2022-04-10 20:24:01 -04:00
|
|
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
|
|
From: Daniel Micay <danielmicay@gmail.com>
|
|
|
|
Date: Fri, 21 Jul 2017 08:42:55 -0400
|
|
|
|
Subject: [PATCH] support new special runtime permissions
|
|
|
|
|
|
|
|
These are treated as a runtime permission even for legacy apps. They
|
|
|
|
need to be granted by default for all apps to maintain compatibility.
|
|
|
|
---
|
|
|
|
.../server/pm/PackageManagerService.java | 3 ++-
|
|
|
|
.../permission/PermissionManagerService.java | 23 +++++++++++++++----
|
|
|
|
2 files changed, 20 insertions(+), 6 deletions(-)
|
|
|
|
|
|
|
|
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
|
2024-11-14 07:47:52 -05:00
|
|
|
index d304f29ec195..9a4edcc5ea39 100644
|
2022-04-10 20:24:01 -04:00
|
|
|
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
|
|
|
|
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
|
2024-11-14 07:47:52 -05:00
|
|
|
@@ -20222,7 +20222,8 @@ public class PackageManagerService extends IPackageManager.Stub
|
2022-04-10 20:24:01 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// If this permission was granted by default, make sure it is.
|
|
|
|
- if ((oldFlags & FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0) {
|
|
|
|
+ if ((oldFlags & FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0
|
|
|
|
+ || PermissionManagerService.isSpecialRuntimePermission(bp.getName())) {
|
|
|
|
mPermissionManager.grantRuntimePermission(permName, packageName, false,
|
|
|
|
Process.SYSTEM_UID, userId, delayingPermCallback);
|
|
|
|
// Allow app op later as we are holding mPackages
|
|
|
|
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
2024-07-17 13:35:58 -04:00
|
|
|
index b342f443d9ac..7784e4a9717c 100644
|
2022-04-10 20:24:01 -04:00
|
|
|
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
|
|
|
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
2024-06-19 18:43:50 -04:00
|
|
|
@@ -1024,6 +1024,10 @@ public class PermissionManagerService {
|
2022-04-10 20:24:01 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
+ public static boolean isSpecialRuntimePermission(final String permission) {
|
|
|
|
+ return false;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
/**
|
|
|
|
* Restore the permission state for a package.
|
|
|
|
*
|
2024-06-19 18:43:50 -04:00
|
|
|
@@ -1323,6 +1327,14 @@ public class PermissionManagerService {
|
2022-04-10 20:24:01 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
+
|
|
|
|
+ if (isSpecialRuntimePermission(bp.name) &&
|
|
|
|
+ origPermissions.getRuntimePermissionState(bp.name, userId) == null) {
|
|
|
|
+ if (permissionsState.grantRuntimePermission(bp, userId)
|
|
|
|
+ != PERMISSION_OPERATION_FAILURE) {
|
|
|
|
+ wasChanged = true;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
} else {
|
|
|
|
if (permState == null) {
|
|
|
|
// New permission
|
2024-06-19 18:43:50 -04:00
|
|
|
@@ -1456,7 +1468,7 @@ public class PermissionManagerService {
|
2022-04-10 20:24:01 -04:00
|
|
|
wasChanged = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
- } else {
|
|
|
|
+ } else {
|
|
|
|
if (!permissionsState.hasRuntimePermission(bp.name, userId)
|
|
|
|
&& permissionsState.grantRuntimePermission(bp,
|
|
|
|
userId) != PERMISSION_OPERATION_FAILURE) {
|
2024-06-19 18:43:50 -04:00
|
|
|
@@ -2234,7 +2246,7 @@ public class PermissionManagerService {
|
2022-04-10 20:24:01 -04:00
|
|
|
&& (grantedPermissions == null
|
|
|
|
|| ArrayUtils.contains(grantedPermissions, permission))) {
|
|
|
|
final int flags = permissionsState.getPermissionFlags(permission, userId);
|
|
|
|
- if (supportsRuntimePermissions) {
|
|
|
|
+ if (supportsRuntimePermissions || isSpecialRuntimePermission(bp.name)) {
|
|
|
|
// Installer cannot change immutable permissions.
|
|
|
|
if ((flags & immutableFlags) == 0) {
|
|
|
|
grantRuntimePermission(permission, pkg.packageName, false, callingUid,
|
2024-06-19 18:43:50 -04:00
|
|
|
@@ -2293,7 +2305,7 @@ public class PermissionManagerService {
|
2022-04-10 20:24:01 -04:00
|
|
|
// to keep the review required permission flag per user while an
|
|
|
|
// install permission's state is shared across all users.
|
|
|
|
if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
|
|
|
|
- && bp.isRuntime()) {
|
|
|
|
+ && bp.isRuntime() && !isSpecialRuntimePermission(bp.name)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2024-06-19 18:43:50 -04:00
|
|
|
@@ -2345,7 +2357,8 @@ public class PermissionManagerService {
|
2022-04-10 20:24:01 -04:00
|
|
|
+ permName + " for package " + packageName);
|
|
|
|
}
|
|
|
|
|
|
|
|
- if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
|
|
|
|
+ if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
|
|
|
|
+ && !isSpecialRuntimePermission(permName)) {
|
|
|
|
Slog.w(TAG, "Cannot grant runtime permission to a legacy app");
|
|
|
|
return;
|
|
|
|
}
|
2024-06-19 18:43:50 -04:00
|
|
|
@@ -2432,7 +2445,7 @@ public class PermissionManagerService {
|
2022-04-10 20:24:01 -04:00
|
|
|
// to keep the review required permission flag per user while an
|
|
|
|
// install permission's state is shared across all users.
|
|
|
|
if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
|
|
|
|
- && bp.isRuntime()) {
|
|
|
|
+ && bp.isRuntime() && !isSpecialRuntimePermission(permName)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|