1 /* 2 * Copyright (C) 2019 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.pm.permission; 18 19 import android.annotation.NonNull; 20 import android.annotation.Nullable; 21 import android.annotation.UserIdInt; 22 import android.app.AppOpsManager; 23 import android.content.pm.PermissionInfo; 24 import android.permission.PermissionManagerInternal; 25 26 import com.android.server.pm.parsing.pkg.AndroidPackage; 27 28 import java.util.ArrayList; 29 import java.util.Collections; 30 import java.util.List; 31 import java.util.Objects; 32 import java.util.Set; 33 34 /** 35 * Internal interfaces services. 36 * 37 * TODO: Move into module. 38 */ 39 public interface PermissionManagerServiceInternal extends PermissionManagerInternal, 40 LegacyPermissionDataProvider { 41 /** 42 * Check whether a particular package has been granted a particular permission. 43 * 44 * @param packageName the name of the package you are checking against 45 * @param permissionName the name of the permission you are checking for 46 * @param userId the user ID 47 * @return {@code PERMISSION_GRANTED} if the permission is granted, or {@code PERMISSION_DENIED} 48 * otherwise 49 */ 50 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) checkPermission(@onNull String packageName, @NonNull String permissionName, @UserIdInt int userId)51 int checkPermission(@NonNull String packageName, @NonNull String permissionName, 52 @UserIdInt int userId); 53 54 /** 55 * Check whether a particular UID has been granted a particular permission. 56 * 57 * @param uid the UID 58 * @param permissionName the name of the permission you are checking for 59 * @return {@code PERMISSION_GRANTED} if the permission is granted, or {@code PERMISSION_DENIED} 60 * otherwise 61 */ 62 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) checkUidPermission(int uid, @NonNull String permissionName)63 int checkUidPermission(int uid, @NonNull String permissionName); 64 65 /** 66 * Adds a listener for runtime permission state (permissions or flags) changes. 67 * 68 * @param listener The listener. 69 */ addOnRuntimePermissionStateChangedListener( @onNull OnRuntimePermissionStateChangedListener listener)70 void addOnRuntimePermissionStateChangedListener( 71 @NonNull OnRuntimePermissionStateChangedListener listener); 72 73 /** 74 * Removes a listener for runtime permission state (permissions or flags) changes. 75 * 76 * @param listener The listener. 77 */ removeOnRuntimePermissionStateChangedListener( @onNull OnRuntimePermissionStateChangedListener listener)78 void removeOnRuntimePermissionStateChangedListener( 79 @NonNull OnRuntimePermissionStateChangedListener listener); 80 81 /** 82 * Get whether permission review is required for a package. 83 * 84 * @param packageName the name of the package 85 * @param userId the user ID 86 * @return whether permission review is required 87 */ 88 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) isPermissionsReviewRequired(@onNull String packageName, @UserIdInt int userId)89 boolean isPermissionsReviewRequired(@NonNull String packageName, 90 @UserIdInt int userId); 91 92 /** 93 * Reset the runtime permission state changes for a package. 94 * 95 * TODO(zhanghai): Turn this into package change callback? 96 * 97 * @param pkg the package 98 * @param userId the user ID 99 */ 100 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) resetRuntimePermissions(@onNull AndroidPackage pkg, @UserIdInt int userId)101 void resetRuntimePermissions(@NonNull AndroidPackage pkg, 102 @UserIdInt int userId); 103 104 /** 105 * Read legacy permission state from package settings. 106 * 107 * TODO(zhanghai): This is a temporary method because we should not expose 108 * {@code PackageSetting} which is a implementation detail that permission should not know. 109 * Instead, it should retrieve the legacy state via a defined API. 110 */ readLegacyPermissionStateTEMP()111 void readLegacyPermissionStateTEMP(); 112 113 /** 114 * Write legacy permission state to package settings. 115 * 116 * TODO(zhanghai): This is a temporary method and should be removed once we migrated persistence 117 * for permission. 118 */ writeLegacyPermissionStateTEMP()119 void writeLegacyPermissionStateTEMP(); 120 121 /** 122 * Get all the permissions granted to a package. 123 * 124 * @param packageName the name of the package 125 * @param userId the user ID 126 * @return the names of the granted permissions 127 */ 128 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 129 @NonNull getGrantedPermissions(@onNull String packageName, @UserIdInt int userId)130 Set<String> getGrantedPermissions(@NonNull String packageName, @UserIdInt int userId); 131 132 /** 133 * Get the GIDs of a permission. 