootDirectory(), "etc", "sysconfig"), ALLOW_ALL); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 183 | // Read configuration from the old permissions dir |
| 184 | readPermissions(Environment.buildPath( |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 185 | Environment.getRootDirectory(), "etc", "permissions"), ALLOW_ALL); |
| 186 | // Allow ODM to customize system configs around libs, features and apps |
| 187 | int odmPermissionFlag = ALLOW_LIBS | ALLOW_FEATURES | ALLOW_APP_CONFIGS; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 188 | readPermissions(Environment.buildPath( |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 189 | Environment.getOdmDirectory(), "etc", "sysconfig"), odmPermissionFlag); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 190 | readPermissions(Environment.buildPath( |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 191 | Environment.getOdmDirectory(), "etc", "permissions"), odmPermissionFlag); |
| 192 | // Only allow OEM to customize features |
| 193 | readPermissions(Environment.buildPath( |
| 194 | Environment.getOemDirectory(), "etc", "sysconfig"), ALLOW_FEATURES); |
| 195 | readPermissions(Environment.buildPath( |
| 196 | Environment.getOemDirectory(), "etc", "permissions"), ALLOW_FEATURES); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 197 | } |
| 198 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 199 | void readPermissions(File libraryDir, int permissionFlag) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 200 | // Read permissions from given directory. |
| 201 | if (!libraryDir.exists() || !libraryDir.isDirectory()) { |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 202 | if (permissionFlag == ALLOW_ALL) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 203 | Slog.w(TAG, "No directory " + libraryDir + ", skipping"); |
| 204 | } |
| 205 | return; |
| 206 | } |
| 207 | if (!libraryDir.canRead()) { |
| 208 | Slog.w(TAG, "Directory " + libraryDir + " cannot be read"); |
| 209 | return; |
| 210 | } |
| 211 | |
| 212 | // Iterate over the files in the directory and scan .xml files |
Jeff Sharkey | 1c4ae80 | 2014-12-19 11:08:55 -0800 | [diff] [blame] | 213 | File platformFile = null; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 214 | for (File f : libraryDir.listFiles()) { |
| 215 | // We'll read platform.xml last |
| 216 | if (f.getPath().endsWith("etc/permissions/platform.xml")) { |
Jeff Sharkey | 1c4ae80 | 2014-12-19 11:08:55 -0800 | [diff] [blame] | 217 | platformFile = f; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 218 | continue; |
| 219 | } |
| 220 | |
| 221 | if (!f.getPath().endsWith(".xml")) { |
| 222 | Slog.i(TAG, "Non-xml file " + f + " in " + libraryDir + " directory, ignoring"); |
| 223 | continue; |
| 224 | } |
| 225 | if (!f.canRead()) { |
| 226 | Slog.w(TAG, "Permissions library file " + f + " cannot be read"); |
| 227 | continue; |
| 228 | } |
| 229 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 230 | readPermissionsFromXml(f, permissionFlag); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 231 | } |
| 232 | |
Jeff Sharkey | 1c4ae80 | 2014-12-19 11:08:55 -0800 | [diff] [blame] | 233 | // Read platform permissions last so it will take precedence |
| 234 | if (platformFile != null) { |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 235 | readPermissionsFromXml(platformFile, permissionFlag); |
Jeff Sharkey | 1c4ae80 | 2014-12-19 11:08:55 -0800 | [diff] [blame] | 236 | } |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 237 | } |
| 238 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 239 | private void readPermissionsFromXml(File permFile, int permissionFlag) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 240 | FileReader permReader = null; |
| 241 | try { |
| 242 | permReader = new FileReader(permFile); |
| 243 | } catch (FileNotFoundException e) { |
| 244 | Slog.w(TAG, "Couldn't find or open permissions file " + permFile); |
| 245 | return; |
| 246 | } |
| 247 | |
