1 /* 2 * Copyright (C) 2019 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.pm.permission; 18 19 import android.annotation.NonNull; 20 import android.annotation.Nullable; 21 import android.annotation.UserIdInt; 22 import android.app.AppOpsManager; 23 import android.content.pm.PermissionInfo; 24 import android.permission.PermissionManagerInternal; 25 26 import com.android.server.pm.parsing.pkg.AndroidPackage; 27 28 import java.util.ArrayList; 29 import java.util.Collections; 30 import java.util.List; 31 import java.util.Objects; 32 import java.util.Set; 33 34 /** 35 * Internal interfaces services. 36 * 37 * TODO: Move into module. 38 */ 39 public interface PermissionManagerServiceInternal extends PermissionManagerInternal, 40 LegacyPermissionDataProvider { 41 /** 42 * Check whether a particular package has been granted a particular permission. 43 * 44 * @param packageName the name of the package you are checking against 45 * @param permissionName the name of the permission you are checking for 46 * @param userId the user ID 47 * @return {@code PERMISSION_GRANTED} if the permission is granted, or {@code PERMISSION_DENIED} 48 * otherwise 49 */ 50 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) checkPermission(@onNull String packageName, @NonNull String permissionName, @UserIdInt int userId)51 int checkPermission(@NonNull String packageName, @NonNull String permissionName, 52 @UserIdInt int userId); 53 54 /** 55 * Check whether a particular UID has been granted a particular permission. 56 * 57 * @param uid the UID 58 * @param permissionName the name of the permission you are checking for 59 * @return {@code PERMISSION_GRANTED} if the permission is granted, or {@code PERMISSION_DENIED} 60 * otherwise 61 */ 62 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) checkUidPermission(int uid, @NonNull String permissionName)63 int checkUidPermission(int uid, @NonNull String permissionName); 64 65 /** 66 * Adds a listener for runtime permission state (permissions or flags) changes. 67 * 68 * @param listener The listener. 69 */ addOnRuntimePermissionStateChangedListener( @onNull OnRuntimePermissionStateChangedListener listener)70 void addOnRuntimePermissionStateChangedListener( 71 @NonNull OnRuntimePermissionStateChangedListener listener); 72 73 /** 74 * Removes a listener for runtime permission state (permissions or flags) changes. 75 * 76 * @param listener The listener. 77 */ removeOnRuntimePermissionStateChangedListener( @onNull OnRuntimePermissionStateChangedListener listener)78 void removeOnRuntimePermissionStateChangedListener( 79 @NonNull OnRuntimePermissionStateChangedListener listener); 80 81 /** 82 * Get whether permission review is required for a package. 83 * 84 * @param packageName the name of the package 85 * @param userId the user ID 86 * @return whether permission review is required 87 */ 88 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) isPermissionsReviewRequired(@onNull String packageName, @UserIdInt int userId)89 boolean isPermissionsReviewRequired(@NonNull String packageName, 90 @UserIdInt int userId); 91 92 /** 93 * Reset the runtime permission state changes for a package. 94 * 95 * TODO(zhanghai): Turn this into package change callback? 96 * 97 * @param pkg the package 98 * @param userId the user ID 99 */ 100 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) resetRuntimePermissions(@onNull AndroidPackage pkg, @UserIdInt int userId)101 void resetRuntimePermissions(@NonNull AndroidPackage pkg, 102 @UserIdInt int userId); 103 104 /** 105 * Read legacy permission state from package settings. 106 * 107 * TODO(zhanghai): This is a temporary method because we should not expose 108 * {@code PackageSetting} which is a implementation detail that permission should not know. 109 * Instead, it should retrieve the legacy state via a defined API. 110 */ readLegacyPermissionStateTEMP()111 void readLegacyPermissionStateTEMP(); 112 113 /** 114 * Write legacy permission state to package settings. 115 * 116 * TODO(zhanghai): This is a temporary method and should be removed once we migrated persistence 117 * for permission. 118 */ writeLegacyPermissionStateTEMP()119 void writeLegacyPermissionStateTEMP(); 120 121 /** 122 * Get all the permissions granted to a package. 123 * 124 * @param packageName the name of the package 125 * @param userId the user ID 126 * @return the names of the granted permissions 127 */ 128 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 129 @NonNull getGrantedPermissions(@onNull String packageName, @UserIdInt int userId)130 Set<String> getGrantedPermissions(@NonNull String packageName, @UserIdInt int userId); 131 132 /** 133 * Get the GIDs of a permission. 