134 * 135 * @param permissionName the name of the permission 136 * @param userId the user ID 137 * @return the GIDs of the permission 138 */ 139 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 140 @NonNull getPermissionGids(@onNull String permissionName, @UserIdInt int userId)141 int[] getPermissionGids(@NonNull String permissionName, @UserIdInt int userId); 142 143 /** 144 * Get the packages that have requested an app op permission. 145 * 146 * @param permissionName the name of the app op permission 147 * @return the names of the packages that have requested the app op permission 148 */ 149 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 150 @NonNull getAppOpPermissionPackages(@onNull String permissionName)151 String[] getAppOpPermissionPackages(@NonNull String permissionName); 152 153 /** HACK HACK methods to allow for partial migration of data to the PermissionManager class */ 154 @Nullable getPermissionTEMP(@onNull String permName)155 Permission getPermissionTEMP(@NonNull String permName); 156 157 /** Get all permissions that have a certain protection */ 158 @NonNull getAllPermissionsWithProtection( @ermissionInfo.Protection int protection)159 ArrayList<PermissionInfo> getAllPermissionsWithProtection( 160 @PermissionInfo.Protection int protection); 161 162 /** Get all permissions that have certain protection flags */ getAllPermissionsWithProtectionFlags( @ermissionInfo.ProtectionFlags int protectionFlags)163 @NonNull ArrayList<PermissionInfo> getAllPermissionsWithProtectionFlags( 164 @PermissionInfo.ProtectionFlags int protectionFlags); 165 166 /** 167 * Start delegate the permission identity of the shell UID to the given UID. 168 * 169 * @param uid the UID to delegate shell permission identity to 170 * @param packageName the name of the package to delegate shell permission identity to 171 * @param permissionNames the names of the permissions to delegate shell permission identity 172 * for, or {@code null} for all permissions 173 */ 174 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) startShellPermissionIdentityDelegation(int uid, @NonNull String packageName, @Nullable List<String> permissionNames)175 void startShellPermissionIdentityDelegation(int uid, 176 @NonNull String packageName, @Nullable List<String> permissionNames); 177 178 /** 179 * Stop delegating the permission identity of the shell UID. 180 * 181 * @see #startShellPermissionIdentityDelegation(int, String, List) 182 */ 183 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) stopShellPermissionIdentityDelegation()184 void stopShellPermissionIdentityDelegation(); 185 186 /** 187 * Get all delegated shell permissions. 188 */ getDelegatedShellPermissions()189 @NonNull List<String> getDelegatedShellPermissions(); 190 191 /** 192 * Read legacy permissions from legacy permission settings. 193 * 194 * TODO(zhanghai): This is a temporary method because we should not expose 195 * {@code LegacyPermissionSettings} which is a implementation detail that permission should not 196 * know. Instead, it should retrieve the legacy permissions via a defined API. 197 */ readLegacyPermissionsTEMP(@onNull LegacyPermissionSettings legacyPermissionSettings)198 void readLegacyPermissionsTEMP(@NonNull LegacyPermissionSettings legacyPermissionSettings); 199 200 /** 201 * Write legacy permissions to legacy permission settings. 202 * 203 * TODO(zhanghai): This is a temporary method and should be removed once we migrated persistence 204 * for permission. 205 */ writeLegacyPermissionsTEMP(@onNull LegacyPermissionSettings legacyPermissionSettings)206 void writeLegacyPermissionsTEMP(@NonNull LegacyPermissionSettings legacyPermissionSettings); 207 208 /** 209 * Callback when the system is ready. 210 */ 211 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onSystemReady()212 void onSystemReady(); 213 214 /** 215 * Callback when a storage volume is mounted, so that all packages on it become available. 216 * 217 * @param volumeUuid the UUID of the storage volume 218 * @param fingerprintChanged whether the current build fingerprint is different from what it was 219 * when this volume was last mounted 220 */ 221 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onStorageVolumeMounted(@onNull String volumeUuid, boolean fingerprintChanged)222 void onStorageVolumeMounted(@NonNull String volumeUuid, boolean fingerprintChanged); 223 224 /** 225 * Callback when a user has been created. 