From 5e1521700f42a78e10192ece32a5cfc21e8bf58c Mon Sep 17 00:00:00 2001 From: Tad Date: Fri, 25 Feb 2022 13:38:36 -0500 Subject: [PATCH] Port the GrapheneOS NETWORK permission to 17.1 and 18.1 Some patches were ported from 12 to 10/11 Some patches from 11 were ported to 10 This 10/11 port should be very close to 12 BOUNS: 16.0 patches, disabled Signed-off-by: Tad --- .../0013-Network_Permission-1.patch | 116 ++++++++++++++++ .../0013-Network_Permission-2.patch | 36 +++++ .../0013-Network_Permission-3.patch | 51 +++++++ .../0001-Network_Permission.patch | 31 +++++ .../0001-Network_Permission-1.patch | 48 +++++++ .../0001-Network_Permission-2.patch | 23 ++++ .../0001-Captive_Portal_Toggle.patch | 2 +- .../0001-Network_Permission.patch | 21 +++ .../0014-Network_Permission-1.patch | 102 ++++++++++++++ .../0014-Network_Permission-2.patch | 36 +++++ .../0014-Network_Permission-3.patch | 62 +++++++++ .../0014-Network_Permission-4.patch | 111 ++++++++++++++++ .../0014-Network_Permission-5.patch | 82 ++++++++++++ .../0014-Network_Permission-6.patch | 125 ++++++++++++++++++ .../0014-Network_Permission-7.patch | 42 ++++++ .../0003-Network_Permission.patch | 32 +++++ .../0001-Network_Permission-1.patch | 61 +++++++++ .../0001-Network_Permission-2.patch | 30 +++++ .../0001-Captive_Portal_Toggle.patch | 2 +- .../0001-Network_Permission.patch | 21 +++ .../0001-Network_Permission.patch | 31 +++++ .../0013-Network_Permission-1.patch | 95 +++++++++++++ .../0013-Network_Permission-2.patch | 37 ++++++ .../0013-Network_Permission-3.patch | 81 ++++++++++++ .../0013-Network_Permission-4.patch | 112 ++++++++++++++++ .../0013-Network_Permission-5.patch | 82 ++++++++++++ .../0013-Network_Permission-6.patch | 125 ++++++++++++++++++ .../0013-Network_Permission-7.patch | 42 ++++++ .../0001-Network_Permission.patch | 32 +++++ .../0002-Network_Permission-1.patch | 62 +++++++++ .../0002-Network_Permission-2.patch | 31 +++++ .../0002-Network_Permission-3.patch | 109 +++++++++++++++ .../0002-Network_Permission-4.patch | 83 ++++++++++++ .../0002-Network_Permission-5.patch | 38 ++++++ .../0001-Network_Permission.patch | 21 +++ .../0001-Network_Permission.patch | 31 +++++ Scripts/LineageOS-17.1/Patch.sh | 25 ++++ Scripts/LineageOS-18.1/Patch.sh | 28 ++++ Scripts/init.sh | 1 + 39 files changed, 2098 insertions(+), 2 deletions(-) create mode 100644 Patches/LineageOS-16.0/android_frameworks_base/0013-Network_Permission-1.patch create mode 100644 Patches/LineageOS-16.0/android_frameworks_base/0013-Network_Permission-2.patch create mode 100644 Patches/LineageOS-16.0/android_frameworks_base/0013-Network_Permission-3.patch create mode 100644 Patches/LineageOS-16.0/android_libcore/0001-Network_Permission.patch create mode 100644 Patches/LineageOS-16.0/android_packages_apps_PackageInstaller/0001-Network_Permission-1.patch create mode 100644 Patches/LineageOS-16.0/android_packages_apps_PackageInstaller/0001-Network_Permission-2.patch create mode 100644 Patches/LineageOS-16.0/android_packages_providers_DownloadProvider/0001-Network_Permission.patch create mode 100644 Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-1.patch create mode 100644 Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-2.patch create mode 100644 Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-3.patch create mode 100644 Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-4.patch create mode 100644 Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-5.patch create mode 100644 Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-6.patch create mode 100644 Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-7.patch create mode 100644 Patches/LineageOS-17.1/android_libcore/0003-Network_Permission.patch create mode 100644 Patches/LineageOS-17.1/android_packages_apps_PermissionController/0001-Network_Permission-1.patch create mode 100644 Patches/LineageOS-17.1/android_packages_apps_PermissionController/0001-Network_Permission-2.patch create mode 100644 Patches/LineageOS-17.1/android_packages_providers_DownloadProvider/0001-Network_Permission.patch create mode 100644 Patches/LineageOS-17.1/android_system_netd/0001-Network_Permission.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-1.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-2.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-3.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-4.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-5.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-6.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-7.patch create mode 100644 Patches/LineageOS-18.1/android_libcore/0001-Network_Permission.patch create mode 100644 Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-1.patch create mode 100644 Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-2.patch create mode 100644 Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-3.patch create mode 100644 Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-4.patch create mode 100644 Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-5.patch create mode 100644 Patches/LineageOS-18.1/android_packages_providers_DownloadProvider/0001-Network_Permission.patch create mode 100644 Patches/LineageOS-18.1/android_system_netd/0001-Network_Permission.patch diff --git a/Patches/LineageOS-16.0/android_frameworks_base/0013-Network_Permission-1.patch b/Patches/LineageOS-16.0/android_frameworks_base/0013-Network_Permission-1.patch new file mode 100644 index 00000000..64fc7d6d --- /dev/null +++ b/Patches/LineageOS-16.0/android_frameworks_base/0013-Network_Permission-1.patch @@ -0,0 +1,116 @@ +From 09632b10185b9133949a431e27089f72b5cfeefa Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Fri, 21 Jul 2017 08:42:55 -0400 +Subject: [PATCH] support new special runtime permissions + +These are treated as a runtime permission even for legacy apps. They +need to be granted by default for all apps to maintain compatibility. +--- + .../server/pm/PackageManagerService.java | 3 +- + .../permission/PermissionManagerService.java | 30 ++++++++++++++----- + 2 files changed, 25 insertions(+), 8 deletions(-) + +diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java +index c414abac12a7..46f02259e741 100644 +--- a/services/core/java/com/android/server/pm/PackageManagerService.java ++++ b/services/core/java/com/android/server/pm/PackageManagerService.java +@@ -19462,7 +19462,8 @@ private void resetUserChangesToRuntimePermissionsAndFlagsLPw( + } + + // If this permission was granted by default, make sure it is. +- if ((oldFlags & FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0) { ++ if ((oldFlags & FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0 ++ || PermissionManagerService.isSpecialRuntimePermission(bp.getName())) { + if (permissionsState.grantRuntimePermission(bp, userId) + != PERMISSION_OPERATION_FAILURE) { + writeRuntimePermissions = true; +diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +index c51a72406b53..cb8facb31020 100644 +--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java ++++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +@@ -659,6 +659,10 @@ private void removeDynamicPermission( + } + } + ++ public static boolean isSpecialRuntimePermission(final String permission) { ++ return false; ++ } ++ + private void grantPermissions(PackageParser.Package pkg, boolean replace, + String packageOfInterest, PermissionCallback callback) { + // IMPORTANT: There are two types of permissions: install and runtime. +@@ -767,7 +771,8 @@ private void grantPermissions(PackageParser.Package pkg, boolean replace, + // their permissions as always granted runtime ones since we need + // to keep the review required permission flag per user while an + // install permission's state is shared across all users. +- if (!appSupportsRuntimePermissions && !mSettings.mPermissionReviewRequired) { ++ if (!appSupportsRuntimePermissions && !mSettings.mPermissionReviewRequired && ++ !isSpecialRuntimePermission(bp.getName())) { + // For legacy apps dangerous permissions are install time ones. + grant = GRANT_INSTALL; + } else if (origPermissions.hasInstallPermission(bp.getName())) { +@@ -877,7 +882,8 @@ private void grantPermissions(PackageParser.Package pkg, boolean replace, + updatedUserIds, userId); + } + } else if (mSettings.mPermissionReviewRequired +- && !appSupportsRuntimePermissions) { ++ && !appSupportsRuntimePermissions ++ && !isSpecialRuntimePermission(bp.getName())) { + // For legacy apps that need a permission review, every new + // runtime permission is granted but it is pending a review. + // We also need to review only platform defined runtime +@@ -898,7 +904,15 @@ private void grantPermissions(PackageParser.Package pkg, boolean replace, + updatedUserIds = ArrayUtils.appendInt( + updatedUserIds, userId); + } +- } ++ } else if (isSpecialRuntimePermission(bp.name) && ++ origPermissions.getRuntimePermissionState(bp.name, userId) == null) { ++ if (permissionsState.grantRuntimePermission(bp, userId) ++ != PermissionsState.PERMISSION_OPERATION_FAILURE) { ++ // We changed the permission, hence have to write. ++ updatedUserIds = ArrayUtils.appendInt( ++ updatedUserIds, userId); ++ } ++ } + // Propagate the permission flags. + permissionsState.updatePermissionFlags(bp, userId, flags, flags); + } +@@ -1350,7 +1364,7 @@ private void grantRequestedRuntimePermissionsForUser(PackageParser.Package pkg, + && (grantedPermissions == null + || ArrayUtils.contains(grantedPermissions, permission))) { + final int flags = permissionsState.getPermissionFlags(permission, userId); +- if (supportsRuntimePermissions) { ++ if (supportsRuntimePermissions || isSpecialRuntimePermission(bp.name)) { + // Installer cannot change immutable permissions. + if ((flags & immutableFlags) == 0) { + grantRuntimePermission(permission, pkg.packageName, false, callingUid, +@@ -1409,7 +1423,7 @@ private void grantRuntimePermission(String permName, String packageName, boolean + // install permission's state is shared across all users. + if (mSettings.mPermissionReviewRequired + && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M +- && bp.isRuntime()) { ++ && bp.isRuntime() && !isSpecialRuntimePermission(bp.name)) { + return; + } + +@@ -1445,7 +1459,8 @@ private void grantRuntimePermission(String permName, String packageName, boolean + + permName + " for package " + packageName); + } + +- if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) { ++ if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M ++ && !isSpecialRuntimePermission(permName)) { + Slog.w(TAG, "Cannot grant runtime permission to a legacy app"); + return; + } +@@ -1530,7 +1545,8 @@ private void revokeRuntimePermission(String permName, String packageName, + // install permission's state is shared across all users. + if (mSettings.mPermissionReviewRequired + && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M +- && bp.isRuntime()) { ++ && bp.isRuntime() ++ && !isSpecialRuntimePermission(permName)) { + return; + } + diff --git a/Patches/LineageOS-16.0/android_frameworks_base/0013-Network_Permission-2.patch b/Patches/LineageOS-16.0/android_frameworks_base/0013-Network_Permission-2.patch new file mode 100644 index 00000000..02b1cd46 --- /dev/null +++ b/Patches/LineageOS-16.0/android_frameworks_base/0013-Network_Permission-2.patch @@ -0,0 +1,36 @@ +From 2dd00723364fcf10e6c9e6c2e022e31524fda92d Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Sun, 17 Mar 2019 11:59:15 -0400 +Subject: [PATCH] make INTERNET into a special runtime permission + +--- + core/res/AndroidManifest.xml | 2 +- + .../android/server/pm/permission/PermissionManagerService.java | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml +index d0ae9dbc55ae..d0449dfc4f57 100644 +--- a/core/res/AndroidManifest.xml ++++ b/core/res/AndroidManifest.xml +@@ -1348,7 +1348,7 @@ + ++ android:protectionLevel="dangerous|instant" /> + + + + ++ ++ ++ + + +diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml +index f6600462ea74..a79fa8e95b6e 100644 +--- a/core/res/res/values/strings.xml ++++ b/core/res/res/values/strings.xml +@@ -747,6 +747,11 @@ + Allow + <b>%1$s</b> to access sensor data about your vital signs? + ++ ++ Network ++ ++ network access ++ + + Retrieve window content + diff --git a/Patches/LineageOS-16.0/android_libcore/0001-Network_Permission.patch b/Patches/LineageOS-16.0/android_libcore/0001-Network_Permission.patch new file mode 100644 index 00000000..4d12d22a --- /dev/null +++ b/Patches/LineageOS-16.0/android_libcore/0001-Network_Permission.patch @@ -0,0 +1,31 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Muhomor +Date: Tue, 14 