1 /* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.pm.permission; 18 19 import static android.os.Process.FIRST_APPLICATION_UID; 20 21 import android.Manifest; 22 import android.annotation.NonNull; 23 import android.annotation.Nullable; 24 import android.app.ActivityManager; 25 import android.app.DownloadManager; 26 import android.app.SearchManager; 27 import android.app.admin.DevicePolicyManager; 28 import android.companion.CompanionDeviceManager; 29 import android.content.Context; 30 import android.content.Intent; 31 import android.content.pm.ApplicationInfo; 32 import android.content.pm.PackageInfo; 33 import android.content.pm.PackageManager; 34 import android.content.pm.PackageManager.NameNotFoundException; 35 import android.content.pm.PackageManagerInternal; 36 import android.content.pm.PermissionInfo; 37 import android.content.pm.ProviderInfo; 38 import android.content.pm.ResolveInfo; 39 import android.media.RingtoneManager; 40 import android.media.midi.MidiManager; 41 import android.net.Uri; 42 import android.os.Build; 43 import android.os.Environment; 44 import android.os.Handler; 45 import android.os.HandlerThread; 46 import android.os.Message; 47 import android.os.Process; 48 import android.os.UserHandle; 49 import android.os.storage.StorageManager; 50 import android.permission.PermissionManager; 51 import android.print.PrintManager; 52 import android.provider.CalendarContract; 53 import android.provider.ContactsContract; 54 import android.provider.MediaStore; 55 import android.provider.Telephony.Sms.Intents; 56 import android.security.Credentials; 57 import android.speech.RecognitionService; 58 import android.telephony.TelephonyManager; 59 import android.text.TextUtils; 60 import android.util.ArrayMap; 61 import android.util.ArraySet; 62 import android.util.Log; 63 import android.util.Slog; 64 import android.util.SparseArray; 65 import android.util.TypedXmlPullParser; 66 import android.util.Xml; 67 68 import com.android.internal.R; 69 import com.android.internal.util.ArrayUtils; 70 import com.android.internal.util.XmlUtils; 71 import com.android.server.LocalServices; 72 import com.android.server.ServiceThread; 73 import com.android.server.pm.permission.LegacyPermissionManagerInternal.PackagesProvider; 74 import com.android.server.pm.permission.LegacyPermissionManagerInternal.SyncAdapterPackagesProvider; 75 76 import org.xmlpull.v1.XmlPullParser; 77 import org.xmlpull.v1.XmlPullParserException; 78 79 import java.io.File; 80 import java.io.FileInputStream; 81 import java.io.IOException; 82 import java.io.InputStream; 83 import java.util.ArrayList; 84 import java.util.Arrays; 85 import java.util.Collections; 86 import java.util.List; 87 import java.util.Map; 88 import java.util.Set; 89 90 /** 91 * This class is the policy for granting runtime permissions to 92 * platform components and default handlers in the system such 93 * that the device is usable out-of-the-box. For example, the 94 * shell UID is a part of the system and the Phone app should 95 * have phone related permission by default. 96 * <p> 97 * NOTE: This class is at the wrong abstraction level. It is a part of the package manager 98 * service but knows about lots of higher level subsystems. The correct way to do this is 99 * to have an interface defined in the package manager but have the impl next to other 100 * policy stuff like PhoneWindowManager 101 */ 102 final class DefaultPermissionGrantPolicy { 103 private static final String TAG = "DefaultPermGrantPolicy"; // must be <= 23 chars 104 private static final boolean DEBUG = false; 105 106 @PackageManager.ResolveInfoFlags 107 private static final int DEFAULT_INTENT_QUERY_FLAGS = 108 PackageManager.MATCH_DIRECT_BOOT_AWARE | PackageManager.MATCH_DIRECT_BOOT_UNAWARE 109 | PackageManager.MATCH_UNINSTALLED_PACKAGES; 110 111 @PackageManager.PackageInfoFlags 112 private static final int DEFAULT_PACKAGE_INFO_QUERY_FLAGS = 113 PackageManager.MATCH_UNINSTALLED_PACKAGES 114 | PackageManager.MATCH_DISABLED_UNTIL_USED_COMPONENTS 115 | PackageManager.MATCH_HIDDEN_UNTIL_INSTALLED_COMPONENTS 116 | PackageManager.GET_PERMISSIONS; 117 118 private static final String AUDIO_MIME_TYPE = "audio/mpeg"; 119 120 private static final String TAG_EXCEPTIONS = "exceptions"; 121 private static final String TAG_EXCEPTION = "exception"; 122 private static final String TAG_PERMISSION = "permission"; 123 private static final String ATTR_PACKAGE = "package"; 124 private static final String ATTR_NAME = "name"; 125 private static final String ATTR_FIXED = "fixed"; 126 private static final String ATTR_WHITELISTED = "whitelisted"; 127 128 private static final Set<String> PHONE_PERMISSIONS = new ArraySet<>(); 129 130 131 static { 132 PHONE_PERMISSIONS.add(Manifest.permission.READ_PHONE_STATE); 133 PHONE_PERMISSIONS.add(Manifest.permission.CALL_PHONE); 134 PHONE_PERMISSIONS.add(Manifest.permission.READ_CALL_LOG); 135 PHONE_PERMISSIONS.add(Manifest.permission.WRITE_CALL_LOG); 136 PHONE_PERMISSIONS.add(Manifest.permission.ADD_VOICEMAIL); 137 PHONE_PERMISSIONS.add(Manifest.permission.USE_SIP); 138 PHONE_PERMISSIONS.add(Manifest.permission.PROCESS_OUTGOING_CALLS); 139 } 140 141 private static final Set<String> CONTACTS_PERMISSIONS = new ArraySet<>(); 142 static { 143 CONTACTS_PERMISSIONS.add(Manifest.permission.READ_CONTACTS); 144 CONTACTS_PERMISSIONS.add(Manifest.permission.WRITE_CONTACTS); 145 CONTACTS_PERMISSIONS.add(Manifest.permission.GET_ACCOUNTS); 146 } 147 148 private static final Set<String> ALWAYS_LOCATION_PERMISSIONS = new ArraySet<>(); 149 static { 150 ALWAYS_LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_FINE_LOCATION); 151 ALWAYS_LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_COARSE_LOCATION); 152 ALWAYS_LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_BACKGROUND_LOCATION); 153 } 154 155 private static final Set<String> FOREGROUND_LOCATION_PERMISSIONS = new ArraySet<>(); 156 static { 157 FOREGROUND_LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_FINE_LOCATION); 158 FOREGROUND_LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_COARSE_LOCATION); 159 } 160 161 private static final Set<String> COARSE_BACKGROUND_LOCATION_PERMISSIONS = new ArraySet<>(); 162 static { 163 COARSE_BACKGROUND_LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_COARSE_LOCATION); 164 COARSE_BACKGROUND_LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_BACKGROUND_LOCATION); 165 } 166 167 private static final Set<String> ACTIVITY_RECOGNITION_PERMISSIONS = new ArraySet<>(); 168 static { 169 ACTIVITY_RECOGNITION_PERMISSIONS.add(Manifest.permission.ACTIVITY_RECOGNITION); 170 } 171 172 private static final Set<String> CALENDAR_PERMISSIONS = new ArraySet<>(); 173 static { 174 CALENDAR_PERMISSIONS.add(Manifest.permission.READ_CALENDAR); 175 CALENDAR_PERMISSIONS.add(Manifest.permission.WRITE_CALENDAR); 176 } 177 178 private static final Set<String> SMS_PERMISSIONS = new ArraySet<>(); 179 static { 180 SMS_PERMISSIONS.add(Manifest.permission.SEND_SMS); 181 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_SMS); 182 SMS_PERMISSIONS.add(Manifest.permission.READ_SMS); 183 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_WAP_PUSH); 184 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_MMS); 185 SMS_PERMISSIONS.add(Manifest.permission.READ_CELL_BROADCASTS); 186 } 187 188 private static final Set<String> MICROPHONE_PERMISSIONS = new ArraySet<>(); 189 static { 190 MICROPHONE_PERMISSIONS.add(Manifest.permission.RECORD_AUDIO); 191 } 192 193 private static final Set<String> CAMERA_PERMISSIONS = new ArraySet<>(); 194 static { 195 CAMERA_PERMISSIONS.add(Manifest.permission.CAMERA); 196 } 197 198 private static final Set<String> SENSORS_PERMISSIONS = new ArraySet<>(); 199 static { 200 SENSORS_PERMISSIONS.add(Manifest.permission.BODY_SENSORS); 201 } 202 203 private static final Set<String> STORAGE_PERMISSIONS = new ArraySet<>(); 204 static { 205 STORAGE_PERMISSIONS.add(Manifest.permission.READ_EXTERNAL_STORAGE); 206 STORAGE_PERMISSIONS.add(Manifest.permission.WRITE_EXTERNAL_STORAGE); 207 STORAGE_PERMISSIONS.add(Manifest.permission.ACCESS_MEDIA_LOCATION); 208 } 209 210 private static final Set<String> NEARBY_DEVICES_PERMISSIONS = new ArraySet<>(); 211 static { 212 NEARBY_DEVICES_PERMISSIONS.add(Manifest.permission.BLUETOOTH_ADVERTISE); 213 NEARBY_DEVICES_PERMISSIONS.add(Manifest.permission.BLUETOOTH_CONNECT); 214 NEARBY_DEVICES_PERMISSIONS.add(Manifest.permission.BLUETOOTH_SCAN); 215 NEARBY_DEVICES_PERMISSIONS.add(Manifest.permission.UWB_RANGING); 216 } 217 218 private static final int MSG_READ_DEFAULT_PERMISSION_EXCEPTIONS = 1; 219 220 private static final String ACTION_TRACK = "com.android.fitness.TRACK"; 221 222 private final Handler mHandler; 223 224 private PackagesProvider mLocationPackagesProvider; 225 private PackagesProvider mLocationExtraPackagesProvider; 226 private PackagesProvider mVoiceInteractionPackagesProvider; 227 private PackagesProvider mSmsAppPackagesProvider; 228 private PackagesProvider mDialerAppPackagesProvider; 229 private PackagesProvider mSimCallManagerPackagesProvider; 230 private PackagesProvider mUseOpenWifiAppPackagesProvider; 231 private SyncAdapterPackagesProvider mSyncAdapterPackagesProvider; 232 233 private ArrayMap<String, List<DefaultPermissionGrant>> mGrantExceptions; 234 private final Context mContext; 235 private final Object mLock = new Object(); 236 private final PackageManagerInternal mServiceInternal; 237 238 /** Directly interact with the PackageManger */ 239 private final PackageManagerWrapper NO_PM_CACHE = new PackageManagerWrapper() { 240 @Override 241 public int getPermissionFlags(@NonNull String permission, @NonNull PackageInfo pkg, 242 @NonNull UserHandle user) { 243 return mContext.getPackageManager().getPermissionFlags(permission, pkg.packageName, 244 user); 245 } 246 247 @Override 248 public void updatePermissionFlags(@NonNull String permission, @NonNull PackageInfo pkg, 249 int flagMask, int flagValues, @NonNull UserHandle user) { 250 mContext.getPackageManager().updatePermissionFlags(permission, pkg.packageName, 251 flagMask, flagValues, user); 252 } 253 254 @Override 255 public void grantPermission(@NonNull String permission, @NonNull PackageInfo pkg, 256 @NonNull UserHandle user) { 257 mContext.getPackageManager().grantRuntimePermission(pkg.packageName, permission, 258 user); 259 } 260 261 @Override 262 public void revokePermission(@NonNull String permission, @NonNull PackageInfo pkg, 263 @NonNull UserHandle user) { 264 mContext.getPackageManager().revokeRuntimePermission(pkg.packageName, permission, 265 user); 266 } 267 268 @Override 269 public boolean isGranted(@NonNull String permission, @NonNull PackageInfo pkg, 270 @NonNull UserHandle user) { 271 return mContext.createContextAsUser(user, 0).getPackageManager().checkPermission( 272 permission, pkg.packageName) == PackageManager.PERMISSION_GRANTED; 273 } 274 275 @Override 276 public @Nullable PermissionInfo getPermissionInfo(@NonNull String permissionName) { 277 if (permissionName == null) { 278 return null; 279 } 280 281 try { 282 return mContext.getPackageManager().getPermissionInfo(permissionName, 0); 283 } catch (NameNotFoundException e) { 284 Slog.w(TAG, "Permission not found: " + permissionName); 285 return null; 286 } 287 } 288 289 @Override 290 public @Nullable PackageInfo getPackageInfo(@NonNull String pkg) { 291 if (pkg == null) { 292 return null; 293 } 294 295 try { 296 return mContext.getPackageManager().getPackageInfo(pkg, 297 DEFAULT_PACKAGE_INFO_QUERY_FLAGS); 298 } catch (NameNotFoundException e) { 299 Slog.e(TAG, "Package not found: " + pkg); 300 return null; 301 } 302 } 303 }; 304 DefaultPermissionGrantPolicy(@onNull Context context)305 DefaultPermissionGrantPolicy(@NonNull Context context) { 306 mContext = context; 307 HandlerThread handlerThread = new ServiceThread(TAG, 308 Process.THREAD_PRIORITY_BACKGROUND, true /*allowIo*/); 309 handlerThread.start(); 310 mHandler = new Handler(handlerThread.getLooper()) { 311 @Override 312 public void handleMessage(Message msg) { 313 if (msg.what == MSG_READ_DEFAULT_PERMISSION_EXCEPTIONS) { 314 synchronized (mLock) { 315 if (mGrantExceptions == null) { 316 mGrantExceptions = readDefaultPermissionExceptionsLocked(NO_PM_CACHE); 317 } 318 } 319 } 320 } 321 }; 322 mServiceInternal = LocalServices.getService(PackageManagerInternal.class); 323 } 324 setLocationPackagesProvider(PackagesProvider provider)325 public void setLocationPackagesProvider(PackagesProvider provider) { 326 synchronized (mLock) { 327 mLocationPackagesProvider = provider; 328 } 329 } 330 331 /** Sets the provider for loction extra packages. */ setLocationExtraPackagesProvider(PackagesProvider provider)332 public void setLocationExtraPackagesProvider(PackagesProvider provider) { 333 synchronized (mLock) { 334 mLocationExtraPackagesProvider = provider; 335 } 336 } 337 setVoiceInteractionPackagesProvider(PackagesProvider provider)338 public void setVoiceInteractionPackagesProvider(PackagesProvider provider) { 339 synchronized (mLock) { 340 mVoiceInteractionPackagesProvider = provider; 341 } 342 } 343 setSmsAppPackagesProvider(PackagesProvider provider)344 public void setSmsAppPackagesProvider(PackagesProvider provider) { 345 synchronized (mLock) { 346 mSmsAppPackagesProvider = provider; 347 } 348 } 349 setDialerAppPackagesProvider(PackagesProvider provider)350 public void setDialerAppPackagesProvider(PackagesProvider provider) { 351 synchronized (mLock) { 352 mDialerAppPackagesProvider = provider; 353 } 354 } 355 setSimCallManagerPackagesProvider(PackagesProvider provider)356 public void setSimCallManagerPackagesProvider(PackagesProvider provider) { 357 synchronized (mLock) { 358 mSimCallManagerPackagesProvider = provider; 359 } 360 } 361 setUseOpenWifiAppPackagesProvider(PackagesProvider provider)362 public void setUseOpenWifiAppPackagesProvider(PackagesProvider provider) { 363 synchronized (mLock) { 364 mUseOpenWifiAppPackagesProvider = provider; 365 } 366 } 367 setSyncAdapterPackagesProvider(SyncAdapterPackagesProvider provider)368 public void setSyncAdapterPackagesProvider(SyncAdapterPackagesProvider provider) { 369 synchronized (mLock) { 370 mSyncAdapterPackagesProvider = provider; 371 } 372 } 373 grantDefaultPermissions(int userId)374 public void grantDefaultPermissions(int userId) { 375 DelayingPackageManagerCache pm = new DelayingPackageManagerCache(); 376 377 grantPermissionsToSysComponentsAndPrivApps(pm, userId); 378 grantDefaultSystemHandlerPermissions(pm, userId); 379 grantDefaultPermissionExceptions(pm, userId); 380 381 // Apply delayed state 382 pm.apply(); 383 } 384 grantRuntimePermissionsForSystemPackage(PackageManagerWrapper pm, int userId, PackageInfo pkg)385 private void grantRuntimePermissionsForSystemPackage(PackageManagerWrapper pm, 386 int userId, PackageInfo pkg) { 387 Set<String> permissions = new ArraySet<>(); 388 for (String permission : pkg.requestedPermissions) { 389 final PermissionInfo perm = pm.getPermissionInfo(permission); 390 if (perm == null) { 391 continue; 392 } 393 if (perm.isRuntime()) { 394 permissions.add(permission); 395 } 396 } 397 if (!permissions.isEmpty()) { 398 grantRuntimePermissions(pm, pkg, permissions, true /*systemFixed*/, userId); 399 } 400 } 401 scheduleReadDefaultPermissionExceptions()402 public void scheduleReadDefaultPermissionExceptions() { 403 mHandler.sendEmptyMessage(MSG_READ_DEFAULT_PERMISSION_EXCEPTIONS); 404 } 405 grantPermissionsToSysComponentsAndPrivApps(DelayingPackageManagerCache pm, int userId)406 private void grantPermissionsToSysComponentsAndPrivApps(DelayingPackageManagerCache pm, 407 int userId) { 408 Log.i(TAG, "Granting permissions to platform components for user " + userId); 409 List<PackageInfo> packages = mContext.getPackageManager().getInstalledPackagesAsUser( 410 DEFAULT_PACKAGE_INFO_QUERY_FLAGS, UserHandle.USER_SYSTEM); 411 for (PackageInfo pkg : packages) { 412 if (pkg == null) { 413 continue; 414 } 415 416 // Package info is already loaded, cache it 417 pm.addPackageInfo(pkg.packageName, pkg); 418 419 if (!pm.isSysComponentOrPersistentPlatformSignedPrivApp(pkg) 420 || !doesPackageSupportRuntimePermissions(pkg) 421 || ArrayUtils.isEmpty(pkg.requestedPermissions)) { 422 continue; 423 } 424 grantRuntimePermissionsForSystemPackage(pm, userId, pkg); 425 } 426 427 // Re-grant READ_PHONE_STATE as non-fixed to all system apps that have 428 // READ_PRIVILEGED_PHONE_STATE and READ_PHONE_STATE granted -- this is to undo the fixed 429 // grant from R. 430 for (PackageInfo pkg : packages) { 431 if (pkg == null 432 || !doesPackageSupportRuntimePermissions(pkg) 433 || ArrayUtils.isEmpty(pkg.requestedPermissions) 434 || !pm.isGranted(Manifest.permission.READ_PRIVILEGED_PHONE_STATE, 435 pkg, UserHandle.of(userId)) 436 || !pm.isGranted(Manifest.permission.READ_PHONE_STATE, pkg, 437 UserHandle.of(userId))) { 438 continue; 439 } 440 441 pm.updatePermissionFlags(Manifest.permission.READ_PHONE_STATE, pkg, 442 PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, 443 0, 444 UserHandle.of(userId)); 445 } 446 447 } 448 449 @SafeVarargs grantIgnoringSystemPackage(PackageManagerWrapper pm, String packageName, int userId, Set<String>... permissionGroups)450 private final void grantIgnoringSystemPackage(PackageManagerWrapper pm, String packageName, 451 int userId, Set<String>... permissionGroups) { 452 grantPermissionsToPackage(pm, packageName, userId, true /* ignoreSystemPackage */, 453 true /*whitelistRestrictedPermissions*/, permissionGroups); 454 } 455 456 @SafeVarargs grantSystemFixedPermissionsToSystemPackage(PackageManagerWrapper pm, String packageName, int userId, Set<String>... permissionGroups)457 private final void grantSystemFixedPermissionsToSystemPackage(PackageManagerWrapper pm, 458 String packageName, int userId, Set<String>... permissionGroups) { 459 grantPermissionsToSystemPackage(pm, packageName, userId, true /* systemFixed */, 460 permissionGroups); 461 } 462 463 @SafeVarargs grantPermissionsToSystemPackage(PackageManagerWrapper pm, String packageName, int userId, Set<String>... permissionGroups)464 private final void grantPermissionsToSystemPackage(PackageManagerWrapper pm, 465 String packageName, int userId, Set<String>... permissionGroups) { 466 grantPermissionsToSystemPackage(pm, packageName, userId, false /* systemFixed */, 467 permissionGroups); 468 } 469 470 @SafeVarargs grantPermissionsToSystemPackage(PackageManagerWrapper pm, String packageName, int userId, boolean systemFixed, Set<String>... permissionGroups)471 private final void grantPermissionsToSystemPackage(PackageManagerWrapper pm, String packageName, 472 int userId, boolean systemFixed, Set<String>... permissionGroups) { 473 if (!pm.isSystemPackage(packageName)) { 474 return; 475 } 476 grantPermissionsToPackage(pm, pm.getSystemPackageInfo(packageName), 477 userId, systemFixed, false /* ignoreSystemPackage */, 478 true /*whitelistRestrictedPermissions*/, permissionGroups); 479 } 480 481 @SafeVarargs grantPermissionsToPackage(PackageManagerWrapper pm, String packageName, int userId, boolean ignoreSystemPackage, boolean whitelistRestrictedPermissions, Set<String>... permissionGroups)482 private final void grantPermissionsToPackage(PackageManagerWrapper pm, String packageName, 483 int userId, boolean ignoreSystemPackage, boolean whitelistRestrictedPermissions, 484 Set<String>... permissionGroups) { 485 grantPermissionsToPackage(pm, pm.getPackageInfo(packageName), 486 userId, false /* systemFixed */, ignoreSystemPackage, 487 whitelistRestrictedPermissions, permissionGroups); 488 } 489 490 @SafeVarargs grantPermissionsToPackage(PackageManagerWrapper pm, PackageInfo packageInfo, int userId, boolean systemFixed, boolean ignoreSystemPackage, boolean whitelistRestrictedPermissions, Set<String>... permissionGroups)491 private final void grantPermissionsToPackage(PackageManagerWrapper pm, PackageInfo packageInfo, 492 int userId, boolean systemFixed, boolean ignoreSystemPackage, 493 boolean whitelistRestrictedPermissions, Set<String>... permissionGroups) { 494 if (packageInfo == null) { 495 return; 496 } 497 if (doesPackageSupportRuntimePermissions(packageInfo)) { 498 for (Set<String> permissionGroup : permissionGroups) { 499 grantRuntimePermissions(pm, packageInfo, permissionGroup, systemFixed, 