1 /* 2 * Copyright (C) 2019 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.pm.permission; 18 19 import android.annotation.NonNull; 20 import android.annotation.Nullable; 21 import android.annotation.SpecialUsers.CanBeALL; 22 import android.annotation.UserIdInt; 23 import android.app.AppOpsManager; 24 import android.content.pm.PackageInstaller.SessionParams; 25 import android.content.pm.PermissionInfo; 26 import android.permission.PermissionManagerInternal; 27 import android.util.ArrayMap; 28 29 import com.android.internal.util.function.QuadFunction; 30 import com.android.internal.util.function.TriFunction; 31 import com.android.server.pm.pkg.AndroidPackage; 32 import com.android.server.pm.pkg.PackageState; 33 34 import java.util.ArrayList; 35 import java.util.Collections; 36 import java.util.List; 37 import java.util.Objects; 38 import java.util.Set; 39 40 /** 41 * Internal interfaces services. 42 * 43 * TODO: Move into module. 44 */ 45 public interface PermissionManagerServiceInternal extends PermissionManagerInternal, 46 LegacyPermissionDataProvider { 47 /** 48 * Check whether a particular package has been granted a particular permission. 49 * 50 * @param packageName the name of the package you are checking against 51 * @param permissionName the name of the permission you are checking for 52 * @param persistentDeviceId the persistent device ID to check permission for 53 * @param userId the user ID 54 * @return {@code PERMISSION_GRANTED} if the permission is granted, or {@code PERMISSION_DENIED} 55 * otherwise 56 */ 57 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) checkPermission(@onNull String packageName, @NonNull String permissionName, @NonNull String persistentDeviceId, @UserIdInt int userId)58 int checkPermission(@NonNull String packageName, @NonNull String permissionName, 59 @NonNull String persistentDeviceId, @UserIdInt int userId); 60 61 /** 62 * Check whether a particular UID has been granted a particular permission. 63 * 64 * @param uid the UID 65 * @param permissionName the name of the permission you are checking for 66 * @param deviceId the device for which you are checking the permission 67 * @return {@code PERMISSION_GRANTED} if the permission is granted, or {@code PERMISSION_DENIED} 68 * otherwise 69 */ 70 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) checkUidPermission(int uid, @NonNull String permissionName, int deviceId)71 int checkUidPermission(int uid, @NonNull String permissionName, int deviceId); 72 73 /** 74 * Get whether permission review is required for a package. 75 * 76 * @param packageName the name of the package 77 * @param userId the user ID 78 * @return whether permission review is required 79 */ 80 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) isPermissionsReviewRequired(@onNull String packageName, @UserIdInt int userId)81 boolean isPermissionsReviewRequired(@NonNull String packageName, @UserIdInt int userId); 82 83 /** 84 * Reset the runtime permission state changes for a package. 85 * 86 * TODO(zhanghai): Turn this into package change callback? 87 * 88 * @param pkg the package 89 * @param userId the user ID 90 */ 91 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) resetRuntimePermissions(@onNull AndroidPackage pkg, @UserIdInt int userId)92 void resetRuntimePermissions(@NonNull AndroidPackage pkg, @UserIdInt int userId); 93 94 /** 95 * Reset the runtime permission state changes for all packages in a user. 96 * 97 * @param userId the user ID 98 */ 99 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) resetRuntimePermissionsForUser(@serIdInt int userId)100 void resetRuntimePermissionsForUser(@UserIdInt int userId); 101 102 /** 103 * Read legacy permission state from package settings. 104 * 105 * TODO(zhanghai): This is a temporary method because we should not expose 106 * {@code PackageSetting} which is a implementation detail that permission should not know. 107 * Instead, it should retrieve the legacy state via a defined API. 108 */ readLegacyPermissionStateTEMP()109 void readLegacyPermissionStateTEMP(); 110 111 /** 112 * Write legacy permission state to package settings. 