Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2022-10-18 22:32:19 -04:00
parent 0c4db149e1
commit d2096c86d9
No known key found for this signature in database
GPG Key ID: B286E9F57A07424B
5 changed files with 1 additions and 415 deletions

View File

@ -136,9 +136,6 @@ https://github.com/GrapheneOS/platform_frameworks_base/commit/54c07c79905dbaf2b8
https://github.com/GrapheneOS/platform_frameworks_base/commit/0f7cd0e2288a76f49154e8342036cea3e536e94c
https://github.com/GrapheneOS/platform_frameworks_base/commit/e41b3e0da93dfda0e16c82767863b0610a8576cc
https://github.com/GrapheneOS/platform_frameworks_base/commit/7208688690f8f4a4b904f1498123c8302cb74b69
https://github.com/GrapheneOS/platform_frameworks_base/commit/35d517569aed194010fda7f19182acd5bf265024
https://github.com/GrapheneOS/platform_frameworks_base/commit/44bece55f469254587d74b4327c9746e393d91fa
https://github.com/GrapheneOS/platform_frameworks_base/commit/de207d6020c459bc07b3c0c7ffc00e7c9cc90c95
[implemented] special permissions
13xhttps://github.com/GrapheneOS/platform_frameworks_base/commit/2bea9ac7ded28ad2cc08ac0d4794a5cbe54e142a