134 * 135 * @param permissionName the name of the permission 136 * @param userId the user ID 137 * @return the GIDs of the permission 138 */ 139 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 140 @NonNull getPermissionGids(@onNull String permissionName, @UserIdInt int userId)141 int[] getPermissionGids(@NonNull String permissionName, @UserIdInt int userId); 142 143 /** 144 * Get the packages that have requested an app op permission. 145 * 146 * @param permissionName the name of the app op permission 147 * @return the names of the packages that have requested the app op permission 148 */ 149 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 150 @NonNull getAppOpPermissionPackages(@onNull String permissionName)151 String[] getAppOpPermissionPackages(@NonNull String permissionName); 152 153 /** HACK HACK methods to allow for partial migration of data to the PermissionManager class */ 154 @Nullable getPermissionTEMP(@onNull String permName)155 Permission getPermissionTEMP(@NonNull String permName); 156 157 /** Get all permissions that have a certain protection */ 158 @NonNull getAllPermissionsWithProtection( @ermissionInfo.Protection int protection)159 ArrayList<PermissionInfo> getAllPermissionsWithProtection( 160 @PermissionInfo.Protection int protection); 161 162 /** Get all permissions that have certain protection flags */ getAllPermissionsWithProtectionFlags( @ermissionInfo.ProtectionFlags int protectionFlags)163 @NonNull ArrayList<PermissionInfo> getAllPermissionsWithProtectionFlags( 164 @PermissionInfo.ProtectionFlags int protectionFlags); 165 166 /** 167 * Start delegate the permission identity of the shell UID to the given UID. 168 * 169 * @param uid the UID to delegate shell permission identity to 170 * @param packageName the name of the package to delegate shell permission identity to 171 * @param permissionNames the names of the permissions to delegate shell permission identity 172 * for, or {@code null} for all permissions 173 */ 174 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) startShellPermissionIdentityDelegation(int uid, @NonNull String packageName, @Nullable List<String> permissionNames)175 void startShellPermissionIdentityDelegation(int uid, 176 @NonNull String packageName, @Nullable List<String> permissionNames); 177 178 /** 179 * Stop delegating the permission identity of the shell UID. 180 * 181 * @see #startShellPermissionIdentityDelegation(int, String, List) 182 */ 183 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) stopShellPermissionIdentityDelegation()184 void stopShellPermissionIdentityDelegation(); 185 186 /** 187 * Get all delegated shell permissions. 188 */ getDelegatedShellPermissions()189 @NonNull List<String> getDelegatedShellPermissions(); 190 191 /** 192 * Read legacy permissions from legacy permission settings. 193 * 194 * TODO(zhanghai): This is a temporary method because we should not expose 195 * {@code LegacyPermissionSettings} which is a implementation detail that permission should not 196 * know. Instead, it should retrieve the legacy permissions via a defined API. 197 */ readLegacyPermissionsTEMP(@onNull LegacyPermissionSettings legacyPermissionSettings)198 void readLegacyPermissionsTEMP(@NonNull LegacyPermissionSettings legacyPermissionSettings); 199 200 /** 201 * Write legacy permissions to legacy permission settings. 202 * 203 * TODO(zhanghai): This is a temporary method and should be removed once we migrated persistence 204 * for permission. 205 */ writeLegacyPermissionsTEMP(@onNull LegacyPermissionSettings legacyPermissionSettings)206 void writeLegacyPermissionsTEMP(@NonNull LegacyPermissionSettings legacyPermissionSettings); 207 208 /** 209 * Callback when the system is ready. 210 */ 211 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onSystemReady()212 void onSystemReady(); 213 214 /** 215 * Callback when a storage volume is mounted, so that all packages on it become available. 216 * 217 * @param volumeUuid the UUID of the storage volume 218 * @param fingerprintChanged whether the current build fingerprint is different from what it was 219 * when this volume was last mounted 220 */ 221 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onStorageVolumeMounted(@onNull String volumeUuid, boolean fingerprintChanged)222 void onStorageVolumeMounted(@NonNull String volumeUuid, boolean fingerprintChanged); 223 224 /** 225 * Callback when a user has been created. 