113 * 114 * TODO(zhanghai): This is a temporary method and should be removed once we migrated persistence 115 * for permission. 116 */ writeLegacyPermissionStateTEMP()117 void writeLegacyPermissionStateTEMP(); 118 119 /** 120 * Get all the permissions definitions from a package that's installed in the system. 121 * <p> 122 * A permission definition in a normal app may not be installed if it's overridden by the 123 * platform or system app that contains a conflicting definition after system upgrade. 124 * 125 * @param packageName the name of the package 126 * @return the names of the installed permissions 127 */ 128 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 129 @NonNull getInstalledPermissions(@onNull String packageName)130 Set<String> getInstalledPermissions(@NonNull String packageName); 131 132 /** 133 * Get all the permissions granted to a package. 134 * 135 * @param packageName the name of the package 136 * @param userId the user ID 137 * @return the names of the granted permissions 138 */ 139 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 140 @NonNull getGrantedPermissions(@onNull String packageName, @UserIdInt int userId)141 Set<String> getGrantedPermissions(@NonNull String packageName, @UserIdInt int userId); 142 143 /** 144 * Get the GIDs of a permission. 145 * 146 * @param permissionName the name of the permission 147 * @param userId the user ID 148 * @return the GIDs of the permission 149 */ 150 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 151 @NonNull getPermissionGids(@onNull String permissionName, @UserIdInt int userId)152 int[] getPermissionGids(@NonNull String permissionName, @UserIdInt int userId); 153 154 /** 155 * Get the packages that have requested an app op permission. 156 * 157 * @param permissionName the name of the app op permission 158 * @return the names of the packages that have requested the app op permission 159 */ 160 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 161 @NonNull getAppOpPermissionPackages(@onNull String permissionName)162 String[] getAppOpPermissionPackages(@NonNull String permissionName); 163 164 /** HACK HACK methods to allow for partial migration of data to the PermissionManager class */ 165 @Nullable getPermissionTEMP(@onNull String permName)166 Permission getPermissionTEMP(@NonNull String permName); 167 168 /** Get all permissions that have a certain protection */ 169 @NonNull getAllPermissionsWithProtection( @ermissionInfo.Protection int protection)170 List<PermissionInfo> getAllPermissionsWithProtection( 171 @PermissionInfo.Protection int protection); 172 173 /** Get all permissions that have certain protection flags 174 * @return*/ getAllPermissionsWithProtectionFlags( @ermissionInfo.ProtectionFlags int protectionFlags)175 @NonNull List<PermissionInfo> getAllPermissionsWithProtectionFlags( 176 @PermissionInfo.ProtectionFlags int protectionFlags); 177 178 /** 179 * Sets the current check permission delegate 180 */ setCheckPermissionDelegate(CheckPermissionDelegate delegate)181 void setCheckPermissionDelegate(CheckPermissionDelegate delegate); 182 183 /** 184 * Interface to intercept permission checks and optionally pass through to the original 185 * implementation. 186 */ 187 interface CheckPermissionDelegate { 188 189 /** 190 * Check whether the given package has been granted the specified permission. 191 * 192 * @param packageName the name of the package to be checked 193 * @param permissionName the name of the permission to be checked 194 * @param persistentDeviceId The persistent device ID 195 * @param userId the user ID 196 * @param superImpl the original implementation that can be delegated to 197 * @return {@link android.content.pm.PackageManager#PERMISSION_GRANTED} if the package has 198 * the permission, or {@link android.content.pm.PackageManager#PERMISSION_DENIED} otherwise 199 * 200 * @see android.content.pm.PackageManager#checkPermission(String, String) 201 */ checkPermission(@onNull String packageName, @NonNull String permissionName, @NonNull String persistentDeviceId, @UserIdInt int userId, @NonNull QuadFunction<String, String, String, Integer, Integer> superImpl)202 int checkPermission(@NonNull String packageName, @NonNull String permissionName, 203 @NonNull String persistentDeviceId, @UserIdInt int userId, 204 @NonNull QuadFunction<String, String, String, Integer, Integer> superImpl); 205 206 /** 207 * Check whether the given UID has been granted the specified permission. 