am b295963b: am c00e49b6: am d4b566bf: Merge "Add APIs for verifier to grant at install and revoke permissions" into mnc-dev
* commit 'b295963baebac1b70ca701a50c77a83659963608': Add APIs for verifier to grant at install and revoke permissions
This commit is contained in:
Svet Ganov
Android Git Automerger
@ -104,6 +104,7 @@ package android {
|
|||||||
field public static final java.lang.String HARDWARE_TEST = "android.permission.HARDWARE_TEST";
|
field public static final java.lang.String HARDWARE_TEST = "android.permission.HARDWARE_TEST";
|
||||||
field public static final java.lang.String HDMI_CEC = "android.permission.HDMI_CEC";
|
field public static final java.lang.String HDMI_CEC = "android.permission.HDMI_CEC";
|
||||||
field public static final java.lang.String INJECT_EVENTS = "android.permission.INJECT_EVENTS";
|
field public static final java.lang.String INJECT_EVENTS = "android.permission.INJECT_EVENTS";
|
||||||
|
field public static final java.lang.String INSTALL_GRANT_RUNTIME_PERMISSIONS = "android.permission.INSTALL_GRANT_RUNTIME_PERMISSIONS";
|
||||||
field public static final java.lang.String INSTALL_LOCATION_PROVIDER = "android.permission.INSTALL_LOCATION_PROVIDER";
|
field public static final java.lang.String INSTALL_LOCATION_PROVIDER = "android.permission.INSTALL_LOCATION_PROVIDER";
|
||||||
field public static final java.lang.String INSTALL_PACKAGES = "android.permission.INSTALL_PACKAGES";
|
field public static final java.lang.String INSTALL_PACKAGES = "android.permission.INSTALL_PACKAGES";
|
||||||
field public static final java.lang.String INSTALL_SHORTCUT = "com.android.launcher.permission.INSTALL_SHORTCUT";
|
field public static final java.lang.String INSTALL_SHORTCUT = "com.android.launcher.permission.INSTALL_SHORTCUT";
|
||||||
@ -181,6 +182,7 @@ package android {
|
|||||||
field public static final java.lang.String REQUEST_INSTALL_PACKAGES = "android.permission.REQUEST_INSTALL_PACKAGES";
|
field public static final java.lang.String REQUEST_INSTALL_PACKAGES = "android.permission.REQUEST_INSTALL_PACKAGES";
|
||||||
field public static final deprecated java.lang.String RESTART_PACKAGES = "android.permission.RESTART_PACKAGES";
|
field public static final deprecated java.lang.String RESTART_PACKAGES = "android.permission.RESTART_PACKAGES";
|
||||||
field public static final java.lang.String RETRIEVE_WINDOW_CONTENT = "android.permission.RETRIEVE_WINDOW_CONTENT";
|
field public static final java.lang.String RETRIEVE_WINDOW_CONTENT = "android.permission.RETRIEVE_WINDOW_CONTENT";
|
||||||
|
field public static final java.lang.String REVOKE_RUNTIME_PERMISSIONS = "android.permission.REVOKE_RUNTIME_PERMISSIONS";
|
||||||
field public static final java.lang.String SCORE_NETWORKS = "android.permission.SCORE_NETWORKS";
|
field public static final java.lang.String SCORE_NETWORKS = "android.permission.SCORE_NETWORKS";
|
||||||
field public static final java.lang.String SEND_RESPOND_VIA_MESSAGE = "android.permission.SEND_RESPOND_VIA_MESSAGE";
|
field public static final java.lang.String SEND_RESPOND_VIA_MESSAGE = "android.permission.SEND_RESPOND_VIA_MESSAGE";
|
||||||
field public static final java.lang.String SEND_SMS = "android.permission.SEND_SMS";
|
field public static final java.lang.String SEND_SMS = "android.permission.SEND_SMS";
|
||||||
@ -9436,6 +9438,7 @@ package android.content.pm {
|
|||||||
method public void setAppIcon(android.graphics.Bitmap);
|
method public void setAppIcon(android.graphics.Bitmap);
|
||||||
method public void setAppLabel(java.lang.CharSequence);
|
method public void setAppLabel(java.lang.CharSequence);
|
||||||
method public void setAppPackageName(java.lang.String);
|
method public void setAppPackageName(java.lang.String);
|
||||||
|
method public void setGrantedRuntimePermissions(java.lang.String[]);
|
||||||
method public void setInstallLocation(int);
|
method public void setInstallLocation(int);
|
||||||
method public void setOriginatingUri(android.net.Uri);
|
method public void setOriginatingUri(android.net.Uri);
|
||||||
method public void setReferrerUri(android.net.Uri);
|
method public void setReferrerUri(android.net.Uri);
|
||||||
|
|||||||
@ -1023,7 +1023,7 @@ public class Intent implements Parcelable, Cloneable {
|
|||||||
*
|
*
|
||||||
* <p>Note: if you app targets {@link android.os.Build.VERSION_CODES#MNC MNC}
|
* <p>Note: if you app targets {@link android.os.Build.VERSION_CODES#MNC MNC}
|
||||||
* and above and declares as using the {@link android.Manifest.permission#CALL_PHONE}
|
* and above and declares as using the {@link android.Manifest.permission#CALL_PHONE}
|
||||||
* permission which is not granted, then atempting to use this action will
|
* permission which is not granted, then attempting to use this action will
|
||||||
* result in a {@link java.lang.SecurityException}.
|
* result in a {@link java.lang.SecurityException}.