226 * 227 * @param userId the created user ID 228 */ 229 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onUserCreated(@serIdInt int userId)230 void onUserCreated(@UserIdInt int userId); 231 232 /** 233 * Callback when a user has been removed. 234 * 235 * @param userId the removed user ID 236 */ 237 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onUserRemoved(@serIdInt int userId)238 void onUserRemoved(@UserIdInt int userId); 239 240 /** 241 * Callback when a package has been added. 242 * 243 * @param pkg the added package 244 * @param isInstantApp whether the added package is an instant app 245 * @param oldPkg the old package, or {@code null} if none 246 */ 247 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageAdded(@onNull AndroidPackage pkg, boolean isInstantApp, @Nullable AndroidPackage oldPkg)248 void onPackageAdded(@NonNull AndroidPackage pkg, boolean isInstantApp, 249 @Nullable AndroidPackage oldPkg); 250 251 /** 252 * Callback when a package has been installed for a user. 253 * 254 * @param pkg the installed package 255 * @param previousAppId the previous app ID if the package is leaving a shared UID, 256 * or Process.INVALID_UID 257 * @param params the parameters passed in for package installation 258 * @param userId the user ID this package is installed for 259 */ 260 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageInstalled(@onNull AndroidPackage pkg, int previousAppId, @NonNull PackageInstalledParams params, @UserIdInt int userId)261 void onPackageInstalled(@NonNull AndroidPackage pkg, int previousAppId, 262 @NonNull PackageInstalledParams params, 263 @UserIdInt int userId); 264 265 /** 266 * Callback when a package has been removed. 267 * 268 * @param pkg the removed package 269 */ 270 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageRemoved(@onNull AndroidPackage pkg)271 void onPackageRemoved(@NonNull AndroidPackage pkg); 272 273 /** 274 * Callback when a package has been uninstalled. 275 * <p> 276 * The package may have been fully removed from the system, or only marked as uninstalled for 277 * this user but still instlaled for other users. 278 * 279 * TODO: Pass PackageState instead. 280 * 281 * @param packageName the name of the uninstalled package 282 * @param appId the app ID of the uninstalled package 283 * @param pkg the uninstalled package, or {@code null} if unavailable 284 * @param sharedUserPkgs the packages that are in the same shared user 285 * @param userId the user ID the package is uninstalled for 286 */ 287 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageUninstalled(@onNull String packageName, int appId, @Nullable AndroidPackage pkg, @NonNull List<AndroidPackage> sharedUserPkgs, @UserIdInt int userId)288 void onPackageUninstalled(@NonNull String packageName, int appId, @Nullable AndroidPackage pkg, 289 @NonNull List<AndroidPackage> sharedUserPkgs, @UserIdInt int userId); 290 291 /** 292 * Listener for package permission state (permissions or flags) changes. 293 */ 294 interface OnRuntimePermissionStateChangedListener { 295 296 /** 297 * Called when the runtime permission state (permissions or flags) changed. 298 * 299 * @param packageName The package for which the change happened. 300 * @param userId the user id for which the change happened. 301 */ 302 @Nullable onRuntimePermissionStateChanged(@onNull String packageName, @UserIdInt int userId)303 void onRuntimePermissionStateChanged(@NonNull String packageName, 304 @UserIdInt int userId); 305 } 306 307 /** 308 * The permission-related parameters passed in for package installation. 309 * 310 * @see android.content.pm.PackageInstaller.SessionParams 311 */ 312 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 313 final class PackageInstalledParams { 314 /** 315 * A static instance whose parameters are all in their default state. 316 */ 317 public static final PackageInstalledParams DEFAULT = new Builder().build(); 318 319 @NonNull 320 private final List<String> mGrantedPermissions; 321 @NonNull 322 private final List<String> mAllowlistedRestrictedPermissions; 323 @NonNull 324 private final int mAutoRevokePermissionsMode; 325 PackageInstalledParams(@onNull List<String> grantedPermissions, @NonNull List<String> allowlistedRestrictedPermissions, int autoRevokePermissionsMode)326 private PackageInstalledParams(@NonNull List<String> grantedPermissions, 327 @NonNull List<String> allowlistedRestrictedPermissions, 328 int autoRevokePermissionsMode) { 329 mGrantedPermissions = grantedPermissions; 330 mAllowlistedRestrictedPermissions = allowlistedRestrictedPermissions; 331 mAutoRevokePermissionsMode = autoRevokePermissionsMode; 332 } 333 334 /** 335 * Get the permissions to be granted. 