View File

@ -1,231 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
Date: Fri, 7 Oct 2022 20:15:14 +0300
Subject: [PATCH] srt permissions: fix auto granting after package install
Previous approach to auto-granting is not compatible with ability to disable auto-grants:
special runtime permissions were auto-granted for all users, including those that didn't have
the package installed.
---
.../server/pm/InstallPackageHelper.java | 10 +++--
.../PermissionManagerServiceImpl.java | 43 +++++++++++++------
.../PermissionManagerServiceInternal.java | 20 ++++++++-
3 files changed, 55 insertions(+), 18 deletions(-)
diff --git a/services/core/java/com/android/server/pm/InstallPackageHelper.java b/services/core/java/com/android/server/pm/InstallPackageHelper.java
index 7da5f51bcbc2..f7fa93bce4cb 100644
--- a/services/core/java/com/android/server/pm/InstallPackageHelper.java
+++ b/services/core/java/com/android/server/pm/InstallPackageHelper.java
@@ -599,6 +599,7 @@ final class InstallPackageHelper {
permissionParamsBuilder.setAllowlistedRestrictedPermissions(
pkgSetting.getPkg().getRequestedPermissions());
}
+ permissionParamsBuilder.setNewlyInstalledInUserId(userId);
mPm.mPermissionManager.onPackageInstalled(pkgSetting.getPkg(),
Process.INVALID_UID /* previousAppId */,
permissionParamsBuilder.build(), userId);
@@ -2118,6 +2119,10 @@ final class InstallPackageHelper {
}
}
+ final PermissionManagerServiceInternal.PackageInstalledParams.Builder
+ permissionParamsBuilder =
+ new PermissionManagerServiceInternal.PackageInstalledParams.Builder();
+
// Set install reason for users that are having the package newly installed.
final int[] allUsersList = mPm.mUserManager.getUserIds();
if (userId == UserHandle.USER_ALL) {
@@ -2125,10 +2130,12 @@ final class InstallPackageHelper {
if (!previousUserIds.contains(currentUserId)
&& ps.getInstalled(currentUserId)) {
ps.setInstallReason(installReason, currentUserId);
+ permissionParamsBuilder.setNewlyInstalledInUserId(currentUserId);
}
}
} else if (!previousUserIds.contains(userId)) {
ps.setInstallReason(installReason, userId);
+ permissionParamsBuilder.setNewlyInstalledInUserId(userId);
}
// TODO(b/169721400): generalize Incremental States and create a Callback object
@@ -2149,9 +2156,6 @@ final class InstallPackageHelper {
mPm.mSettings.writeKernelMappingLPr(ps);
- final PermissionManagerServiceInternal.PackageInstalledParams.Builder
- permissionParamsBuilder =
- new PermissionManagerServiceInternal.PackageInstalledParams.Builder();
final boolean grantPermissions = (installArgs.mInstallFlags
& PackageManager.INSTALL_GRANT_RUNTIME_PERMISSIONS) != 0;
if (grantPermissions) {
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
index 2204ad6721c8..0fcd067142f5 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
@@ -136,6 +136,7 @@ import com.android.server.pm.parsing.pkg.AndroidPackage;
import com.android.server.pm.parsing.pkg.AndroidPackageUtils;
import com.android.server.pm.pkg.AndroidPackageApi;
import com.android.server.pm.pkg.PackageStateInternal;
+import com.android.server.pm.pkg.PackageUserStateUtils;
import com.android.server.pm.pkg.component.ComponentMutateUtils;
import com.android.server.pm.pkg.component.ParsedPermission;
import com.android.server.pm.pkg.component.ParsedPermissionGroup;
@@ -2611,9 +2612,10 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
synchronized (mLock) {
for (final int userId : userIds) {
+ final boolean isNotInstalledUserApp = !ps.isSystem()
+ && !PackageUserStateUtils.isAvailable(ps.getUserStateOrDefault(userId), 0);
+
final UserPermissionState userState = mState.getOrCreateUserState(userId);
- // "replace" parameter is set to true even when the app is first installed
- final boolean uidStateWasPresent = userState.getUidState(ps.getAppId()) != null;
final UidPermissionState uidState = userState.getOrCreateUidState(ps.getAppId());
if (uidState.isMissing()) {
@@ -2891,13 +2893,23 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
}
}
- if (isSpecialRuntimePermission(permName) &&
- origPermState == null &&
- // don't grant special runtime permission after update,
- // unless app comes from the system image
- (!uidStateWasPresent || ps.isSystem())) {
- if (uidState.grantPermission(bp)) {
- wasChanged = true;
+ if (isSpecialRuntimePermission(permName)) {
+ if (origPermState == null && ps.isSystem()) {
+ // always grant special runtime permissions to system packages
+ if (uidState.grantPermission(bp)) {
+ wasChanged = true;
+ }
+ }
+
+ if (isNotInstalledUserApp) {
+ // Previously, special runtime permissions were granted in users
+ // that didn't have the package installed, which breaks the code
+ // that allows to skip granting these permissions at install time.