Dec 2021 21:10:51 +0200 +Subject: [PATCH] don't throw SecurityException when INTERNET permission is + revoked + +--- + ojluni/src/main/java/java/net/Inet6AddressImpl.java | 10 +--------- + 1 file changed, 1 insertion(+), 9 deletions(-) + +diff --git a/ojluni/src/main/java/java/net/Inet6AddressImpl.java b/ojluni/src/main/java/java/net/Inet6AddressImpl.java +index 1edfe344ce..2176973b44 100644 +--- a/ojluni/src/main/java/java/net/Inet6AddressImpl.java ++++ b/ojluni/src/main/java/java/net/Inet6AddressImpl.java +@@ -143,15 +143,7 @@ class Inet6AddressImpl implements InetAddressImpl { + addressCache.put(host, netId, addresses); + return addresses; + } catch (GaiException gaiException) { +- // If the failure appears to have been a lack of INTERNET permission, throw a clear +- // SecurityException to aid in debugging this common mistake. +- // http://code.google.com/p/android/issues/detail?id=15722 +- if (gaiException.getCause() instanceof ErrnoException) { +- if (((ErrnoException) gaiException.getCause()).errno == EACCES) { +- throw new SecurityException("Permission denied (missing INTERNET permission?)", gaiException); +- } +- } +- // Otherwise, throw an UnknownHostException. ++ // Throw an UnknownHostException. + String detailMessage = "Unable to resolve host \"" + host + "\": " + Libcore.os.gai_strerror(gaiException.error); + addressCache.putUnknownHost(host, netId, detailMessage); + throw gaiException.rethrowAsUnknownHostException(detailMessage); diff --git a/Patches/LineageOS-16.0/android_packages_apps_PackageInstaller/0001-Network_Permission-1.patch b/Patches/LineageOS-16.0/android_packages_apps_PackageInstaller/0001-Network_Permission-1.patch new file mode 100644 index 00000000..408f120a --- /dev/null +++ b/Patches/LineageOS-16.0/android_packages_apps_PackageInstaller/0001-Network_Permission-1.patch @@ -0,0 +1,48 @@ +From 880011e7af233249e1b70177daa3cd786574bc85 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Sat, 22 Jul 2017 21:43:50 -0400 +Subject: [PATCH] always treat INTERNET as a runtime permission + +--- + .../permission/model/AppPermissionGroup.java | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java +index aafce8df5..e6087de4c 100644 +--- a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java ++++ b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java +@@ -26,6 +26,7 @@ + import android.content.pm.PackageManager; + import android.content.pm.PermissionGroupInfo; + import android.content.pm.PermissionInfo; ++import android.Manifest; + import android.os.Build; + import android.os.Process; + import android.os.UserHandle; +@@ -338,7 +339,7 @@ public boolean areRuntimePermissionsGranted(String[] filterPermissions) { + && !ArrayUtils.contains(filterPermissions, permission.getName())) { + continue; + } +- if (mAppSupportsRuntimePermissions) { ++ if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) { + if (permission.isGranted()) { + return true; + } +@@ -371,7 +372,7 @@ public boolean grantRuntimePermissions(boolean fixedByTheUser, String[] filterPe + continue; + } + +- if (mAppSupportsRuntimePermissions) { ++ if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) { + // Do not touch permissions fixed by the system. + if (permission.isSystemFixed()) { + return false; +@@ -473,7 +474,7 @@ public boolean revokeRuntimePermissions(boolean fixedByTheUser, String[] filterP + continue; + } + +- if (mAppSupportsRuntimePermissions) { ++ if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) { + // Do not touch permissions fixed by the system. + if (permission.isSystemFixed()) { + return false; diff --git a/Patches/LineageOS-16.0/android_packages_apps_PackageInstaller/0001-Network_Permission-2.patch b/Patches/LineageOS-16.0/android_packages_apps_PackageInstaller/0001-Network_Permission-2.patch new file mode 100644 index 00000000..2ae37ff7 --- /dev/null +++ b/Patches/LineageOS-16.0/android_packages_apps_PackageInstaller/0001-Network_Permission-2.patch @@ -0,0 +1,23 @@ +From c3c6a3206c1753cac7a8db72e2f05ddcf4c66d99 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Fri, 21 Jul 2017 10:29:15 -0400 +Subject: [PATCH] add NETWORK permission group + +--- + src/com/android/packageinstaller/permission/utils/Utils.java | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/com/android/packageinstaller/permission/utils/Utils.java b/src/com/android/packageinstaller/permission/utils/Utils.java +index 85a102831..423b319ee 100644 +--- a/src/com/android/packageinstaller/permission/utils/Utils.java ++++ b/src/com/android/packageinstaller/permission/utils/Utils.java +@@ -51,7 +51,8 @@ + Manifest.permission_group.SMS, + Manifest.permission_group.PHONE, + Manifest.permission_group.MICROPHONE, +- Manifest.permission_group.STORAGE ++ Manifest.permission_group.STORAGE, ++ Manifest.permission_group.NETWORK + }; + + private static final Intent LAUNCHER_INTENT = new Intent(Intent.ACTION_MAIN, null) diff --git a/Patches/LineageOS-16.0/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch b/Patches/LineageOS-16.0/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch index c6a4fbf4..2c556a40 100644 --- a/Patches/LineageOS-16.0/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch +++ b/Patches/LineageOS-16.0/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch @@ -26,7 +26,7 @@ Change-Id: Ibbffdb5f3930df74ca8b4ba93d451f7fad086989 create mode 100644 src/com/android/settings/network/CaptivePortalWarningDialogHost.java diff --git a/res/values-de/cm_strings.xml b/res/values-de/cm_strings.xml -index 53dca0e6e7..dee07db2b4 100644 +index e78bbea120..54e2864c9a 100644 --- a/res/values-de/cm_strings.xml +++ b/res/values-de/cm_strings.xml @@ -308,4 +308,7 @@ diff --git a/Patches/LineageOS-16.0/android_packages_providers_DownloadProvider/0001-Network_Permission.patch b/Patches/LineageOS-16.0/android_packages_providers_DownloadProvider/0001-Network_Permission.patch new file mode 100644 index 00000000..882727bb --- /dev/null +++ b/Patches/LineageOS-16.0/android_packages_providers_DownloadProvider/0001-Network_Permission.patch @@ -0,0 +1,21 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Sun, 6 Aug 2017 08:19:36 -0400 +Subject: [PATCH] remove legacy NETWORK permission group reference + +--- + AndroidManifest.xml | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/AndroidManifest.xml b/AndroidManifest.xml +index 302a58e5..65f38e86 100644 +--- a/AndroidManifest.xml ++++ b/AndroidManifest.xml +@@ -29,7 +29,6 @@ + + + diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-1.patch b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-1.patch new file mode 100644 index 00000000..39c439e6 --- /dev/null +++ b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-1.patch @@ -0,0 +1,102 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Fri, 21 Jul 2017 08:42:55 -0400 +Subject: [PATCH] support new special runtime permissions + +These are treated as a runtime permission even for legacy apps. They +need to be granted by default for all apps to maintain compatibility. +--- + .../server/pm/PackageManagerService.java | 3 ++- + .../permission/PermissionManagerService.java | 23 +++++++++++++++---- + 2 files changed, 20 insertions(+), 6 deletions(-) + +diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java +index edaa60f4b09e..834a6b0d5260 100644 +--- a/services/core/java/com/android/server/pm/PackageManagerService.java ++++ b/services/core/java/com/android/server/pm/PackageManagerService.java +@@ -20162,7 +20162,8 @@ public class PackageManagerService extends IPackageManager.Stub + } + + // If this permission was granted by default, make sure it is. +- if ((oldFlags & FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0) { ++ if ((oldFlags & FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0 ++ || PermissionManagerService.isSpecialRuntimePermission(bp.getName())) { + mPermissionManager.grantRuntimePermission(permName, packageName, false, + Process.SYSTEM_UID, userId, delayingPermCallback); + // Allow app op later as we are holding mPackages +diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +index 82f963e1df2a..293bdc7ba197 100644 +--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java ++++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +@@ -984,6 +984,10 @@ public class PermissionManagerService { + } + } + ++ public static boolean isSpecialRuntimePermission(final String permission) { ++ return false; ++ } ++ + /** + * Restore the permission state for a package. + * +@@ -1277,6 +1281,14 @@ public class PermissionManagerService { + } + } + } ++ ++ if (isSpecialRuntimePermission(bp.name) && ++ origPermissions.getRuntimePermissionState(bp.name, userId) == null) { ++ if (permissionsState.grantRuntimePermission(bp, userId) ++ != PERMISSION_OPERATION_FAILURE) { ++ wasChanged = true; ++ } ++ } + } else { + if (permState == null) { + // New permission +@@ -1410,7 +1422,7 @@ public class PermissionManagerService { + wasChanged = true; + } + } +- } else { ++ } else { + if (!permissionsState.hasRuntimePermission(bp.name, userId) + && permissionsState.grantRuntimePermission(bp, + userId) != PERMISSION_OPERATION_FAILURE) { +@@ -2183,7 +2195,7 @@ public class PermissionManagerService { + && (grantedPermissions == null + || ArrayUtils.contains(grantedPermissions, permission))) { + final int flags = permissionsState.getPermissionFlags(permission, userId); +- if (supportsRuntimePermissions) { ++ if (supportsRuntimePermissions || isSpecialRuntimePermission(bp.name)) { + // Installer cannot change immutable permissions. + if ((flags & immutableFlags) == 0) { + grantRuntimePermission(permission, pkg.packageName, false, callingUid, +@@ -2242,7 +2254,7 @@ public class PermissionManagerService { + // to keep the review required permission flag per user while an + // install permission's state is shared across all users. + if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M +- && bp.isRuntime()) { ++ && bp.isRuntime() && !isSpecialRuntimePermission(bp.name)) { + return; + } + +@@ -2294,7 +2306,8 @@ public class PermissionManagerService { + + permName + " for package " + packageName); + } + +- if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) { ++ if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M ++ && !isSpecialRuntimePermission(permName)) { + Slog.w(TAG, "Cannot grant runtime permission to a legacy app"); + return; + } +@@ -2381,7 +2394,7 @@ public class PermissionManagerService { + // to keep the review required permission flag per user while an + // install permission's state is shared across all users. + if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M +- && bp.isRuntime()) { ++ && bp.isRuntime() && !isSpecialRuntimePermission(permName)) { + return; + } + diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-2.patch b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-2.patch new file mode 100644 index 00000000..689f69fc --- /dev/null +++ b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-2.patch @@ -0,0 +1,36 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Sun, 17 Mar 2019 11:59:15 -0400 +Subject: [PATCH] make INTERNET into a special runtime permission + +--- + core/res/AndroidManifest.xml | 2 +- + .../android/server/pm/permission/PermissionManagerService.java | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml +index 7bcd7a048db4..571099f059c8 100644 +--- a/core/res/AndroidManifest.xml ++++ b/core/res/AndroidManifest.xml +@@ -1539,7 +1539,7 @@ + ++ android:protectionLevel="dangerous|instant" /> + + + + ++ ++ ++ + + +diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml +index e2afd1e1e0cc..2cf2b923ef90 100644 +--- a/core/res/res/values/strings.xml ++++ b/core/res/res/values/strings.xml +@@ -792,6 +792,11 @@ + Allow + <b>%1$s</b> to access sensor data about your vital signs? + ++ ++ Network ++ ++ access the network ++ + + Retrieve window content + diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-4.patch b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-4.patch new file mode 100644 index 00000000..5a6dbc63 --- /dev/null +++ b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-4.patch @@ -0,0 +1,111 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zoraver Kang +Date: Mon, 16 Sep 2019 16:41:30 -0400 +Subject: [PATCH] Enforce INTERNET as a runtime permission. + +--- + .../connectivity/PermissionMonitor.java | 59 ++++++++++++------- + 1 file changed, 39 insertions(+), 20 deletions(-) + +diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +index 56f4959a9714..0b2012fa759a 100644 +--- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java ++++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +@@ -29,6 +29,7 @@ import static android.os.Process.INVALID_UID; + import static android.os.Process.SYSTEM_UID; + + import android.annotation.NonNull; ++import android.annotation.UserIdInt; + import android.content.Context; + import android.content.pm.ApplicationInfo; + import android.content.pm.PackageInfo; +@@ -55,6 +56,7 @@ import com.android.internal.util.ArrayUtils; + import com.android.internal.util.IndentingPrintWriter; + import com.android.server.LocalServices; + import com.android.server.SystemConfig; ++import com.android.server.pm.permission.PermissionManagerServiceInternal; + + import java.util.ArrayList; + import java.util.Collection; +@@ -80,6 +82,7 @@ public class PermissionMonitor { + private static final int VERSION_Q = Build.VERSION_CODES.Q; + + private final PackageManager mPackageManager; ++ private final PackageManagerInternal mPackageManagerInternal; + private final UserManager mUserManager; + private final INetd mNetd; + +@@ -104,26 +107,6 @@ public class PermissionMonitor { + + private class PackageListObserver implements PackageManagerInternal.PackageListObserver { + +- private int getPermissionForUid(int uid) { +- int permission = 0; +- // Check all the packages for this UID. The UID has the permission if any of the +- // packages in it has the permission. +- String[] packages = mPackageManager.getPackagesForUid(uid); +- if (packages != null && packages.length > 0) { +- for (String name : packages) { +- final PackageInfo app = getPackageInfo(name); +- if (app != null && app.requestedPermissions != null) { +- permission |= getNetdPermissionMask(app.requestedPermissions, +- app.requestedPermissionsFlags); +- } +- } +- } else { +- // The last package of this uid is removed from device. Clean the package up. +- permission = INetd.PERMISSION_UNINSTALLED; +- } +- return permission; +- } +- + @Override + public void onPackageAdded(String packageName, int uid) { + sendPackagePermissionsForUid(uid, getPermissionForUid(uid)); +@@ -140,10 +123,46 @@ public class PermissionMonitor { + } + } + ++ private int getPermissionForUid(int uid) { ++ int permission = 0; ++ // Check all the packages for this UID. The UID has the permission if any of the ++ // packages in it has the permission. ++ String[] packages = mPackageManager.getPackagesForUid(uid); ++ if (packages != null && packages.length > 0) { ++ for (String name : packages) { ++ final PackageInfo app = getPackageInfo(name); ++ if (app != null && app.requestedPermissions != null) { ++ permission |= getNetdPermissionMask(app.requestedPermissions, ++ app.requestedPermissionsFlags); ++ } ++ } ++ } else { ++ // The last package of this uid is removed from device. Clean the package up. ++ permission = INetd.PERMISSION_UNINSTALLED; ++ } ++ return permission; ++ } ++ ++ // implements OnRuntimePermissionStateChangedListener ++ private void enforceINTERNETAsRuntimePermission(@NonNull String packageName, ++ @UserIdInt int userId) { ++ // userId is _not_ uid ++ int uid = mPackageManagerInternal.getPackageUid(packageName, 0, userId); ++ sendPackagePermissionsForUid(uid, getPermissionForUid(uid)); ++ } ++ + public PermissionMonitor(Context context, INetd netd) { + mPackageManager = context.getPackageManager(); + mUserManager = (UserManager) context.getSystemService(Context.USER_SERVICE); + mNetd = netd; ++ ++ mPackageManagerInternal = LocalServices.getService( ++ PackageManagerInternal.class); ++ ++ final PermissionManagerServiceInternal permManagerInternal = LocalServices.getService( ++ PermissionManagerServiceInternal.class); ++ permManagerInternal.addOnRuntimePermissionStateChangedListener( ++ this::enforceINTERNETAsRuntimePermission); + } + + // Intended to be called only once at startup, after the system is ready. Installs a broadcast diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-5.patch b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-5.patch new file mode 100644 index 00000000..f7c3f783 --- /dev/null +++ b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-5.patch @@ -0,0 +1,82 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: pratyush +Date: Sun, 25 Apr 2021 07:04:03 +0530 +Subject: [PATCH] fix INTERNET enforcement for secondary users + +This code was not specifying the profile for the app so it wasn't +working properly with INTERNET as a runtime permission. +--- + .../connectivity/PermissionMonitor.java | 20 +++++++++---------- + 1 file changed, 10 insertions(+), 10 deletions(-) + +diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +index 0b2012fa759a..827dd3a3493d 100644 +--- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java ++++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +@@ -130,7 +130,8 @@ public class PermissionMonitor { + String[] packages = mPackageManager.getPackagesForUid(uid); + if (packages != null && packages.length > 0) { + for (String name : packages) { +- final PackageInfo app = getPackageInfo(name); ++ int userId = UserHandle.getUserId(uid); ++ final PackageInfo app = getPackageInfo(name, userId); + if (app != null && app.requestedPermissions != null) { + permission |= getNetdPermissionMask(app.requestedPermissions, + app.requestedPermissionsFlags); +@@ -147,7 +148,7 @@ public class PermissionMonitor { + private void enforceINTERNETAsRuntimePermission(@NonNull String packageName, + @UserIdInt int userId) { + // userId is _not_ uid +- int uid = mPackageManagerInternal.getPackageUid(packageName, 0, userId); ++ int uid = mPackageManagerInternal.getPackageUidInternal( packageName, GET_PERMISSIONS, userId); + sendPackagePermissionsForUid(uid, getPermissionForUid(uid)); + } + +@@ -363,12 +364,13 @@ public class PermissionMonitor { + } + + @VisibleForTesting +- protected Boolean highestPermissionForUid(Boolean currentPermission, String name) { ++ protected Boolean highestPermissionForUid(Boolean currentPermission, String name, int uid) { + if (currentPermission == SYSTEM) { + return currentPermission; + } + try { +- final PackageInfo app = mPackageManager.getPackageInfo(name, GET_PERMISSIONS); ++ final PackageInfo app = mPackageManager.getPackageInfoAsUser(name, GET_PERMISSIONS, ++ UserHandle.getUserId(uid)); + final boolean isNetwork = hasNetworkPermission(app); + final boolean hasRestrictedPermission = hasRestrictedNetworkPermission(app); + if (isNetwork || hasRestrictedPermission) { +@@ -392,7 +394,7 @@ public class PermissionMonitor { + public synchronized void onPackageAdded(String packageName, int uid) { + // If multiple packages share a UID (cf: android:sharedUserId) and ask for different + // permissions, don't downgrade (i.e., if it's already SYSTEM, leave it as is). +- final Boolean permission = highestPermissionForUid(mApps.get(uid), packageName); ++ final Boolean permission = highestPermissionForUid(mApps.get(uid), packageName, uid); + if (permission != mApps.get(uid)) { + mApps.put(uid, permission); + +@@ -444,7 +446,7 @@ public class PermissionMonitor { + String[] packages = mPackageManager.getPackagesForUid(uid); + if (packages != null && packages.length > 0) { + for (String name : packages) { +- permission = highestPermissionForUid(permission, name); ++ permission = highestPermissionForUid(permission, name, uid); + if (permission == SYSTEM) { + // An app with this UID still has the SYSTEM permission. + // Therefore, this UID must already have the SYSTEM permission. +@@ -484,11 +486,9 @@ public class PermissionMonitor { + return permissions; + } + +- private PackageInfo getPackageInfo(String packageName) { ++ private PackageInfo getPackageInfo(String packageName, int userId) { + try { +- PackageInfo app = mPackageManager.getPackageInfo(packageName, GET_PERMISSIONS +- | MATCH_ANY_USER); +- return app; ++ return mPackageManager.getPackageInfoAsUser(packageName, GET_PERMISSIONS, userId); + } catch (NameNotFoundException e) { + return null; + } diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-6.patch b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-6.patch new file mode 100644 index 00000000..abef84c2 --- /dev/null +++ b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-6.patch @@ -0,0 +1,125 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Pratyush +Date: Thu, 12 Aug 2021 03:44:41 +0530 +Subject: [PATCH] send uid for each user instead of just owner/admin user + +--- + .../connectivity/PermissionMonitor.java | 83 +++++++++++-------- + 1 file changed, 49 insertions(+), 34 deletions(-) + +diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +index 827dd3a3493d..6fa9ea20a481 100644 +--- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java ++++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +@@ -132,7 +132,7 @@ public class PermissionMonitor { + for (String name : packages) { + int userId = UserHandle.getUserId(uid); + final PackageInfo app = getPackageInfo(name, userId); +- if (app != null && app.requestedPermissions != null) { ++ if (app != null && app.requestedPermissions != null && app.applicationInfo.uid == uid) { + permission |= getNetdPermissionMask(app.requestedPermissions, + app.requestedPermissionsFlags); + } +@@ -177,44 +177,45 @@ public class PermissionMonitor { + } else { + loge("failed to get the PackageManagerInternal service"); + } +- List apps = mPackageManager.getInstalledPackages(GET_PERMISSIONS +- | MATCH_ANY_USER); +- if (apps == null) { +- loge("No apps"); +- return; +- } + + SparseIntArray netdPermsUids = new SparseIntArray(); + +- for (PackageInfo app : apps) { +- int uid = app.applicationInfo != null ? app.applicationInfo.uid : INVALID_UID; +- if (uid < 0) { +- continue; +- } +- mAllApps.add(UserHandle.getAppId(uid)); +- +- boolean isNetwork = hasNetworkPermission(app); +- boolean hasRestrictedPermission = hasRestrictedNetworkPermission(app); +- +- if (isNetwork || hasRestrictedPermission) { +- Boolean permission = mApps.get(uid); +- // If multiple packages share a UID (cf: android:sharedUserId) and ask for different +- // permissions, don't downgrade (i.e., if it's already SYSTEM, leave it as is). +- if (permission == null || permission == NETWORK) { +- mApps.put(uid, hasRestrictedPermission); +- } +- } +- +- //TODO: unify the management of the permissions into one codepath. +- int otherNetdPerms = getNetdPermissionMask(app.requestedPermissions, +- app.requestedPermissionsFlags); +- netdPermsUids.put(uid, netdPermsUids.get(uid) | otherNetdPerms); +- } +- + List users = mUserManager.getUsers(true); // exclude dying users + if (users != null) { + for (UserInfo user : users) { + mUsers.add(user.id); ++ ++ List apps = mPackageManager.getInstalledPackagesAsUser(GET_PERMISSIONS, user.id); ++ if (apps == null) { ++ loge("No apps"); ++ continue; ++ } ++ ++ for (PackageInfo app : apps) { ++ int uid = app.applicationInfo != null ? app.applicationInfo.uid : INVALID_UID; ++ if (uid < 0) { ++ continue; ++ } ++ mAllApps.add(UserHandle.getAppId(uid)); ++ ++ boolean isNetwork = hasNetworkPermission(app); ++ boolean hasRestrictedPermission = hasRestrictedNetworkPermission(app); ++ ++ if (isNetwork || hasRestrictedPermission) { ++ Boolean permission = mApps.get(uid); ++ // If multiple packages share a UID (cf: android:sharedUserId) and ask for different ++ // permissions, don't downgrade (i.e., if it's already SYSTEM, leave it as is). ++ if (permission == null || permission == NETWORK) { ++ mApps.put(uid, hasRestrictedPermission); ++ } ++ } ++ ++ //TODO: unify the management of the permissions into one codepath. ++ int otherNetdPerms = getNetdPermissionMask(app.requestedPermissions, ++ app.requestedPermissionsFlags); ++ netdPermsUids.put(uid, netdPermsUids.get(uid) | otherNetdPerms); ++ } ++ + } + } + +@@ -307,9 +308,23 @@ public class PermissionMonitor { + List network = new ArrayList<>(); + List system = new ArrayList<>(); + for (Entry app : apps.entrySet()) { +- List list = app.getValue() ? system : network; + for (int user : users) { +- list.add(UserHandle.getUid(user, app.getKey())); ++ int uid = UserHandle.getUid(user, UserHandle.getAppId(app.getKey())); ++ if (uid < 0) continue; ++ String[] packages = mPackageManager.getPackagesForUid(uid); ++ if (packages == null) continue; ++ for (String pkg : packages) { ++ PackageInfo info = getPackageInfo(pkg, user); ++ if (info != null && info.applicationInfo.uid == uid) { ++ boolean isNetwork = hasNetworkPermission(info); ++ boolean hasRestrictedPermission = hasRestrictedNetworkPermission(info); ++ ++ if (isNetwork || hasRestrictedPermission) { ++ List list = hasRestrictedPermission ? system : network; ++ list.add(UserHandle.getUid(user, app.getKey())); ++ } ++ } ++ } + } + } + try { diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-7.patch b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-7.patch new file mode 100644 index 00000000..cfbb71fc --- /dev/null +++ b/Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-7.patch @@ -0,0 +1,42 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Muhomor +Date: Tue, 14 Dec 2021 18:17:11 +0200 +Subject: [PATCH] skip reportNetworkConnectivity() when permission is revoked + +--- + core/java/android/net/ConnectivityManager.java | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java +index 12102a140947..21661609ff72 100644 +--- a/core/java/android/net/ConnectivityManager.java ++++ b/core/java/android/net/ConnectivityManager.java +@@ -17,6 +17,7 @@ package android.net; + + import static android.net.IpSecManager.INVALID_RESOURCE_ID; + ++import android.Manifest; + import android.annotation.CallbackExecutor; + import android.annotation.IntDef; + import android.annotation.NonNull; +@@ -31,6 +32,7 @@ import android.annotation.UnsupportedAppUsage; + import android.app.PendingIntent; + import android.content.Context; + import android.content.Intent; ++import android.content.pm.PackageManager; + import android.net.IpSecManager.UdpEncapsulationSocket; + import android.net.SocketKeepalive.Callback; + import android.os.Binder; +@@ -3054,6 +3056,12 @@ public class ConnectivityManager { + */ + public void reportNetworkConnectivity(@Nullable Network network, boolean hasConnectivity) { + printStackTrace(); ++ if (mContext.checkSelfPermission(Manifest.permission.INTERNET) != PackageManager.PERMISSION_GRANTED) { ++ // ConnectivityService enforces this by throwing an unexpected SecurityException, ++ // which puts GMS into a crash loop. Also useful for other apps that don't expect that ++ // INTERNET permission might get revoked. ++ return; ++ } + try { + mService.reportNetworkConnectivity(network, hasConnectivity); + } catch (RemoteException e) { diff --git a/Patches/LineageOS-17.1/android_libcore/0003-Network_Permission.patch b/Patches/LineageOS-17.1/android_libcore/0003-Network_Permission.patch new file mode 100644 index 00000000..935415b6 --- /dev/null +++ b/Patches/LineageOS-17.1/android_libcore/0003-Network_Permission.patch @@ -0,0 +1,32 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Muhomor +Date: Tue, 14 Dec 2021 21:10:51 +0200 +Subject: [PATCH] don't throw SecurityException when INTERNET permission is + revoked + +--- + ojluni/src/main/java/java/net/Inet6AddressImpl.java | 11 +---------- + 1 file changed, 1 insertion(+), 10 deletions(-) + +diff --git a/ojluni/src/main/java/java/net/Inet6AddressImpl.java b/ojluni/src/main/java/java/net/Inet6AddressImpl.java +index bb722f3df2..212f8b50ef 100644 +--- a/ojluni/src/main/java/java/net/Inet6AddressImpl.java ++++ b/ojluni/src/main/java/java/net/Inet6AddressImpl.java +@@ -141,16 +141,7 @@ class Inet6AddressImpl implements InetAddressImpl { + addressCache.put(host, netId, addresses); + return addresses; + } catch (GaiException gaiException) { +- // If the failure appears to have been a lack of INTERNET permission, throw a clear +- // SecurityException to aid in debugging this common mistake. +- // http://code.google.com/p/android/issues/detail?id=15722 +- if (gaiException.getCause() instanceof ErrnoException) { +- int errno = ((ErrnoException) gaiException.getCause()).errno; +- if (errno == EACCES || errno == EPERM) { +- throw new SecurityException("Permission denied (missing INTERNET permission?)", gaiException); +- } +- } +- // Otherwise, throw an UnknownHostException. ++ // Throw an UnknownHostException. + String detailMessage = "Unable to resolve host \"" + host + "\": " + Libcore.os.gai_strerror(gaiException.error); + addressCache.putUnknownHost(host, netId, detailMessage); + throw gaiException.rethrowAsUnknownHostException(detailMessage); diff --git a/Patches/LineageOS-17.1/android_packages_apps_PermissionController/0001-Network_Permission-1.patch b/Patches/LineageOS-17.1/android_packages_apps_PermissionController/0001-Network_Permission-1.patch new file mode 100644 index 00000000..1f07eb6e --- /dev/null +++ b/Patches/LineageOS-17.1/android_packages_apps_PermissionController/0001-Network_Permission-1.patch @@ -0,0 +1,61 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Sat, 22 Jul 2017 21:43:50 -0400 +Subject: [PATCH] always treat INTERNET as a runtime permission + +--- + .../permission/model/AppPermissionGroup.java | 5 +++-- + .../packageinstaller/permission/model/Permission.java | 3 ++- + 2 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java +index da5277777..c9fa2ca3e 100644 +--- a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java ++++ b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java +@@ -33,6 +33,7 @@ import android.content.pm.PackageManager; + import android.content.pm.PackageManager.NameNotFoundException; + import android.content.pm.PermissionGroupInfo; + import android.content.pm.PermissionInfo; ++import android.Manifest; + import android.os.Build; + import android.os.UserHandle; + import android.permission.PermissionManager; +@@ -785,7 +786,7 @@ public final class AppPermissionGroup implements Comparable + + boolean wasGranted = permission.isGrantedIncludingAppOp(); + +- if (mAppSupportsRuntimePermissions) { ++ if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) { + // Do not touch permissions fixed by the system. + if (permission.isSystemFixed()) { + wasAllGranted = false; +@@ -962,7 +963,7 @@ public final class AppPermissionGroup implements Comparable + break; + } + +- if (mAppSupportsRuntimePermissions) { ++ if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) { + // Revoke the permission if needed. + if (permission.isGranted()) { + permission.setGranted(false); +diff --git a/src/com/android/packageinstaller/permission/model/Permission.java b/src/com/android/packageinstaller/permission/model/Permission.java +index 463c34795..c2ec88902 100644 +--- a/src/com/android/packageinstaller/permission/model/Permission.java ++++ b/src/com/android/packageinstaller/permission/model/Permission.java +@@ -18,6 +18,7 @@ package com.android.packageinstaller.permission.model; + + import android.content.pm.PackageManager; + import android.content.pm.PermissionInfo; ++import android.Manifest; + + import androidx.annotation.NonNull; + +@@ -136,7 +137,7 @@ public final class Permission { + * @return {@code true} if the permission (and the app-op) is granted. + */ + public boolean isGrantedIncludingAppOp() { +- return mGranted && (!affectsAppOp() || isAppOpAllowed()) && !isReviewRequired(); ++ return mGranted && (!affectsAppOp() || isAppOpAllowed()) && (!isReviewRequired() || Manifest.permission.INTERNET.equals(mName)); + } + + public boolean isReviewRequired() { diff --git a/Patches/LineageOS-17.1/android_packages_apps_PermissionController/0001-Network_Permission-2.patch b/Patches/LineageOS-17.1/android_packages_apps_PermissionController/0001-Network_Permission-2.patch new file mode 100644 index 00000000..31bab9a3 --- /dev/null +++ b/Patches/LineageOS-17.1/android_packages_apps_PermissionController/0001-Network_Permission-2.patch @@ -0,0 +1,30 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Fri, 21 Jul 2017 10:29:15 -0400 +Subject: [PATCH] add INTERNET permission toggle + +--- + src/com/android/packageinstaller/permission/utils/Utils.java | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/com/android/packageinstaller/permission/utils/Utils.java b/src/com/android/packageinstaller/permission/utils/Utils.java +index b7be30dcc..162b15f37 100644 +--- a/src/com/android/packageinstaller/permission/utils/Utils.java ++++ b/src/com/android/packageinstaller/permission/utils/Utils.java +@@ -24,6 +24,7 @@ import static android.Manifest.permission_group.CAMERA; + import static android.Manifest.permission_group.CONTACTS; + import static android.Manifest.permission_group.LOCATION; + import static android.Manifest.permission_group.MICROPHONE; ++import static android.Manifest.permission_group.NETWORK; + import static android.Manifest.permission_group.PHONE; + import static android.Manifest.permission_group.SENSORS; + import static android.Manifest.permission_group.SMS; +@@ -173,6 +174,8 @@ public final class Utils { + + PLATFORM_PERMISSIONS.put(Manifest.permission.BODY_SENSORS, SENSORS); + ++ PLATFORM_PERMISSIONS.put(Manifest.permission.INTERNET, NETWORK); ++ + PLATFORM_PERMISSION_GROUPS = new ArrayMap<>(); + int numPlatformPermissions = PLATFORM_PERMISSIONS.size(); + for (int i = 0; i < numPlatformPermissions; i++) { diff --git a/Patches/LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch b/Patches/LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch index e51952b4..c577c5fe 100644 --- a/Patches/LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch +++ b/Patches/LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch @@ -29,7 +29,7 @@ Change-Id: Ibbffdb5f3930df74ca8b4ba93d451f7fad086989 create mode 100644 src/com/android/settings/network/CaptivePortalWarningDialogHost.java diff --git a/res/values-de/cm_strings.xml b/res/values-de/cm_strings.xml -index ebb53e1237..970b7c9086 100644 +index d1ed0c6863..7ab4de0561 100644 --- a/res/values-de/cm_strings.xml +++ b/res/values-de/cm_strings.xml @@ -112,4 +112,7 @@ diff --git a/Patches/LineageOS-17.1/android_packages_providers_DownloadProvider/0001-Network_Permission.patch b/Patches/LineageOS-17.1/android_packages_providers_DownloadProvider/0001-Network_Permission.patch new file mode 100644 index 00000000..882727bb --- /dev/null +++ b/Patches/LineageOS-17.1/android_packages_providers_DownloadProvider/0001-Network_Permission.patch @@ -0,0 +1,21 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Sun, 6 Aug 2017 08:19:36 -0400 +Subject: [PATCH] remove legacy NETWORK permission group reference + +--- + AndroidManifest.xml | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/AndroidManifest.xml b/AndroidManifest.xml +index 302a58e5..65f38e86 100644 +--- a/AndroidManifest.xml ++++ b/AndroidManifest.xml +@@ -29,7 +29,6 @@ + + + diff --git a/Patches/LineageOS-17.1/android_system_netd/0001-Network_Permission.patch b/Patches/LineageOS-17.1/android_system_netd/0001-Network_Permission.patch new file mode 100644 index 00000000..64254c7c --- /dev/null +++ b/Patches/LineageOS-17.1/android_system_netd/0001-Network_Permission.patch @@ -0,0 +1,31 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Pratyush +Date: Thu, 12 Aug 2021 00:15:25 +0530 +Subject: [PATCH] use uid instead of app id for tracking INTERNET permission + +Change-Id: Ibec846480f3b440b5a323c86efa95c2fd1d81284 +--- + bpf_progs/netd.c | 10 ++-------- + 1 file changed, 2 insertions(+), 8 deletions(-) + +diff --git a/bpf_progs/netd.c b/bpf_progs/netd.c +index 1362be25..69b618f8 100644 +--- a/bpf_progs/netd.c ++++ b/bpf_progs/netd.c +@@ -74,14 +74,8 @@ DEFINE_BPF_MAP(uid_permission_map, HASH, uint32_t, uint8_t, UID_OWNER_MAP_SIZE) + SEC("cgroupsock/inet/create") + int inet_socket_create(struct bpf_sock* sk) { + uint64_t gid_uid = bpf_get_current_uid_gid(); +- /* +- * A given app is guaranteed to have the same app ID in all the profiles in +- * which it is installed, and install permission is granted to app for all +- * user at install time so we only check the appId part of a request uid at +- * run time. See UserHandle#isSameApp for detail. +- */ +- uint32_t appId = (gid_uid & 0xffffffff) % PER_USER_RANGE; +- uint8_t* permissions = bpf_uid_permission_map_lookup_elem(&appId); ++ uint32_t uid = (gid_uid & 0xffffffff); ++ uint8_t* permissions = bpf_uid_permission_map_lookup_elem(&uid); + if (!permissions) { + // UID not in map. Default to just INTERNET permission. + return 1; diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-1.patch b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-1.patch new file mode 100644 index 00000000..13b26ea7 --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-1.patch @@ -0,0 +1,95 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: inthewaves +Date: Sat, 12 Sep 2020 12:28:34 -0700 +Subject: [PATCH] support new special runtime permissions + +These are treated as a runtime permission even for legacy apps. They +need to be granted by default for all apps to maintain compatibility. + +Ported from 10: 4d5d82f4e2fb9ff68158bf30f3944591bb74dd04 + +Changes from 10: +- It seems like parts of PackageManagerService#resetUserChangesToRuntimePermissionsAndFlagsLPw +were refactored into PermissionManagerService#resetRuntimePermissionsInternal. +As a result, PackageManagerService is no longer modified. +--- + .../permission/PermissionManagerService.java | 24 +++++++++++++++---- + 1 file changed, 19 