|
||||||
*/
|
*/
|
||||||
@SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION)
|
@SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION)
|
||||||
|
|||||||
@ -18,8 +18,10 @@ package android.content.pm;
|
|||||||
|
|
||||||
import android.annotation.NonNull;
|
import android.annotation.NonNull;
|
||||||
import android.annotation.Nullable;
|
import android.annotation.Nullable;
|
||||||
|
import android.annotation.RequiresPermission;
|
||||||
import android.annotation.SdkConstant;
|
import android.annotation.SdkConstant;
|
||||||
import android.annotation.SdkConstant.SdkConstantType;
|
import android.annotation.SdkConstant.SdkConstantType;
|
||||||
|
import android.annotation.SystemApi;
|
||||||
import android.app.ActivityManager;
|
import android.app.ActivityManager;
|
||||||
import android.content.Context;
|
import android.content.Context;
|
||||||
import android.content.Intent;
|
import android.content.Intent;
|
||||||
@ -889,6 +891,8 @@ public class PackageInstaller {
|
|||||||
public String abiOverride;
|
public String abiOverride;
|
||||||
/** {@hide} */
|
/** {@hide} */
|
||||||
public String volumeUuid;
|
public String volumeUuid;
|
||||||
|
/** {@hide} */
|
||||||
|
public String[] grantedRuntimePermissions;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Construct parameters for a new package install session.
|
* Construct parameters for a new package install session.
|
||||||
@ -914,6 +918,7 @@ public class PackageInstaller {
|
|||||||
referrerUri = source.readParcelable(null);
|
referrerUri = source.readParcelable(null);
|
||||||
abiOverride = source.readString();
|
abiOverride = source.readString();
|
||||||
volumeUuid = source.readString();
|
volumeUuid = source.readString();
|
||||||
|
grantedRuntimePermissions = source.readStringArray();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -987,6 +992,23 @@ public class PackageInstaller {
|
|||||||
this.referrerUri = referrerUri;
|
this.referrerUri = referrerUri;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets which runtime permissions to be granted to the package at installation.
|
||||||
|
* Using this API requires holding {@link android.Manifest.permission
|
||||||
|
* #INSTALL_GRANT_RUNTIME_PERMISSIONS}
|
||||||
|
*
|
||||||
|
* @param permissions The permissions to grant or null to grant all runtime
|
||||||
|
* permissions.
|
||||||
|
*
|
||||||
|
* @hide
|
||||||
|
*/
|
||||||
|
@SystemApi
|
||||||
|
@RequiresPermission(android.Manifest.permission.INSTALL_GRANT_RUNTIME_PERMISSIONS)
|
||||||
|
public void setGrantedRuntimePermissions(String[] permissions) {
|
||||||
|
installFlags |= PackageManager.INSTALL_GRANT_RUNTIME_PERMISSIONS;
|
||||||
|
this.grantedRuntimePermissions = permissions;
|
||||||
|
}
|
||||||
|
|
||||||
/** {@hide} */
|
/** {@hide} */
|
||||||
public void setInstallFlagsInternal() {
|
public void setInstallFlagsInternal() {
|
||||||
installFlags |= PackageManager.INSTALL_INTERNAL;
|
installFlags |= PackageManager.INSTALL_INTERNAL;
|
||||||
@ -1012,6 +1034,7 @@ public class PackageInstaller {
|
|||||||
pw.printPair("referrerUri", referrerUri);
|
pw.printPair("referrerUri", referrerUri);
|
||||||
pw.printPair("abiOverride", abiOverride);
|
pw.printPair("abiOverride", abiOverride);
|
||||||
pw.printPair("volumeUuid", volumeUuid);
|
pw.printPair("volumeUuid", volumeUuid);
|
||||||
|
pw.printPair("grantedRuntimePermissions", grantedRuntimePermissions);
|
||||||
pw.println();
|
pw.println();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1033,6 +1056,7 @@ public class PackageInstaller {
|
|||||||
dest.writeParcelable(referrerUri, flags);
|
dest.writeParcelable(referrerUri, flags);
|
||||||
dest.writeString(abiOverride);
|
dest.writeString(abiOverride);
|
||||||
dest.writeString(volumeUuid);
|
dest.writeString(volumeUuid);
|
||||||
|
dest.writeStringArray(grantedRuntimePermissions);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static final Parcelable.Creator<SessionParams>
|
public static final Parcelable.Creator<SessionParams>
|
||||||
|
|||||||
@ -20,6 +20,7 @@ import android.graphics.Bitmap;
|
|||||||
import android.graphics.BitmapFactory;
|
import android.graphics.BitmapFactory;
|
||||||
import android.graphics.Bitmap.CompressFormat;
|
import android.graphics.Bitmap.CompressFormat;
|
||||||
import android.net.Uri;
|
import android.net.Uri;
|
||||||
|
import android.text.TextUtils;
|
||||||
import android.util.ArrayMap;
|
import android.util.ArrayMap;
|
||||||
import android.util.Base64;
|
import android.util.Base64;
|
||||||
import android.util.Xml;
|
import android.util.Xml;
|
||||||
@ -45,6 +46,8 @@ import java.util.Set;
|
|||||||
/** {@hide} */
|
/** {@hide} */
|
||||||
public class XmlUtils {
|
public class XmlUtils {
|
||||||
|
|
||||||
|
private static final String STRING_ARRAY_SEPARATOR = ":";
|
||||||
|
|
||||||
public static void skipCurrentTag(XmlPullParser parser)
|
public static void skipCurrentTag(XmlPullParser parser)
|
||||||
throws XmlPullParserException, IOException {
|
throws XmlPullParserException, IOException {
|
||||||
int outerDepth = parser.getDepth();
|
int outerDepth = parser.getDepth();
|
||||||
|
|||||||
@ -2052,10 +2052,24 @@
|
|||||||
<permission android:name="android.permission.CHANGE_COMPONENT_ENABLED_STATE"
|
<permission android:name="android.permission.CHANGE_COMPONENT_ENABLED_STATE"
|
||||||
android:protectionLevel="signature|privileged" />
|
android:protectionLevel="signature|privileged" />
|
||||||
|
|
||||||
<!-- @hide Allows an application to grant or revoke specific permissions. -->
|
<!-- Allows an application to grant specific permissions.