500 ignoreSystemPackage, whitelistRestrictedPermissions, userId); 501 } 502 } 503 } 504 grantDefaultSystemHandlerPermissions(PackageManagerWrapper pm, int userId)505 private void grantDefaultSystemHandlerPermissions(PackageManagerWrapper pm, int userId) { 506 Log.i(TAG, "Granting permissions to default platform handlers for user " + userId); 507 508 final PackagesProvider locationPackagesProvider; 509 final PackagesProvider locationExtraPackagesProvider; 510 final PackagesProvider voiceInteractionPackagesProvider; 511 final PackagesProvider smsAppPackagesProvider; 512 final PackagesProvider dialerAppPackagesProvider; 513 final PackagesProvider simCallManagerPackagesProvider; 514 final PackagesProvider useOpenWifiAppPackagesProvider; 515 final SyncAdapterPackagesProvider syncAdapterPackagesProvider; 516 517 synchronized (mLock) { 518 locationPackagesProvider = mLocationPackagesProvider; 519 locationExtraPackagesProvider = mLocationExtraPackagesProvider; 520 voiceInteractionPackagesProvider = mVoiceInteractionPackagesProvider; 521 smsAppPackagesProvider = mSmsAppPackagesProvider; 522 dialerAppPackagesProvider = mDialerAppPackagesProvider; 523 simCallManagerPackagesProvider = mSimCallManagerPackagesProvider; 524 useOpenWifiAppPackagesProvider = mUseOpenWifiAppPackagesProvider; 525 syncAdapterPackagesProvider = mSyncAdapterPackagesProvider; 526 } 527 528 String[] voiceInteractPackageNames = (voiceInteractionPackagesProvider != null) 529 ? voiceInteractionPackagesProvider.getPackages(userId) : null; 530 String[] locationPackageNames = (locationPackagesProvider != null) 531 ? locationPackagesProvider.getPackages(userId) : null; 532 String[] locationExtraPackageNames = (locationExtraPackagesProvider != null) 533 ? locationExtraPackagesProvider.getPackages(userId) : null; 534 String[] smsAppPackageNames = (smsAppPackagesProvider != null) 535 ? smsAppPackagesProvider.getPackages(userId) : null; 536 String[] dialerAppPackageNames = (dialerAppPackagesProvider != null) 537 ? dialerAppPackagesProvider.getPackages(userId) : null; 538 String[] simCallManagerPackageNames = (simCallManagerPackagesProvider != null) 539 ? simCallManagerPackagesProvider.getPackages(userId) : null; 540 String[] useOpenWifiAppPackageNames = (useOpenWifiAppPackagesProvider != null) 541 ? useOpenWifiAppPackagesProvider.getPackages(userId) : null; 542 String[] contactsSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 543 syncAdapterPackagesProvider.getPackages(ContactsContract.AUTHORITY, userId) : null; 544 String[] calendarSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 545 syncAdapterPackagesProvider.getPackages(CalendarContract.AUTHORITY, userId) : null; 546 547 // Installer 548 grantSystemFixedPermissionsToSystemPackage(pm, 549 ArrayUtils.firstOrNull(getKnownPackages( 550 PackageManagerInternal.PACKAGE_INSTALLER, userId)), 551 userId, STORAGE_PERMISSIONS); 552 553 // Verifier 554 final String verifier = ArrayUtils.firstOrNull(getKnownPackages( 555 PackageManagerInternal.PACKAGE_VERIFIER, userId)); 556 grantSystemFixedPermissionsToSystemPackage(pm, verifier, userId, STORAGE_PERMISSIONS); 557 grantPermissionsToSystemPackage(pm, verifier, userId, PHONE_PERMISSIONS, SMS_PERMISSIONS); 558 559 // SetupWizard 560 grantPermissionsToSystemPackage(pm, 561 ArrayUtils.firstOrNull(getKnownPackages( 562 PackageManagerInternal.PACKAGE_SETUP_WIZARD, userId)), userId, 563 PHONE_PERMISSIONS, CONTACTS_PERMISSIONS, ALWAYS_LOCATION_PERMISSIONS, 564 CAMERA_PERMISSIONS); 565 566 // Camera 567 grantPermissionsToSystemPackage(pm, 568 getDefaultSystemHandlerActivityPackage(pm, MediaStore.ACTION_IMAGE_CAPTURE, userId), 569 userId, CAMERA_PERMISSIONS, MICROPHONE_PERMISSIONS, STORAGE_PERMISSIONS); 570 571 // Sound recorder 572 grantPermissionsToSystemPackage(pm, 573 getDefaultSystemHandlerActivityPackage(pm, 574 MediaStore.Audio.Media.RECORD_SOUND_ACTION, userId), 575 userId, MICROPHONE_PERMISSIONS); 576 577 // Media provider 578 grantSystemFixedPermissionsToSystemPackage(pm, 579 getDefaultProviderAuthorityPackage(MediaStore.AUTHORITY, userId), userId, 580 STORAGE_PERMISSIONS); 581 582 // Downloads provider 583 grantSystemFixedPermissionsToSystemPackage(pm, 584 getDefaultProviderAuthorityPackage("downloads", userId), userId, 585 STORAGE_PERMISSIONS); 586 587 // Downloads UI 588 grantSystemFixedPermissionsToSystemPackage(pm, 589 getDefaultSystemHandlerActivityPackage(pm, 590 DownloadManager.ACTION_VIEW_DOWNLOADS, userId), 591 userId, STORAGE_PERMISSIONS); 592 593 // Storage provider 594 grantSystemFixedPermissionsToSystemPackage(pm, 595 getDefaultProviderAuthorityPackage("com.android.externalstorage.documents", userId), 596 userId, STORAGE_PERMISSIONS); 597 598 // CertInstaller 599 grantSystemFixedPermissionsToSystemPackage(pm, 600 getDefaultSystemHandlerActivityPackage(pm, Credentials.INSTALL_ACTION, userId), 601 userId, STORAGE_PERMISSIONS); 602 603 // Dialer 604 if (dialerAppPackageNames == null) { 605 String dialerPackage = 606 getDefaultSystemHandlerActivityPackage(pm, Intent.ACTION_DIAL, userId); 607 grantDefaultPermissionsToDefaultSystemDialerApp(pm, dialerPackage, userId); 608 } else { 609 for (String dialerAppPackageName : dialerAppPackageNames) { 610 grantDefaultPermissionsToDefaultSystemDialerApp(pm, dialerAppPackageName, userId); 611 } 612 } 613 614 // Sim call manager 615 if (simCallManagerPackageNames != null) { 616 for (String simCallManagerPackageName : simCallManagerPackageNames) { 617 grantDefaultPermissionsToDefaultSystemSimCallManager(pm, 618 simCallManagerPackageName, userId); 619 } 620 } 621 622 // Use Open Wifi 623 if (useOpenWifiAppPackageNames != null) { 624 for (String useOpenWifiPackageName : useOpenWifiAppPackageNames) { 625 grantDefaultPermissionsToDefaultSystemUseOpenWifiApp(pm, 626 useOpenWifiPackageName, userId); 627 } 628 } 629 630 // SMS 631 if (smsAppPackageNames == null) { 632 String smsPackage = getDefaultSystemHandlerActivityPackageForCategory(pm, 633 Intent.CATEGORY_APP_MESSAGING, userId); 634 grantDefaultPermissionsToDefaultSystemSmsApp(pm, smsPackage, userId); 635 } else { 636 for (String smsPackage : smsAppPackageNames) { 637 grantDefaultPermissionsToDefaultSystemSmsApp(pm, smsPackage, userId); 638 } 639 } 640 641 // Cell Broadcast Receiver 642 grantSystemFixedPermissionsToSystemPackage(pm, 643 getDefaultSystemHandlerActivityPackage(pm, Intents.SMS_CB_RECEIVED_ACTION, userId), 644 userId, SMS_PERMISSIONS, NEARBY_DEVICES_PERMISSIONS); 645 646 // Carrier Provisioning Service 647 grantPermissionsToSystemPackage(pm, 648 getDefaultSystemHandlerServicePackage(pm, Intents.SMS_CARRIER_PROVISION_ACTION, 649 userId), 650 userId, SMS_PERMISSIONS); 651 652 // Calendar 653 grantPermissionsToSystemPackage(pm, 654 getDefaultSystemHandlerActivityPackageForCategory(pm, 655 Intent.CATEGORY_APP_CALENDAR, userId), 656 userId, CALENDAR_PERMISSIONS, CONTACTS_PERMISSIONS); 657 658 // Calendar provider 659 String calendarProvider = 660 getDefaultProviderAuthorityPackage(CalendarContract.AUTHORITY, userId); 661 grantPermissionsToSystemPackage(pm, calendarProvider, userId, 662 CONTACTS_PERMISSIONS, STORAGE_PERMISSIONS); 663 grantSystemFixedPermissionsToSystemPackage(pm, calendarProvider, userId, 664 CALENDAR_PERMISSIONS); 665 666 // Calendar provider sync adapters 667 if (calendarSyncAdapterPackages != null) { 668 grantPermissionToEachSystemPackage(pm, 669 getHeadlessSyncAdapterPackages(pm, calendarSyncAdapterPackages, userId), 670 userId, CALENDAR_PERMISSIONS); 671 } 672 673 // Contacts 674 grantPermissionsToSystemPackage(pm, 675 getDefaultSystemHandlerActivityPackageForCategory(pm, 676 Intent.CATEGORY_APP_CONTACTS, userId), 677 userId, CONTACTS_PERMISSIONS, PHONE_PERMISSIONS); 678 679 // Contacts provider sync adapters 680 if (contactsSyncAdapterPackages != null) { 681 grantPermissionToEachSystemPackage(pm, 682 getHeadlessSyncAdapterPackages(pm, contactsSyncAdapterPackages, userId), 683 userId, CONTACTS_PERMISSIONS); 684 } 685 686 // Contacts provider 687 String contactsProviderPackage = 688 getDefaultProviderAuthorityPackage(ContactsContract.AUTHORITY, userId); 689 grantSystemFixedPermissionsToSystemPackage(pm, contactsProviderPackage, userId, 690 CONTACTS_PERMISSIONS, PHONE_PERMISSIONS); 691 grantPermissionsToSystemPackage(pm, contactsProviderPackage, userId, STORAGE_PERMISSIONS); 692 693 // Device provisioning 694 grantPermissionsToSystemPackage(pm, 695 getDefaultSystemHandlerActivityPackage(pm, 696 DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, userId), 697 userId, CONTACTS_PERMISSIONS); 698 699 // Email 700 grantPermissionsToSystemPackage(pm, 701 getDefaultSystemHandlerActivityPackageForCategory(pm, 702 Intent.CATEGORY_APP_EMAIL, userId), 703 userId, CONTACTS_PERMISSIONS, CALENDAR_PERMISSIONS); 704 705 // Browser 706 String browserPackage = ArrayUtils.firstOrNull(getKnownPackages( 707 PackageManagerInternal.PACKAGE_BROWSER, userId)); 708 if (browserPackage == null) { 709 browserPackage = getDefaultSystemHandlerActivityPackageForCategory(pm, 710 Intent.CATEGORY_APP_BROWSER, userId); 711 if (!pm.isSystemPackage(browserPackage)) { 712 browserPackage = null; 713 } 714 } 715 grantPermissionsToPackage(pm, browserPackage, userId, false /* ignoreSystemPackage */, 716 true /*whitelistRestrictedPermissions*/, FOREGROUND_LOCATION_PERMISSIONS); 717 718 // Voice interaction 719 if (voiceInteractPackageNames != null) { 720 for (String voiceInteractPackageName : voiceInteractPackageNames) { 721 grantPermissionsToSystemPackage(pm, voiceInteractPackageName, userId, 722 CONTACTS_PERMISSIONS, CALENDAR_PERMISSIONS, MICROPHONE_PERMISSIONS, 723 PHONE_PERMISSIONS, SMS_PERMISSIONS, ALWAYS_LOCATION_PERMISSIONS, 724 NEARBY_DEVICES_PERMISSIONS); 725 } 726 } 727 728 if (ActivityManager.isLowRamDeviceStatic()) { 729 // Allow voice search on low-ram devices 730 grantPermissionsToSystemPackage(pm, 731 getDefaultSystemHandlerActivityPackage(pm, 732 SearchManager.INTENT_ACTION_GLOBAL_SEARCH, userId), 733 userId, MICROPHONE_PERMISSIONS, ALWAYS_LOCATION_PERMISSIONS); 734 } 735 736 // Voice recognition 737 Intent voiceRecoIntent = new Intent(RecognitionService.SERVICE_INTERFACE) 738 .addCategory(Intent.CATEGORY_DEFAULT); 739 grantPermissionsToSystemPackage(pm, 740 getDefaultSystemHandlerServicePackage(pm, voiceRecoIntent, userId), userId, 741 MICROPHONE_PERMISSIONS); 742 743 // Location 744 if (locationPackageNames != null) { 745 for (String packageName : locationPackageNames) { 746 grantPermissionsToSystemPackage(pm, packageName, userId, 747 CONTACTS_PERMISSIONS, CALENDAR_PERMISSIONS, MICROPHONE_PERMISSIONS, 748 PHONE_PERMISSIONS, SMS_PERMISSIONS, CAMERA_PERMISSIONS, 749 SENSORS_PERMISSIONS, STORAGE_PERMISSIONS, NEARBY_DEVICES_PERMISSIONS); 750 grantSystemFixedPermissionsToSystemPackage(pm, packageName, userId, 751 ALWAYS_LOCATION_PERMISSIONS, ACTIVITY_RECOGNITION_PERMISSIONS); 752 } 753 } 754 if (locationExtraPackageNames != null) { 755 // Also grant location and activity recognition permission to location extra packages. 