226 * 227 * @param userId the created user ID 228 */ 229 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onUserCreated(@serIdInt int userId)230 void onUserCreated(@UserIdInt int userId); 231 232 /** 233 * Callback when a user has been removed. 234 * 235 * @param userId the removed user ID 236 */ 237 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onUserRemoved(@serIdInt int userId)238 void onUserRemoved(@UserIdInt int userId); 239 240 /** 241 * Callback when a package has been added. 242 * 243 * @param pkg the added package 244 * @param isInstantApp whether the added package is an instant app 245 * @param oldPkg the old package, or {@code null} if none 246 */ 247 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageAdded(@onNull AndroidPackage pkg, boolean isInstantApp, @Nullable AndroidPackage oldPkg)248 void onPackageAdded(@NonNull AndroidPackage pkg, boolean isInstantApp, 249 @Nullable AndroidPackage oldPkg); 250 251 /** 252 * Callback when a package has been installed for a user. 253 * 254 * @param pkg the installed package 255 * @param params the parameters passed in for package installation 256 * @param userId the user ID this package is installed for 257 */ 258 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageInstalled(@onNull AndroidPackage pkg, @NonNull PackageInstalledParams params, @UserIdInt int userId)259 void onPackageInstalled(@NonNull AndroidPackage pkg, @NonNull PackageInstalledParams params, 260 @UserIdInt int userId); 261 262 /** 263 * Callback when a package has been removed. 264 * 265 * @param pkg the removed package 266 */ 267 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageRemoved(@onNull AndroidPackage pkg)268 void onPackageRemoved(@NonNull AndroidPackage pkg); 269 270 /** 271 * Callback when a package has been uninstalled. 272 * <p> 273 * The package may have been fully removed from the system, or only marked as uninstalled for 274 * this user but still instlaled for other users. 275 * 276 * TODO: Pass PackageState instead. 277 * 278 * @param packageName the name of the uninstalled package 279 * @param appId the app ID of the uninstalled package 280 * @param pkg the uninstalled package, or {@code null} if unavailable 281 * @param sharedUserPkgs the packages that are in the same shared user 282 * @param userId the user ID the package is uninstalled for 283 */ 284 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageUninstalled(@onNull String packageName, int appId, @Nullable AndroidPackage pkg, @NonNull List<AndroidPackage> sharedUserPkgs, @UserIdInt int userId)285 void onPackageUninstalled(@NonNull String packageName, int appId, @Nullable AndroidPackage pkg, 286 @NonNull List<AndroidPackage> sharedUserPkgs, @UserIdInt int userId); 287 288 /** 289 * Listener for package permission state (permissions or flags) changes. 290 */ 291 interface OnRuntimePermissionStateChangedListener { 292 293 /** 294 * Called when the runtime permission state (permissions or flags) changed. 295 * 296 * @param packageName The package for which the change happened. 297 * @param userId the user id for which the change happened. 298 */ 299 @Nullable onRuntimePermissionStateChanged(@onNull String packageName, @UserIdInt int userId)300 void onRuntimePermissionStateChanged(@NonNull String packageName, 301 @UserIdInt int userId); 302 } 303 304 /** 305 * The permission-related parameters passed in for package installation. 306 * 307 * @see android.content.pm.PackageInstaller.SessionParams 308 */ 309 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 310 final class PackageInstalledParams { 311 /** 312 * A static instance whose parameters are all in their default state. 313 */ 314 public static final PackageInstalledParams DEFAULT = new Builder().build(); 315 316 @NonNull 317 private final List<String> mGrantedPermissions; 318 @NonNull 319 private final List<String> mAllowlistedRestrictedPermissions; 320 @NonNull 321 private final int mAutoRevokePermissionsMode; 322 PackageInstalledParams(@onNull List<String> grantedPermissions, @NonNull List<String> allowlistedRestrictedPermissions, int autoRevokePermissionsMode)323 private PackageInstalledParams(@NonNull List<String> grantedPermissions, 324 @NonNull List<String> allowlistedRestrictedPermissions, 325 int autoRevokePermissionsMode) { 326 mGrantedPermissions = grantedPermissions; 327 mAllowlistedRestrictedPermissions = allowlistedRestrictedPermissions; 328 mAutoRevokePermissionsMode = autoRevokePermissionsMode; 329 } 330 331 /** 332 * Get the permissions to be granted. 