framework: Privacy Guard

* Introduce a new privacy feature which allows the user to run an application with reduced visibility into his or her personal data. * Adds a per-application flag and simple API to determine if this flag is enabled for the current or calling process. * This flag can be used by content providers to decide if they should return a limited/empty dataset. Change-Id: Id7c54d728e63acb2b02a2a9322930b54949f6c5d
author: Steve Kondik <shade@chemlab.org> 2013-06-12 00:47:55 -0700
committer: Steve Kondik <shade@chemlab.org> 2013-06-24 11:36:22 -0700
commit: e48fce6da7bd839d70cbf69abb2780c6d30ea7f6 (patch)
tree: 49dd160f5a5d10847fd446e0db7f31f2d800792f /services/java/com/android/server/pm/PackageManagerService.java
parent: b429a08331e8ebea15113fe287f4e5c9478d7001 (diff)
download: frameworks_base-e48fce6da7bd839d70cbf69abb2780c6d30ea7f6.zip
frameworks_base-e48fce6da7bd839d70cbf69abb2780c6d30ea7f6.tar.gz
frameworks_base-e48fce6da7bd839d70cbf69abb2780c6d30ea7f6.tar.bz2
1 files changed, 59 insertions, 0 deletions
diff --git a/services/java/com/android/server/pm/PackageManagerService.java b/services/java/com/android/server/pm/PackageManagerService.java
index 461c060..7702deb 100644
--- a/services/java/com/android/server/pm/PackageManagerService.java
+++ b/services/java/com/android/server/pm/PackageManagerService.java
@@ -8485,11 +8485,16 @@ public class PackageManagerService extends IPackageManager.Stub {
                 // The caller is asking that the package only be deleted for a single
                 // user.  To do this, we just mark its uninstalled state and delete
                 // its data.
+                boolean privacyGuard = android.provider.Settings.Secure.getIntForUser(
+                        mContext.getContentResolver(),
+                        android.provider.Settings.Secure.PRIVACY_GUARD_DEFAULT,
+                        0, user.getIdentifier()) == 1;
                 ps.setUserState(user.getIdentifier(),
                         COMPONENT_ENABLED_STATE_DEFAULT,
                         false, //installed
                         true,  //stopped
                         true,  //notLaunched
+                        privacyGuard,
                         null, null);
                 if (ps.isAnyInstalled(sUserManager.getUserIds())) {
                     // Other user still have this package installed, so all
@@ -9033,6 +9038,60 @@ public class PackageManagerService extends IPackageManager.Stub {
     }
 
     @Override
+    public void setPrivacyGuardSetting(String appPackageName,
+            boolean enabled, int userId) {
+        if (!sUserManager.exists(userId)) return;
+        setPrivacyGuard(appPackageName, enabled, userId);
+    }
+
+    @Override
+    public boolean getPrivacyGuardSetting(String packageName, int userId) {
+        if (!sUserManager.exists(userId)) return false;
+        int uid = Binder.getCallingUid();
+        enforceCrossUserPermission(uid, userId, false, "get privacy guard");
+        // reader
+        synchronized (mPackages) {
+            return mSettings.getPrivacyGuardSettingLPr(packageName, userId);
+        }
+    }
+
+    private void setPrivacyGuard(final String packageName,
+            final boolean enabled, final int userId) {
+        PackageSetting pkgSetting;
+        final int uid = Binder.getCallingUid();
+        final int permission = mContext.checkCallingPermission(
+                android.Manifest.permission.CHANGE_PRIVACY_GUARD_STATE);
+        final boolean allowedByPermission = (permission == PackageManager.PERMISSION_GRANTED);
+        enforceCrossUserPermission(uid, userId, false, "set privacy guard");
+
+        synchronized (mPackages) {
+            pkgSetting = mSettings.mPackages.get(packageName);
+            if (pkgSetting == null) {
+                throw new IllegalArgumentException(
+                        "Unknown package: " + packageName);
+            }
+            // Allow root and verify that userId is not being specified by a different user
+            if (!allowedByPermission && !UserHandle.isSameApp(uid, pkgSetting.appId)) {
+                throw new SecurityException(
+                        "Permission Denial: attempt to change privacy guard state from pid="
+                        + Binder.getCallingPid()
+                        + ", uid=" + uid + ", package uid=" + pkgSetting.appId);
+            }
+            if (pkgSetting.isPrivacyGuard(userId) == enabled) {
+                // Nothing to do
+                return;
+            }
+            pkgSetting.setPrivacyGuard(enabled, userId);
+            mSettings.writePackageRestrictionsLPr(userId);
+            try {
+                ActivityManagerNative.getDefault().forceStopPackage(packageName, userId);
+            } catch (RemoteException e) {
+                //nothing
+            }
+        }
+    }
+
+    @Override
     public void setApplicationEnabledSetting(String appPackageName,
             int newState, int flags, int userId) {
         if (!sUserManager.exists(userId)) return;
author	Steve Kondik <shade@chemlab.org>	2013-06-12 00:47:55 -0700
committer	Steve Kondik <shade@chemlab.org>	2013-06-24 11:36:22 -0700
commit	e48fce6da7bd839d70cbf69abb2780c6d30ea7f6 (patch)
tree	49dd160f5a5d10847fd446e0db7f31f2d800792f /services/java/com/android/server/pm/PackageManagerService.java
parent	b429a08331e8ebea15113fe287f4e5c9478d7001 (diff)
download	frameworks_base-e48fce6da7bd839d70cbf69abb2780c6d30ea7f6.zip frameworks_base-e48fce6da7bd839d70cbf69abb2780c6d30ea7f6.tar.gz frameworks_base-e48fce6da7bd839d70cbf69abb2780c6d30ea7f6.tar.bz2