208 * 209 * @param uid the UID to be checked 210 * @param permissionName the name of the permission to be checked 211 * @param persistentDeviceId The persistent device ID 212 * @param superImpl the original implementation that can be delegated to 213 * @return {@link android.content.pm.PackageManager#PERMISSION_GRANTED} if the package has 214 * the permission, or {@link android.content.pm.PackageManager#PERMISSION_DENIED} otherwise 215 */ checkUidPermission(int uid, @NonNull String permissionName, @NonNull String persistentDeviceId, @NonNull TriFunction<Integer, String, String, Integer> superImpl)216 int checkUidPermission(int uid, @NonNull String permissionName, 217 @NonNull String persistentDeviceId, 218 @NonNull TriFunction<Integer, String, String, Integer> superImpl); 219 } 220 221 /** 222 * Read legacy permissions from legacy permission settings. 223 * 224 * TODO(zhanghai): This is a temporary method because we should not expose 225 * {@code LegacyPermissionSettings} which is a implementation detail that permission should not 226 * know. Instead, it should retrieve the legacy permissions via a defined API. 227 */ readLegacyPermissionsTEMP(@onNull LegacyPermissionSettings legacyPermissionSettings)228 void readLegacyPermissionsTEMP(@NonNull LegacyPermissionSettings legacyPermissionSettings); 229 230 /** 231 * Write legacy permissions to legacy permission settings. 232 * 233 * TODO(zhanghai): This is a temporary method and should be removed once we migrated persistence 234 * for permission. 235 */ writeLegacyPermissionsTEMP(@onNull LegacyPermissionSettings legacyPermissionSettings)236 void writeLegacyPermissionsTEMP(@NonNull LegacyPermissionSettings legacyPermissionSettings); 237 238 /** 239 * Get the fingerprint for default permission grants. 240 */ 241 @Nullable getDefaultPermissionGrantFingerprint(@serIdInt int userId)242 String getDefaultPermissionGrantFingerprint(@UserIdInt int userId); 243 244 /** 245 * Set the fingerprint for default permission grants. 246 */ setDefaultPermissionGrantFingerprint(@onNull String fingerprint, @UserIdInt int userId)247 void setDefaultPermissionGrantFingerprint(@NonNull String fingerprint, @UserIdInt int userId); 248 249 /** 250 * Callback when the system is ready. 251 */ 252 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onSystemReady()253 void onSystemReady(); 254 255 /** 256 * Callback when a storage volume is mounted, so that all packages on it become available. 257 * 258 * @param volumeUuid the UUID of the storage volume 259 * @param fingerprintChanged whether the current build fingerprint is different from what it was 260 * when this volume was last mounted 261 */ 262 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onStorageVolumeMounted(@onNull String volumeUuid, boolean fingerprintChanged)263 void onStorageVolumeMounted(@NonNull String volumeUuid, boolean fingerprintChanged); 264 265 /** 266 * Callback when a user has been created. 267 * 268 * @param userId the created user ID 269 */ 270 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onUserCreated(@serIdInt int userId)271 void onUserCreated(@UserIdInt int userId); 272 273 /** 274 * Callback when a user has been removed. 275 * 276 * @param userId the removed user ID 277 */ 278 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onUserRemoved(@serIdInt int userId)279 void onUserRemoved(@UserIdInt int userId); 280 281 /** 282 * Callback when a package has been added. 