Dianne Hackborn | c0e4aaa | 2014-11-14 10:55:50 -0800 | [diff] [blame] | 248 | final boolean lowRam = ActivityManager.isLowRamDeviceStatic(); |
| 249 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 250 | try { |
| 251 | XmlPullParser parser = Xml.newPullParser(); |
| 252 | parser.setInput(permReader); |
| 253 | |
| 254 | int type; |
| 255 | while ((type=parser.next()) != parser.START_TAG |
| 256 | && type != parser.END_DOCUMENT) { |
| 257 | ; |
| 258 | } |
| 259 | |
| 260 | if (type != parser.START_TAG) { |
| 261 | throw new XmlPullParserException("No start tag found"); |
| 262 | } |
| 263 | |
| 264 | if (!parser.getName().equals("permissions") && !parser.getName().equals("config")) { |
Dianne Hackborn | b3d4cb3 | 2015-01-09 09:54:06 -0800 | [diff] [blame] | 265 | throw new XmlPullParserException("Unexpected start tag in " + permFile |
| 266 | + ": found " + parser.getName() + ", expected 'permissions' or 'config'"); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 267 | } |
| 268 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 269 | boolean allowAll = permissionFlag == ALLOW_ALL; |
| 270 | boolean allowLibs = (permissionFlag & ALLOW_LIBS) != 0; |
| 271 | boolean allowFeatures = (permissionFlag & ALLOW_FEATURES) != 0; |
| 272 | boolean allowPermissions = (permissionFlag & ALLOW_PERMISSIONS) != 0; |
| 273 | boolean allowAppConfigs = (permissionFlag & ALLOW_APP_CONFIGS) != 0; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 274 | while (true) { |
| 275 | XmlUtils.nextElement(parser); |
| 276 | if (parser.getEventType() == XmlPullParser.END_DOCUMENT) { |
| 277 | break; |
| 278 | } |
| 279 | |
| 280 | String name = parser.getName(); |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 281 | if ("group".equals(name) && allowAll) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 282 | String gidStr = parser.getAttributeValue(null, "gid"); |
| 283 | if (gidStr != null) { |
| 284 | int gid = android.os.Process.getGidForName(gidStr); |
| 285 | mGlobalGids = appendInt(mGlobalGids, gid); |
| 286 | } else { |
Dianne Hackborn | b3d4cb3 | 2015-01-09 09:54:06 -0800 | [diff] [blame] | 287 | Slog.w(TAG, "<group> without gid in " + permFile + " at " |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 288 | + parser.getPositionDescription()); |
| 289 | } |
| 290 | |
| 291 | XmlUtils.skipCurrentTag(parser); |
| 292 | continue; |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 293 | } else if ("permission".equals(name) && allowPermissions) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 294 | String perm = parser.getAttributeValue(null, "name"); |
| 295 | if (perm == null) { |
Dianne Hackborn | b3d4cb3 | 2015-01-09 09:54:06 -0800 | [diff] [blame] | 296 | Slog.w(TAG, "<permission> without name in " + permFile + " at " |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 297 | + parser.getPositionDescription()); |
| 298 | XmlUtils.skipCurrentTag(parser); |
| 299 | continue; |
| 300 | } |
| 301 | perm = perm.intern(); |
| 302 | readPermission(parser, perm); |
| 303 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 304 | } else if ("assign-permission".equals(name) && allowPermissions) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 305 | String perm = parser.getAttributeValue(null, "name"); |
| 306 | if (perm == null) { |
Dianne Hackborn | b3d4cb3 | 2015-01-09 09:54:06 -0800 | [diff] [blame] | 307 | Slog.w(TAG, "<assign-permission> without name in " + permFile + " at " |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 308 | + parser.getPositionDescription()); |
| 309 | XmlUtils.skipCurrentTag(parser); |
| 310 | continue; |
| 311 | } |
| 312 | String uidStr = parser.getAttributeValue(null, "uid"); |
| 313 | if (uidStr == null) { |
Dianne Hackborn | b3d4cb3 | 2015-01-09 09:54:06 -0800 | [diff] [blame] | 314 | Slog.w(TAG, "<assign-permission> without uid in " + permFile + " at " |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 315 | + parser.getPositionDescription()); |
| 316 | XmlUtils.skipCurrentTag(parser); |
| 317 | continue; |
| 318 | } |
| 319 | int uid = Process.getUidForName(uidStr); |
| 320 | if (uid < 0) { |