|
||||||
<permission android:name="android.permission.GRANT_REVOKE_PERMISSIONS"
|
@hide -->
|
||||||
|
<permission android:name="android.permission.GRANT_RUNTIME_PERMISSIONS"
|
||||||
android:protectionLevel="signature|installer" />
|
android:protectionLevel="signature|installer" />
|
||||||
|
|
||||||
|
<!-- Allows an app that has this permission and the permissions to install packages
|
||||||
|
to request certain runtime permissions to be granted at installation.
|
||||||
|
@hide
|
||||||
|
@SystemApi -->
|
||||||
|
<permission android:name="android.permission.INSTALL_GRANT_RUNTIME_PERMISSIONS"
|
||||||
|
android:protectionLevel="signature|installer|verifier" />
|
||||||
|
|
||||||
|
<!-- Allows an application to revoke specific permissions.
|
||||||
|
@hide
|
||||||
|
@SystemApi -->
|
||||||
|
<permission android:name="android.permission.REVOKE_RUNTIME_PERMISSIONS"
|
||||||
|
android:protectionLevel="signature|installer|verifier" />
|
||||||
|
|
||||||
<!-- @hide Allows an application to observe permission changes. -->
|
<!-- @hide Allows an application to observe permission changes. -->
|
||||||
<permission android:name="android.permission.OBSERVE_GRANT_REVOKE_PERMISSIONS"
|
<permission android:name="android.permission.OBSERVE_GRANT_REVOKE_PERMISSIONS"
|
||||||
android:protectionLevel="signature|privileged" />
|
android:protectionLevel="signature|privileged" />
|
||||||
@ -2539,12 +2553,6 @@
|
|||||||
<permission android:name="android.permission.ACCESS_VOICE_INTERACTION_SERVICE"
|
<permission android:name="android.permission.ACCESS_VOICE_INTERACTION_SERVICE"
|
||||||
android:protectionLevel="signature" />
|
android:protectionLevel="signature" />
|
||||||
|
|
||||||
<!-- Allows an app that has this permission and a permissions to install packages
|
|
||||||
to request all runtime permissions to be granted at installation.
|
|
||||||
@hide -->
|
|
||||||
<permission android:name="android.permission.INSTALL_GRANT_RUNTIME_PERMISSIONS"
|
|
||||||
android:protectionLevel="signature" />
|
|
||||||
|
|
||||||
<!-- The system process that is allowed to bind to services in carrier apps will
|
<!-- The system process that is allowed to bind to services in carrier apps will
|
||||||
have this permission. Carrier apps should use this permission to protect
|
have this permission. Carrier apps should use this permission to protect
|
||||||
their services that only the system is allowed to bind to.
|
their services that only the system is allowed to bind to.
|
||||||
|
|||||||
@ -76,7 +76,9 @@
|
|||||||
<uses-permission android:name="android.permission.FORCE_STOP_PACKAGES" />
|
<uses-permission android:name="android.permission.FORCE_STOP_PACKAGES" />
|
||||||
<uses-permission android:name="android.permission.STOP_APP_SWITCHES" />
|
<uses-permission android:name="android.permission.STOP_APP_SWITCHES" />
|
||||||
<uses-permission android:name="android.permission.ACCESS_CONTENT_PROVIDERS_EXTERNALLY" />
|
<uses-permission android:name="android.permission.ACCESS_CONTENT_PROVIDERS_EXTERNALLY" />
|
||||||
<uses-permission android:name="android.permission.GRANT_REVOKE_PERMISSIONS" />
|
<uses-permission android:name="android.permission.GRANT_RUNTIME_PERMISSIONS" />
|
||||||
|
<uses-permission android:name="android.permission.REVOKE_RUNTIME_PERMISSIONS" />
|
||||||
|
<uses-permission android:name="android.permission.INSTALL_GRANT_RUNTIME_PERMISSIONS" />
|
||||||
<uses-permission android:name="android.permission.SET_KEYBOARD_LAYOUT" />
|
<uses-permission android:name="android.permission.SET_KEYBOARD_LAYOUT" />
|
||||||
<uses-permission android:name="android.permission.GET_DETAILED_TASKS" />
|
<uses-permission android:name="android.permission.GET_DETAILED_TASKS" />
|
||||||
<uses-permission android:name="android.permission.SET_SCREEN_COMPATIBILITY" />
|
<uses-permission android:name="android.permission.SET_SCREEN_COMPATIBILITY" />
|
||||||
|
|||||||
@ -43,7 +43,6 @@ import android.content.Context;
|
|||||||
import android.content.Intent;
|
import android.content.Intent;
|
||||||
import android.content.IntentSender;
|
import android.content.IntentSender;
|
||||||
import android.content.IntentSender.SendIntentException;
|
import android.content.IntentSender.SendIntentException;
|
||||||
import android.content.pm.ApplicationInfo;
|
|
||||||
import android.content.pm.IPackageInstaller;
|
import android.content.pm.IPackageInstaller;
|
||||||
import android.content.pm.IPackageInstallerCallback;
|
import android.content.pm.IPackageInstallerCallback;
|
||||||
import android.content.pm.IPackageInstallerSession;
|
import android.content.pm.IPackageInstallerSession;
|
||||||
@ -71,7 +70,6 @@ import android.os.SELinux;
|
|||||||
import android.os.UserHandle;
|
import android.os.UserHandle;
|
||||||
import android.os.UserManager;
|
import android.os.UserManager;
|
||||||
import android.os.storage.StorageManager;
|
import android.os.storage.StorageManager;
|
||||||
import android.os.storage.VolumeInfo;
|
|
||||||
import android.system.ErrnoException;
|
import android.system.ErrnoException;
|
||||||
import android.system.Os;
|
import android.system.Os;
|
||||||
import android.text.TextUtils;
|
import android.text.TextUtils;
|
||||||
@ -123,6 +121,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub {
|
|||||||
