DefaultPermissionGrantPolicy.java revision 393c7fb2c67e7fc9dfab710a52313f9b55aaa57c
1/* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.android.server.pm; 18 19import android.Manifest; 20import android.app.DownloadManager; 21import android.app.admin.DevicePolicyManager; 22import android.content.Intent; 23import android.content.pm.ApplicationInfo; 24import android.content.pm.PackageManager; 25import android.content.pm.PackageManagerInternal.PackagesProvider; 26import android.content.pm.PackageManagerInternal.SyncAdapterPackagesProvider; 27import android.content.pm.PackageParser; 28import android.content.pm.ProviderInfo; 29import android.content.pm.ResolveInfo; 30import android.net.Uri; 31import android.os.Build; 32import android.os.UserHandle; 33import android.provider.CalendarContract; 34import android.provider.ContactsContract; 35import android.provider.MediaStore; 36import android.provider.Telephony.Sms.Intents; 37import android.util.ArraySet; 38import android.util.Log; 39 40import java.io.File; 41import java.util.ArrayList; 42import java.util.List; 43import java.util.Set; 44 45import static android.os.Process.FIRST_APPLICATION_UID; 46 47/** 48 * This class is the policy for granting runtime permissions to 49 * platform components and default handlers in the system such 50 * that the device is usable out-of-the-box. For example, the 51 * shell UID is a part of the system and the Phone app should 52 * have phone related permission by default. 53 */ 54final class DefaultPermissionGrantPolicy { 55 private static final String TAG = "DefaultPermGrantPolicy"; // must be <= 23 chars 56 private static final boolean DEBUG = false; 57 58 private static final String AUDIO_MIME_TYPE = "audio/mpeg"; 59 60 private static final Set<String> PHONE_PERMISSIONS = new ArraySet<>(); 61 static { 62 PHONE_PERMISSIONS.add(Manifest.permission.READ_PHONE_STATE); 63 PHONE_PERMISSIONS.add(Manifest.permission.CALL_PHONE); 64 PHONE_PERMISSIONS.add(Manifest.permission.READ_CALL_LOG); 65 PHONE_PERMISSIONS.add(Manifest.permission.WRITE_CALL_LOG); 66 PHONE_PERMISSIONS.add(Manifest.permission.ADD_VOICEMAIL); 67 PHONE_PERMISSIONS.add(Manifest.permission.USE_SIP); 68 PHONE_PERMISSIONS.add(Manifest.permission.PROCESS_OUTGOING_CALLS); 69 } 70 71 private static final Set<String> CONTACTS_PERMISSIONS = new ArraySet<>(); 72 static { 73 CONTACTS_PERMISSIONS.add(Manifest.permission.READ_CONTACTS); 74 CONTACTS_PERMISSIONS.add(Manifest.permission.WRITE_CONTACTS); 75 CONTACTS_PERMISSIONS.add(Manifest.permission.GET_ACCOUNTS); 76 } 77 78 private static final Set<String> LOCATION_PERMISSIONS = new ArraySet<>(); 79 static { 80 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_FINE_LOCATION); 81 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_COARSE_LOCATION); 82 } 83 84 private static final Set<String> CALENDAR_PERMISSIONS = new ArraySet<>(); 85 static { 86 CALENDAR_PERMISSIONS.add(Manifest.permission.READ_CALENDAR); 87 CALENDAR_PERMISSIONS.add(Manifest.permission.WRITE_CALENDAR); 88 } 89 90 private static final Set<String> SMS_PERMISSIONS = new ArraySet<>(); 91 static { 92 SMS_PERMISSIONS.add(Manifest.permission.SEND_SMS); 93 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_SMS); 94 SMS_PERMISSIONS.add(Manifest.permission.READ_SMS); 95 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_WAP_PUSH); 96 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_MMS); 97 SMS_PERMISSIONS.add(Manifest.permission.READ_CELL_BROADCASTS); 98 } 99 100 private static final Set<String> MICROPHONE_PERMISSIONS = new ArraySet<>(); 101 static { 102 MICROPHONE_PERMISSIONS.add(Manifest.permission.RECORD_AUDIO); 103 } 104 105 private static final Set<String> CAMERA_PERMISSIONS = new ArraySet<>(); 106 static { 107 CAMERA_PERMISSIONS.add(Manifest.permission.CAMERA); 108 } 109 110 private static final Set<String> SENSORS_PERMISSIONS = new ArraySet<>(); 111 static { 112 SENSORS_PERMISSIONS.add(Manifest.permission.BODY_SENSORS); 113 } 114 115 private static final Set<String> STORAGE_PERMISSIONS = new ArraySet<>(); 116 static { 