| 321 | Slog.w(TAG, "<assign-permission> with unknown uid \"" |
Dianne Hackborn | b3d4cb3 | 2015-01-09 09:54:06 -0800 | [diff] [blame] | 322 | + uidStr + " in " + permFile + " at " |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 323 | + parser.getPositionDescription()); |
| 324 | XmlUtils.skipCurrentTag(parser); |
| 325 | continue; |
| 326 | } |
| 327 | perm = perm.intern(); |
Jeff Sharkey | 9f837a9 | 2014-10-24 12:07:24 -0700 | [diff] [blame] | 328 | ArraySet<String> perms = mSystemPermissions.get(uid); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 329 | if (perms == null) { |
Jeff Sharkey | 9f837a9 | 2014-10-24 12:07:24 -0700 | [diff] [blame] | 330 | perms = new ArraySet<String>(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 331 | mSystemPermissions.put(uid, perms); |
| 332 | } |
| 333 | perms.add(perm); |
| 334 | XmlUtils.skipCurrentTag(parser); |
| 335 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 336 | } else if ("library".equals(name) && allowLibs) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 337 | String lname = parser.getAttributeValue(null, "name"); |
| 338 | String lfile = parser.getAttributeValue(null, "file"); |
| 339 | if (lname == null) { |
Dianne Hackborn | b3d4cb3 | 2015-01-09 09:54:06 -0800 | [diff] [blame] | 340 | Slog.w(TAG, "<library> without name in " + permFile + " at " |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 341 | + parser.getPositionDescription()); |
| 342 | } else if (lfile == null) { |
Dianne Hackborn | b3d4cb3 | 2015-01-09 09:54:06 -0800 | [diff] [blame] | 343 | Slog.w(TAG, "<library> without file in " + permFile + " at " |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 344 | + parser.getPositionDescription()); |
| 345 | } else { |
| 346 | //Log.i(TAG, "Got library " + lname + " in " + lfile); |
| 347 | mSharedLibraries.put(lname, lfile); |
| 348 | } |
| 349 | XmlUtils.skipCurrentTag(parser); |
| 350 | continue; |
| 351 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 352 | } else if ("feature".equals(name) && allowFeatures) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 353 | String fname = parser.getAttributeValue(null, "name"); |
Arunesh Mishra | 4e0bdf3 | 2016-02-15 23:50:38 -0800 | [diff] [blame] | 354 | int fversion = XmlUtils.readIntAttribute(parser, "version", 0); |
Dianne Hackborn | c0e4aaa | 2014-11-14 10:55:50 -0800 | [diff] [blame] | 355 | boolean allowed; |
| 356 | if (!lowRam) { |
| 357 | allowed = true; |
| 358 | } else { |
| 359 | String notLowRam = parser.getAttributeValue(null, "notLowRam"); |
| 360 | allowed = !"true".equals(notLowRam); |
| 361 | } |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 362 | if (fname == null) { |
Dianne Hackborn | b3d4cb3 | 2015-01-09 09:54:06 -0800 | [diff] [blame] | 363 | Slog.w(TAG, "<feature> without name in " + permFile + " at " |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 364 | + parser.getPositionDescription()); |
Dianne Hackborn | c0e4aaa | 2014-11-14 10:55:50 -0800 | [diff] [blame] | 365 | } else if (allowed) { |
Jeff Sharkey | 115d2c1 | 2016-02-15 17:25:57 -0700 | [diff] [blame] | 366 | addFeature(fname, fversion); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 367 | } |
| 368 | XmlUtils.skipCurrentTag(parser); |
| 369 | continue; |
| 370 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 371 | } else if ("unavailable-feature".equals(name) && allowFeatures) { |
Jeff Sharkey | 1c4ae80 | 2014-12-19 11:08:55 -0800 | [diff] [blame] | 372 | String fname = parser.getAttributeValue(null, "name"); |
| 373 | if (fname == null) { |
Dianne Hackborn | b3d4cb3 | 2015-01-09 09:54:06 -0800 | [diff] [blame] | 374 | Slog.w(TAG, "<unavailable-feature> without name in " + permFile + " at " |
Jeff Sharkey | 1c4ae80 | 2014-12-19 11:08:55 -0800 | [diff] [blame] | 375 | + parser.getPositionDescription()); |
| 376 | } else { |
| 377 | mUnavailableFeatures.add(fname); |
| 378 | } |
| 379 | XmlUtils.skipCurrentTag(parser); |
| 380 | continue; |