insertions(+), 5 deletions(-) + +diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +index 8d2363b6e831..26b959879084 100644 +--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java ++++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +@@ -1461,7 +1461,7 @@ public class PermissionManagerService extends IPermissionManager.Stub { + // to keep the review required permission flag per user while an + // install permission's state is shared across all users. + if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M +- && bp.isRuntime()) { ++ && bp.isRuntime() && !isSpecialRuntimePermission(permName)) { + return; + } + +@@ -1513,7 +1513,8 @@ public class PermissionManagerService extends IPermissionManager.Stub { + + permName + " for package " + packageName); + } + +- if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M) { ++ if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M ++ && !isSpecialRuntimePermission(permName)) { + Slog.w(TAG, "Cannot grant runtime permission to a legacy app"); + return; + } +@@ -1623,7 +1624,7 @@ public class PermissionManagerService extends IPermissionManager.Stub { + // to keep the review required permission flag per user while an + // install permission's state is shared across all users. + if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M +- && bp.isRuntime()) { ++ && bp.isRuntime() && !isSpecialRuntimePermission(bp.name)) { + return; + } + +@@ -1847,7 +1848,8 @@ public class PermissionManagerService extends IPermissionManager.Stub { + + // If this permission was granted by default or role, make sure it is. + if ((oldFlags & FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0 +- || (oldFlags & FLAG_PERMISSION_GRANTED_BY_ROLE) != 0) { ++ || (oldFlags & FLAG_PERMISSION_GRANTED_BY_ROLE) != 0 ++ || isSpecialRuntimePermission(bp.getName())) { + // PermissionPolicyService will handle the app op for runtime permissions later. + grantRuntimePermissionInternal(permName, packageName, false, + Process.SYSTEM_UID, userId, delayingPermCallback); +@@ -2606,6 +2608,10 @@ public class PermissionManagerService extends IPermissionManager.Stub { + } + } + ++ public static boolean isSpecialRuntimePermission(final String permission) { ++ return false; ++ } ++ + /** + * Restore the permission state for a package. + * +@@ -2952,6 +2958,14 @@ public class PermissionManagerService extends IPermissionManager.Stub { + } + } + } ++ ++ if (isSpecialRuntimePermission(bp.name) && ++ origPermissions.getRuntimePermissionState(bp.name, userId) == null) { ++ if (permissionsState.grantRuntimePermission(bp, userId) ++ != PERMISSION_OPERATION_FAILURE) { ++ wasChanged = true; ++ } ++ } + } else { + if (permState == null) { + // New permission +@@ -3907,7 +3921,7 @@ public class PermissionManagerService extends IPermissionManager.Stub { + && (grantedPermissions == null + || ArrayUtils.contains(grantedPermissions, permission))) { + final int flags = permissionsState.getPermissionFlags(permission, userId); +- if (supportsRuntimePermissions) { ++ if (supportsRuntimePermissions || isSpecialRuntimePermission(bp.name)) { + // Installer cannot change immutable permissions. + if ((flags & immutableFlags) == 0) { + grantRuntimePermissionInternal(permission, pkg.getPackageName(), false, diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-2.patch b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-2.patch new file mode 100644 index 00000000..83562c69 --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-2.patch @@ -0,0 +1,37 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Sun, 17 Mar 2019 11:59:15 -0400 +Subject: [PATCH] make INTERNET into a special runtime permission + +Ported from 10: 5e2898e9d21dd6802bb0b0139e7e496c41e1cd80 +--- + core/res/AndroidManifest.xml | 2 +- + .../android/server/pm/permission/PermissionManagerService.java | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml +index ee428371a016..0eff7ae9a0cd 100644 +--- a/core/res/AndroidManifest.xml ++++ b/core/res/AndroidManifest.xml +@@ -1607,7 +1607,7 @@ + ++ android:protectionLevel="dangerous|instant" /> + + + + ++ ++ ++ + + +diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml +index 5c659123b027..7f114cf9b6b4 100644 +--- a/core/res/res/values/strings.xml ++++ b/core/res/res/values/strings.xml +@@ -804,6 +804,11 @@ + + access sensor data about your vital signs + ++ ++ Network ++ ++ access the network ++ + + Retrieve window content + +diff --git a/non-updatable-api/current.txt b/non-updatable-api/current.txt +index 5f15216e8400..189544f98594 100644 +--- a/non-updatable-api/current.txt ++++ b/non-updatable-api/current.txt +@@ -184,6 +184,7 @@ package android { + field public static final String CONTACTS = "android.permission-group.CONTACTS"; + field public static final String LOCATION = "android.permission-group.LOCATION"; + field public static final String MICROPHONE = "android.permission-group.MICROPHONE"; ++ field public static final String NETWORK = "android.permission-group.NETWORK"; + field public static final String PHONE = "android.permission-group.PHONE"; + field public static final String SENSORS = "android.permission-group.SENSORS"; + field public static final String SMS = "android.permission-group.SMS"; diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-4.patch b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-4.patch new file mode 100644 index 00000000..26d1ea1d --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-4.patch @@ -0,0 +1,112 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zoraver Kang +Date: Mon, 16 Sep 2019 16:41:30 -0400 +Subject: [PATCH] Enforce INTERNET as a runtime permission. + +Ported from 10: 69f726bc4219a7acea0319ae8d4b5fda48cd9861 +--- + .../connectivity/PermissionMonitor.java | 59 ++++++++++++------- + 1 file changed, 39 insertions(+), 20 deletions(-) + +diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +index f0b7150dd84f..41c013b4b197 100644 +--- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java ++++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +@@ -29,6 +29,7 @@ import static android.os.Process.INVALID_UID; + import static android.os.Process.SYSTEM_UID; + + import android.annotation.NonNull; ++import android.annotation.UserIdInt; + import android.content.Context; + import android.content.pm.ApplicationInfo; + import android.content.pm.PackageInfo; +@@ -55,6 +56,7 @@ import com.android.internal.util.ArrayUtils; + import com.android.internal.util.IndentingPrintWriter; + import com.android.server.LocalServices; + import com.android.server.SystemConfig; ++import com.android.server.pm.permission.PermissionManagerServiceInternal; + + import java.util.ArrayList; + import java.util.Collection; +@@ -80,6 +82,7 @@ public class PermissionMonitor { + private static final int VERSION_Q = Build.VERSION_CODES.Q; + + private final PackageManager mPackageManager; ++ private final PackageManagerInternal mPackageManagerInternal; + private final UserManager mUserManager; + private final INetd mNetd; + +@@ -104,26 +107,6 @@ public class PermissionMonitor { + + private class PackageListObserver implements PackageManagerInternal.PackageListObserver { + +- private int getPermissionForUid(int uid) { +- int permission = 0; +- // Check all the packages for this UID. The UID has the permission if any of the +- // packages in it has the permission. +- String[] packages = mPackageManager.getPackagesForUid(uid); +- if (packages != null && packages.length > 0) { +- for (String name : packages) { +- final PackageInfo app = getPackageInfo(name); +- if (app != null && app.requestedPermissions != null) { +- permission |= getNetdPermissionMask(app.requestedPermissions, +- app.requestedPermissionsFlags); +- } +- } +- } else { +- // The last package of this uid is removed from device. Clean the package up. +- permission = INetd.PERMISSION_UNINSTALLED; +- } +- return permission; +- } +- + @Override + public void onPackageAdded(String packageName, int uid) { + sendPackagePermissionsForUid(uid, getPermissionForUid(uid)); +@@ -140,10 +123,46 @@ public class PermissionMonitor { + } + } + ++ private int getPermissionForUid(int uid) { ++ int permission = 0; ++ // Check all the packages for this UID. The UID has the permission if any of the ++ // packages in it has the permission. ++ String[] packages = mPackageManager.getPackagesForUid(uid); ++ if (packages != null && packages.length > 0) { ++ for (String name : packages) { ++ final PackageInfo app = getPackageInfo(name); ++ if (app != null && app.requestedPermissions != null) { ++ permission |= getNetdPermissionMask(app.requestedPermissions, ++ app.requestedPermissionsFlags); ++ } ++ } ++ } else { ++ // The last package of this uid is removed from device. Clean the package up. ++ permission = INetd.PERMISSION_UNINSTALLED; ++ } ++ return permission; ++ } ++ ++ // implements OnRuntimePermissionStateChangedListener ++ private void enforceINTERNETAsRuntimePermission(@NonNull String packageName, ++ @UserIdInt int userId) { ++ // userId is _not_ uid ++ int uid = mPackageManagerInternal.getPackageUid(packageName, 0, userId); ++ sendPackagePermissionsForUid(uid, getPermissionForUid(uid)); ++ } ++ + public PermissionMonitor(Context context, INetd netd) { + mPackageManager = context.getPackageManager(); + mUserManager = (UserManager) context.getSystemService(Context.USER_SERVICE); + mNetd = netd; ++ ++ mPackageManagerInternal = LocalServices.getService( ++ PackageManagerInternal.class); ++ ++ final PermissionManagerServiceInternal permManagerInternal = LocalServices.getService( ++ PermissionManagerServiceInternal.class); ++ permManagerInternal.addOnRuntimePermissionStateChangedListener( ++ this::enforceINTERNETAsRuntimePermission); + } + + // Intended to be called only once at startup, after the system is ready. Installs a broadcast diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-5.patch b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-5.patch new file mode 100644 index 00000000..b5108b4a --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-5.patch @@ -0,0 +1,82 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: pratyush +Date: Sun, 25 Apr 2021 07:04:03 +0530 +Subject: [PATCH] fix INTERNET enforcement for secondary users + +This code was not specifying the profile for the app so it wasn't +working properly with INTERNET as a runtime permission. +--- + .../connectivity/PermissionMonitor.java | 20 +++++++++---------- + 1 file changed, 10 insertions(+), 10 deletions(-) + +diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +index 41c013b4b197..09cd274cbb05 100644 +--- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java ++++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +@@ -130,7 +130,8 @@ public class PermissionMonitor { + String[] packages = mPackageManager.getPackagesForUid(uid); + if (packages != null && packages.length > 0) { + for (String name : packages) { +- final PackageInfo app = getPackageInfo(name); ++ int userId = UserHandle.getUserId(uid); ++ final PackageInfo app = getPackageInfo(name, userId); + if (app != null && app.requestedPermissions != null) { + permission |= getNetdPermissionMask(app.requestedPermissions, + app.requestedPermissionsFlags); +@@ -147,7 +148,7 @@ public class PermissionMonitor { + private void enforceINTERNETAsRuntimePermission(@NonNull String packageName, + @UserIdInt int userId) { + // userId is _not_ uid +- int uid = mPackageManagerInternal.getPackageUid(packageName, 0, userId); ++ int uid = mPackageManagerInternal.getPackageUidInternal( packageName, GET_PERMISSIONS, userId); + sendPackagePermissionsForUid(uid, getPermissionForUid(uid)); + } + +@@ -364,12 +365,13 @@ public class PermissionMonitor { + } + + @VisibleForTesting +- protected Boolean highestPermissionForUid(Boolean currentPermission, String name) { ++ protected Boolean highestPermissionForUid(Boolean currentPermission, String name, int uid) { + if (currentPermission == SYSTEM) { + return currentPermission; + } + try { +- final PackageInfo app = mPackageManager.getPackageInfo(name, GET_PERMISSIONS); ++ final PackageInfo app = mPackageManager.getPackageInfoAsUser(name, GET_PERMISSIONS, ++ UserHandle.getUserId(uid)); + final boolean isNetwork = hasNetworkPermission(app); + final boolean hasRestrictedPermission = hasRestrictedNetworkPermission(app); + if (isNetwork || hasRestrictedPermission) { +@@ -393,7 +395,7 @@ public class PermissionMonitor { + public synchronized void onPackageAdded(String packageName, int uid) { + // If multiple packages share a UID (cf: android:sharedUserId) and ask for different + // permissions, don't downgrade (i.e., if