/** XML constants used in {@link #mSessionsFile} */
|
/** XML constants used in {@link #mSessionsFile} */
|
||||||
private static final String TAG_SESSIONS = "sessions";
|
private static final String TAG_SESSIONS = "sessions";
|
||||||
private static final String TAG_SESSION = "session";
|
private static final String TAG_SESSION = "session";
|
||||||
|
private static final String TAG_GRANTED_RUNTIME_PERMISSION = "granted-runtime-permission";
|
||||||
private static final String ATTR_SESSION_ID = "sessionId";
|
private static final String ATTR_SESSION_ID = "sessionId";
|
||||||
private static final String ATTR_USER_ID = "userId";
|
private static final String ATTR_USER_ID = "userId";
|
||||||
private static final String ATTR_INSTALLER_PACKAGE_NAME = "installerPackageName";
|
private static final String ATTR_INSTALLER_PACKAGE_NAME = "installerPackageName";
|
||||||
@ -144,6 +143,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub {
|
|||||||
private static final String ATTR_REFERRER_URI = "referrerUri";
|
private static final String ATTR_REFERRER_URI = "referrerUri";
|
||||||
private static final String ATTR_ABI_OVERRIDE = "abiOverride";
|
private static final String ATTR_ABI_OVERRIDE = "abiOverride";
|
||||||
private static final String ATTR_VOLUME_UUID = "volumeUuid";
|
private static final String ATTR_VOLUME_UUID = "volumeUuid";
|
||||||
|
private static final String ATTR_NAME = "name";
|
||||||
|
|
||||||
/** Automatically destroy sessions older than this */
|
/** Automatically destroy sessions older than this */
|
||||||
private static final long MAX_AGE_MILLIS = 3 * DateUtils.DAY_IN_MILLIS;
|
private static final long MAX_AGE_MILLIS = 3 * DateUtils.DAY_IN_MILLIS;
|
||||||
@ -374,16 +374,15 @@ public class PackageInstallerService extends IPackageInstaller.Stub {
|
|||||||
}
|
}
|
||||||
} catch (FileNotFoundException e) {
|
} catch (FileNotFoundException e) {
|
||||||
// Missing sessions are okay, probably first boot
|
// Missing sessions are okay, probably first boot
|
||||||
} catch (IOException e) {
|
} catch (IOException | XmlPullParserException e) {
|
||||||
Slog.wtf(TAG, "Failed reading install sessions", e);
|
|
||||||
} catch (XmlPullParserException e) {
|
|
||||||
Slog.wtf(TAG, "Failed reading install sessions", e);
|
Slog.wtf(TAG, "Failed reading install sessions", e);
|
||||||
} finally {
|
} finally {
|
||||||
IoUtils.closeQuietly(fis);
|
IoUtils.closeQuietly(fis);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private PackageInstallerSession readSessionLocked(XmlPullParser in) throws IOException {
|
private PackageInstallerSession readSessionLocked(XmlPullParser in) throws IOException,
|
||||||
|
XmlPullParserException {
|
||||||
final int sessionId = readIntAttribute(in, ATTR_SESSION_ID);
|
final int sessionId = readIntAttribute(in, ATTR_SESSION_ID);
|
||||||
final int userId = readIntAttribute(in, ATTR_USER_ID);
|
final int userId = readIntAttribute(in, ATTR_USER_ID);
|
||||||
final String installerPackageName = readStringAttribute(in, ATTR_INSTALLER_PACKAGE_NAME);
|
final String installerPackageName = readStringAttribute(in, ATTR_INSTALLER_PACKAGE_NAME);
|
||||||
@ -409,6 +408,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub {
|
|||||||
params.referrerUri = readUriAttribute(in, ATTR_REFERRER_URI);
|
params.referrerUri = readUriAttribute(in, ATTR_REFERRER_URI);
|
||||||
params.abiOverride = readStringAttribute(in, ATTR_ABI_OVERRIDE);
|
params.abiOverride = readStringAttribute(in, ATTR_ABI_OVERRIDE);
|
||||||
params.volumeUuid = readStringAttribute(in, ATTR_VOLUME_UUID);
|
params.volumeUuid = readStringAttribute(in, ATTR_VOLUME_UUID);
|
||||||
|
params.grantedRuntimePermissions = readGrantedRuntimePermissions(in);
|
||||||
|
|
||||||
final File appIconFile = buildAppIconFile(sessionId);
|
final File appIconFile = buildAppIconFile(sessionId);
|
||||||
if (appIconFile.exists()) {
|
if (appIconFile.exists()) {
|
||||||
@ -501,9 +501,51 @@ public class PackageInstallerService extends IPackageInstaller.Stub {
|
|||||||
params.appIconLastModified = appIconFile.lastModified();
|
params.appIconLastModified = appIconFile.lastModified();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
writeGrantedRuntimePermissions(out, params.grantedRuntimePermissions);
|
||||||
|
|
||||||
out.endTag(null, TAG_SESSION);
|
out.endTag(null, TAG_SESSION);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private static void writeGrantedRuntimePermissions(XmlSerializer out,
|
||||||
|
String[] grantedRuntimePermissions) throws IOException {
|
||||||
|
if (grantedRuntimePermissions != null) {
|
||||||
|
for (String permission : grantedRuntimePermissions) {
|
||||||
|
out.startTag(null, TAG_GRANTED_RUNTIME_PERMISSION);
|
||||||
|
writeStringAttribute(out, ATTR_NAME, permission);
|
||||||
|
out.endTag(null, TAG_GRANTED_RUNTIME_PERMISSION);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private static String[] readGrantedRuntimePermissions(XmlPullParser in)
|
||||||
|
throws IOException, XmlPullParserException {
|
||||||
|
List<String> permissions = null;
|
||||||
|
|
||||||
|
final int outerDepth = in.getDepth();
|
||||||
|
int type;
|
||||||
|
while ((type = in.next()) != XmlPullParser.END_DOCUMENT
|
||||||
|
&& (type != XmlPullParser.END_TAG || in.getDepth() > outerDepth)) {
|
||||||
|