756 for (String packageName : locationExtraPackageNames) { 757 grantPermissionsToSystemPackage(pm, packageName, userId, 758 ALWAYS_LOCATION_PERMISSIONS, NEARBY_DEVICES_PERMISSIONS); 759 grantSystemFixedPermissionsToSystemPackage(pm, packageName, userId, 760 ACTIVITY_RECOGNITION_PERMISSIONS); 761 } 762 } 763 764 // Music 765 Intent musicIntent = new Intent(Intent.ACTION_VIEW) 766 .addCategory(Intent.CATEGORY_DEFAULT) 767 .setDataAndType(Uri.fromFile(new File("foo.mp3")), AUDIO_MIME_TYPE); 768 grantPermissionsToSystemPackage(pm, 769 getDefaultSystemHandlerActivityPackage(pm, musicIntent, userId), userId, 770 STORAGE_PERMISSIONS); 771 772 // Home 773 Intent homeIntent = new Intent(Intent.ACTION_MAIN) 774 .addCategory(Intent.CATEGORY_HOME) 775 .addCategory(Intent.CATEGORY_LAUNCHER_APP); 776 grantPermissionsToSystemPackage(pm, 777 getDefaultSystemHandlerActivityPackage(pm, homeIntent, userId), userId, 778 ALWAYS_LOCATION_PERMISSIONS); 779 780 // Watches 781 if (mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_WATCH, 0)) { 782 // Home application on watches 783 784 String wearPackage = getDefaultSystemHandlerActivityPackageForCategory(pm, 785 Intent.CATEGORY_HOME_MAIN, userId); 786 grantPermissionsToSystemPackage(pm, wearPackage, userId, 787 CONTACTS_PERMISSIONS, MICROPHONE_PERMISSIONS, ALWAYS_LOCATION_PERMISSIONS); 788 grantSystemFixedPermissionsToSystemPackage(pm, wearPackage, userId, PHONE_PERMISSIONS); 789 790 // Fitness tracking on watches 791 if (mContext.getResources().getBoolean(R.bool.config_trackerAppNeedsPermissions)) { 792 Log.d(TAG, "Wear: Skipping permission grant for Default fitness tracker app : " 793 + wearPackage); 794 } else { 795 grantPermissionsToSystemPackage(pm, 796 getDefaultSystemHandlerActivityPackage(pm, ACTION_TRACK, userId), userId, 797 SENSORS_PERMISSIONS, ALWAYS_LOCATION_PERMISSIONS); 798 } 799 } 800 801 // Print Spooler 802 grantSystemFixedPermissionsToSystemPackage(pm, PrintManager.PRINT_SPOOLER_PACKAGE_NAME, 803 userId, ALWAYS_LOCATION_PERMISSIONS); 804 805 // EmergencyInfo 806 grantSystemFixedPermissionsToSystemPackage(pm, 807 getDefaultSystemHandlerActivityPackage(pm, 808 TelephonyManager.ACTION_EMERGENCY_ASSISTANCE, userId), 809 userId, CONTACTS_PERMISSIONS, PHONE_PERMISSIONS); 810 811 // NFC Tag viewer 812 Intent nfcTagIntent = new Intent(Intent.ACTION_VIEW) 813 .setType("vnd.android.cursor.item/ndef_msg"); 814 grantPermissionsToSystemPackage(pm, 815 getDefaultSystemHandlerActivityPackage(pm, nfcTagIntent, userId), userId, 816 CONTACTS_PERMISSIONS, PHONE_PERMISSIONS); 817 818 // Storage Manager 819 grantSystemFixedPermissionsToSystemPackage(pm, 820 getDefaultSystemHandlerActivityPackage(pm, 821 StorageManager.ACTION_MANAGE_STORAGE, userId), 822 userId, STORAGE_PERMISSIONS); 823 824 // Companion devices 825 grantSystemFixedPermissionsToSystemPackage(pm, 826 CompanionDeviceManager.COMPANION_DEVICE_DISCOVERY_PACKAGE_NAME, userId, 827 ALWAYS_LOCATION_PERMISSIONS, NEARBY_DEVICES_PERMISSIONS); 828 829 // Ringtone Picker 830 grantSystemFixedPermissionsToSystemPackage(pm, 831 getDefaultSystemHandlerActivityPackage(pm, 832 RingtoneManager.ACTION_RINGTONE_PICKER, userId), 833 userId, STORAGE_PERMISSIONS); 834 835 // TextClassifier Service 836 for (String textClassifierPackage : 837 getKnownPackages(PackageManagerInternal.PACKAGE_SYSTEM_TEXT_CLASSIFIER, userId)) { 838 grantPermissionsToSystemPackage(pm, textClassifierPackage, userId, 839 COARSE_BACKGROUND_LOCATION_PERMISSIONS, CONTACTS_PERMISSIONS); 840 } 841 842 // Content capture 843 String contentCapturePackageName = 844 mContext.getPackageManager().getContentCaptureServicePackageName(); 845 if (!TextUtils.isEmpty(contentCapturePackageName)) { 846 grantPermissionsToSystemPackage(pm, contentCapturePackageName, userId, 847 PHONE_PERMISSIONS, SMS_PERMISSIONS, ALWAYS_LOCATION_PERMISSIONS, 848 CONTACTS_PERMISSIONS, STORAGE_PERMISSIONS); 849 } 850 851 // Attention Service 852 String attentionServicePackageName = 853 mContext.getPackageManager().getAttentionServicePackageName(); 854 if (!TextUtils.isEmpty(attentionServicePackageName)) { 855 grantPermissionsToSystemPackage(pm, attentionServicePackageName, userId, 856 CAMERA_PERMISSIONS); 857 } 858 859 // There is no real "marker" interface to identify the shared storage backup, it is 860 // hardcoded in BackupManagerService.SHARED_BACKUP_AGENT_PACKAGE. 861 grantSystemFixedPermissionsToSystemPackage(pm, "com.android.sharedstoragebackup", userId, 862 STORAGE_PERMISSIONS); 863 864 // System Captions Service 865 String systemCaptionsServicePackageName = 866 mContext.getPackageManager().getSystemCaptionsServicePackageName(); 867 if (!TextUtils.isEmpty(systemCaptionsServicePackageName)) { 868 grantPermissionsToSystemPackage(pm, systemCaptionsServicePackageName, userId, 869 MICROPHONE_PERMISSIONS); 870 } 871 872 // Bluetooth MIDI Service 873 grantSystemFixedPermissionsToSystemPackage(pm, 874 MidiManager.BLUETOOTH_MIDI_SERVICE_PACKAGE, userId, 875 NEARBY_DEVICES_PERMISSIONS); 876 } 877 getDefaultSystemHandlerActivityPackageForCategory(PackageManagerWrapper pm, String category, int userId)878 private String getDefaultSystemHandlerActivityPackageForCategory(PackageManagerWrapper pm, 879 String category, int userId) { 880 return getDefaultSystemHandlerActivityPackage(pm, 881 new Intent(Intent.ACTION_MAIN).addCategory(category), userId); 882 } 883 884 @SafeVarargs grantPermissionToEachSystemPackage(PackageManagerWrapper pm, ArrayList<String> packages, int userId, Set<String>... permissions)885 private final void grantPermissionToEachSystemPackage(PackageManagerWrapper pm, 886 ArrayList<String> packages, int userId, Set<String>... permissions) { 887 if (packages == null) return; 888 final int count = packages.size(); 889 for (int i = 0; i < count; i++) { 890 grantPermissionsToSystemPackage(pm, packages.get(i), userId, permissions); 891 } 892 } 893 getKnownPackages(int knownPkgId, int userId)894 private @NonNull String[] getKnownPackages(int knownPkgId, int userId) { 895 return mServiceInternal.getKnownPackageNames(knownPkgId, userId); 896 } 897 grantDefaultPermissionsToDefaultSystemDialerApp(PackageManagerWrapper pm, String dialerPackage, int userId)898 private void grantDefaultPermissionsToDefaultSystemDialerApp(PackageManagerWrapper pm, 899 String dialerPackage, int userId) { 900 if (dialerPackage == null) { 901 return; 902 } 903 boolean isPhonePermFixed = 904 mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_WATCH, 0); 905 if (isPhonePermFixed) { 906 grantSystemFixedPermissionsToSystemPackage(pm, dialerPackage, userId, 907 PHONE_PERMISSIONS); 908 } else { 909 grantPermissionsToSystemPackage(pm, dialerPackage, userId, PHONE_PERMISSIONS); 910 } 911 grantPermissionsToSystemPackage(pm, dialerPackage, userId, 912 CONTACTS_PERMISSIONS, SMS_PERMISSIONS, MICROPHONE_PERMISSIONS, CAMERA_PERMISSIONS); 913 } 914 grantDefaultPermissionsToDefaultSystemSmsApp(PackageManagerWrapper pm, String smsPackage, int userId)915 private void grantDefaultPermissionsToDefaultSystemSmsApp(PackageManagerWrapper pm, 916 String smsPackage, int userId) { 917 grantPermissionsToSystemPackage(pm, smsPackage, userId, 918 PHONE_PERMISSIONS, CONTACTS_PERMISSIONS, SMS_PERMISSIONS, 919 STORAGE_PERMISSIONS, MICROPHONE_PERMISSIONS, CAMERA_PERMISSIONS); 920 } 921 grantDefaultPermissionsToDefaultSystemUseOpenWifiApp(PackageManagerWrapper pm, String useOpenWifiPackage, int userId)922 private void grantDefaultPermissionsToDefaultSystemUseOpenWifiApp(PackageManagerWrapper pm, 923 String useOpenWifiPackage, int userId) { 924 grantPermissionsToSystemPackage(pm, useOpenWifiPackage, userId, 925 ALWAYS_LOCATION_PERMISSIONS); 926 } 927 grantDefaultPermissionsToDefaultUseOpenWifiApp(String packageName, int userId)928 public void grantDefaultPermissionsToDefaultUseOpenWifiApp(String packageName, int userId) { 929 Log.i(TAG, "Granting permissions to default Use Open WiFi app for user:" + userId); 930 grantIgnoringSystemPackage(NO_PM_CACHE, packageName, userId, ALWAYS_LOCATION_PERMISSIONS); 931 } 932 grantDefaultPermissionsToDefaultSimCallManager(String packageName, int userId)933 public void grantDefaultPermissionsToDefaultSimCallManager(String packageName, int userId) { 934 grantDefaultPermissionsToDefaultSimCallManager(NO_PM_CACHE, packageName, userId); 935 } 936 grantDefaultPermissionsToDefaultSimCallManager(PackageManagerWrapper pm, String packageName, int userId)937 private void grantDefaultPermissionsToDefaultSimCallManager(PackageManagerWrapper pm, 938 String packageName, int userId) { 939 if (packageName == null) { 940 return; 941 } 942 Log.i(TAG, "Granting permissions to sim call manager for user:" + userId); 943 grantPermissionsToPackage(pm, packageName, userId, false /* ignoreSystemPackage */, 944 true /*whitelistRestrictedPermissions*/, PHONE_PERMISSIONS, MICROPHONE_PERMISSIONS); 945 } 946 grantDefaultPermissionsToDefaultSystemSimCallManager(PackageManagerWrapper pm, String packageName, int userId)947 private void grantDefaultPermissionsToDefaultSystemSimCallManager(PackageManagerWrapper pm, 948 String packageName, int userId) { 949 if (pm.isSystemPackage(packageName)) { 950 grantDefaultPermissionsToDefaultSimCallManager(pm, packageName, userId); 951 } 952 } 953 