it's already SYSTEM, leave it as is). +- final Boolean permission = highestPermissionForUid(mApps.get(uid), packageName); ++ final Boolean permission = highestPermissionForUid(mApps.get(uid), packageName, uid); + if (permission != mApps.get(uid)) { + mApps.put(uid, permission); + +@@ -445,7 +447,7 @@ public class PermissionMonitor { + String[] packages = mPackageManager.getPackagesForUid(uid); + if (packages != null && packages.length > 0) { + for (String name : packages) { +- permission = highestPermissionForUid(permission, name); ++ permission = highestPermissionForUid(permission, name, uid); + if (permission == SYSTEM) { + // An app with this UID still has the SYSTEM permission. + // Therefore, this UID must already have the SYSTEM permission. +@@ -485,11 +487,9 @@ public class PermissionMonitor { + return permissions; + } + +- private PackageInfo getPackageInfo(String packageName) { ++ private PackageInfo getPackageInfo(String packageName, int userId) { + try { +- PackageInfo app = mPackageManager.getPackageInfo(packageName, GET_PERMISSIONS +- | MATCH_ANY_USER); +- return app; ++ return mPackageManager.getPackageInfoAsUser(packageName, GET_PERMISSIONS, userId); + } catch (NameNotFoundException e) { + return null; + } diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-6.patch b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-6.patch new file mode 100644 index 00000000..4a22164b --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-6.patch @@ -0,0 +1,125 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Pratyush +Date: Thu, 12 Aug 2021 03:44:41 +0530 +Subject: [PATCH] send uid for each user instead of just owner/admin user + +--- + .../connectivity/PermissionMonitor.java | 83 +++++++++++-------- + 1 file changed, 49 insertions(+), 34 deletions(-) + +diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +index 09cd274cbb05..ee0c531ef13e 100644 +--- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java ++++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java +@@ -132,7 +132,7 @@ public class PermissionMonitor { + for (String name : packages) { + int userId = UserHandle.getUserId(uid); + final PackageInfo app = getPackageInfo(name, userId); +- if (app != null && app.requestedPermissions != null) { ++ if (app != null && app.requestedPermissions != null && app.applicationInfo.uid == uid) { + permission |= getNetdPermissionMask(app.requestedPermissions, + app.requestedPermissionsFlags); + } +@@ -177,44 +177,45 @@ public class PermissionMonitor { + } else { + loge("failed to get the PackageManagerInternal service"); + } +- List apps = mPackageManager.getInstalledPackages(GET_PERMISSIONS +- | MATCH_ANY_USER); +- if (apps == null) { +- loge("No apps"); +- return; +- } + + SparseIntArray netdPermsUids = new SparseIntArray(); + +- for (PackageInfo app : apps) { +- int uid = app.applicationInfo != null ? app.applicationInfo.uid : INVALID_UID; +- if (uid < 0) { +- continue; +- } +- mAllApps.add(UserHandle.getAppId(uid)); +- +- boolean isNetwork = hasNetworkPermission(app); +- boolean hasRestrictedPermission = hasRestrictedNetworkPermission(app); +- +- if (isNetwork || hasRestrictedPermission) { +- Boolean permission = mApps.get(uid); +- // If multiple packages share a UID (cf: android:sharedUserId) and ask for different +- // permissions, don't downgrade (i.e., if it's already SYSTEM, leave it as is). +- if (permission == null || permission == NETWORK) { +- mApps.put(uid, hasRestrictedPermission); +- } +- } +- +- //TODO: unify the management of the permissions into one codepath. +- int otherNetdPerms = getNetdPermissionMask(app.requestedPermissions, +- app.requestedPermissionsFlags); +- netdPermsUids.put(uid, netdPermsUids.get(uid) | otherNetdPerms); +- } +- + List users = mUserManager.getUsers(true); // exclude dying users + if (users != null) { + for (UserInfo user : users) { + mUsers.add(user.id); ++ ++ List apps = mPackageManager.getInstalledPackagesAsUser(GET_PERMISSIONS, user.id); ++ if (apps == null) { ++ loge("No apps"); ++ continue; ++ } ++ ++ for (PackageInfo app : apps) { ++ int uid = app.applicationInfo != null ? app.applicationInfo.uid : INVALID_UID; ++ if (uid < 0) { ++ continue; ++ } ++ mAllApps.add(UserHandle.getAppId(uid)); ++ ++ boolean isNetwork = hasNetworkPermission(app); ++ boolean hasRestrictedPermission = hasRestrictedNetworkPermission(app); ++ ++ if (isNetwork || hasRestrictedPermission) { ++ Boolean permission = mApps.get(uid); ++ // If multiple packages share a UID (cf: android:sharedUserId) and ask for different ++ // permissions, don't downgrade (i.e., if it's already SYSTEM, leave it as is). ++ if (permission == null || permission == NETWORK) { ++ mApps.put(uid, hasRestrictedPermission); ++ } ++ } ++ ++ //TODO: unify the management of the permissions into one codepath. ++ int otherNetdPerms = getNetdPermissionMask(app.requestedPermissions, ++ app.requestedPermissionsFlags); ++ netdPermsUids.put(uid, netdPermsUids.get(uid) | otherNetdPerms); ++ } ++ + } + } + +@@ -308,9 +309,23 @@ public class PermissionMonitor { + List network = new ArrayList<>(); + List system = new ArrayList<>(); + for (Entry app : apps.entrySet()) { +- List list = app.getValue() ? system : network; + for (int user : users) { +- list.add(UserHandle.getUid(user, app.getKey())); ++ int uid = UserHandle.getUid(user, UserHandle.getAppId(app.getKey())); ++ if (uid < 0) continue; ++ String[] packages = mPackageManager.getPackagesForUid(uid); ++ if (packages == null) continue; ++ for (String pkg : packages) { ++ PackageInfo info = getPackageInfo(pkg, user); ++ if (info != null && info.applicationInfo.uid == uid) { ++ boolean isNetwork = hasNetworkPermission(info); ++ boolean hasRestrictedPermission = hasRestrictedNetworkPermission(info); ++ ++ if (isNetwork || hasRestrictedPermission) { ++ List list = hasRestrictedPermission ? system : network; ++ list.add(UserHandle.getUid(user, app.getKey())); ++ } ++ } ++ } + } + } + try { diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-7.patch b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-7.patch new file mode 100644 index 00000000..b1601b1f --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-7.patch @@ -0,0 +1,42 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Muhomor +Date: Tue, 14 Dec 2021 18:17:11 +0200 +Subject: [PATCH] skip reportNetworkConnectivity() when permission is revoked + +--- + core/java/android/net/ConnectivityManager.java | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java +index 7df32c10b16b..a2b04f3e9540 100644 +--- a/core/java/android/net/ConnectivityManager.java ++++ b/core/java/android/net/ConnectivityManager.java +@@ -17,6 +17,7 @@ package android.net; + + import static android.net.IpSecManager.INVALID_RESOURCE_ID; + ++import android.Manifest; + import android.annotation.CallbackExecutor; + import android.annotation.IntDef; + import android.annotation.NonNull; +@@ -31,6 +32,7 @@ import android.app.PendingIntent; + import android.compat.annotation.UnsupportedAppUsage; + import android.content.Context; + import android.content.Intent; ++import android.content.pm.PackageManager; + import android.net.IpSecManager.UdpEncapsulationSocket; + import android.net.SocketKeepalive.Callback; + import android.net.TetheringManager.StartTetheringCallback; +@@ -3047,6 +3049,12 @@ public class ConnectivityManager { + */ + public void reportNetworkConnectivity(@Nullable Network network, boolean hasConnectivity) { + printStackTrace(); ++ if (mContext.checkSelfPermission(Manifest.permission.INTERNET) != PackageManager.PERMISSION_GRANTED) { ++ // ConnectivityService enforces this by throwing an unexpected SecurityException, ++ // which puts GMS into a crash loop. Also useful for other apps that don't expect that ++ // INTERNET permission might get revoked. ++ return; ++ } + try { + mService.reportNetworkConnectivity(network, hasConnectivity); + } catch (RemoteException e) { diff --git a/Patches/LineageOS-18.1/android_libcore/0001-Network_Permission.patch b/Patches/LineageOS-18.1/android_libcore/0001-Network_Permission.patch new file mode 100644 index 00000000..50459bd0 --- /dev/null +++ b/Patches/LineageOS-18.1/android_libcore/0001-Network_Permission.patch @@ -0,0 +1,32 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Muhomor +Date: Tue, 14 Dec 2021 21:10:51 +0200 +Subject: [PATCH] don't throw SecurityException when INTERNET permission is + revoked + +--- + ojluni/src/main/java/java/net/Inet6AddressImpl.java | 11 +---------- + 1 file changed, 1 insertion(+), 10 deletions(-) + +diff --git a/ojluni/src/main/java/java/net/Inet6AddressImpl.java b/ojluni/src/main/java/java/net/Inet6AddressImpl.java +index 84bcf17eda..fda9674e08 100644 +--- a/ojluni/src/main/java/java/net/Inet6AddressImpl.java ++++ b/ojluni/src/main/java/java/net/Inet6AddressImpl.java +@@ -141,16 +141,7 @@ class Inet6AddressImpl implements InetAddressImpl { + addressCache.put(host, netId, addresses); + return addresses; + } catch (GaiException gaiException) { +- // If the failure appears to have been a lack of INTERNET permission, throw a clear +- // SecurityException to aid in debugging this common mistake. +- // http://code.google.com/p/android/issues/detail?id=15722 +- if (gaiException.getCause() instanceof ErrnoException) { +- int errno = ((ErrnoException) gaiException.getCause()).errno; +- if (errno == EACCES || errno == EPERM) { +- throw new SecurityException("Permission denied (missing INTERNET permission?)", gaiException); +- } +- } +- // Otherwise, throw an UnknownHostException. ++ // Throw an UnknownHostException. + String detailMessage = "Unable to resolve host \"" + host + "\": " + Libcore.os.gai_strerror(gaiException.error); + addressCache.putUnknownHost(host, netId, detailMessage); + throw gaiException.rethrowAsUnknownHostException(detailMessage); diff --git a/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-1.patch b/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-1.patch new file mode 100644 index 00000000..5c758a4a --- /dev/null +++ b/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-1.patch @@ -0,0 +1,62 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Sat, 22 Jul 2017 21:43:50 -0400 +Subject: [PATCH] always treat INTERNET as a runtime permission + +ported from 10: 6c4f112dde47f21ce5a583f5bd8b217db6de5c02 +--- + .../permission/model/AppPermissionGroup.java | 5 +++-- + .../permissioncontroller/permission/model/Permission.java | 3 ++- + 2 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java b/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java +index aeb90811b..0399a1836 100644 +--- a/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java ++++ b/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java +@@ -34,6 +34,7 @@ import android.content.pm.PackageManager; + import android.content.pm.PackageManager.NameNotFoundException; + import android.content.pm.PermissionGroupInfo; + import android.content.pm.PermissionInfo; ++import android.Manifest; + import android.os.Build; + import android.os.UserHandle; + import android.permission.PermissionManager; +@@ -872,7 +873,7 @@ public final class AppPermissionGroup implements Comparable + + boolean wasGranted = permission.isGrantedIncludingAppOp(); + +- if (mAppSupportsRuntimePermissions) { ++ if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) { + // Do not touch permissions fixed by the system. + if (permission.isSystemFixed()) { + wasAllGranted = false; +@@ -1057,7 +1058,7 @@ public final class AppPermissionGroup implements Comparable + break; + } + +- if (mAppSupportsRuntimePermissions) { ++ if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) { + // Revoke the permission if needed. + if (permission.isGranted()) { + permission.setGranted(false); +diff --git a/src/com/android/permissioncontroller/permission/model/Permission.java b/src/com/android/permissioncontroller/permission/model/Permission.java +index 49381db2b..3af5241af 100644 +--- a/src/com/android/permissioncontroller/permission/model/Permission.java ++++ b/src/com/android/permissioncontroller/permission/model/Permission.java +@@ -18,6 +18,7 @@ package com.android.permissioncontroller.permission.model; + + import android.content.pm.PackageManager; + import android.content.pm.PermissionInfo; ++import android.Manifest; + + import androidx.annotation.NonNull; + +@@ -137,7 +138,7 @@ public final class Permission { + * @return {@code true} if the permission (and the app-op) is granted. + */ + public boolean isGrantedIncludingAppOp() { +- return mGranted && (!affectsAppOp() || isAppOpAllowed()) && !isReviewRequired(); ++ return mGranted && (!affectsAppOp() || isAppOpAllowed()) && (!isReviewRequired() || Manifest.permission.INTERNET.equals(mName)); + } + + public boolean isReviewRequired() { diff --git a/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-2.patch b/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-2.patch new file mode 100644 index 00000000..5c9b8077 --- /dev/null +++ b/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-2.patch @@ -0,0 +1,31 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Fri, 21 Jul 2017 10:29:15 -0400 +Subject: [PATCH] add INTERNET permission toggle + +ported from 10: a07271ed7e45239369f2ca33496d939d2e9cbd08 +--- + .../android/permissioncontroller/permission/utils/Utils.java | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/com/android/permissioncontroller/permission/utils/Utils.java b/src/com/android/permissioncontroller/permission/utils/Utils.java +index 65fdd590a..2f0dc3d21 100644 +--- a/src/com/android/permissioncontroller/permission/utils/Utils.java ++++ b/src/com/android/permissioncontroller/permission/utils/Utils.java +@@ -25,6 +25,7 @@ import static android.Manifest.permission_group.CAMERA; + import static android.Manifest.permission_group.CONTACTS; + import static android.Manifest.permission_group.LOCATION; + import static android.Manifest.permission_group.MICROPHONE; ++import static android.Manifest.permission_group.NETWORK; + import static android.Manifest.permission_group.PHONE; + import static android.Manifest.permission_group.SENSORS; + import static android.Manifest.permission_group.SMS; +@@ -209,6 +210,8 @@ public final class Utils { + + PLATFORM_PERMISSIONS.put(Manifest.permission.BODY_SENSORS, SENSORS); + ++ PLATFORM_PERMISSIONS.put(Manifest.permission.INTERNET, NETWORK); ++ + PLATFORM_PERMISSION_GROUPS = new ArrayMap<>(); + int numPlatformPermissions = PLATFORM_PERMISSIONS.size(); + for (int i = 0; i < numPlatformPermissions; i++) { diff --git a/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-3.patch b/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-3.patch new file mode 100644 index 00000000..a8179d51 --- /dev/null +++ b/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-3.patch @@ -0,0 +1,109 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: inthewaves +Date: Sat, 12 Sep 2020 15:40:58 -0700 +Subject: [PATCH] refactor handling of special runtime permissions + +--- + .../permission/model/AppPermissionGroup.java | 5 ++--- + .../permission/model/Permission.java | 5 +++-- + .../permission/utils/Utils.java | 17 +++++++++++++++++ + 3 files changed, 22 insertions(+), 5 deletions(-) + +diff --git a/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java b/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java +index 0399a1836..cb4eab9f7 100644 +--- a/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java ++++ b/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java +@@ -34,7 +34,6 @@ import android.content.pm.PackageManager; + import android.content.pm.PackageManager.NameNotFoundException; + import android.content.pm.PermissionGroupInfo; + import android.content.pm.PermissionInfo; +-import android.Manifest; + import android.os.Build; + import android.os.UserHandle; + import android.permission.PermissionManager; +@@ -873,7 +872,7 @@ public final class AppPermissionGroup implements Comparable + + boolean wasGranted = permission.isGrantedIncludingAppOp(); + +- if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) { ++ if (mAppSupportsRuntimePermissions || Utils.isSpecialRuntimePermission(permission.getName())) { + // Do not touch permissions fixed by the system. + if (permission.isSystemFixed()) { + wasAllGranted = false; +@@ -1058,7 +1057,7 @@ public final class AppPermissionGroup implements Comparable + break; + } + +- if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) { ++ if (mAppSupportsRuntimePermissions || Utils.isSpecialRuntimePermission(permission.getName())) { + // Revoke the permission if needed. + if (permission.isGranted()) { + permission.setGranted(false); +diff --git a/src/com/android/permissioncontroller/permission/model/Permission.java b/src/com/android/permissioncontroller/permission/model/Permission.java +index 3af5241af..3f17de882 100644 +--- a/src/com/android/permissioncontroller/permission/model/Permission.java ++++ b/src/com/android/permissioncontroller/permission/model/Permission.java +@@ -18,10 +18,11 @@ package com.android.permissioncontroller.permission.model; + + import android.content.pm.PackageManager; + import android.content.pm.PermissionInfo; +-import android.Manifest; + + import androidx.annotation.NonNull; + ++import com.android.permissioncontroller.permission.utils.Utils; ++ + import java.util.ArrayList; + import java.util.Objects; + +@@ -138,7 +139,7 @@ public final class Permission { + * @return {@code true} if the permission (and the app-op) is granted. + */ + public boolean isGrantedIncludingAppOp() { +- return mGranted && (!affectsAppOp() || isAppOpAllowed()) && (!isReviewRequired() || Manifest.permission.INTERNET.equals(mName)); ++ return mGranted && (!affectsAppOp() || isAppOpAllowed()) && (!isReviewRequired() || Utils.isSpecialRuntimePermission(mName)); + } + + public boolean isReviewRequired() { +diff --git a/src/com/android/permissioncontroller/permission/utils/Utils.java b/src/com/android/permissioncontroller/permission/utils/Utils.java +index 2f0dc3d21..dab86e734 100644 +--- a/src/com/android/permissioncontroller/permission/utils/Utils.java ++++ b/src/com/android/permissioncontroller/permission/utils/Utils.java +@@ -145,6 +145,9 @@ public final class Utils { + */ + public static final long ONE_TIME_PERMISSIONS_TIMEOUT_MILLIS = 1 * 60 * 1000; // 1 minute + ++ /** Mapping permission -> group for all special runtime permissions */ ++ private static final ArrayMap SPECIAL_RUNTIME_PERMISSIONS; ++ + /** Mapping permission -> group for all dangerous platform permissions */ + private static final ArrayMap PLATFORM_PERMISSIONS; + +@@ -212,6 +215,9 @@ public final class Utils { + + PLATFORM_PERMISSIONS.put(Manifest.permission.INTERNET, NETWORK); + ++ SPECIAL_RUNTIME_PERMISSIONS = new ArrayMap<>(); ++ SPECIAL_RUNTIME_PERMISSIONS.put(Manifest.permission.INTERNET, NETWORK); ++ + PLATFORM_PERMISSION_GROUPS = new ArrayMap<>(); + int numPlatformPermissions = PLATFORM_PERMISSIONS.size(); + for (int i = 0; i < numPlatformPermissions; i++) { +@@ -642,6 +648,17 @@ public final class Utils { + return PLATFORM_PERMISSIONS.containsKey(permission); + } + ++ /** ++ * Is the permission a special runtime permission? ++ * These are treated as a runtime permission even for legacy apps. They ++ * need to be granted by default for all apps to maintain compatibility. ++ * ++ * @return whether the permission is a special runtime permission. ++ */ ++ public static boolean isSpecialRuntimePermission(@NonNull String permission) { ++ return SPECIAL_RUNTIME_PERMISSIONS.containsKey(permission); ++ } ++ + /** + * Should UI show this permission. + * diff --git a/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-4.patch b/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-4.patch new file mode 100644 index 00000000..98206f66 --- /dev/null +++ b/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-4.patch @@ -0,0 +1,83 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: inthewaves +Date: Wed, 16 Sep 2020 17:30:37 -0700 +Subject: [PATCH] don't auto revoke Network and Sensors + +These shouldn't be automatically removed since apps are currently +granted these by default for compatibility. Users have to explicitly +remove them rather than granting them. Apps would need to be aware of +them and request them from the user to treat them like the standard +permissions. +--- + .../permission/data/AutoRevokeStateLiveData.kt | 3 ++- + .../permission/service/AutoRevokePermissions.kt | 6 +++--- + .../permissioncontroller/permission/utils/Utils.java | 11 +++++++++++ + 3 files changed, 16 insertions(+), 4 deletions(-) + +diff --git a/src/com/android/permissioncontroller/permission/data/AutoRevokeStateLiveData.kt b/src/com/android/permissioncontroller/permission/data/AutoRevokeStateLiveData.kt +index d84b7c9a3..0d74a8c2f 100644 +--- a/src/com/android/permissioncontroller/permission/data/AutoRevokeStateLiveData.kt ++++ b/src/com/android/permissioncontroller/permission/data/AutoRevokeStateLiveData.kt +@@ -29,6 +29,7 @@ import com.android.permissioncontroller.permission.service.ExemptServicesLiveDat + import com.android.permissioncontroller.permission.service.isAutoRevokeEnabled + import com.android.permissioncontroller.permission.service.isPackageAutoRevokeExempt + import com.android.permissioncontroller.permission.service.isPackageAutoRevokePermanentlyExempt ++import com.android.permissioncontroller.permission.utils.Utils + import kotlinx.coroutines.Job + + /** +@@ -91,7 +92,7 @@ class AutoRevokeStateLiveData private constructor( + permState.permFlags and (FLAG_PERMISSION_GRANTED_BY_DEFAULT or + FLAG_PERMISSION_GRANTED_BY_ROLE) != 0 + } ?: false +- if (!default) { ++ if (!default && !Utils.isSpecialRuntimePermissionGroup(groupName)) { + revocableGroups.add(groupName) + } + } +diff --git a/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt b/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt +index 8dd8e8f77..d7f8f229f 100644 +--- a/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt ++++ b/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt +@@ -239,8 +239,7 @@ class AutoRevokeOnBootReceiver : BroadcastReceiver() { + private suspend fun revokePermissionsOnUnusedApps( + context: Context, + sessionId: Long = INVALID_SESSION_ID +-): +- List> { ++): List> { + if (!isAutoRevokeEnabled(context)) { + return emptyList() + } +@@ -361,7 +360,8 @@ private suspend fun revokePermissionsOnUnusedApps( + granted && + !group.isGrantedByDefault && + !group.isGrantedByRole && +- group.isUserSensitive) { ++ group.isUserSensitive && ++ !Utils.isSpecialRuntimePermissionGroup(groupName)) { + + val revocablePermissions = group.permissions.keys.toList() + +diff --git a/src/com/android/permissioncontroller/permission/utils/Utils.java b/src/com/android/permissioncontroller/permission/utils/Utils.java +index dab86e734..4a7de5416 100644 +--- a/src/com/android/permissioncontroller/permission/utils/Utils.java ++++ b/src/com/android/permissioncontroller/permission/utils/Utils.java +@@ -659,6 +659,17 @@ public final class Utils { + return SPECIAL_RUNTIME_PERMISSIONS.containsKey(permission); + } + ++ /** ++ * Is the permission group a special runtime permission group? ++ * These are treated as a runtime permission even for legacy apps. They ++ * need to be granted by default for all apps to maintain compatibility. ++ * ++ * @return whether the permission group is a special runtime permission group. ++ */ ++ public static boolean isSpecialRuntimePermissionGroup(@NonNull String permissionGroup) { ++ return SPECIAL_RUNTIME_PERMISSIONS.containsValue(permissionGroup); ++ } ++ + /** + * Should UI show this permission. + * diff --git a/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-5.patch b/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-5.patch new file mode 100644 index 00000000..f1ac205d --- /dev/null +++ b/Patches/LineageOS-18.1/android_packages_apps_PermissionController/0002-Network_Permission-5.patch @@ -0,0 +1,38 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Pratyush +Date: Sat, 24 Jul 2021 04:33:31 +0530 +Subject: [PATCH] ui fix for special runtime permission + +--- + .../permissioncontroller/permission/utils/KotlinUtils.kt | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt b/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt +index 64068fe41..63348d72a 100644 +--- a/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt ++++ b/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt +@@ -467,7 +467,7 @@ object KotlinUtils { + if (!perm.isGrantedIncludingAppOp) { + val affectsAppOp = permissionToOp(perm.name) != null || perm.isBackgroundPermission + +- if (supportsRuntime) { ++ if (supportsRuntime || Utils.isSpecialRuntimePermission(perm.name)) { + app.packageManager.grantRuntimePermission(group.packageInfo.packageName, perm.name, + user) + isGranted = true +@@ -640,7 +640,7 @@ object KotlinUtils { + val affectsAppOp = permissionToOp(perm.name) != null || perm.isBackgroundPermission + + if (perm.isGrantedIncludingAppOp) { +- if (supportsRuntime) { ++ if (supportsRuntime || Utils.isSpecialRuntimePermission(perm.name)) { + // Revoke the permission if needed. + app.packageManager.revokeRuntimePermission(group.packageInfo.packageName, + perm.name, user) +@@ -927,4 +927,4 @@ fun NavController.navigateSafe(destResId: Int, args: Bundle? = null) { + navigate(destResId, args) + } + } +-} +\ No newline at end of file ++} diff --git a/Patches/LineageOS-18.1/android_packages_providers_DownloadProvider/0001-Network_Permission.patch b/Patches/LineageOS-18.1/android_packages_providers_DownloadProvider/0001-Network_Permission.patch new file mode 100644 index 00000000..5adfdc8f --- /dev/null +++ b/Patches/LineageOS-18.1/android_packages_providers_DownloadProvider/0001-Network_Permission.patch @@ -0,0 +1,21 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Sun, 6 Aug 2017 08:19:36 -0400 +Subject: [PATCH] remove legacy NETWORK permission group reference + +--- + AndroidManifest.xml | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/AndroidManifest.xml b/AndroidManifest.xml +index 43cf258e..dfce071d 100644 +--- a/AndroidManifest.xml ++++ b/AndroidManifest.xml +@@ -29,7 +29,6 @@ + + + diff --git a/Patches/LineageOS-18.1/android_system_netd/0001-Network_Permission.patch b/Patches/LineageOS-18.1/android_system_netd/0001-Network_Permission.patch new file mode 100644 index 00000000..f02522a8 --- /dev/null +++ b/Patches/LineageOS-18.1/android_system_netd/0001-Network_Permission.patch @@ -0,0 +1,31 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Pratyush +Date: Thu, 12 Aug 2021 00:15:25 +0530 +Subject: [PATCH] use uid instead of app id for tracking INTERNET permission + +Change-Id: Ibec846480f3b440b5a323c86efa95c2fd1d81284 +--- + bpf_progs/netd.c | 10 ++-------- + 1 file changed, 2 insertions(+), 8 deletions(-) + +diff --git a/bpf_progs/netd.c b/bpf_progs/netd.c +index 5689c197..fb266a92 100644 +--- a/bpf_progs/netd.c ++++ b/bpf_progs/netd.c +@@ -360,14 +360,8 @@ DEFINE_BPF_PROG_KVER("cgroupsock/inet/create", AID_ROOT, AID_ROOT, inet_socket_c + KVER(4, 14, 0)) + (struct bpf_sock* sk) { + uint64_t gid_uid = bpf_get_current_uid_gid(); +- /* +- * A given app is guaranteed to have the same app ID in all the profiles in +- * which it is installed, and install permission is granted to app for all +- * user at install time so we only check the appId part of a request uid at +- * run time. See UserHandle#isSameApp for detail. +- */ +- uint32_t appId = (gid_uid & 0xffffffff) % PER_USER_RANGE; +- uint8_t* permissions = bpf_uid_permission_map_lookup_elem(&appId); ++ uint32_t uid = (gid_uid & 0xffffffff); ++ uint8_t* permissions = bpf_uid_permission_map_lookup_elem(&uid); + if (!permissions) { + // UID not in map. Default to just INTERNET permission. + return 1; diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh index 583a9d00..175e0e6a 100644 --- a/Scripts/LineageOS-17.1/Patch.sh +++ b/Scripts/LineageOS-17.1/Patch.sh @@ -112,6 +112,15 @@ applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0005-User_Logout.patch"; if [ "$DOS_SENSORS_PERM_NEW" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0011-Sensors.patch"; fi; #Permission for sensors access (MSe1969) applyPatch "$DOS_PATCHES/android_frameworks_base/0012-Restore_SensorsOff.patch"; #Restore the Sensors Off tile applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Private_DNS.patch"; #More 'Private DNS' options (CalyxOS) +if [ "$DOS_GRAPHENE_NETWORK_PERM" = true ]; then +applyPatch "$DOS_PATCHES/android_frameworks_base/0014-Network_Permission-1.patch"; #Expose the NETWORK permission (GrapheneOS) +applyPatch "$DOS_PATCHES/android_frameworks_base/0014-Network_Permission-2.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0014-Network_Permission-3.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0014-Network_Permission-4.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0014-Network_Permission-5.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0014-Network_Permission-6.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0014-Network_Permission-7.patch"; +fi; if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0002-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG) if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0003-Harden_Sig_Spoofing.patch"; fi; #Restrict signature spoofing to system apps signed with the platform key sed -i 's/DEFAULT_MAX_FILES = 1000;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox internal logging service @@ -182,6 +191,7 @@ fi; if enterAndClear "libcore"; then if [ "$DOS_GRAPHENE_EXEC" = true ]; then applyPatch "$DOS_PATCHES/android_libcore/0001-Exec_Preload.patch"; fi; #Add exec-based spawning support (GrapheneOS) if [ "$DOS_GRAPHENE_EXEC" = true ]; then applyPatch "$DOS_PATCHES/android_libcore/0002-Exec_Based_Spawning.patch"; fi; +if [ "$DOS_GRAPHENE_NETWORK_PERM" = true ]; then applyPatch "$DOS_PATCHES/android_libcore/0003-Network_Permission.patch"; fi; #Expose the NETWORK permission (GrapheneOS) fi; if enterAndClear "lineage-sdk"; then @@ -203,6 +213,13 @@ rm -rf src/org/lineageos/lineageparts/lineagestats/ res/xml/anonymous_stats.xml applyPatch "$DOS_PATCHES/android_packages_apps_LineageParts/0001-Remove_Analytics.patch"; #Remove analytics fi; +if enterAndClear "packages/apps/PermissionController"; then +if [ "$DOS_GRAPHENE_NETWORK_PERM" = true ]; then +applyPatch "$DOS_PATCHES/android_packages_apps_PermissionController/0001-Network_Permission-1.patch"; #Expose the NETWORK permission (GrapheneOS) +applyPatch "$DOS_PATCHES/android_packages_apps_PermissionController/0001-Network_Permission-2.patch"; +fi; +fi; + if enterAndClear "packages/apps/Settings"; then git revert --no-edit 486980cfecce2ca64267f41462f9371486308e9d; #Don't hide OEM unlock applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969) @@ -234,6 +251,10 @@ applyPatch "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0001-Voic applyPatch "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0002-Disable_Personalization.patch"; #Disable personalization dictionary by default (GrapheneOS) fi; +if enterAndClear "packages/providers/DownloadProvider"; then +if [ "$DOS_GRAPHENE_NETWORK_PERM" = true ]; then applyPatch "$DOS_PATCHES/android_packages_providers_DownloadProvider/0001-Network_Permission.patch"; fi; #Expose the NETWORK permission (GrapheneOS) +fi; + #if enterAndClear "packages/services/Telephony"; then #applyPatch "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch"; #XXX 17REBASE #applyPatch "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch"; #XXX 17REBASE @@ -251,6 +272,10 @@ if enterAndClear "system/extras"; then applyPatch "$DOS_PATCHES/android_system_extras/0001-ext4_pad_filenames.patch"; #FBE: pad filenames more (GrapheneOS) fi; +if enterAndClear "system/netd"; then +if [ "$DOS_GRAPHENE_NETWORK_PERM" = true ]; then applyPatch "$DOS_PATCHES/android_system_netd/0001-Network_Permission.patch"; fi; #Expose the NETWORK permission (GrapheneOS) +fi; + if enterAndClear "system/sepolicy"; then git am "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch"; #Fix -user builds for LGE devices patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/29.0"; diff --git a/Scripts/LineageOS-18.1/Patch.sh b/Scripts/LineageOS-18.1/Patch.sh index 9d769d9d..46bbc650 100644 --- a/Scripts/LineageOS-18.1/Patch.sh +++ b/Scripts/LineageOS-18.1/Patch.sh @@ -94,6 +94,15 @@ applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0005-User_Logout.patch"; if [ "$DOS_SENSORS_PERM_NEW" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Sensors.patch"; fi #Permission for sensors access (MSe1969) applyPatch "$DOS_PATCHES/android_frameworks_base/0011-Restore_SensorsOff.patch"; #Restore the Sensors Off tile applyPatch "$DOS_PATCHES/android_frameworks_base/0012-Private_DNS.patch"; #More 'Private DNS' options (CalyxOS) +if [ "$DOS_GRAPHENE_NETWORK_PERM" = true ]; then +applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Network_Permission-1.patch"; #Expose the NETWORK permission (GrapheneOS) +applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Network_Permission-2.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Network_Permission-3.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Network_Permission-4.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Network_Permission-5.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Network_Permission-6.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Network_Permission-7.patch"; +fi; if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0002-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG) if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0003-Harden_Sig_Spoofing.patch"; fi; #Restrict signature spoofing to system apps signed with the platform key hardenLocationConf services/core/java/com/android/server/location/gps_debug.conf; #Harden the default GPS config @@ -168,6 +177,10 @@ if enterAndClear "hardware/qcom-caf/sm8250/audio"; then applyPatch "$DOS_PATCHES/android_hardware_qcom_audio/0001-Unused-sm8150.patch"; #audio_extn: Fix unused parameter warning in utils.c fi; +if enterAndClear "libcore"; then +if [ "$DOS_GRAPHENE_NETWORK_PERM" = true ]; then applyPatch "$DOS_PATCHES/android_libcore/0001-Network_Permission.patch"; fi; #Expose the NETWORK permission (GrapheneOS) +fi; + if enterAndClear "lineage-sdk"; then awk -i inplace '!/LineageWeatherManagerService/' lineage/res/res/values/config.xml; #Disable Weather if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/LineageAudioService/' lineage/res/res/values/config.xml; fi; #Remove AudioFX @@ -189,6 +202,13 @@ fi; if enterAndClear "packages/apps/PermissionController"; then if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then applyPatch "$DOS_PATCHES/android_packages_apps_PermissionController/0001-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG) +if [ "$DOS_GRAPHENE_NETWORK_PERM" = true ]; then +applyPatch "$DOS_PATCHES/android_packages_apps_PermissionController/0002-Network_Permission-1.patch"; #Expose the NETWORK permission (GrapheneOS) +applyPatch "$DOS_PATCHES/android_packages_apps_PermissionController/0002-Network_Permission-2.patch"; +applyPatch "$DOS_PATCHES/android_packages_apps_PermissionController/0002-Network_Permission-3.patch"; +applyPatch "$DOS_PATCHES/android_packages_apps_PermissionController/0002-Network_Permission-4.patch"; +applyPatch "$DOS_PATCHES/android_packages_apps_PermissionController/0002-Network_Permission-5.patch"; +fi; fi; if enterAndClear "packages/apps/Settings"; then @@ -220,6 +240,10 @@ applyPatch "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0001-Voic applyPatch "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0002-Disable_Personalization.patch"; #Disable personalization dictionary by default (GrapheneOS) fi; +if enterAndClear "packages/providers/DownloadProvider"; then +if [ "$DOS_GRAPHENE_NETWORK_PERM" = true ]; then applyPatch "$DOS_PATCHES/android_packages_providers_DownloadProvider/0001-Network_Permission.patch"; fi; #Expose the NETWORK permission (GrapheneOS) +fi; + if enterAndClear "packages/providers/TelephonyProvider"; then applyPatch "$DOS_PATCHES/android_packages_providers_TelephonyProvider/304614.patch"; #mcc/mnc fix applyPatch "$DOS_PATCHES/android_packages_providers_TelephonyProvider/312102.patch"; #mnc fix @@ -244,6 +268,10 @@ if enterAndClear "system/extras"; then applyPatch "$DOS_PATCHES/android_system_extras/0001-ext4_pad_filenames.patch"; #FBE: pad filenames more (GrapheneOS) fi; +if enterAndClear "system/netd"; then +if [ "$DOS_GRAPHENE_NETWORK_PERM" = true ]; then applyPatch "$DOS_PATCHES/android_system_netd/0001-Network_Permission.patch"; fi; #Expose the NETWORK permission (GrapheneOS) +fi; + if enterAndClear "system/sepolicy"; then git am "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch"; #Fix -user builds for LGE devices patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/30.0"; diff --git a/Scripts/init.sh b/Scripts/init.sh index 09313c99..1f776e4e 100644 --- a/Scripts/init.sh +++ b/Scripts/init.sh @@ -59,6 +59,7 @@ export DOS_DEBLOBBER_REPLACE_TIME=false; #Set true to replace Qualcomm Time Serv export DOS_GPS_GLONASS_FORCED=false; #Enables GLONASS on all devices export DOS_GRAPHENE_MALLOC=true; #Enables use of GrapheneOS' hardened memory allocator on 64-bit platforms on 16.0+17.1 export DOS_GRAPHENE_EXEC=false; #Enables use of GrapheneOS' exec spawning feature on 16.0+17.1 XXX: broken (just on 17.1?) +export DOS_GRAPHENE_NETWORK_PERM=true; #Enables use of GrapheneOS' NETWORK permission on 17.1+18.1 export DOS_HOSTS_BLOCKING=true; #Set false to prevent inclusion of a HOSTS file export DOS_HOSTS_BLOCKING_APP="DNS66"; #App installed when built-in blocking is disabled. Options: DNS66 export DOS_HOSTS_BLOCKING_LIST="https://divested.dev/hosts-wildcards"; #Must be in the format "127.0.0.1 bad.domain.tld"