| 381 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 382 | } else if ("allow-in-power-save-except-idle".equals(name) && allowAll) { |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 383 | String pkgname = parser.getAttributeValue(null, "package"); |
| 384 | if (pkgname == null) { |
| 385 | Slog.w(TAG, "<allow-in-power-save-except-idle> without package in " |
| 386 | + permFile + " at " + parser.getPositionDescription()); |
| 387 | } else { |
| 388 | mAllowInPowerSaveExceptIdle.add(pkgname); |
| 389 | } |
| 390 | XmlUtils.skipCurrentTag(parser); |
| 391 | continue; |
| 392 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 393 | } else if ("allow-in-power-save".equals(name) && allowAll) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 394 | String pkgname = parser.getAttributeValue(null, "package"); |
| 395 | if (pkgname == null) { |
Dianne Hackborn | b3d4cb3 | 2015-01-09 09:54:06 -0800 | [diff] [blame] | 396 | Slog.w(TAG, "<allow-in-power-save> without package in " + permFile + " at " |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 397 | + parser.getPositionDescription()); |
| 398 | } else { |
| 399 | mAllowInPowerSave.add(pkgname); |
| 400 | } |
| 401 | XmlUtils.skipCurrentTag(parser); |
| 402 | continue; |
| 403 | |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 404 | } else if ("allow-in-data-usage-save".equals(name) && allowAll) { |
| 405 | String pkgname = parser.getAttributeValue(null, "package"); |
| 406 | if (pkgname == null) { |
| 407 | Slog.w(TAG, "<allow-in-data-usage-save> without package in " + permFile |
| 408 | + " at " + parser.getPositionDescription()); |
| 409 | } else { |
| 410 | mAllowInDataUsageSave.add(pkgname); |
| 411 | } |
| 412 | XmlUtils.skipCurrentTag(parser); |
| 413 | continue; |
| 414 | |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 415 | } else if ("app-link".equals(name) && allowAppConfigs) { |
Christopher Tate | 01e1864 | 2015-07-07 18:10:38 -0700 | [diff] [blame] | 416 | String pkgname = parser.getAttributeValue(null, "package"); |
| 417 | if (pkgname == null) { |
| 418 | Slog.w(TAG, "<app-link> without package in " + permFile + " at " |
| 419 | + parser.getPositionDescription()); |
| 420 | } else { |
| 421 | mLinkedApps.add(pkgname); |
| 422 | } |
| 423 | XmlUtils.skipCurrentTag(parser); |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 424 | } else if ("system-user-whitelisted-app".equals(name) && allowAppConfigs) { |
Fyodor Kupolov | 7db5af1 | 2015-07-31 16:50:27 -0700 | [diff] [blame] | 425 | String pkgname = parser.getAttributeValue(null, "package"); |
| 426 | if (pkgname == null) { |
| 427 | Slog.w(TAG, "<system-user-whitelisted-app> without package in " + permFile |
| 428 | + " at " + parser.getPositionDescription()); |
| 429 | } else { |
| 430 | mSystemUserWhitelistedApps.add(pkgname); |
| 431 | } |
| 432 | XmlUtils.skipCurrentTag(parser); |
Hung-ying Tyan | bdc9d58 | 2015-11-20 11:53:39 +0800 | [diff] [blame] | 433 | } else if ("system-user-blacklisted-app".equals(name) && allowAppConfigs) { |
Fyodor Kupolov | 7db5af1 | 2015-07-31 16:50:27 -0700 | [diff] [blame] | 434 | String pkgname = parser.getAttributeValue(null, "package"); |
| 435 | if (pkgname == null) { |
| 436 | Slog.w(TAG, "<system-user-blacklisted-app without package in " + permFile |
| 437 | + " at " + parser.getPositionDescription()); |
| 438 | } else { |
| 439 | mSystemUserBlacklistedApps.add(pkgname); |
| 440 | } |
| 441 | XmlUtils.skipCurrentTag(parser); |
Ruben Brunk | 98576cf | 2016-03-07 18:54:28 -0800 | [diff] [blame] | 442 | } else if ("default-enabled-vr-app".equals(name) && allowAppConfigs) { |
| 443 | String pkgname = parser.getAttributeValue(null, "package"); |
| 444 | String clsname = parser.getAttributeValue(null, "class"); |
| 445 | if (pkgname == null) { |
| 446 | Slog.w(TAG, "<default-enabled-vr-app without package in " + permFile |
| 447 | + " at " + parser.getPositionDescription()); |
| 448 | } else if (clsname == null) { |
| 449 | Slog.w(TAG, "<default-enabled-vr-app without class in " + permFile |
| 450 | + " at " + parser.getPositionDescription()); |
| 451 | } else { |