117 STORAGE_PERMISSIONS.add(Manifest.permission.READ_EXTERNAL_STORAGE); 118 STORAGE_PERMISSIONS.add(Manifest.permission.WRITE_EXTERNAL_STORAGE); 119 } 120 121 private final PackageManagerService mService; 122 123 private PackagesProvider mImePackagesProvider; 124 private PackagesProvider mLocationPackagesProvider; 125 private PackagesProvider mVoiceInteractionPackagesProvider; 126 private PackagesProvider mSmsAppPackagesProvider; 127 private PackagesProvider mDialerAppPackagesProvider; 128 private PackagesProvider mSimCallManagerPackagesProvider; 129 private SyncAdapterPackagesProvider mSyncAdapterPackagesProvider; 130 131 public DefaultPermissionGrantPolicy(PackageManagerService service) { 132 mService = service; 133 } 134 135 public void setImePackagesProviderLPr(PackagesProvider provider) { 136 mImePackagesProvider = provider; 137 } 138 139 public void setLocationPackagesProviderLPw(PackagesProvider provider) { 140 mLocationPackagesProvider = provider; 141 } 142 143 public void setVoiceInteractionPackagesProviderLPw(PackagesProvider provider) { 144 mVoiceInteractionPackagesProvider = provider; 145 } 146 147 public void setSmsAppPackagesProviderLPw(PackagesProvider provider) { 148 mSmsAppPackagesProvider = provider; 149 } 150 151 public void setDialerAppPackagesProviderLPw(PackagesProvider provider) { 152 mDialerAppPackagesProvider = provider; 153 } 154 155 public void setSimCallManagerPackagesProviderLPw(PackagesProvider provider) { 156 mSimCallManagerPackagesProvider = provider; 157 } 158 159 public void setSyncAdapterPackagesProviderLPw(SyncAdapterPackagesProvider provider) { 160 mSyncAdapterPackagesProvider = provider; 161 } 162 163 public void grantDefaultPermissions(int userId) { 164 grantPermissionsToSysComponentsAndPrivApps(userId); 165 grantDefaultSystemHandlerPermissions(userId); 166 } 167 168 private void grantPermissionsToSysComponentsAndPrivApps(int userId) { 169 Log.i(TAG, "Granting permissions to platform components for user " + userId); 170 171 synchronized (mService.mPackages) { 172 for (PackageParser.Package pkg : mService.mPackages.values()) { 173 if (!isSysComponentOrPersistentPlatformSignedPrivAppLPr(pkg) 174 || !doesPackageSupportRuntimePermissions(pkg) 175 || pkg.requestedPermissions.isEmpty()) { 176 continue; 177 } 178 Set<String> permissions = new ArraySet<>(); 179 final int permissionCount = pkg.requestedPermissions.size(); 180 for (int i = 0; i < permissionCount; i++) { 181 String permission = pkg.requestedPermissions.get(i); 182 BasePermission bp = mService.mSettings.mPermissions.get(permission); 183 if (bp != null && bp.isRuntime()) { 184 permissions.add(permission); 185 } 186 } 187 if (!permissions.isEmpty()) { 188 grantRuntimePermissionsLPw(pkg, permissions, true, userId); 189 } 190 } 191 } 192 } 193 194 private void grantDefaultSystemHandlerPermissions(int userId) { 195 Log.i(TAG, "Granting permissions to default platform handlers for user " + userId); 196 197 final PackagesProvider imePackagesProvider; 198 final PackagesProvider locationPackagesProvider; 199 final PackagesProvider voiceInteractionPackagesProvider; 200 final PackagesProvider smsAppPackagesProvider; 201 final PackagesProvider dialerAppPackagesProvider; 202 final PackagesProvider simCallManagerPackagesProvider; 203 final SyncAdapterPackagesProvider syncAdapterPackagesProvider; 204 205 synchronized (mService.mPackages) { 206 imePackagesProvider = mImePackagesProvider; 207 locationPackagesProvider = mLocationPackagesProvider; 208 voiceInteractionPackagesProvider = mVoiceInteractionPackagesProvider; 209 smsAppPackagesProvider = mSmsAppPackagesProvider; 210 dialerAppPackagesProvider = mDialerAppPackagesProvider; 211 simCallManagerPackagesProvider = mSimCallManagerPackagesProvider; 212 syncAdapterPackagesProvider = mSyncAdapterPackagesProvider; 213 } 214 215 String[] imePackageNames = (imePackagesProvider != null) 216 ? imePackagesProvider.getPackages(userId) : null; 217 String[] voiceInteractPackageNames = (voiceInteractionPackagesProvider != null) 218 ? voiceInteractionPackagesProvider.getPackages(userId) : null; 219 String[] locationPackageNames = (locationPackagesProvider != null) 220 ? locationPackagesProvider.getPackages(userId) : null; 221 String[] smsAppPackageNames = (smsAppPackagesProvider != null) 222 ? smsAppPackagesProvider.getPackages(userId) : null; 223 String[] dialerAppPackageNames = (dialerAppPackagesProvider != null) 224 ? dialerAppPackagesProvider.getPackages(userId) : null; 225 String[] simCallManagerPackageNames = (simCallManagerPackagesProvider != null) 226 ? simCallManagerPackagesProvider.getPackages(userId) : null; 227 String[] contactsSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 228 syncAdapterPackagesProvider.getPackages(ContactsContract.AUTHORITY, userId) : null; 229 String[] calendarSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 230 syncAdapterPackagesProvider.getPackages(CalendarContract.AUTHORITY, userId) : null; 231 232 synchronized (mService.mPackages) { 233 // Installer 234 PackageParser.Package installerPackage = getSystemPackageLPr( 235 mService.mRequiredInstallerPackage); 236 if (installerPackage != null 237 && doesPackageSupportRuntimePermissions(installerPackage)) { 238 grantRuntimePermissionsLPw(installerPackage, STORAGE_PERMISSIONS, true, userId); 239 } 240 241 // Verifier 242 PackageParser.Package verifierPackage = getSystemPackageLPr( 243 mService.mRequiredVerifierPackage); 244 if (verifierPackage != null 245 && doesPackageSupportRuntimePermissions(verifierPackage)) { 246 grantRuntimePermissionsLPw(verifierPackage, STORAGE_PERMISSIONS, true, userId); 247 } 248 249 // SetupWizard 250 Intent setupIntent = new Intent(Intent.ACTION_MAIN); 251 setupIntent.addCategory(Intent.CATEGORY_SETUP_WIZARD); 252 PackageParser.Package setupPackage = getDefaultSystemHandlerActivityPackageLPr( 253 setupIntent, userId); 254 if (setupPackage != null 255 && doesPackageSupportRuntimePermissions(setupPackage)) { 256 grantRuntimePermissionsLPw(setupPackage, PHONE_PERMISSIONS, userId); 257 grantRuntimePermissionsLPw(setupPackage, CONTACTS_PERMISSIONS, userId); 258 } 259 260 // Camera 261 Intent cameraIntent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE); 262 PackageParser.Package cameraPackage = getDefaultSystemHandlerActivityPackageLPr( 263 cameraIntent, userId); 264 if (cameraPackage != null 265 && doesPackageSupportRuntimePermissions(cameraPackage)) { 266 grantRuntimePermissionsLPw(cameraPackage, CAMERA_PERMISSIONS, userId); 267 grantRuntimePermissionsLPw(cameraPackage, MICROPHONE_PERMISSIONS, userId); 268 grantRuntimePermissionsLPw(cameraPackage, STORAGE_PERMISSIONS, userId); 269 } 270 271 // Media provider 272 PackageParser.Package mediaStorePackage = getDefaultProviderAuthorityPackageLPr( 273 MediaStore.AUTHORITY, userId); 274 if (mediaStorePackage != null) { 275 grantRuntimePermissionsLPw(mediaStorePackage, STORAGE_PERMISSIONS, true, userId); 276 } 277 278 // Downloads provider 279 PackageParser.Package downloadsPackage = getDefaultProviderAuthorityPackageLPr( 280 "downloads", userId); 281 if (downloadsPackage != null) { 282 grantRuntimePermissionsLPw(downloadsPackage, STORAGE_PERMISSIONS, true, userId); 283 } 284 285 // Downloads UI 286 Intent downloadsUiIntent = new Intent(DownloadManager.ACTION_VIEW_DOWNLOADS); 287 PackageParser.Package downloadsUiPackage = getDefaultSystemHandlerActivityPackageLPr( 288 downloadsUiIntent, userId); 289 if (downloadsUiPackage != null 290 && doesPackageSupportRuntimePermissions(downloadsUiPackage)) { 291 grantRuntimePermissionsLPw(downloadsUiPackage, STORAGE_PERMISSIONS, true, userId); 292 } 293 294 // Storage provider 295 PackageParser.Package storagePackage = getDefaultProviderAuthorityPackageLPr( 296 "com.android.externalstorage.documents", userId); 297 if (storagePackage != null) { 298 grantRuntimePermissionsLPw(storagePackage, STORAGE_PERMISSIONS, userId); 299 } 300 301 // Dialer 302 if (dialerAppPackageNames == null) { 303 Intent dialerIntent = new Intent(Intent.ACTION_DIAL); 304 PackageParser.Package dialerPackage = getDefaultSystemHandlerActivityPackageLPr( 305 