summaryrefslogtreecommitdiffstats
path: root/services
diff options
context:
space:
mode:
authorJeff Davidson <jpd@google.com>2015-06-23 20:42:57 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>2015-06-23 20:43:06 +0000
commit8d9ad19341e19256651ef86274a4382f2c09b279 (patch)
tree8bbaf4b311c295b4749236d456ea698e1b5f77cd /services
parent90c9e4eb54a9c4b4fbc821b1992f2aee2f2b1e8c (diff)
parent2a880312086147577e1e814bda6985fa97fb343b (diff)
downloadframeworks_base-8d9ad19341e19256651ef86274a4382f2c09b279.zip
frameworks_base-8d9ad19341e19256651ef86274a4382f2c09b279.tar.gz
frameworks_base-8d9ad19341e19256651ef86274a4382f2c09b279.tar.bz2
Merge "Default permissions for carrier apps." into mnc-dev
Diffstat (limited to 'services')
-rw-r--r--services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java23
-rw-r--r--services/core/java/com/android/server/pm/PackageManagerService.java98
2 files changed, 97 insertions, 24 deletions
diff --git a/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java b/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
index 62c686c..3ea384c 100644
--- a/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
+++ b/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
@@ -45,7 +45,7 @@ import static android.os.Process.FIRST_APPLICATION_UID;
* have phone related permission by default.
*/
final class DefaultPermissionGrantPolicy {
- private static final String TAG = "DefaultPermissionGrantPolicy";
+ private static final String TAG = "DefaultPermGrantPolicy"; // must be <= 23 chars
private static final boolean DEBUG = false;
private static final String PACKAGE_MIME_TYPE = "application/vnd.android.package-archive";
@@ -133,6 +133,7 @@ final class DefaultPermissionGrantPolicy {
private PackagesProvider mImePackagesProvider;
private PackagesProvider mLocationPackagesProvider;
private PackagesProvider mVoiceInteractionPackagesProvider;
+ private PackagesProvider mCarrierAppPackagesProvider;
public DefaultPermissionGrantPolicy(PackageManagerService service) {
mService = service;
@@ -150,6 +151,10 @@ final class DefaultPermissionGrantPolicy {
mVoiceInteractionPackagesProvider = provider;
}
+ public void setCarrierAppPackagesProviderLPw(PackagesProvider provider) {
+ mCarrierAppPackagesProvider = provider;
+ }
+
public void grantDefaultPermissions(int userId) {
grantPermissionsToSysComponentsAndPrivApps(userId);
grantDefaultSystemHandlerPermissions(userId);
@@ -193,11 +198,13 @@ final class DefaultPermissionGrantPolicy {
final PackagesProvider imePackagesProvider;
final PackagesProvider locationPackagesProvider;
final PackagesProvider voiceInteractionPackagesProvider;
+ final PackagesProvider carrierAppPackagesProvider;
synchronized (mService.mPackages) {
imePackagesProvider = mImePackagesProvider;
locationPackagesProvider = mLocationPackagesProvider;
voiceInteractionPackagesProvider = mVoiceInteractionPackagesProvider;
+ carrierAppPackagesProvider = mCarrierAppPackagesProvider;
}
String[] imePackageNames = (imePackagesProvider != null)
@@ -206,6 +213,8 @@ final class DefaultPermissionGrantPolicy {
? voiceInteractionPackagesProvider.getPackages(userId) : null;
String[] locationPackageNames = (locationPackagesProvider != null)
? locationPackagesProvider.getPackages(userId) : null;
+ String[] carrierAppPackageNames = (carrierAppPackagesProvider != null)
+ ? carrierAppPackagesProvider.getPackages(userId) : null;
synchronized (mService.mPackages) {
// Installers
@@ -382,6 +391,18 @@ final class DefaultPermissionGrantPolicy {
}
}
}
+
+ // Carrier apps
+ if (carrierAppPackageNames != null) {
+ for (String packageName : carrierAppPackageNames) {
+ PackageParser.Package carrierPackage = getSystemPackageLPr(packageName);
+ if (carrierPackage != null
+ && doesPackageSupportRuntimePermissions(carrierPackage)) {
+ grantRuntimePermissionsLPw(carrierPackage, PHONE_PERMISSIONS, userId);
+ grantRuntimePermissionsLPw(carrierPackage, LOCATION_PERMISSIONS, userId);
+ }
+ }
+ }
}
}
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 7a39c2b..d1ef1c9 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -100,6 +100,7 @@ import android.content.pm.IPackageInstaller;
import android.content.pm.IPackageManager;
import android.content.pm.IPackageMoveObserver;
import android.content.pm.IPackageStatsObserver;
+import android.content.pm.IPackagesProvider;
import android.content.pm.InstrumentationInfo;
import android.content.pm.IntentFilterVerificationInfo;
import android.content.pm.KeySet;
@@ -254,14 +255,14 @@ import java.util.concurrent.atomic.AtomicLong;
/**
* Keep track of all those .apks everywhere.