336 * 337 * @return the permissions to be granted 338 */ 339 @NonNull getGrantedPermissions()340 public List<String> getGrantedPermissions() { 341 return mGrantedPermissions; 342 } 343 344 /** 345 * Get the restricted permissions to be allowlisted. 346 * 347 * @return the restricted permissions to be allowlisted 348 */ 349 @NonNull getAllowlistedRestrictedPermissions()350 public List<String> getAllowlistedRestrictedPermissions() { 351 return mAllowlistedRestrictedPermissions; 352 } 353 354 /** 355 * Get the mode for auto revoking permissions. 356 * 357 * @return the mode for auto revoking permissions 358 */ getAutoRevokePermissionsMode()359 public int getAutoRevokePermissionsMode() { 360 return mAutoRevokePermissionsMode; 361 } 362 363 /** 364 * Builder class for {@link PackageInstalledParams}. 365 */ 366 public static final class Builder { 367 @NonNull 368 private List<String> mGrantedPermissions = Collections.emptyList(); 369 @NonNull 370 private List<String> mAllowlistedRestrictedPermissions = Collections.emptyList(); 371 @NonNull 372 private int mAutoRevokePermissionsMode = AppOpsManager.MODE_DEFAULT; 373 374 /** 375 * Set the permissions to be granted. 376 * 377 * @param grantedPermissions the permissions to be granted 378 * 379 * @see android.content.pm.PackageInstaller.SessionParams#setGrantedRuntimePermissions( 380 * java.lang.String[]) 381 */ setGrantedPermissions(@onNull List<String> grantedPermissions)382 public void setGrantedPermissions(@NonNull List<String> grantedPermissions) { 383 Objects.requireNonNull(grantedPermissions); 384 mGrantedPermissions = new ArrayList<>(grantedPermissions); 385 } 386 387 /** 388 * Set the restricted permissions to be allowlisted. 389 * <p> 390 * Permissions that are not restricted are ignored, so one can just pass in all 391 * requested permissions of a package to get all its restricted permissions allowlisted. 392 * 393 * @param allowlistedRestrictedPermissions the restricted permissions to be allowlisted 394 * 395 * @see android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set) 396 */ setAllowlistedRestrictedPermissions( @onNull List<String> allowlistedRestrictedPermissions)397 public void setAllowlistedRestrictedPermissions( 398 @NonNull List<String> allowlistedRestrictedPermissions) { 399 Objects.requireNonNull(mGrantedPermissions); 400 mAllowlistedRestrictedPermissions = new ArrayList<>( 401 allowlistedRestrictedPermissions); 402 } 403 404 /** 405 * Set the mode for auto revoking permissions. 406 * <p> 407 * {@link AppOpsManager#MODE_ALLOWED} means the system is allowed to auto revoke 408 * permissions from this package, and {@link AppOpsManager#MODE_IGNORED} means this 409 * package should be ignored when auto revoking permissions. 410 * {@link AppOpsManager#MODE_DEFAULT} means no changes will be made to the auto revoke 411 * mode of this package. 412 * 413 * @param autoRevokePermissionsMode the mode for auto revoking permissions 414 * 415 * @see android.content.pm.PackageInstaller.SessionParams#setAutoRevokePermissionsMode( 416 * boolean) 417 */ setAutoRevokePermissionsMode(int autoRevokePermissionsMode)418 public void setAutoRevokePermissionsMode(int autoRevokePermissionsMode) { 419 mAutoRevokePermissionsMode = autoRevokePermissionsMode; 420 } 421 422 /** 423 * Build a new instance of {@link PackageInstalledParams}. 424 * 425 * @return the {@link PackageInstalledParams} built 426 */ 427 @NonNull build()428 public PackageInstalledParams build() { 429 return new PackageInstalledParams(mGrantedPermissions, 430 mAllowlistedRestrictedPermissions, mAutoRevokePermissionsMode); 431 } 432 } 433 } 434 435 /** 436 * Sets the provider of the currently active HotwordDetectionService. 437 * 438 * @see HotwordDetectionServiceProvider 439 */ setHotwordDetectionServiceProvider(@ullable HotwordDetectionServiceProvider provider)440 void setHotwordDetectionServiceProvider(@Nullable HotwordDetectionServiceProvider provider); 441 442 /** 443 * Gets the provider of the currently active HotwordDetectionService. 444 * 445 * @see HotwordDetectionServiceProvider 446 */ 447 @Nullable getHotwordDetectionServiceProvider()448 HotwordDetectionServiceProvider getHotwordDetectionServiceProvider(); 449 450 /** 451 * Provides the uid of the currently active 452 * {@link android.service.voice.HotwordDetectionService}, which should be granted RECORD_AUDIO, 453 * CAPTURE_AUDIO_HOTWORD and CAPTURE_AUDIO_OUTPUT permissions. 454 */ 455 interface HotwordDetectionServiceProvider { getUid()456 int getUid(); 457 } 458 } 459