| 452 | mDefaultVrComponents.add(new ComponentName(pkgname, clsname)); |
| 453 | } |
| 454 | XmlUtils.skipCurrentTag(parser); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 455 | } else { |
| 456 | XmlUtils.skipCurrentTag(parser); |
| 457 | continue; |
| 458 | } |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 459 | } |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 460 | } catch (XmlPullParserException e) { |
Jeff Sharkey | 1c4ae80 | 2014-12-19 11:08:55 -0800 | [diff] [blame] | 461 | Slog.w(TAG, "Got exception parsing permissions.", e); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 462 | } catch (IOException e) { |
Jeff Sharkey | 1c4ae80 | 2014-12-19 11:08:55 -0800 | [diff] [blame] | 463 | Slog.w(TAG, "Got exception parsing permissions.", e); |
| 464 | } finally { |
| 465 | IoUtils.closeQuietly(permReader); |
| 466 | } |
| 467 | |
Jeff Sharkey | b92b05b | 2016-01-28 09:50:00 -0700 | [diff] [blame] | 468 | // Some devices can be field-converted to FBE, so offer to splice in |
| 469 | // those features if not already defined by the static config |
Paul Lawrence | 20be5d6 | 2016-02-26 13:51:17 -0800 | [diff] [blame] | 470 | if (StorageManager.isFileEncryptedNativeOnly()) { |
Jeff Sharkey | 115d2c1 | 2016-02-15 17:25:57 -0700 | [diff] [blame] | 471 | addFeature(PackageManager.FEATURE_FILE_BASED_ENCRYPTION, 0); |
| 472 | addFeature(PackageManager.FEATURE_SECURELY_REMOVES_USERS, 0); |
Jeff Sharkey | b92b05b | 2016-01-28 09:50:00 -0700 | [diff] [blame] | 473 | } |
| 474 | |
| 475 | for (String featureName : mUnavailableFeatures) { |
| 476 | removeFeature(featureName); |
| 477 | } |
| 478 | } |
| 479 | |
Jeff Sharkey | 115d2c1 | 2016-02-15 17:25:57 -0700 | [diff] [blame] | 480 | private void addFeature(String name, int version) { |
| 481 | FeatureInfo fi = mAvailableFeatures.get(name); |
| 482 | if (fi == null) { |
| 483 | fi = new FeatureInfo(); |
| 484 | fi.name = name; |
| 485 | fi.version = version; |
| 486 | mAvailableFeatures.put(name, fi); |
| 487 | } else { |
| 488 | fi.version = Math.max(fi.version, version); |
Jeff Sharkey | b92b05b | 2016-01-28 09:50:00 -0700 | [diff] [blame] | 489 | } |
| 490 | } |
| 491 | |
Jeff Sharkey | 115d2c1 | 2016-02-15 17:25:57 -0700 | [diff] [blame] | 492 | private void removeFeature(String name) { |
| 493 | if (mAvailableFeatures.remove(name) != null) { |
| 494 | Slog.d(TAG, "Removed unavailable feature " + name); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 495 | } |
| 496 | } |
| 497 | |
| 498 | void readPermission(XmlPullParser parser, String name) |
| 499 | throws IOException, XmlPullParserException { |
Jeff Sharkey | 00f3904 | 2015-03-23 16:51:22 -0700 | [diff] [blame] | 500 | if (mPermissions.containsKey(name)) { |
| 501 | throw new IllegalStateException("Duplicate permission definition for " + name); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 502 | } |
Jeff Sharkey | 00f3904 | 2015-03-23 16:51:22 -0700 | [diff] [blame] | 503 | |
| 504 | final boolean perUser = XmlUtils.readBooleanAttribute(parser, "perUser", false); |
| 505 | final PermissionEntry perm = new PermissionEntry(name, perUser); |
| 506 | mPermissions.put(name, perm); |
| 507 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 508 | int outerDepth = parser.getDepth(); |
| 509 | int type; |
| 510 | while ((type=parser.next()) != XmlPullParser.END_DOCUMENT |
| 511 | && (type != XmlPullParser.END_TAG |
| 512 | || parser.getDepth() > outerDepth)) { |
| 513 | if (type == XmlPullParser.END_TAG |
| 514 | || type == XmlPullParser.TEXT) { |
| 515 | continue; |
| 516 | } |
| 517 | |
| 518 | String tagName = parser.getName(); |
| 519 | if ("group".equals(tagName)) { |
| 520 | String gidStr = parser.getAttributeValue(null, "gid"); |
| 521 | if (gidStr != null) { |
| 522 | int gid = Process.getGidForName(gidStr); |
| 523 | perm.gids = appendInt(perm.gids, gid); |
| 524 | } else { |
| 525 | Slog.w(TAG, "<group> without gid at " |
| 526 | + parser.getPositionDescription()); |
| 527 | } |
| 528 | } |
| 529 | XmlUtils.skipCurrentTag(parser); |
| 530 | } |
| 531 | } |
| 532 | } |