if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (TAG_GRANTED_RUNTIME_PERMISSION.equals(in.getName())) {
|
||||||
|
String permission = readStringAttribute(in, ATTR_NAME);
|
||||||
|
if (permissions == null) {
|
||||||
|
permissions = new ArrayList<>();
|
||||||
|
}
|
||||||
|
permissions.add(permission);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (permissions == null) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
String[] permissionsArray = new String[permissions.size()];
|
||||||
|
permissions.toArray(permissionsArray);
|
||||||
|
return permissionsArray;
|
||||||
|
}
|
||||||
|
|
||||||
private File buildAppIconFile(int sessionId) {
|
private File buildAppIconFile(int sessionId) {
|
||||||
return new File(mSessionsDir, "app_icon." + sessionId + ".png");
|
return new File(mSessionsDir, "app_icon." + sessionId + ".png");
|
||||||
}
|
}
|
||||||
|
|||||||
@ -16,7 +16,6 @@
|
|||||||
|
|
||||||
package com.android.server.pm;
|
package com.android.server.pm;
|
||||||
|
|
||||||
import static android.Manifest.permission.GRANT_REVOKE_PERMISSIONS;
|
|
||||||
import static android.Manifest.permission.READ_EXTERNAL_STORAGE;
|
import static android.Manifest.permission.READ_EXTERNAL_STORAGE;
|
||||||
import static android.Manifest.permission.WRITE_EXTERNAL_STORAGE;
|
import static android.Manifest.permission.WRITE_EXTERNAL_STORAGE;
|
||||||
import static android.Manifest.permission.WRITE_MEDIA_STORAGE;
|
import static android.Manifest.permission.WRITE_MEDIA_STORAGE;
|
||||||
@ -1339,8 +1338,8 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
// permissions if requested before broadcasting the install.
|
// permissions if requested before broadcasting the install.
|
||||||
if ((args.installFlags
|
if ((args.installFlags
|
||||||
& PackageManager.INSTALL_GRANT_RUNTIME_PERMISSIONS) != 0) {
|
& PackageManager.INSTALL_GRANT_RUNTIME_PERMISSIONS) != 0) {
|
||||||
grantRequestedRuntimePermissions(res.pkg,
|
grantRequestedRuntimePermissions(res.pkg, args.user.getIdentifier(),
|
||||||
args.user.getIdentifier());
|
args.installGrantPermissions);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Determine the set of users who are adding this
|
// Determine the set of users who are adding this
|
||||||
@ -1669,12 +1668,17 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
private void grantRequestedRuntimePermissions(PackageParser.Package pkg, int userId) {
|
private void grantRequestedRuntimePermissions(PackageParser.Package pkg, int userId,
|
||||||
|
String[] grantedPermissions) {
|
||||||
if (userId >= UserHandle.USER_OWNER) {
|
if (userId >= UserHandle.USER_OWNER) {
|
||||||
grantRequestedRuntimePermissionsForUser(pkg, userId);
|
grantRequestedRuntimePermissionsForUser(pkg, userId, grantedPermissions);
|
||||||
} else if (userId == UserHandle.USER_ALL) {
|
} else if (userId == UserHandle.USER_ALL) {
|
||||||
for (int someUserId : UserManagerService.getInstance().getUserIds()) {
|
final int[] userIds;
|
||||||
grantRequestedRuntimePermissionsForUser(pkg, someUserId);
|
synchronized (mPackages) {
|
||||||
|
userIds = UserManagerService.getInstance().getUserIds();
|
||||||
|
}
|
||||||
|
for (int someUserId : userIds) {
|
||||||
|
grantRequestedRuntimePermissionsForUser(pkg, someUserId, grantedPermissions);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1684,7 +1688,8 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private void grantRequestedRuntimePermissionsForUser(PackageParser.Package pkg, int userId) {
|
private void grantRequestedRuntimePermissionsForUser(PackageParser.Package pkg, int userId,
|
||||||
|
String[] grantedPermissions) {
|
||||||
SettingBase sb = (SettingBase) pkg.mExtras;
|
SettingBase sb = (SettingBase) pkg.mExtras;
|
||||||
if (sb == null) {
|
if (sb == null) {
|
||||||
return;
|
return;
|
||||||
@ -1694,7 +1699,8 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
|
|
||||||
for (String permission : pkg.requestedPermissions) {
|
for (String permission : pkg.requestedPermissions) {
|
||||||
BasePermission bp = mSettings.mPermissions.get(permission);
|
BasePermission bp = mSettings.mPermissions.get(permission);
|
||||||
if (bp != null && bp.isRuntime()) {
|
if (bp != null && bp.isRuntime() && (grantedPermissions == null
|
||||||
|
|| ArrayUtils.contains(grantedPermissions, permission))) {
|
||||||
permissionsState.grantRuntimePermission(bp, userId);
|
permissionsState.grantRuntimePermission(bp, userId);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -3382,7 +3388,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
}
|
}
|
||||||
|
|
||||||
mContext.enforceCallingOrSelfPermission(
|
mContext.enforceCallingOrSelfPermission(
|
||||||
android.Manifest.permission.GRANT_REVOKE_PERMISSIONS,
|
android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS,
|
||||||
"grantRuntimePermission");
|
"grantRuntimePermission");
|
||||||
|
|
||||||
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
|
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
|
||||||
@ -3466,7 +3472,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
}
|
}
|
||||||
|
|
||||||
mContext.enforceCallingOrSelfPermission(
|
mContext.enforceCallingOrSelfPermission(
|
||||||
android.Manifest.permission.GRANT_REVOKE_PERMISSIONS,
|
android.Manifest.permission.REVOKE_RUNTIME_PERMISSIONS,
|
||||||
"revokeRuntimePermission");