283 * 284 * @param packageState the added package 285 * @param isInstantApp whether the added package is an instant app 286 * @param oldPkg the old package, or {@code null} if none 287 */ 288 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageAdded(@onNull PackageState packageState, boolean isInstantApp, @Nullable AndroidPackage oldPkg)289 void onPackageAdded(@NonNull PackageState packageState, 290 boolean isInstantApp, @Nullable AndroidPackage oldPkg); 291 292 /** 293 * Callback when a package has been installed for a user. 294 * 295 * @param pkg the installed package 296 * @param previousAppId the previous app ID if the package is leaving a shared UID, 297 * or Process.INVALID_UID 298 * @param params the parameters passed in for package installation 299 * @param userId the user ID this package is installed for 300 */ 301 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageInstalled(@onNull AndroidPackage pkg, int previousAppId, @NonNull PackageInstalledParams params, @UserIdInt int userId)302 void onPackageInstalled(@NonNull AndroidPackage pkg, int previousAppId, 303 @NonNull PackageInstalledParams params, 304 @UserIdInt int userId); 305 306 /** 307 * Callback when a package has been removed. 308 * 309 * @param pkg the removed package 310 */ 311 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageRemoved(@onNull AndroidPackage pkg)312 void onPackageRemoved(@NonNull AndroidPackage pkg); 313 314 /** 315 * Callback when a package has been uninstalled. 316 * <p> 317 * The package may have been fully removed from the system, or only marked as uninstalled for 318 * this user but still instlaled for other users. 319 * 320 * @param packageName the name of the uninstalled package 321 * @param appId the app ID of the uninstalled package 322 * @param packageState the uninstalled package, or {@code null} if unavailable 323 * @param sharedUserPkgs the packages that are in the same shared user 324 * @param userId the user ID the package is uninstalled for 325 */ 326 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageUninstalled(@onNull String packageName, int appId, @Nullable PackageState packageState, @Nullable AndroidPackage pkg, @NonNull List<AndroidPackage> sharedUserPkgs, @CanBeALL @UserIdInt int userId)327 void onPackageUninstalled(@NonNull String packageName, int appId, 328 @Nullable PackageState packageState, @Nullable AndroidPackage pkg, 329 @NonNull List<AndroidPackage> sharedUserPkgs, @CanBeALL @UserIdInt int userId); 330 331 /** 332 * The permission-related parameters passed in for package installation. 333 * 334 * @see SessionParams 335 */ 336 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 337 final class PackageInstalledParams { 338 /** 339 * A static instance whose parameters are all in their default state. 340 */ 341 public static final PackageInstalledParams DEFAULT = new Builder().build(); 342 343 @NonNull 344 private final ArrayMap<String, Integer> mPermissionStates; 345 @NonNull 346 private final List<String> mAllowlistedRestrictedPermissions; 347 @NonNull 348 private final int mAutoRevokePermissionsMode; 349 PackageInstalledParams(@onNull ArrayMap<String, Integer> permissionStates, @NonNull List<String> allowlistedRestrictedPermissions, int autoRevokePermissionsMode)350 private PackageInstalledParams(@NonNull ArrayMap<String, Integer> permissionStates, 351 @NonNull List<String> allowlistedRestrictedPermissions, 352 int autoRevokePermissionsMode) { 353 mPermissionStates = permissionStates; 354 mAllowlistedRestrictedPermissions = allowlistedRestrictedPermissions; 355 mAutoRevokePermissionsMode = autoRevokePermissionsMode; 356 } 357 358 /** 359 * @return the permissions states requested 360 * 361 * @see SessionParams#setPermissionState(String, int) 362 */ 363 @NonNull getPermissionStates()364 public ArrayMap<String, Integer> getPermissionStates() { 365 return mPermissionStates; 366 } 367 368 /** 369 * Get the restricted permissions to be allowlisted. 370 * 371 * @return the restricted permissions to be allowlisted 372 */ 373 @NonNull getAllowlistedRestrictedPermissions()374 public List<String> getAllowlistedRestrictedPermissions() { 375 return mAllowlistedRestrictedPermissions; 376 } 377 378 /** 379 * Get the mode for auto revoking permissions. 