+ // (if UidPermissionState is already present at install time, it's
+ // reused as is).
+ if (uidState.revokePermission(bp)) {
+ wasChanged = true;
+ }
}
}
} else {
@@ -3639,7 +3651,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
}
private void grantRequestedRuntimePermissionsInternal(@NonNull AndroidPackage pkg,
- @Nullable List<String> permissions, int userId) {
+ @Nullable List<String> permissions, int userId, boolean newlyInstalled) {
final int immutableFlags = PackageManager.FLAG_PERMISSION_SYSTEM_FIXED
| PackageManager.FLAG_PERMISSION_POLICY_FIXED;
@@ -3654,6 +3666,9 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
final int myUid = Process.myUid();
for (String permission : pkg.getRequestedPermissions()) {
+ final boolean isPregrantedSpecialRuntimePermission = newlyInstalled &&
+ SpecialRuntimePermUtils.shouldAutoGrant(pkg.getPackageName(), userId, permission);
+
final boolean shouldGrantPermission;
synchronized (mLock) {
final Permission bp = mRegistry.getPermission(permission);
@@ -3662,10 +3677,11 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
&& (supportsRuntimePermissions || !bp.isRuntimeOnly())
&& (permissions == null || permissions.contains(permission));
}
- if (shouldGrantPermission) {
+
+ if (shouldGrantPermission || isPregrantedSpecialRuntimePermission) {
final int flags = getPermissionFlagsInternal(pkg.getPackageName(), permission,
myUid, userId);
- if (supportsRuntimePermissions || isSpecialRuntimePermission(permission)) {
+ if (supportsRuntimePermissions || isPregrantedSpecialRuntimePermission) {
// Installer cannot change immutable permissions.
if ((flags & immutableFlags) == 0) {
grantRuntimePermissionInternal(pkg.getPackageName(), permission, false,
@@ -5016,7 +5032,8 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
addAllowlistedRestrictedPermissionsInternal(pkg,
params.getAllowlistedRestrictedPermissions(),
FLAG_PERMISSION_WHITELIST_INSTALLER, userId);
- grantRequestedRuntimePermissionsInternal(pkg, params.getGrantedPermissions(), userId);
+ grantRequestedRuntimePermissionsInternal(pkg, params.getGrantedPermissions(), userId,
+ params.isNewlyInstalledInUserId(userId));
}
}
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java
index 95badb31f324..d17c0697ff7a 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java
@@ -22,6 +22,7 @@ import android.annotation.UserIdInt;
import android.app.AppOpsManager;
import android.content.pm.PermissionInfo;
import android.permission.PermissionManagerInternal;
+import android.util.SparseBooleanArray;
import com.android.server.pm.parsing.pkg.AndroidPackage;
@@ -322,13 +323,17 @@ public interface PermissionManagerServiceInternal extends PermissionManagerInter
private final List<String> mAllowlistedRestrictedPermissions;
@NonNull
private final int mAutoRevokePermissionsMode;
+ @NonNull
+ private final SparseBooleanArray mNewlyInstalledInUserIds;
private PackageInstalledParams(@NonNull List<String> grantedPermissions,
@NonNull List<String> allowlistedRestrictedPermissions,
- int autoRevokePermissionsMode) {
+ int autoRevokePermissionsMode,
+ SparseBooleanArray newlyInstalledInUserIds) {
mGrantedPermissions = grantedPermissions;
mAllowlistedRestrictedPermissions = allowlistedRestrictedPermissions;
mAutoRevokePermissionsMode = autoRevokePermissionsMode;
+ mNewlyInstalledInUserIds = newlyInstalledInUserIds;
}
/**
@@ -360,6 +365,10 @@ public interface PermissionManagerServiceInternal extends PermissionManagerInter
return mAutoRevokePermissionsMode;
}
+ public boolean isNewlyInstalledInUserId(int userId) {
+ return mNewlyInstalledInUserIds.get(userId, false);
+ }
+
/**
* Builder class for {@link PackageInstalledParams}.
*/
@@ -370,6 +379,8 @@ public interface PermissionManagerServiceInternal extends PermissionManagerInter
private List<String> mAllowlistedRestrictedPermissions = Collections.emptyList();
@NonNull
private int mAutoRevokePermissionsMode = AppOpsManager.MODE_DEFAULT;
+ @NonNull
+ private final SparseBooleanArray mNewlyInstalledInUserIds = new SparseBooleanArray();
/**
* Set the permissions to be granted.
@@ -419,6 +430,10 @@ public interface PermissionManagerServiceInternal extends PermissionManagerInter
mAutoRevokePermissionsMode = autoRevokePermissionsMode;
}
+ public void setNewlyInstalledInUserId(int userId) {
+ mNewlyInstalledInUserIds.put(userId, true);
+ }
+
/**
* Build a new instance of {@link PackageInstalledParams}.
*
@@ -427,7 +442,8 @@ public interface PermissionManagerServiceInternal extends PermissionManagerInter
@NonNull
public PackageInstalledParams build() {
return new PackageInstalledParams(mGrantedPermissions,
- mAllowlistedRestrictedPermissions, mAutoRevokePermissionsMode);
+ mAllowlistedRestrictedPermissions, mAutoRevokePermissionsMode,
+ mNewlyInstalledInUserIds);
}
}
}