|
"revokeRuntimePermission");
|
||||||
|
|
||||||
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
|
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
|
||||||
@ -3517,7 +3523,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
@Override
|
@Override
|
||||||
public void resetRuntimePermissions() {
|
public void resetRuntimePermissions() {
|
||||||
mContext.enforceCallingOrSelfPermission(
|
mContext.enforceCallingOrSelfPermission(
|
||||||
android.Manifest.permission.GRANT_REVOKE_PERMISSIONS,
|
android.Manifest.permission.REVOKE_RUNTIME_PERMISSIONS,
|
||||||
"revokeRuntimePermission");
|
"revokeRuntimePermission");
|
||||||
|
|
||||||
int callingUid = Binder.getCallingUid();
|
int callingUid = Binder.getCallingUid();
|
||||||
@ -3527,16 +3533,19 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
"resetRuntimePermissions");
|
"resetRuntimePermissions");
|
||||||
}
|
}
|
||||||
|
|
||||||
final int[] userIds;
|
|
||||||
|
|
||||||
synchronized (mPackages) {
|
synchronized (mPackages) {
|
||||||
updatePermissionsLPw(null, null, UPDATE_PERMISSIONS_ALL);
|
updatePermissionsLPw(null, null, UPDATE_PERMISSIONS_ALL);
|
||||||
final int userCount = UserManagerService.getInstance().getUserIds().length;
|
for (int userId : UserManagerService.getInstance().getUserIds()) {
|
||||||
userIds = Arrays.copyOf(UserManagerService.getInstance().getUserIds(), userCount);
|
final int packageCount = mPackages.size();
|
||||||
}
|
for (int i = 0; i < packageCount; i++) {
|
||||||
|
PackageParser.Package pkg = mPackages.valueAt(i);
|
||||||
for (int userId : userIds) {
|
if (!(pkg.mExtras instanceof PackageSetting)) {
|
||||||
mDefaultPermissionPolicy.grantDefaultPermissions(userId);
|
continue;
|
||||||
|
}
|
||||||
|
PackageSetting ps = (PackageSetting) pkg.mExtras;
|
||||||
|
resetUserChangesToRuntimePermissionsAndFlagsLocked(ps, userId);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -3546,9 +3555,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
mContext.enforceCallingOrSelfPermission(
|
enforceGrantRevokeRuntimePermissionPermissions("getPermissionFlags");
|
||||||
android.Manifest.permission.GRANT_REVOKE_PERMISSIONS,
|
|
||||||
"getPermissionFlags");
|
|
||||||
|
|
||||||
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
|
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
|
||||||
"getPermissionFlags");
|
"getPermissionFlags");
|
||||||
@ -3581,9 +3588,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
mContext.enforceCallingOrSelfPermission(
|
enforceGrantRevokeRuntimePermissionPermissions("updatePermissionFlags");
|
||||||
android.Manifest.permission.GRANT_REVOKE_PERMISSIONS,
|
|
||||||
"updatePermissionFlags");
|
|
||||||
|
|
||||||
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
|
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
|
||||||
"updatePermissionFlags");
|
"updatePermissionFlags");
|
||||||
@ -3643,9 +3648,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
mContext.enforceCallingOrSelfPermission(
|
enforceGrantRevokeRuntimePermissionPermissions("updatePermissionFlagsForAllApps");
|
||||||
android.Manifest.permission.GRANT_REVOKE_PERMISSIONS,
|
|
||||||
"updatePermissionFlagsForAllApps");
|
|
||||||
|
|
||||||
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
|
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
|
||||||
"updatePermissionFlagsForAllApps");
|
"updatePermissionFlagsForAllApps");
|
||||||
@ -3675,6 +3678,17 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void enforceGrantRevokeRuntimePermissionPermissions(String message) {
|
||||||
|
if (mContext.checkCallingOrSelfPermission(Manifest.permission.GRANT_RUNTIME_PERMISSIONS)
|
||||||
|
!= PackageManager.PERMISSION_GRANTED
|
||||||
|
&& mContext.checkCallingOrSelfPermission(Manifest.permission.REVOKE_RUNTIME_PERMISSIONS)
|
||||||
|
!= PackageManager.PERMISSION_GRANTED) {
|
||||||
|
throw new SecurityException(message + " requires "
|
||||||
|
+ Manifest.permission.GRANT_RUNTIME_PERMISSIONS + " or "
|
||||||
|
+ Manifest.permission.REVOKE_RUNTIME_PERMISSIONS);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean shouldShowRequestPermissionRationale(String permissionName,
|
public boolean shouldShowRequestPermissionRationale(String permissionName,
|
||||||
String packageName, int userId) {
|
String packageName, int userId) {
|
||||||
@ -9444,7 +9458,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
|
|
||||||
final Message msg = mHandler.obtainMessage(INIT_COPY);
|
final Message msg = mHandler.obtainMessage(INIT_COPY);
|
||||||
msg.obj = new InstallParams(origin, null, observer, installFlags, installerPackageName,
|
msg.obj = new InstallParams(origin, null, observer, installFlags, installerPackageName,
|
||||||
null, verificationParams, user, packageAbiOverride);
|
null, verificationParams, user, packageAbiOverride, null);
|
||||||
mHandler.sendMessage(msg);
|
mHandler.sendMessage(msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -9464,7 +9478,8 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
|
|
||||||
final Message msg = mHandler.obtainMessage(INIT_COPY);
|
final Message msg = mHandler.obtainMessage(INIT_COPY);
|
||||||
msg.obj = new InstallParams(origin, null, observer, params.installFlags,
|
msg.obj = new InstallParams(origin, null, observer, params.installFlags,
|
||||||