- *
+ *
* This is very central to the platform's security; please run the unit
* tests whenever making modifications here:
- *
+ *
mmm frameworks/base/tests/AndroidTests
adb install -r -f out/target/product/passion/data/app/AndroidTests.apk
adb shell am instrument -w -e class com.android.unit_tests.PackageManagerTests com.android.unit_tests/android.test.InstrumentationTestRunner
- *
+ *
* {@hide}
*/
public class PackageManagerService extends IPackageManager.Stub {
@@ -509,7 +510,7 @@ public class PackageManagerService extends IPackageManager.Stub {
// Packages whose data we have transfered into another package, thus
// should no longer exist.
final ArraySet<String> mTransferedPackages = new ArraySet<String>();
-
+
// Broadcast actions that are only available to the system.
final ArraySet<String> mProtectedBroadcasts = new ArraySet<String>();
@@ -1092,7 +1093,7 @@ public class PackageManagerService extends IPackageManager.Stub {
Process.setThreadPriority(Process.THREAD_PRIORITY_BACKGROUND);
}
}
-
+
void doHandleMessage(Message msg) {
switch (msg.what) {
case INIT_COPY: {
@@ -2502,7 +2503,7 @@ public class PackageManagerService extends IPackageManager.Stub {
}
return out;
}
-
+
@Override
public String[] canonicalToCurrentPackageNames(String[] names) {
String[] out = new String[names.length];
@@ -2572,7 +2573,7 @@ public class PackageManagerService extends IPackageManager.Stub {
pi.protectionLevel = bp.protectionLevel;
return pi;
}
-
+
@Override
public PermissionInfo getPermissionInfo(String name, int flags) {
// reader
@@ -3052,7 +3053,7 @@ public class PackageManagerService extends IPackageManager.Stub {
}
return s1.equals(s2);
}
-
+
static boolean comparePermissionInfos(PermissionInfo pi1, PermissionInfo pi2) {
if (pi1.icon != pi2.icon) return false;
if (pi1.logo != pi2.logo) return false;
@@ -4214,7 +4215,7 @@ public class PackageManagerService extends IPackageManager.Stub {
ComponentName comp = intent.getComponent();
if (comp == null) {
if (intent.getSelector() != null) {
- intent = intent.getSelector();
+ intent = intent.getSelector();
comp = intent.getComponent();
}
}
@@ -4769,7 +4770,7 @@ public class PackageManagerService extends IPackageManager.Stub {
ComponentName comp = intent.getComponent();
if (comp == null) {
if (intent.getSelector() != null) {
- intent = intent.getSelector();
+ intent = intent.getSelector();
comp = intent.getComponent();
}
}
@@ -4820,7 +4821,7 @@ public class PackageManagerService extends IPackageManager.Stub {
ComponentName comp = intent.getComponent();
if (comp == null) {
if (intent.getSelector() != null) {
- intent = intent.getSelector();
+ intent = intent.getSelector();
comp = intent.getComponent();
}
}
@@ -6247,7 +6248,7 @@ public class PackageManagerService extends IPackageManager.Stub {
+ "): packages=" + suid.packages);
}
}
-
+
// Check if we are renaming from an original package name.