View File

@ -1,33 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
Date: Sun, 16 Oct 2022 17:13:03 +0300
Subject: [PATCH] srt permissions: don't auto-revoke from "hidden" packages
Special runtime permissions are auto-revoked in users that don't have the package installed, as a
workaround to a bug in previous OS versions that granted these permissions automatically in all
user profiles, including the ones that don't have this package installed, which interfered with
configurable auto-grants.
PackageUserStateUtils.isAvailable() is not the right check for this, it returns false for apps
which are "hidden" with DevicePolicyManager#setApplicationHidden(). This method is used by work
profile managers (in particular, Shelter) to implement "app freezing" functionality.
This led to special runtime permission being auto-revoked from "hidden" packages after OS reboot
and in a few other cases.
---
.../server/pm/permission/PermissionManagerServiceImpl.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
index 0fcd067142f5..d546ee0db05f 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
@@ -2613,7 +2613,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
synchronized (mLock) {
for (final int userId : userIds) {
final boolean isNotInstalledUserApp = !ps.isSystem()
- && !PackageUserStateUtils.isAvailable(ps.getUserStateOrDefault(userId), 0);
+ && !ps.getUserStateOrDefault(userId).isInstalled();
final UserPermissionState userState = mState.getOrCreateUserState(userId);
final UidPermissionState uidState = userState.getOrCreateUidState(ps.getAppId());

View File

@ -1,144 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
Date: Fri, 7 Oct 2022 20:47:48 +0300
Subject: [PATCH] PackageInstallerUI: an option to skip auto-grant of INTERNET
permission
---
.../res/layout/install_content_view.xml | 25 ++++++++++---
.../PackageInstaller/res/values/strings.xml | 2 ++
.../PackageInstallerActivity.java | 35 +++++++++++++++++++
3 files changed, 58 insertions(+), 4 deletions(-)
diff --git a/packages/PackageInstaller/res/layout/install_content_view.xml b/packages/PackageInstaller/res/layout/install_content_view.xml
index 2ecd2d55ac71..4db24fffd7ea 100644
--- a/packages/PackageInstaller/res/layout/install_content_view.xml
+++ b/packages/PackageInstaller/res/layout/install_content_view.xml
@@ -70,13 +70,30 @@
</LinearLayout>
- <TextView
+ <LinearLayout
android:id="@+id/install_confirm_question"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
- style="@android:style/TextAppearance.Material.Subhead"
- android:text="@string/install_confirm_question"
- android:visibility="invisible" />
+ android:orientation="vertical"
+ android:visibility="invisible">
+
+ <TextView
+ android:layout_width="wrap_content"
+ android:layout_height="wrap_content"
+ style="@android:style/TextAppearance.Material.Subhead"
+ android:text="@string/install_confirm_question" />
+
+ <CheckBox
+ android:id="@+id/install_allow_INTERNET_permission"
+ android:layout_width="wrap_content"
+ android:layout_height="wrap_content"
+ android:layout_marginTop="16dp"
+ style="@android:style/TextAppearance.Material.Subhead"
+ android:text="@string/allow_network_permission_checkbox"
+ android:checked="true"
+ android:visibility="gone" />
+
+ </LinearLayout>
<TextView
android:id="@+id/install_confirm_question_update"
diff --git a/packages/PackageInstaller/res/values/strings.xml b/packages/PackageInstaller/res/values/strings.xml
index 688d11691477..36d3beb03ee0 100644
--- a/packages/PackageInstaller/res/values/strings.xml
+++ b/packages/PackageInstaller/res/values/strings.xml
@@ -235,4 +235,6 @@
<!-- Notification shown in status bar when an application is successfully installed.
[CHAR LIMIT=50] -->
<string name="notification_installation_success_status">Successfully installed \u201c<xliff:g id="appname" example="Package Installer">%1$s</xliff:g>\u201d</string>
+
+ <string name="allow_network_permission_checkbox">Allow Network permission</string>
</resources>
diff --git a/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java b/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
index 10eefebadeff..7ecd02e47852 100644
--- a/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
+++ b/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
@@ -44,16 +44,19 @@ import android.content.pm.PackageManager.NameNotFoundException;
import android.net.Uri;
import android.os.Bundle;
import android.os.Process;
+import android.os.RemoteException;
import android.os.UserManager;
import android.provider.Settings;
import android.util.Log;
import android.view.View;
import android.widget.Button;
+import android.widget.CheckBox;
import com.android.internal.app.AlertActivity;
import java.io.File;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.List;
/**
@@ -132,6 +135,8 @@ public class PackageInstallerActivity extends AlertActivity {
private boolean mPermissionResultWasSet;
private boolean mAllowNextOnPause;
+ private CheckBox mGrantInternetPermission;
+
private void startInstallConfirm() {
View viewToEnable;
@@ -141,6 +146,14 @@ public class PackageInstallerActivity extends AlertActivity {
} else {
// This is a new application with no permissions.
viewToEnable = requireViewById(R.id.install_confirm_question);
+
+ if (mPkgInfo != null) {
+ String[] perms = mPkgInfo.requestedPermissions;
+ if (perms != null && Arrays.asList(perms).contains(Manifest.permission.INTERNET)) {
+ mGrantInternetPermission = requireViewById(R.id.install_allow_INTERNET_permission);
+ mGrantInternetPermission.setVisibility(View.VISIBLE);
+ }
+ }
}
viewToEnable.setVisibility(View.VISIBLE);
@@ -438,6 +451,8 @@ public class PackageInstallerActivity extends AlertActivity {
mAlert.setButton(DialogInterface.BUTTON_POSITIVE, getString(R.string.install),
(ignored, ignored2) -> {
if (mOk.isEnabled()) {
+ handleSpecialRuntimePermissionAutoGrants();
+
if (mSessionId != -1) {
mInstaller.setPermissionsResult(mSessionId, true);
mPermissionResultWasSet = true;
@@ -894,4 +909,24 @@ public class PackageInstallerActivity extends AlertActivity {
getActivity().finish();
}
}
+
+ void handleSpecialRuntimePermissionAutoGrants() {
+ var skipPermissionAutoGrants = new ArrayList<String>();
+
+ if (mGrantInternetPermission != null) {
+ if (!mGrantInternetPermission.isChecked()) {
+ skipPermissionAutoGrants.add(Manifest.permission.INTERNET);
+ }
+ }
+
+ var pm = AppGlobals.getPackageManager();
+ var pkgName = mPkgInfo.packageName;
+ int userId = getUserId();
+ try {
+ pm.skipSpecialRuntimePermissionAutoGrantsForPackage(pkgName,
+ userId, skipPermissionAutoGrants);
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ }
}