380 * 381 * @return the mode for auto revoking permissions 382 */ getAutoRevokePermissionsMode()383 public int getAutoRevokePermissionsMode() { 384 return mAutoRevokePermissionsMode; 385 } 386 387 /** 388 * Builder class for {@link PackageInstalledParams}. 389 */ 390 public static final class Builder { 391 @Nullable 392 private ArrayMap<String, Integer> mPermissionStates = null; 393 @NonNull 394 private List<String> mAllowlistedRestrictedPermissions = Collections.emptyList(); 395 @NonNull 396 private int mAutoRevokePermissionsMode = AppOpsManager.MODE_DEFAULT; 397 398 /** 399 * Set the permissions states requested by the installer. 400 * 401 * @see SessionParams#setPermissionState(String, int) 402 */ setPermissionStates( @onNull ArrayMap<String, Integer> permissionStates)403 public Builder setPermissionStates( 404 @NonNull ArrayMap<String, Integer> permissionStates) { 405 Objects.requireNonNull(permissionStates); 406 mPermissionStates = permissionStates; 407 return this; 408 } 409 410 /** 411 * Set the restricted permissions to be allowlisted. 412 * <p> 413 * Permissions that are not restricted are ignored, so one can just pass in all 414 * requested permissions of a package to get all its restricted permissions allowlisted. 415 * 416 * @param allowlistedRestrictedPermissions the restricted permissions to be allowlisted 417 * 418 * @see SessionParams#setWhitelistedRestrictedPermissions(Set) 419 */ setAllowlistedRestrictedPermissions( @onNull List<String> allowlistedRestrictedPermissions)420 public void setAllowlistedRestrictedPermissions( 421 @NonNull List<String> allowlistedRestrictedPermissions) { 422 Objects.requireNonNull(allowlistedRestrictedPermissions); 423 mAllowlistedRestrictedPermissions = new ArrayList<>( 424 allowlistedRestrictedPermissions); 425 } 426 427 /** 428 * Set the mode for auto revoking permissions. 429 * <p> 430 * {@link AppOpsManager#MODE_ALLOWED} means the system is allowed to auto revoke 431 * permissions from this package, and {@link AppOpsManager#MODE_IGNORED} means this 432 * package should be ignored when auto revoking permissions. 433 * {@link AppOpsManager#MODE_DEFAULT} means no changes will be made to the auto revoke 434 * mode of this package. 435 * 436 * @param autoRevokePermissionsMode the mode for auto revoking permissions 437 * 438 * @see SessionParams#setAutoRevokePermissionsMode(boolean) 439 */ setAutoRevokePermissionsMode(int autoRevokePermissionsMode)440 public void setAutoRevokePermissionsMode(int autoRevokePermissionsMode) { 441 mAutoRevokePermissionsMode = autoRevokePermissionsMode; 442 } 443 444 /** 445 * Build a new instance of {@link PackageInstalledParams}. 446 * 447 * @return the {@link PackageInstalledParams} built 448 */ 449 @NonNull build()450 public PackageInstalledParams build() { 451 return new PackageInstalledParams( 452 mPermissionStates == null ? new ArrayMap<>() : mPermissionStates, 453 mAllowlistedRestrictedPermissions, mAutoRevokePermissionsMode); 454 } 455 } 456 } 457 458 /** 459 * Sets the provider of the currently active HotwordDetectionService. 460 * 461 * @see HotwordDetectionServiceProvider 462 */ setHotwordDetectionServiceProvider(@ullable HotwordDetectionServiceProvider provider)463 void setHotwordDetectionServiceProvider(@Nullable HotwordDetectionServiceProvider provider); 464 465 /** 466 * Gets the provider of the currently active HotwordDetectionService. 467 * 468 * @see HotwordDetectionServiceProvider 469 */ 470 @Nullable getHotwordDetectionServiceProvider()471 HotwordDetectionServiceProvider getHotwordDetectionServiceProvider(); 472 473 /** 474 * Provides the uid of the currently active 475 * {@link android.service.voice.HotwordDetectionService}, which should be granted RECORD_AUDIO, 476 * CAPTURE_AUDIO_HOTWORD and CAPTURE_AUDIO_OUTPUT permissions. 477 */ 478 interface HotwordDetectionServiceProvider { getUid()479 int getUid(); 480 } 481 } 482