installerPackageName, params.volumeUuid, verifParams, user, params.abiOverride);
|
installerPackageName, params.volumeUuid, verifParams, user, params.abiOverride,
|
||||||
|
params.grantedRuntimePermissions);
|
||||||
mHandler.sendMessage(msg);
|
mHandler.sendMessage(msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -10344,10 +10359,13 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
private InstallArgs mArgs;
|
private InstallArgs mArgs;
|
||||||
private int mRet;
|
private int mRet;
|
||||||
final String packageAbiOverride;
|
final String packageAbiOverride;
|
||||||
|
final String[] grantedRuntimePermissions;
|
||||||
|
|
||||||
|
|
||||||
InstallParams(OriginInfo origin, MoveInfo move, IPackageInstallObserver2 observer,
|
InstallParams(OriginInfo origin, MoveInfo move, IPackageInstallObserver2 observer,
|
||||||
int installFlags, String installerPackageName, String volumeUuid,
|
int installFlags, String installerPackageName, String volumeUuid,
|
||||||
VerificationParams verificationParams, UserHandle user, String packageAbiOverride) {
|
VerificationParams verificationParams, UserHandle user, String packageAbiOverride,
|
||||||
|
String[] grantedPermissions) {
|
||||||
super(user);
|
super(user);
|
||||||
this.origin = origin;
|
this.origin = origin;
|
||||||
this.move = move;
|
this.move = move;
|
||||||
@ -10357,6 +10375,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
this.volumeUuid = volumeUuid;
|
this.volumeUuid = volumeUuid;
|
||||||
this.verificationParams = verificationParams;
|
this.verificationParams = verificationParams;
|
||||||
this.packageAbiOverride = packageAbiOverride;
|
this.packageAbiOverride = packageAbiOverride;
|
||||||
|
this.grantedRuntimePermissions = grantedPermissions;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@ -10786,6 +10805,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
final ManifestDigest manifestDigest;
|
final ManifestDigest manifestDigest;
|
||||||
final UserHandle user;
|
final UserHandle user;
|
||||||
final String abiOverride;
|
final String abiOverride;
|
||||||
|
final String[] installGrantPermissions;
|
||||||
|
|
||||||
// The list of instruction sets supported by this app. This is currently
|
// The list of instruction sets supported by this app. This is currently
|
||||||
// only used during the rmdex() phase to clean up resources. We can get rid of this
|
// only used during the rmdex() phase to clean up resources. We can get rid of this
|
||||||
@ -10795,7 +10815,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
InstallArgs(OriginInfo origin, MoveInfo move, IPackageInstallObserver2 observer,
|
InstallArgs(OriginInfo origin, MoveInfo move, IPackageInstallObserver2 observer,
|
||||||
int installFlags, String installerPackageName, String volumeUuid,
|
int installFlags, String installerPackageName, String volumeUuid,
|
||||||
ManifestDigest manifestDigest, UserHandle user, String[] instructionSets,
|
ManifestDigest manifestDigest, UserHandle user, String[] instructionSets,
|
||||||
String abiOverride) {
|
String abiOverride, String[] installGrantPermissions) {
|
||||||
this.origin = origin;
|
this.origin = origin;
|
||||||
this.move = move;
|
this.move = move;
|
||||||
this.installFlags = installFlags;
|
this.installFlags = installFlags;
|
||||||
@ -10806,6 +10826,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
this.user = user;
|
this.user = user;
|
||||||
this.instructionSets = instructionSets;
|
this.instructionSets = instructionSets;
|
||||||
this.abiOverride = abiOverride;
|
this.abiOverride = abiOverride;
|
||||||
|
this.installGrantPermissions = installGrantPermissions;
|
||||||
}
|
}
|
||||||
|
|
||||||
abstract int copyApk(IMediaContainerService imcs, boolean temp) throws RemoteException;
|
abstract int copyApk(IMediaContainerService imcs, boolean temp) throws RemoteException;
|
||||||
@ -10898,7 +10919,8 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
FileInstallArgs(InstallParams params) {
|
FileInstallArgs(InstallParams params) {
|
||||||
super(params.origin, params.move, params.observer, params.installFlags,
|
super(params.origin, params.move, params.observer, params.installFlags,
|
||||||
params.installerPackageName, params.volumeUuid, params.getManifestDigest(),
|
params.installerPackageName, params.volumeUuid, params.getManifestDigest(),
|
||||||
params.getUser(), null /* instruction sets */, params.packageAbiOverride);
|
params.getUser(), null /* instruction sets */, params.packageAbiOverride,
|
||||||
|
params.grantedRuntimePermissions);
|
||||||
if (isFwdLocked()) {
|
if (isFwdLocked()) {
|
||||||
throw new IllegalArgumentException("Forward locking only supported in ASEC");
|
throw new IllegalArgumentException("Forward locking only supported in ASEC");
|
||||||
}
|
}
|
||||||
@ -10907,7 +10929,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
/** Existing install */
|
/** Existing install */
|
||||||
FileInstallArgs(String codePath, String resourcePath, String[] instructionSets) {
|
FileInstallArgs(String codePath, String resourcePath, String[] instructionSets) {
|
||||||
super(OriginInfo.fromNothing(), null, null, 0, null, null, null, null, instructionSets,
|
super(OriginInfo.fromNothing(), null, null, 0, null, null, null, null, instructionSets,
|
||||||
null);
|
null, null);
|