grantDefaultPermissionsToEnabledCarrierApps(String[] packageNames, int userId)954 public void grantDefaultPermissionsToEnabledCarrierApps(String[] packageNames, int userId) { 955 Log.i(TAG, "Granting permissions to enabled carrier apps for user:" + userId); 956 if (packageNames == null) { 957 return; 958 } 959 for (String packageName : packageNames) { 960 grantPermissionsToSystemPackage(NO_PM_CACHE, packageName, userId, 961 PHONE_PERMISSIONS, ALWAYS_LOCATION_PERMISSIONS, SMS_PERMISSIONS); 962 } 963 } 964 grantDefaultPermissionsToEnabledImsServices(String[] packageNames, int userId)965 public void grantDefaultPermissionsToEnabledImsServices(String[] packageNames, int userId) { 966 Log.i(TAG, "Granting permissions to enabled ImsServices for user:" + userId); 967 if (packageNames == null) { 968 return; 969 } 970 for (String packageName : packageNames) { 971 grantPermissionsToSystemPackage(NO_PM_CACHE, packageName, userId, 972 PHONE_PERMISSIONS, MICROPHONE_PERMISSIONS, ALWAYS_LOCATION_PERMISSIONS, 973 CAMERA_PERMISSIONS, CONTACTS_PERMISSIONS); 974 } 975 } 976 grantDefaultPermissionsToEnabledTelephonyDataServices( String[] packageNames, int userId)977 public void grantDefaultPermissionsToEnabledTelephonyDataServices( 978 String[] packageNames, int userId) { 979 Log.i(TAG, "Granting permissions to enabled data services for user:" + userId); 980 if (packageNames == null) { 981 return; 982 } 983 for (String packageName : packageNames) { 984 // Grant these permissions as system-fixed, so that nobody can accidentally 985 // break cellular data. 986 grantSystemFixedPermissionsToSystemPackage(NO_PM_CACHE, packageName, userId, 987 PHONE_PERMISSIONS, ALWAYS_LOCATION_PERMISSIONS); 988 } 989 } 990 revokeDefaultPermissionsFromDisabledTelephonyDataServices( String[] packageNames, int userId)991 public void revokeDefaultPermissionsFromDisabledTelephonyDataServices( 992 String[] packageNames, int userId) { 993 Log.i(TAG, "Revoking permissions from disabled data services for user:" + userId); 994 if (packageNames == null) { 995 return; 996 } 997 for (String packageName : packageNames) { 998 PackageInfo pkg = NO_PM_CACHE.getSystemPackageInfo(packageName); 999 if (NO_PM_CACHE.isSystemPackage(pkg) && doesPackageSupportRuntimePermissions(pkg)) { 1000 revokeRuntimePermissions(NO_PM_CACHE, packageName, PHONE_PERMISSIONS, true, 1001 userId); 1002 revokeRuntimePermissions(NO_PM_CACHE, packageName, ALWAYS_LOCATION_PERMISSIONS, 1003 true, userId); 1004 } 1005 } 1006 } 1007 grantDefaultPermissionsToActiveLuiApp(String packageName, int userId)1008 public void grantDefaultPermissionsToActiveLuiApp(String packageName, int userId) { 1009 Log.i(TAG, "Granting permissions to active LUI app for user:" + userId); 1010 grantSystemFixedPermissionsToSystemPackage(NO_PM_CACHE, packageName, userId, 1011 CAMERA_PERMISSIONS); 1012 } 1013 revokeDefaultPermissionsFromLuiApps(String[] packageNames, int userId)1014 public void revokeDefaultPermissionsFromLuiApps(String[] packageNames, int userId) { 1015 Log.i(TAG, "Revoke permissions from LUI apps for user:" + userId); 1016 if (packageNames == null) { 1017 return; 1018 } 1019 for (String packageName : packageNames) { 1020 PackageInfo pkg = NO_PM_CACHE.getSystemPackageInfo(packageName); 1021 if (NO_PM_CACHE.isSystemPackage(pkg) && doesPackageSupportRuntimePermissions(pkg)) { 1022 revokeRuntimePermissions(NO_PM_CACHE, packageName, CAMERA_PERMISSIONS, true, 1023 userId); 1024 } 1025 } 1026 } 1027 getDefaultSystemHandlerActivityPackage(PackageManagerWrapper pm, String intentAction, int userId)1028 private String getDefaultSystemHandlerActivityPackage(PackageManagerWrapper pm, 1029 String intentAction, int userId) { 1030 return getDefaultSystemHandlerActivityPackage(pm, new Intent(intentAction), userId); 1031 } 1032 getDefaultSystemHandlerActivityPackage(PackageManagerWrapper pm, Intent intent, int userId)1033 private String getDefaultSystemHandlerActivityPackage(PackageManagerWrapper pm, Intent intent, 1034 int userId) { 1035 ResolveInfo handler = mContext.getPackageManager().resolveActivityAsUser( 1036 intent, DEFAULT_INTENT_QUERY_FLAGS, userId); 1037 if (handler == null || handler.activityInfo == null) { 1038 return null; 1039 } 1040 if (mServiceInternal.isResolveActivityComponent(handler.activityInfo)) { 1041 return null; 1042 } 1043 String packageName = handler.activityInfo.packageName; 1044 return pm.isSystemPackage(packageName) ? packageName : null; 1045 } 1046 getDefaultSystemHandlerServicePackage(PackageManagerWrapper pm, String intentAction, int userId)1047 private String getDefaultSystemHandlerServicePackage(PackageManagerWrapper pm, 1048 String intentAction, int userId) { 1049 return getDefaultSystemHandlerServicePackage(pm, new Intent(intentAction), userId); 1050 } 1051 getDefaultSystemHandlerServicePackage(PackageManagerWrapper pm, Intent intent, int userId)1052 private String getDefaultSystemHandlerServicePackage(PackageManagerWrapper pm, 1053 Intent intent, int userId) { 1054 List<ResolveInfo> handlers = mContext.getPackageManager().queryIntentServicesAsUser( 1055 intent, DEFAULT_INTENT_QUERY_FLAGS, userId); 1056 if (handlers == null) { 1057 return null; 1058 } 1059 final int handlerCount = handlers.size(); 1060 for (int i = 0; i < handlerCount; i++) { 1061 ResolveInfo handler = handlers.get(i); 1062 String handlerPackage = handler.serviceInfo.packageName; 1063 if (pm.isSystemPackage(handlerPackage)) { 1064 return handlerPackage; 1065 } 1066 } 1067 return null; 1068 } 1069 getHeadlessSyncAdapterPackages(PackageManagerWrapper pm, String[] syncAdapterPackageNames, int userId)1070 private ArrayList<String> getHeadlessSyncAdapterPackages(PackageManagerWrapper pm, 1071 String[] syncAdapterPackageNames, int userId) { 1072 ArrayList<String> syncAdapterPackages = new ArrayList<>(); 1073 1074 Intent homeIntent = new Intent(Intent.ACTION_MAIN).addCategory(Intent.CATEGORY_LAUNCHER); 1075 1076 for (String syncAdapterPackageName : syncAdapterPackageNames) { 1077 homeIntent.setPackage(syncAdapterPackageName); 1078 1079 ResolveInfo homeActivity = mContext.getPackageManager().resolveActivityAsUser( 1080 homeIntent, DEFAULT_INTENT_QUERY_FLAGS, userId); 1081 if (homeActivity != null) { 1082 continue; 1083 } 1084 1085 if (pm.isSystemPackage(syncAdapterPackageName)) { 1086 syncAdapterPackages.add(syncAdapterPackageName); 1087 } 1088 } 1089 1090 return syncAdapterPackages; 1091 } 1092 getDefaultProviderAuthorityPackage(String authority, int userId)1093 private String getDefaultProviderAuthorityPackage(String authority, int userId) { 1094 ProviderInfo provider = mContext.getPackageManager().resolveContentProviderAsUser( 1095 authority, DEFAULT_INTENT_QUERY_FLAGS, userId); 1096 if (provider != null) { 1097 return provider.packageName; 1098 } 1099 return null; 1100 } 1101 grantRuntimePermissions(PackageManagerWrapper pm, PackageInfo pkg, Set<String> permissions, boolean systemFixed, int userId)1102 private void grantRuntimePermissions(PackageManagerWrapper pm, PackageInfo pkg, 1103 Set<String> permissions, boolean systemFixed, int userId) { 1104 grantRuntimePermissions(pm, pkg, permissions, systemFixed, false, 1105 true /*whitelistRestrictedPermissions*/, userId); 1106 } 1107 revokeRuntimePermissions(PackageManagerWrapper pm, String packageName, Set<String> permissions, boolean systemFixed, int userId)1108 private void revokeRuntimePermissions(PackageManagerWrapper pm, String packageName, 1109 Set<String> permissions, boolean systemFixed, int userId) { 1110 PackageInfo pkg = pm.getSystemPackageInfo(packageName); 1111 if (pkg == null || ArrayUtils.isEmpty(pkg.requestedPermissions)) { 1112 return; 1113 } 1114 Set<String> revokablePermissions = new ArraySet<>(Arrays.asList(pkg.requestedPermissions)); 1115 1116 for (String permission : permissions) { 1117 // We can't revoke what wasn't requested. 1118 if (!revokablePermissions.contains(permission)) { 1119 continue; 1120 } 1121 1122 UserHandle user = UserHandle.of(userId); 1123 final int flags = pm.getPermissionFlags(permission, pm.getPackageInfo(packageName), 1124 user); 1125 1126 // We didn't get this through the default grant policy. Move along. 1127 if ((flags & PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT) == 0) { 1128 continue; 1129 } 1130 // We aren't going to clobber device policy with a DefaultGrant. 1131 if ((flags & PackageManager.FLAG_PERMISSION_POLICY_FIXED) != 0) { 1132 continue; 1133 } 1134 // Do not revoke system fixed permissions unless caller set them that way; 1135 // there is no refcount for the number of sources of this, so there 1136 // should be at most one grantor doing SYSTEM_FIXED for any given package. 1137 if ((flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) != 0 && !systemFixed) { 1138 continue; 1139 } 1140 pm.revokePermission(permission, pkg, user); 1141 1142 if (DEBUG) { 1143 Log.i(TAG, "revoked " + (systemFixed ? "fixed " : "not fixed ") 1144 + permission + " to " + packageName); 1145 } 1146 1147 // Remove the GRANTED_BY_DEFAULT flag without touching the others. 1148 // Note that we do not revoke FLAG_PERMISSION_SYSTEM_FIXED. That bit remains 1149 // sticky once set. 1150 pm.updatePermissionFlags(permission, pkg, 1151 PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, 0, user); 1152 } 1153 } 1154 1155 /** 1156 * Check if a permission is already fixed or is set by the user. 1157 * 1158 * <p>A permission should not be set by the default policy if the user or other policies already 1159 * set the permission. 