PackageSetting origPackage = null;
String realName = null;
@@ -6267,7 +6268,7 @@ public class PackageManagerService extends IPackageManager.Stub {
// it is not already done.
pkg.setPackageName(renamed);
}
-
+
} else {
for (int i=pkg.mOriginalPackages.size()-1; i>=0; i--) {
if ((origPackage = mSettings.peekPackageLPr(
@@ -6297,7 +6298,7 @@ public class PackageManagerService extends IPackageManager.Stub {
}
}
}
-
+
if (mTransferedPackages.contains(pkg.packageName)) {
Slog.w(TAG, "Package " + pkg.packageName
+ " was transferred to another, but its .apk remains");
@@ -6322,24 +6323,24 @@ public class PackageManagerService extends IPackageManager.Stub {
// looking up the package under its new name, so getPackageLP
// can take care of fiddling things correctly.
pkg.setPackageName(origPackage.name);
-
+
// File a report about this.
String msg = "New package " + pkgSetting.realName
+ " renamed to replace old package " + pkgSetting.name;
reportSettingsProblem(Log.WARN, msg);
-
+
// Make a note of it.
mTransferedPackages.add(origPackage.name);
-
+
// No longer need to retain this.
pkgSetting.origPackage = null;
}
-
+
if (realName != null) {
// Make a note of it.
mTransferedPackages.add(pkg.packageName);
}
-
+
if (mSettings.isDisabledSystemPackageLPr(pkg.packageName)) {
pkg.applicationInfo.flags |= ApplicationInfo.FLAG_UPDATED_SYSTEM_APP;
}
@@ -6455,7 +6456,7 @@ public class PackageManagerService extends IPackageManager.Stub {
}
final String pkgName = pkg.packageName;
-
+
final long scanFileTime = scanFile.lastModified();
final boolean forceDex = (scanFlags & SCAN_FORCE_DEX) != 0;
pkg.applicationInfo.processName = fixProcessName(
@@ -8375,7 +8376,7 @@ public class PackageManagerService extends IPackageManager.Stub {
PackageParser.ActivityIntentInfo info) {
return packageName.equals(info.activity.owner.packageName);
}
-
+
@Override
protected ResolveInfo newResult(PackageParser.ActivityIntentInfo info,
int match, int userId) {
@@ -8598,7 +8599,7 @@ public class PackageManagerService extends IPackageManager.Stub {
PackageParser.ServiceIntentInfo info) {
return packageName.equals(info.service.owner.packageName);
}
-
+
@Override
protected ResolveInfo newResult(PackageParser.ServiceIntentInfo filter,
int match, int userId) {
@@ -14153,7 +14154,7 @@ public class PackageManagerService extends IPackageManager.Stub {
boolean checkin = false;
String packageName = null;
-
+
int opti = 0;
while (opti < args.length) {
String opt = args[opti];
@@ -15799,4 +15800,55 @@ public class PackageManagerService extends IPackageManager.Stub {
}
}
}
+
+ @Override
+ public void grantDefaultPermissions(final int userId) {
+ enforceSystemOrPhoneCaller("grantDefaultPermissions");
+ long token = Binder.clearCallingIdentity();
+ try {
+ // We cannot grant the default permissions with a lock held as
+ // we query providers from other components for default handlers
+ // such as enabled IMEs, etc.
+ mHandler.post(new Runnable() {
+ @Override
+ public void run() {
+ mDefaultPermissionPolicy.grantDefaultPermissions(userId);
+ }
+ });
+ } finally {
+ Binder.restoreCallingIdentity(token);
+ }
+ }
+
+ @Override
+ public void setCarrierAppPackagesProvider(final IPackagesProvider provider) {
+ enforceSystemOrPhoneCaller("setCarrierAppPackagesProvider");
+ long token = Binder.clearCallingIdentity();
+ try {
+ PackageManagerInternal.PackagesProvider wrapper =
+ new PackageManagerInternal.PackagesProvider() {
+ @Override
+ public String[] getPackages(int userId) {
+ try {
+ return provider.getPackages(userId);
+ } catch (RemoteException e) {
+ return null;
+ }
+ }
+ };
+ synchronized (mPackages) {
+ mDefaultPermissionPolicy.setCarrierAppPackagesProviderLPw(wrapper);
+ }
+ } finally {
+ Binder.restoreCallingIdentity(token);
+ }
+ }
+
+ private static void enforceSystemOrPhoneCaller(String tag) {
+ int callingUid = Binder.getCallingUid();
+ if (callingUid != Process.PHONE_UID && callingUid != Process.SYSTEM_UID) {
+ throw new SecurityException(
+ "Cannot call " + tag + " from UID " + callingUid);
+ }
+ }
}
generated by cgit v1.1 at 2025-02-10 07:46:00 +0000