||||||
this.codeFile = (codePath != null) ? new File(codePath) : null;
|
this.codeFile = (codePath != null) ? new File(codePath) : null;
|
||||||
this.resourceFile = (resourcePath != null) ? new File(resourcePath) : null;
|
this.resourceFile = (resourcePath != null) ? new File(resourcePath) : null;
|
||||||
}
|
}
|
||||||
@ -11123,7 +11145,8 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
AsecInstallArgs(InstallParams params) {
|
AsecInstallArgs(InstallParams params) {
|
||||||
super(params.origin, params.move, params.observer, params.installFlags,
|
super(params.origin, params.move, params.observer, params.installFlags,
|
||||||
params.installerPackageName, params.volumeUuid, params.getManifestDigest(),
|
params.installerPackageName, params.volumeUuid, params.getManifestDigest(),
|
||||||
params.getUser(), null /* instruction sets */, params.packageAbiOverride);
|
params.getUser(), null /* instruction sets */, params.packageAbiOverride,
|
||||||
|
params.grantedRuntimePermissions);
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Existing install */
|
/** Existing install */
|
||||||
@ -11131,7 +11154,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
boolean isExternal, boolean isForwardLocked) {
|
boolean isExternal, boolean isForwardLocked) {
|
||||||
super(OriginInfo.fromNothing(), null, null, (isExternal ? INSTALL_EXTERNAL : 0)
|
super(OriginInfo.fromNothing(), null, null, (isExternal ? INSTALL_EXTERNAL : 0)
|
||||||
| (isForwardLocked ? INSTALL_FORWARD_LOCK : 0), null, null, null, null,
|
| (isForwardLocked ? INSTALL_FORWARD_LOCK : 0), null, null, null, null,
|
||||||
instructionSets, null);
|
instructionSets, null, null);
|
||||||
// Hackily pretend we're still looking at a full code path
|
// Hackily pretend we're still looking at a full code path
|
||||||
if (!fullCodePath.endsWith(RES_FILE_NAME)) {
|
if (!fullCodePath.endsWith(RES_FILE_NAME)) {
|
||||||
fullCodePath = new File(fullCodePath, RES_FILE_NAME).getAbsolutePath();
|
fullCodePath = new File(fullCodePath, RES_FILE_NAME).getAbsolutePath();
|
||||||
@ -11148,7 +11171,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
AsecInstallArgs(String cid, String[] instructionSets, boolean isForwardLocked) {
|
AsecInstallArgs(String cid, String[] instructionSets, boolean isForwardLocked) {
|
||||||
super(OriginInfo.fromNothing(), null, null, (isAsecExternal(cid) ? INSTALL_EXTERNAL : 0)
|
super(OriginInfo.fromNothing(), null, null, (isAsecExternal(cid) ? INSTALL_EXTERNAL : 0)
|
||||||
| (isForwardLocked ? INSTALL_FORWARD_LOCK : 0), null, null, null, null,
|
| (isForwardLocked ? INSTALL_FORWARD_LOCK : 0), null, null, null, null,
|
||||||
instructionSets, null);
|
instructionSets, null, null);
|
||||||
this.cid = cid;
|
this.cid = cid;
|
||||||
setMountPath(PackageHelper.getSdDir(cid));
|
setMountPath(PackageHelper.getSdDir(cid));
|
||||||
}
|
}
|
||||||
@ -11415,7 +11438,8 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
MoveInstallArgs(InstallParams params) {
|
MoveInstallArgs(InstallParams params) {
|
||||||
super(params.origin, params.move, params.observer, params.installFlags,
|
super(params.origin, params.move, params.observer, params.installFlags,
|
||||||
params.installerPackageName, params.volumeUuid, params.getManifestDigest(),
|
params.installerPackageName, params.volumeUuid, params.getManifestDigest(),
|
||||||
params.getUser(), null /* instruction sets */, params.packageAbiOverride);
|
params.getUser(), null /* instruction sets */, params.packageAbiOverride,
|
||||||
|
params.grantedRuntimePermissions);
|
||||||
}
|
}
|
||||||
|
|
||||||
int copyApk(IMediaContainerService imcs, boolean temp) {
|
int copyApk(IMediaContainerService imcs, boolean temp) {
|
||||||
@ -15869,7 +15893,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
final Message msg = mHandler.obtainMessage(INIT_COPY);
|
final Message msg = mHandler.obtainMessage(INIT_COPY);
|
||||||
final OriginInfo origin = OriginInfo.fromExistingFile(codeFile);
|
final OriginInfo origin = OriginInfo.fromExistingFile(codeFile);
|
||||||
msg.obj = new InstallParams(origin, move, installObserver, installFlags,
|
msg.obj = new InstallParams(origin, move, installObserver, installFlags,
|
||||||
installerPackageName, volumeUuid, null, user, packageAbiOverride);
|
installerPackageName, volumeUuid, null, user, packageAbiOverride, null);
|
||||||
mHandler.sendMessage(msg);
|
mHandler.sendMessage(msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -16036,7 +16060,9 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setPermissionEnforced(String permission, boolean enforced) {
|
public void setPermissionEnforced(String permission, boolean enforced) {
|
||||||
mContext.enforceCallingOrSelfPermission(GRANT_REVOKE_PERMISSIONS, null);
|
// TODO: Now that we no longer change GID for storage, this should to away.
|
||||||
|
mContext.enforceCallingOrSelfPermission(Manifest.permission.GRANT_RUNTIME_PERMISSIONS,
|
||||||
|
"setPermissionEnforced");
|
||||||
if (READ_EXTERNAL_STORAGE.equals(permission)) {
|
if (READ_EXTERNAL_STORAGE.equals(permission)) {
|
||||||
synchronized (mPackages) {
|
synchronized (mPackages) {
|
||||||
if (mSettings.mReadExternalStorageEnforced == null
|
if (mSettings.mReadExternalStorageEnforced == null
|
||||||
|
|||||||
Reference in New Issue
Block a user