1160 * 1161 * @param flags The flags of the permission 1162 * 1163 * @return {@code true} iff the permission can be set without violating a policy of the users 1164 * intention 1165 */ isFixedOrUserSet(int flags)1166 private boolean isFixedOrUserSet(int flags) { 1167 return (flags & (PackageManager.FLAG_PERMISSION_USER_SET 1168 | PackageManager.FLAG_PERMISSION_USER_FIXED 1169 | PackageManager.FLAG_PERMISSION_POLICY_FIXED 1170 | PackageManager.FLAG_PERMISSION_SYSTEM_FIXED)) != 0; 1171 } 1172 grantRuntimePermissions(PackageManagerWrapper pm, PackageInfo pkg, Set<String> permissionsWithoutSplits, boolean systemFixed, boolean ignoreSystemPackage, boolean whitelistRestrictedPermissions, int userId)1173 private void grantRuntimePermissions(PackageManagerWrapper pm, PackageInfo pkg, 1174 Set<String> permissionsWithoutSplits, boolean systemFixed, boolean ignoreSystemPackage, 1175 boolean whitelistRestrictedPermissions, int userId) { 1176 UserHandle user = UserHandle.of(userId); 1177 if (pkg == null) { 1178 return; 1179 } 1180 1181 String[] requestedPermissions = pkg.requestedPermissions; 1182 if (ArrayUtils.isEmpty(requestedPermissions)) { 1183 return; 1184 } 1185 1186 // Intersect the requestedPermissions for a factory image with that of its current update 1187 // in case the latter one removed a <uses-permission> 1188 String[] requestedByNonSystemPackage = pm.getPackageInfo(pkg.packageName) 1189 .requestedPermissions; 1190 int size = requestedPermissions.length; 1191 for (int i = 0; i < size; i++) { 1192 if (!ArrayUtils.contains(requestedByNonSystemPackage, requestedPermissions[i])) { 1193 requestedPermissions[i] = null; 1194 } 1195 } 1196 requestedPermissions = ArrayUtils.filterNotNull(requestedPermissions, String[]::new); 1197 1198 final ArraySet<String> permissions = new ArraySet<>(permissionsWithoutSplits); 1199 ApplicationInfo applicationInfo = pkg.applicationInfo; 1200 1201 int newFlags = PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT; 1202 if (systemFixed) { 1203 newFlags |= PackageManager.FLAG_PERMISSION_SYSTEM_FIXED; 1204 } 1205 1206 // Automatically attempt to grant split permissions to older APKs 1207 final List<PermissionManager.SplitPermissionInfo> splitPermissions = 1208 mContext.getSystemService(PermissionManager.class).getSplitPermissions(); 1209 final int numSplitPerms = splitPermissions.size(); 1210 for (int splitPermNum = 0; splitPermNum < numSplitPerms; splitPermNum++) { 1211 final PermissionManager.SplitPermissionInfo splitPerm = 1212 splitPermissions.get(splitPermNum); 1213 1214 if (applicationInfo != null 1215 && applicationInfo.targetSdkVersion < splitPerm.getTargetSdk() 1216 && permissionsWithoutSplits.contains(splitPerm.getSplitPermission())) { 1217 permissions.addAll(splitPerm.getNewPermissions()); 1218 } 1219 } 1220 1221 Set<String> grantablePermissions = null; 1222 1223 // In some cases, like for the Phone or SMS app, we grant permissions regardless 1224 // of if the version on the system image declares the permission as used since 1225 // selecting the app as the default for that function the user makes a deliberate 1226 // choice to grant this app the permissions needed to function. For all other 1227 // apps, (default grants on first boot and user creation) we don't grant default 1228 // permissions if the version on the system image does not declare them. 1229 if (!ignoreSystemPackage 1230 && applicationInfo != null 1231 && applicationInfo.isUpdatedSystemApp()) { 1232 final PackageInfo disabledPkg = pm.getSystemPackageInfo( 1233 mServiceInternal.getDisabledSystemPackageName(pkg.packageName)); 1234 if (disabledPkg != null) { 1235 if (ArrayUtils.isEmpty(disabledPkg.requestedPermissions)) { 1236 return; 1237 } 1238 if (!Arrays.equals(requestedPermissions, disabledPkg.requestedPermissions)) { 1239 grantablePermissions = new ArraySet<>(Arrays.asList(requestedPermissions)); 1240 requestedPermissions = disabledPkg.requestedPermissions; 1241 } 1242 } 1243 } 1244 1245 final int numRequestedPermissions = requestedPermissions.length; 1246 1247 // Sort requested permissions so that all permissions that are a foreground permission (i.e. 1248 // permissions that have a background permission) are before their background permissions. 1249 final String[] sortedRequestedPermissions = new String[numRequestedPermissions]; 1250 int numForeground = 0; 1251 int numOther = 0; 1252 for (int i = 0; i < numRequestedPermissions; i++) { 1253 String permission = requestedPermissions[i]; 1254 if (pm.getBackgroundPermission(permission) != null) { 1255 sortedRequestedPermissions[numForeground] = permission; 1256 numForeground++; 1257 } else { 1258 sortedRequestedPermissions[numRequestedPermissions - 1 - numOther] = 1259 permission; 1260 numOther++; 1261 } 1262 } 1263 1264 for (int requestedPermissionNum = 0; requestedPermissionNum < numRequestedPermissions; 1265 requestedPermissionNum++) { 1266 String permission = requestedPermissions[requestedPermissionNum]; 1267 1268 // If there is a disabled system app it may request a permission the updated 1269 // version ot the data partition doesn't, In this case skip the permission. 1270 if (grantablePermissions != null && !grantablePermissions.contains(permission)) { 1271 continue; 1272 } 1273 1274 if (permissions.contains(permission)) { 1275 final int flags = pm.getPermissionFlags(permission, pkg, user); 1276 1277 // If we are trying to grant as system fixed and already system fixed 1278 // then the system can change the system fixed grant state. 1279 final boolean changingGrantForSystemFixed = systemFixed 1280 && (flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) != 0; 1281 1282 // Certain flags imply that the permission's current state by the system or 1283 // device/profile owner or the user. In these cases we do not want to clobber the 1284 // current state. 1285 // 1286 // Unless the caller wants to override user choices. The override is 1287 // to make sure we can grant the needed permission to the default 1288 // sms and phone apps after the user chooses this in the UI. 1289 if (!isFixedOrUserSet(flags) || ignoreSystemPackage 1290 || changingGrantForSystemFixed) { 1291 // Never clobber policy fixed permissions. 1292 // We must allow the grant of a system-fixed permission because 1293 // system-fixed is sticky, but the permission itself may be revoked. 1294 if ((flags & PackageManager.FLAG_PERMISSION_POLICY_FIXED) != 0) { 1295 continue; 1296 } 1297 1298 // Preserve allowlisting flags. 1299 newFlags |= (flags & PackageManager.FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT); 1300 1301 // If we are allowlisting the permission, update the exempt flag before grant. 1302 if (whitelistRestrictedPermissions && pm.isPermissionRestricted(permission)) { 1303 pm.updatePermissionFlags(permission, pkg, 1304 PackageManager.FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT, 1305 PackageManager.FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT, user); 1306 } 1307 1308 // If the system tries to change a system fixed permission from one fixed 1309 // state to another we need to drop the fixed flag to allow the grant. 1310 if (changingGrantForSystemFixed) { 1311 pm.updatePermissionFlags(permission, pkg, flags, 1312 flags & ~PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, user); 1313 } 1314 1315 if (!pm.isGranted(permission, pkg, user)) { 1316 pm.grantPermission(permission, pkg, user); 1317 } 1318 1319 pm.updatePermissionFlags(permission, pkg, newFlags, newFlags, user); 1320 } 1321 1322 // If a component gets a permission for being the default handler A 1323 // and also default handler B, we grant the weaker grant form. 1324 if ((flags & PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0 1325 && (flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) != 0 1326 && !systemFixed) { 1327 if (DEBUG) { 1328 Log.i(TAG, "Granted not fixed " + permission + " to default handler " 1329 + pkg); 1330 } 1331 pm.updatePermissionFlags(permission, pkg, 1332 PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, 0, user); 1333 } 1334 } 1335 } 1336 } 1337 grantDefaultPermissionExceptions(PackageManagerWrapper pm, int userId)1338 private void grantDefaultPermissionExceptions(PackageManagerWrapper pm, int userId) { 1339 mHandler.removeMessages(MSG_READ_DEFAULT_PERMISSION_EXCEPTIONS); 1340 1341 synchronized (mLock) { 1342 // mGrantExceptions is null only before the first read and then 1343 // it serves as a cache of the default grants that should be 1344 // performed for every user. If there is an entry then the app 1345 // is on the system image and supports runtime permissions. 1346 if (mGrantExceptions == null) { 1347 mGrantExceptions = readDefaultPermissionExceptionsLocked(pm); 1348 } 1349 } 1350 1351 Set<String> permissions = null; 1352 final int exceptionCount = mGrantExceptions.size(); 1353 for (int i = 0; i < exceptionCount; i++) { 1354 String packageName = mGrantExceptions.keyAt(i); 1355 PackageInfo pkg = pm.getSystemPackageInfo(packageName); 1356 List<DefaultPermissionGrant> permissionGrants = mGrantExceptions.valueAt(i); 1357 final int permissionGrantCount = permissionGrants.size(); 1358 for (int j = 0; j < permissionGrantCount; j++) { 1359 DefaultPermissionGrant permissionGrant = permissionGrants.get(j); 1360 if (!pm.isPermissionDangerous(permissionGrant.name)) { 1361 Log.w(TAG, "Ignoring permission " + permissionGrant.name 1362 + " which isn't dangerous"); 1363 continue; 1364 } 1365 if (permissions == null) { 1366 permissions = new ArraySet<>(); 1367 } else { 1368 permissions.clear(); 1369 } 1370 permissions.add(permissionGrant.name); 1371 1372 1373 grantRuntimePermissions(pm, pkg, permissions, permissionGrant.fixed, 1374 permissionGrant.whitelisted, true /*whitelistRestrictedPermissions*/, 1375 userId); 1376 } 1377 } 1378 } 1379 getDefaultPermissionFiles()1380 private File[] getDefaultPermissionFiles() { 1381 ArrayList<File> ret = new ArrayList<File>(); 1382 File dir = new File(Environment.getRootDirectory(), "etc/default-permissions"); 1383 if (dir.isDirectory() && dir.canRead()) { 1384 Collections.addAll(ret, dir.listFiles()); 1385 } 1386 dir = new File(Environment.getVendorDirectory(), "etc/default-permissions"); 1387 if (dir.isDirectory() && dir.canRead()) { 1388 Collections.addAll(ret, dir.listFiles()); 1389 } 1390 dir = new File(Environment.getOdmDirectory(), "etc/default-permissions"); 1391 if (dir.isDirectory() && dir.canRead()) { 1392 Collections.addAll(ret, dir.listFiles()); 1393 } 1394 dir = new File(Environment.getProductDirectory(), "etc/default-permissions"); 1395 if (dir.isDirectory() && dir.canRead()) { 1396 Collections.addAll(ret, dir.listFiles()); 1397 } 1398 dir = new File(Environment.getSystemExtDirectory(), "etc/default-permissions"); 1399 if (dir.isDirectory() && dir.canRead()) { 1400 Collections.addAll(ret, dir.listFiles()); 1401 } 1402 // For IoT devices, we check the oem partition for default permissions for each app. 1403 if (mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_EMBEDDED, 0)) { 1404 dir = new File(Environment.getOemDirectory(), "etc/default-permissions"); 1405 if (dir.isDirectory() && dir.canRead()) { 1406 Collections.addAll(ret, dir.listFiles()); 1407 } 1408 } 1409 return ret.isEmpty() ? null : ret.toArray(new File[0]); 1410 } 1411 1412 private @NonNull ArrayMap<String, List<DefaultPermissionGrant>> readDefaultPermissionExceptionsLocked(PackageManagerWrapper pm)1413 readDefaultPermissionExceptionsLocked(PackageManagerWrapper pm) { 1414 File[] files = getDefaultPermissionFiles(); 1415 if (files == null) { 1416 return new ArrayMap<>(0); 1417 } 1418 1419 ArrayMap<String, List<DefaultPermissionGrant>> grantExceptions = new ArrayMap<>(); 1420 1421 // Iterate over the files in the directory and scan .xml files 1422 for (File file : files) { 1423 if (!file.getPath().endsWith(".xml")) { 1424 Slog.i(TAG, "Non-xml file " + file 1425 + " in " + file.getParent() + " directory, ignoring"); 1426 continue; 1427 } 1428 if (!file.canRead()) { 1429 Slog.w(TAG, "Default permissions file " + file + " cannot be read"); 1430 continue; 1431 } 1432 try (InputStream str = new FileInputStream(file)) { 1433 TypedXmlPullParser parser = Xml.resolvePullParser(str); 1434 parse(pm, parser, grantExceptions); 1435 } catch (XmlPullParserException | IOException e) { 1436 Slog.w(TAG, "Error reading default permissions file " + file, e); 1437 } 1438 } 1439 1440 return grantExceptions; 1441 } 1442 parse(PackageManagerWrapper pm, TypedXmlPullParser parser, Map<String, List<DefaultPermissionGrant>> outGrantExceptions)1443 private void parse(PackageManagerWrapper pm, TypedXmlPullParser parser, 1444 Map<String, List<DefaultPermissionGrant>> outGrantExceptions) 1445 throws IOException, XmlPullParserException { 1446 final int outerDepth = parser.getDepth(); 1447 int type; 1448 while ((type = parser.next()) != XmlPullParser.END_DOCUMENT 1449 && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { 1450 if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) { 1451 continue; 1452 } 1453 if (TAG_EXCEPTIONS.equals(parser.getName())) { 1454 parseExceptions(pm, parser, outGrantExceptions); 1455 } else { 1456 Log.e(TAG, "Unknown tag " + parser.getName()); 1457 } 1458 } 1459 } 1460 parseExceptions(PackageManagerWrapper pm, TypedXmlPullParser parser, Map<String, List<DefaultPermissionGrant>> outGrantExceptions)1461 private void parseExceptions(PackageManagerWrapper pm, TypedXmlPullParser parser, 1462 Map<String, List<DefaultPermissionGrant>> outGrantExceptions) 1463 throws IOException, XmlPullParserException { 1464 final int outerDepth = parser.getDepth(); 1465 int type; 1466 while ((type = parser.next()) != XmlPullParser.END_DOCUMENT 1467 && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { 1468 if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) { 1469 continue; 1470 } 1471 if (TAG_EXCEPTION.equals(parser.getName())) { 1472 String packageName = parser.getAttributeValue(null, ATTR_PACKAGE); 1473 1474 List<DefaultPermissionGrant> packageExceptions = 1475 outGrantExceptions.get(packageName); 1476 if (packageExceptions == null) { 1477 // The package must be on the system image 1478 PackageInfo packageInfo = pm.getSystemPackageInfo(packageName); 1479 1480 if (packageInfo == null) { 1481 Log.w(TAG, "No such package:" + packageName); 1482 XmlUtils.skipCurrentTag(parser); 1483 continue; 1484 } 1485 1486 if (!pm.isSystemPackage(packageInfo)) { 1487 Log.w(TAG, "Unknown system package:" + packageName); 1488 XmlUtils.skipCurrentTag(parser); 1489 continue; 1490 } 1491 1492 // The package must support runtime permissions 1493 if (!doesPackageSupportRuntimePermissions(packageInfo)) { 1494 Log.w(TAG, "Skipping non supporting runtime permissions package:" 1495 + packageName); 1496 XmlUtils.skipCurrentTag(parser); 1497 continue; 1498 } 1499 packageExceptions = new ArrayList<>(); 1500 outGrantExceptions.put(packageName, packageExceptions); 1501 } 1502 1503 parsePermission(parser, packageExceptions); 1504 } else { 1505 Log.e(TAG, "Unknown tag " + parser.getName() + "under <exceptions>"); 1506 } 1507 } 1508 } 1509 parsePermission(TypedXmlPullParser parser, List<DefaultPermissionGrant> outPackageExceptions)1510 private void parsePermission(TypedXmlPullParser parser, List<DefaultPermissionGrant> 1511 outPackageExceptions) throws IOException, XmlPullParserException { 1512 final int outerDepth = parser.getDepth(); 1513 int type; 1514 while ((type = parser.next()) != XmlPullParser.END_DOCUMENT 1515 && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { 1516 if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) { 1517 continue; 1518 } 1519 1520 if (TAG_PERMISSION.contains(parser.getName())) { 1521 String name = parser.getAttributeValue(null, ATTR_NAME); 1522 if (name == null) { 1523 Log.w(TAG, "Mandatory name attribute missing for permission tag"); 1524 XmlUtils.skipCurrentTag(parser); 1525 continue; 1526 } 1527 1528 final boolean fixed = 1529 parser.getAttributeBoolean(null, ATTR_FIXED, false); 1530 final boolean whitelisted = 1531 parser.getAttributeBoolean(null, ATTR_WHITELISTED, false); 1532 1533 DefaultPermissionGrant exception = new DefaultPermissionGrant( 1534 name, fixed, whitelisted); 1535 outPackageExceptions.add(exception); 1536 } else { 1537 Log.e(TAG, "Unknown tag " + parser.getName() + "under <exception>"); 1538 } 1539 } 1540 } 1541 doesPackageSupportRuntimePermissions(PackageInfo pkg)1542 private static boolean doesPackageSupportRuntimePermissions(PackageInfo pkg) { 1543 return pkg.applicationInfo != null 1544 && pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1; 1545 } 1546 1547 /** 1548 * A wrapper for package manager calls done by this class 1549 */ 1550 private abstract class PackageManagerWrapper { getPermissionFlags(@onNull String permission, @NonNull PackageInfo pkg, @NonNull UserHandle user)1551 abstract int getPermissionFlags(@NonNull String permission, @NonNull PackageInfo pkg, 1552 @NonNull UserHandle user); 1553 updatePermissionFlags(@onNull String permission, @NonNull PackageInfo pkg, int flagMask, int flagValues, @NonNull UserHandle user)1554 abstract void updatePermissionFlags(@NonNull String permission, @NonNull PackageInfo pkg, 1555 int flagMask, int flagValues, @NonNull UserHandle user); 1556 grantPermission(@onNull String permission, @NonNull PackageInfo pkg, @NonNull UserHandle user)1557 abstract void grantPermission(@NonNull String permission, @NonNull PackageInfo pkg, 1558 @NonNull UserHandle user); 1559 revokePermission(@onNull String permission, @NonNull PackageInfo pkg, @NonNull UserHandle user)1560 abstract void revokePermission(@NonNull String permission, @NonNull PackageInfo pkg, 1561 @NonNull UserHandle user); 1562 isGranted(@onNull String permission, @NonNull PackageInfo pkg, @NonNull UserHandle user)1563 abstract boolean isGranted(@NonNull String permission, @NonNull PackageInfo pkg, 1564 @NonNull UserHandle user); 1565 getPermissionInfo(@onNull String permissionName)1566 abstract @Nullable PermissionInfo getPermissionInfo(@NonNull String permissionName); 1567 getPackageInfo(@onNull String pkg)1568 abstract @Nullable PackageInfo getPackageInfo(@NonNull String pkg); 1569 getSystemPackageInfo(@onNull String pkg)1570 @Nullable PackageInfo getSystemPackageInfo(@NonNull String pkg) { 1571 PackageInfo pi = getPackageInfo(pkg); 1572 if (pi == null || !pi.applicationInfo.isSystemApp()) { 1573 return null; 1574 } 1575 return pi; 1576 } 1577 isPermissionRestricted(@onNull String name)1578 boolean isPermissionRestricted(@NonNull String name) { 1579 PermissionInfo pi = getPermissionInfo(name); 1580 if (pi == null) { 1581 return false; 1582 } 1583 1584 return pi.isRestricted(); 1585 } 1586 isPermissionDangerous(@onNull String name)1587 boolean isPermissionDangerous(@NonNull String name) { 1588 PermissionInfo pi = getPermissionInfo(name); 1589 if (pi == null) { 1590 return false; 1591 } 1592 1593 return pi.getProtection() == PermissionInfo.PROTECTION_DANGEROUS; 1594 } 1595 1596 /** 1597 * Return the background permission for a permission. 1598 * 1599 * @param permission The name of the foreground permission 1600 * 1601 * @return The name of the background permission or {@code null} if the permission has no 1602 * background permission 1603 */ getBackgroundPermission(@onNull String permission)1604 @Nullable String getBackgroundPermission(@NonNull String permission) { 1605 PermissionInfo pi = getPermissionInfo(permission); 1606 if (pi == null) { 1607 return null; 1608 } 1609 1610 return pi.backgroundPermission; 1611 } 1612 isSystemPackage(@ullable String packageName)1613 boolean isSystemPackage(@Nullable String packageName) { 1614 return isSystemPackage(getPackageInfo(packageName)); 1615 } 1616 isSystemPackage(@ullable PackageInfo pkg)1617 boolean isSystemPackage(@Nullable PackageInfo pkg) { 1618 if (pkg == null) { 1619 return false; 1620 } 1621 return pkg.applicationInfo.isSystemApp() 1622 && !isSysComponentOrPersistentPlatformSignedPrivApp(pkg); 1623 } 1624 isSysComponentOrPersistentPlatformSignedPrivApp(@onNull PackageInfo pkg)1625 boolean isSysComponentOrPersistentPlatformSignedPrivApp(@NonNull PackageInfo pkg) { 1626 if (UserHandle.getAppId(pkg.applicationInfo.uid) < FIRST_APPLICATION_UID) { 1627 return true; 1628 } 1629 if (!pkg.applicationInfo.isPrivilegedApp()) { 1630 return false; 1631 } 1632 final PackageInfo disabledPkg = getSystemPackageInfo( 1633 mServiceInternal.getDisabledSystemPackageName(pkg.applicationInfo.packageName)); 1634 if (disabledPkg != null) { 1635 ApplicationInfo disabledPackageAppInfo = disabledPkg.applicationInfo; 1636 if (disabledPackageAppInfo != null 1637 && (disabledPackageAppInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) { 1638 return false; 1639 } 1640 } else if ((pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) { 1641 return false; 1642 } 1643 return mServiceInternal.isPlatformSigned(pkg.packageName); 1644 } 1645 } 1646 1647 /** 1648 * Do package manager calls but cache state and delay any change until {@link #apply()} is 1649 * called 1650 */ 1651 private class DelayingPackageManagerCache extends PackageManagerWrapper { 1652 /** uid -> permission -> isGranted, flags */ 1653 private SparseArray<ArrayMap<String, PermissionState>> mDelayedPermissionState = 1654 new SparseArray<>(); 1655 /** userId -> context */ 1656 private SparseArray<Context> mUserContexts = new SparseArray<>(); 1657 /** Permission name -> info */ 1658 private ArrayMap<String, PermissionInfo> mPermissionInfos = new ArrayMap<>(); 1659 /** Package name -> info */ 1660 private ArrayMap<String, PackageInfo> mPackageInfos = new ArrayMap<>(); 1661 1662 /** 1663 * Apply the cached state 1664 */ apply()1665 void apply() { 1666 PackageManager.corkPackageInfoCache(); 1667 for (int uidIdx = 0; uidIdx < mDelayedPermissionState.size(); uidIdx++) { 1668 for (int permIdx = 0; permIdx < mDelayedPermissionState.valueAt(uidIdx).size(); 1669 permIdx++) { 1670 try { 1671 mDelayedPermissionState.valueAt(uidIdx).valueAt(permIdx).apply(); 1672 } catch (IllegalArgumentException e) { 1673 Slog.w(TAG, "Cannot set permission " + mDelayedPermissionState.valueAt( 1674 uidIdx).keyAt(permIdx) + " of uid " + mDelayedPermissionState.keyAt( 1675 uidIdx), e); 1676 } 1677 } 1678 } 1679 PackageManager.uncorkPackageInfoCache(); 1680 } 1681 addPackageInfo(@onNull String packageName, @NonNull PackageInfo pkg)1682 void addPackageInfo(@NonNull String packageName, @NonNull PackageInfo pkg) { 1683 mPackageInfos.put(packageName, pkg); 1684 } 1685 createContextAsUser(@onNull UserHandle user)1686 private @NonNull Context createContextAsUser(@NonNull UserHandle user) { 1687 int index = mUserContexts.indexOfKey(user.getIdentifier()); 1688 if (index >= 0) { 1689 return mUserContexts.valueAt(index); 1690 } 1691 1692 Context uc = mContext.createContextAsUser(user, 0); 1693 1694 mUserContexts.put(user.getIdentifier(), uc); 1695 1696 return uc; 1697 } 1698 getPermissionState(@onNull String permission, @NonNull PackageInfo pkg, @NonNull UserHandle user)1699 private @NonNull PermissionState getPermissionState(@NonNull String permission, 1700 @NonNull PackageInfo pkg, @NonNull UserHandle user) { 1701 int uid = UserHandle.getUid(user.getIdentifier(), 1702 UserHandle.getAppId(pkg.applicationInfo.uid)); 1703 int uidIdx = mDelayedPermissionState.indexOfKey(uid); 1704 1705 ArrayMap<String, PermissionState> uidState; 1706 if (uidIdx >= 0) { 1707 uidState = mDelayedPermissionState.valueAt(uidIdx); 1708 } else { 1709 uidState = new ArrayMap<>(); 1710 mDelayedPermissionState.put(uid, uidState); 1711 } 1712 1713 int permIdx = uidState.indexOfKey(permission); 1714 1715 PermissionState permState; 1716 if (permIdx >= 0) { 1717 permState = uidState.valueAt(permIdx); 1718 } else { 1719 permState = new PermissionState(permission, pkg, user); 1720 uidState.put(permission, permState); 1721 } 1722 1723 return permState; 1724 } 1725 1726 @Override getPermissionFlags(@onNull String permission, @NonNull PackageInfo pkg, @NonNull UserHandle user)1727 public int getPermissionFlags(@NonNull String permission, @NonNull PackageInfo pkg, 1728 @NonNull UserHandle user) { 1729 PermissionState state = getPermissionState(permission, pkg, user); 1730 state.initFlags(); 1731 return state.newFlags; 1732 } 1733 1734 @Override updatePermissionFlags(@onNull String permission, @NonNull PackageInfo pkg, int flagMask, int flagValues, @NonNull UserHandle user)1735 public void updatePermissionFlags(@NonNull String permission, @NonNull PackageInfo pkg, 1736 int flagMask, int flagValues, @NonNull UserHandle user) { 1737 PermissionState state = getPermissionState(permission, pkg, user); 1738 state.initFlags(); 1739 state.newFlags = (state.newFlags & ~flagMask) | (flagValues & flagMask); 1740 } 1741 1742 @Override grantPermission(@onNull String permission, @NonNull PackageInfo pkg, @NonNull UserHandle user)1743 public void grantPermission(@NonNull String permission, @NonNull PackageInfo pkg, 1744 @NonNull UserHandle user) { 1745 if (PermissionManager.DEBUG_TRACE_GRANTS 1746 && PermissionManager.shouldTraceGrant( 1747 pkg.packageName, permission, user.getIdentifier())) { 1748 Log.i(PermissionManager.LOG_TAG_TRACE_GRANTS, 1749 "PregrantPolicy is granting " + pkg.packageName + " " 1750 + permission + " for user " + user.getIdentifier(), 1751 new RuntimeException()); 1752 } 1753 PermissionState state = getPermissionState(permission, pkg, user); 1754 state.initGranted(); 1755 state.newGranted = true; 1756 } 1757 1758 @Override revokePermission(@onNull String permission, @NonNull PackageInfo pkg, @NonNull UserHandle user)1759 public void revokePermission(@NonNull String permission, @NonNull PackageInfo pkg, 1760 @NonNull UserHandle user) { 1761 PermissionState state = getPermissionState(permission, pkg, user); 1762 state.initGranted(); 1763 state.newGranted = false; 1764 } 1765 1766 @Override isGranted(@onNull String permission, @NonNull PackageInfo pkg, @NonNull UserHandle user)1767 public boolean isGranted(@NonNull String permission, @NonNull PackageInfo pkg, 1768 @NonNull UserHandle user) { 1769 PermissionState state = getPermissionState(permission, pkg, user); 1770 state.initGranted(); 1771 return state.newGranted; 1772 } 1773 1774 @Override getPermissionInfo(@onNull String permissionName)1775 public @Nullable PermissionInfo getPermissionInfo(@NonNull String permissionName) { 1776 int index = mPermissionInfos.indexOfKey(permissionName); 1777 if (index >= 0) { 1778 return mPermissionInfos.valueAt(index); 1779 } 1780 1781 PermissionInfo pi = NO_PM_CACHE.getPermissionInfo(permissionName); 1782 mPermissionInfos.put(permissionName, pi); 1783 1784 return pi; 1785 } 1786 1787 @Override getPackageInfo(@onNull String pkg)1788 public @Nullable PackageInfo getPackageInfo(@NonNull String pkg) { 1789 int index = mPackageInfos.indexOfKey(pkg); 1790 if (index >= 0) { 1791 return mPackageInfos.valueAt(index); 1792 } 1793 1794 PackageInfo pi = NO_PM_CACHE.getPackageInfo(pkg); 1795 mPackageInfos.put(pkg, pi); 1796 1797 return pi; 1798 } 1799 1800 /** 1801 * State of a single permission belonging to a single uid 1802 */ 1803 private class PermissionState { 1804 private final @NonNull String mPermission; 1805 private final @NonNull PackageInfo mPkgRequestingPerm; 1806 private final @NonNull UserHandle mUser; 1807 1808 /** Permission flags when the state was created */ 1809 private @Nullable Integer mOriginalFlags; 1810 /** Altered permission flags or {@code null} if no change was requested */ 1811 @Nullable Integer newFlags; 1812 1813 /** Grant state when the state was created */ 1814 private @Nullable Boolean mOriginalGranted; 1815 /** Altered grant state or {@code null} if no change was requested */ 1816 @Nullable Boolean newGranted; 1817 PermissionState(@onNull String permission, @NonNull PackageInfo pkgRequestingPerm, @NonNull UserHandle user)1818 private PermissionState(@NonNull String permission, 1819 @NonNull PackageInfo pkgRequestingPerm, @NonNull UserHandle user) { 1820 mPermission = permission; 1821 mPkgRequestingPerm = pkgRequestingPerm; 1822 mUser = user; 1823 } 1824 1825 /** 1826 * Apply the changes to the permission to the system 1827 */ apply()1828 void apply() { 1829 if (DEBUG) { 1830 Slog.i(TAG, "Granting " + mPermission + " to user " + mUser.getIdentifier() 1831 + " pkg=" + mPkgRequestingPerm.packageName + " granted=" + newGranted 1832 + " flags=" + Integer.toBinaryString(newFlags)); 1833 } 1834 1835 int flagsToAdd = 0; 1836 int flagsToRemove = 0; 1837 if (newFlags != null) { 1838 flagsToAdd = newFlags & ~mOriginalFlags; 1839 flagsToRemove = mOriginalFlags & ~newFlags; 1840 } 1841 1842 // Need to remove e.g. SYSTEM_FIXED flags first as otherwise permission cannot be 1843 // changed 1844 if (flagsToRemove != 0) { 1845 NO_PM_CACHE.updatePermissionFlags(mPermission, mPkgRequestingPerm, 1846 flagsToRemove, 0, mUser); 1847 } 1848 1849 // Need to unrestrict first as otherwise permission grants might fail 1850 if ((flagsToAdd & PackageManager.FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT) != 0) { 1851 int newRestrictionExcemptFlags = 1852 flagsToAdd & PackageManager.FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT; 1853 1854 NO_PM_CACHE.updatePermissionFlags(mPermission, 1855 mPkgRequestingPerm, newRestrictionExcemptFlags, -1, mUser); 1856 } 1857 1858 if (newGranted != null && newGranted != mOriginalGranted) { 1859 if (newGranted) { 1860 NO_PM_CACHE.grantPermission(mPermission, mPkgRequestingPerm, mUser); 1861 } else { 1862 NO_PM_CACHE.revokePermission(mPermission, mPkgRequestingPerm, mUser); 1863 } 1864 } 1865 1866 if ((flagsToAdd & ~PackageManager.FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT) != 0) { 1867 int newFlags = 1868 flagsToAdd & ~PackageManager.FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT; 1869 1870 NO_PM_CACHE.updatePermissionFlags(mPermission, mPkgRequestingPerm, newFlags, 1871 -1, mUser); 1872 } 1873 } 1874 1875 /** 1876 * Load the state of the flags before first use 1877 */ initFlags()1878 void initFlags() { 1879 if (newFlags == null) { 1880 mOriginalFlags = NO_PM_CACHE.getPermissionFlags(mPermission, mPkgRequestingPerm, 1881 mUser); 1882 newFlags = mOriginalFlags; 1883 } 1884 } 1885 1886 /** 1887 * Load the grant state before first use 1888 */ initGranted()1889 void initGranted() { 1890 if (newGranted == null) { 1891 // Don't call NO_PM_CACHE here so that contexts are reused 1892 mOriginalGranted = createContextAsUser(mUser).getPackageManager() 1893 .checkPermission(mPermission, mPkgRequestingPerm.packageName) 1894 == PackageManager.PERMISSION_GRANTED; 1895 newGranted = mOriginalGranted; 1896 } 1897 } 1898 } 1899 } 1900 1901 private static final class DefaultPermissionGrant { 1902 final String name; 1903 final boolean fixed; 1904 final boolean whitelisted; 1905 DefaultPermissionGrant(String name, boolean fixed, boolean whitelisted)1906 public DefaultPermissionGrant(String name, boolean fixed, 1907 boolean whitelisted) { 1908 this.name = name; 1909 this.fixed = fixed; 1910 this.whitelisted = whitelisted; 1911 } 1912 } 1913 } 1914