333 * 334 * @return the permissions to be granted 335 */ 336 @NonNull getGrantedPermissions()337 public List<String> getGrantedPermissions() { 338 return mGrantedPermissions; 339 } 340 341 /** 342 * Get the restricted permissions to be allowlisted. 343 * 344 * @return the restricted permissions to be allowlisted 345 */ 346 @NonNull getAllowlistedRestrictedPermissions()347 public List<String> getAllowlistedRestrictedPermissions() { 348 return mAllowlistedRestrictedPermissions; 349 } 350 351 /** 352 * Get the mode for auto revoking permissions. 353 * 354 * @return the mode for auto revoking permissions 355 */ getAutoRevokePermissionsMode()356 public int getAutoRevokePermissionsMode() { 357 return mAutoRevokePermissionsMode; 358 } 359 360 /** 361 * Builder class for {@link PackageInstalledParams}. 362 */ 363 public static final class Builder { 364 @NonNull 365 private List<String> mGrantedPermissions = Collections.emptyList(); 366 @NonNull 367 private List<String> mAllowlistedRestrictedPermissions = Collections.emptyList(); 368 @NonNull 369 private int mAutoRevokePermissionsMode = AppOpsManager.MODE_DEFAULT; 370 371 /** 372 * Set the permissions to be granted. 373 * 374 * @param grantedPermissions the permissions to be granted 375 * 376 * @see android.content.pm.PackageInstaller.SessionParams#setGrantedRuntimePermissions( 377 * java.lang.String[]) 378 */ setGrantedPermissions(@onNull List<String> grantedPermissions)379 public void setGrantedPermissions(@NonNull List<String> grantedPermissions) { 380 Objects.requireNonNull(grantedPermissions); 381 mGrantedPermissions = new ArrayList<>(grantedPermissions); 382 } 383 384 /** 385 * Set the restricted permissions to be allowlisted. 386 * <p> 387 * Permissions that are not restricted are ignored, so one can just pass in all 388 * requested permissions of a package to get all its restricted permissions allowlisted. 389 * 390 * @param allowlistedRestrictedPermissions the restricted permissions to be allowlisted 391 * 392 * @see android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set) 393 */ setAllowlistedRestrictedPermissions( @onNull List<String> allowlistedRestrictedPermissions)394 public void setAllowlistedRestrictedPermissions( 395 @NonNull List<String> allowlistedRestrictedPermissions) { 396 Objects.requireNonNull(mGrantedPermissions); 397 mAllowlistedRestrictedPermissions = new ArrayList<>( 398 allowlistedRestrictedPermissions); 399 } 400 401 /** 402 * Set the mode for auto revoking permissions. 403 * <p> 404 * {@link AppOpsManager#MODE_ALLOWED} means the system is allowed to auto revoke 405 * permissions from this package, and {@link AppOpsManager#MODE_IGNORED} means this 406 * package should be ignored when auto revoking permissions. 407 * {@link AppOpsManager#MODE_DEFAULT} means no changes will be made to the auto revoke 408 * mode of this package. 409 * 410 * @param autoRevokePermissionsMode the mode for auto revoking permissions 411 * 412 * @see android.content.pm.PackageInstaller.SessionParams#setAutoRevokePermissionsMode( 413 * boolean) 414 */ setAutoRevokePermissionsMode(int autoRevokePermissionsMode)415 public void setAutoRevokePermissionsMode(int autoRevokePermissionsMode) { 416 mAutoRevokePermissionsMode = autoRevokePermissionsMode; 417 } 418 419 /** 420 * Build a new instance of {@link PackageInstalledParams}. 421 * 422 * @return the {@link PackageInstalledParams} built 423 */ 424 @NonNull build()425 public PackageInstalledParams build() { 426 return new PackageInstalledParams(mGrantedPermissions, 427 mAllowlistedRestrictedPermissions, mAutoRevokePermissionsMode); 428 } 429 } 430 } 431 432 /** 433 * Sets the provider of the currently active HotwordDetectionService. 434 * 435 * @see HotwordDetectionServiceProvider 436 */ setHotwordDetectionServiceProvider(@ullable HotwordDetectionServiceProvider provider)437 void setHotwordDetectionServiceProvider(@Nullable HotwordDetectionServiceProvider provider); 438 439 /** 440 * Gets the provider of the currently active HotwordDetectionService. 441 * 442 * @see HotwordDetectionServiceProvider 443 */ 444 @Nullable getHotwordDetectionServiceProvider()445 HotwordDetectionServiceProvider getHotwordDetectionServiceProvider(); 446 447 /** 448 * Provides the uid of the currently active 449 * {@link android.service.voice.HotwordDetectionService}, which should be granted RECORD_AUDIO 450 * and CAPTURE_AUDIO_HOTWORD permissions. 451 */ 452 interface HotwordDetectionServiceProvider { getUid()453 int getUid(); 454 } 455 } 456