View File

@ -145,10 +145,6 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Special_Permissions-7.patc
applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Special_Permissions-8.patch"; #Improve compatibility with revoked INTERNET in DownloadManager (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Special_Permissions-9.patch"; #Ignore pid when spoofing permission checks (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Special_Permissions-10.patch"; #srt permissions: don't auto-grant denied ones when permissions are reset (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Special_Permissions-11.patch"; #srt permissions: fix auto granting after package install (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Special_Permissions-12.patch"; #srt permissions: don't auto-revoke from "hidden" packages (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0027-Installer_Glitch.patch"; #Make sure PackageInstaller UI returns a result (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Special_Permissions-13.patch"; #PackageInstallerUI: an option to skip auto-grant of INTERNET permission (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0014-Automatic_Reboot.patch"; #Timeout for reboot (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0015-System_Server_Extensions.patch"; #Timeout for Bluetooth (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0015-WiFi_Timeout.patch"; #Timeout for Wi-Fi (GrapheneOS)
@ -179,6 +175,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0023-Skip_Screen_Animation.patc
#applyPatch "$DOS_PATCHES/android_frameworks_base/0024-Burnin_Protection.patch"; #SystemUI: add burnIn protection (arter97) #TODO: 20REBASE
applyPatch "$DOS_PATCHES/android_frameworks_base/0025-Monet_Toggle.patch"; #Make monet based theming user configurable (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0026-Crash_Details.patch"; #Add an option to show the details of an application error to the user (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0027-Installer_Glitch.patch"; #Make sure PackageInstaller UI returns a result (GrapheneOS)
hardenLocationConf services/core/java/com/android/server/location/gnss/gps_debug.conf; #Harden the default GPS config
changeDefaultDNS; #Change the default DNS servers
sed -i 's/DEFAULT_USE_COMPACTION = false;/DEFAULT_USE_COMPACTION = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app compaction by default (GrapheneOS)