dialerIntent, userId); 306 if (dialerPackage != null) { 307 grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId); 308 } 309 } else { 310 for (String dialerAppPackageName : dialerAppPackageNames) { 311 PackageParser.Package dialerPackage = getSystemPackageLPr(dialerAppPackageName); 312 if (dialerPackage != null) { 313 grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId); 314 } 315 } 316 } 317 318 // Sim call manager 319 if (simCallManagerPackageNames != null) { 320 for (String simCallManagerPackageName : simCallManagerPackageNames) { 321 PackageParser.Package simCallManagerPackage = 322 getSystemPackageLPr(simCallManagerPackageName); 323 if (simCallManagerPackage != null) { 324 grantDefaultPermissionsToDefaultSimCallManagerLPr(simCallManagerPackage, 325 userId); 326 } 327 } 328 } 329 330 // SMS 331 if (smsAppPackageNames == null) { 332 Intent smsIntent = new Intent(Intent.ACTION_MAIN); 333 smsIntent.addCategory(Intent.CATEGORY_APP_MESSAGING); 334 PackageParser.Package smsPackage = getDefaultSystemHandlerActivityPackageLPr( 335 smsIntent, userId); 336 if (smsPackage != null) { 337 grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId); 338 } 339 } else { 340 for (String smsPackageName : smsAppPackageNames) { 341 PackageParser.Package smsPackage = getSystemPackageLPr(smsPackageName); 342 if (smsPackage != null) { 343 grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId); 344 } 345 } 346 } 347 348 // Cell Broadcast Receiver 349 Intent cbrIntent = new Intent(Intents.SMS_CB_RECEIVED_ACTION); 350 PackageParser.Package cbrPackage = 351 getDefaultSystemHandlerActivityPackageLPr(cbrIntent, userId); 352 if (cbrPackage != null && doesPackageSupportRuntimePermissions(cbrPackage)) { 353 grantRuntimePermissionsLPw(cbrPackage, SMS_PERMISSIONS, false, userId); 354 } 355 356 // Calendar 357 Intent calendarIntent = new Intent(Intent.ACTION_MAIN); 358 calendarIntent.addCategory(Intent.CATEGORY_APP_CALENDAR); 359 PackageParser.Package calendarPackage = getDefaultSystemHandlerActivityPackageLPr( 360 calendarIntent, userId); 361 if (calendarPackage != null 362 && doesPackageSupportRuntimePermissions(calendarPackage)) { 363 grantRuntimePermissionsLPw(calendarPackage, CALENDAR_PERMISSIONS, userId); 364 grantRuntimePermissionsLPw(calendarPackage, CONTACTS_PERMISSIONS, userId); 365 } 366 367 // Calendar provider 368 PackageParser.Package calendarProviderPackage = getDefaultProviderAuthorityPackageLPr( 369 CalendarContract.AUTHORITY, userId); 370 if (calendarProviderPackage != null) { 371 grantRuntimePermissionsLPw(calendarProviderPackage, CONTACTS_PERMISSIONS, userId); 372 grantRuntimePermissionsLPw(calendarProviderPackage, CALENDAR_PERMISSIONS, 373 true, userId); 374 grantRuntimePermissionsLPw(calendarProviderPackage, STORAGE_PERMISSIONS, userId); 375 } 376 377 // Calendar provider sync adapters 378 List<PackageParser.Package> calendarSyncAdapters = getHeadlessSyncAdapterPackagesLPr( 379 calendarSyncAdapterPackages, userId); 380 final int calendarSyncAdapterCount = calendarSyncAdapters.size(); 381 for (int i = 0; i < calendarSyncAdapterCount; i++) { 382 PackageParser.Package calendarSyncAdapter = calendarSyncAdapters.get(i); 383 if (doesPackageSupportRuntimePermissions(calendarSyncAdapter)) { 384 grantRuntimePermissionsLPw(calendarSyncAdapter, CALENDAR_PERMISSIONS, userId); 385 } 386 } 387 388 // Contacts 389 Intent contactsIntent = new Intent(Intent.ACTION_MAIN); 390 contactsIntent.addCategory(Intent.CATEGORY_APP_CONTACTS); 391 PackageParser.Package contactsPackage = getDefaultSystemHandlerActivityPackageLPr( 392 contactsIntent, userId); 393 if (contactsPackage != null 394 && doesPackageSupportRuntimePermissions(contactsPackage)) { 395 grantRuntimePermissionsLPw(contactsPackage, CONTACTS_PERMISSIONS, userId); 396 grantRuntimePermissionsLPw(contactsPackage, PHONE_PERMISSIONS, userId); 397 } 398 399 // Contacts provider sync adapters 400 List<PackageParser.Package> contactsSyncAdapters = getHeadlessSyncAdapterPackagesLPr( 401 contactsSyncAdapterPackages, userId); 402 final int contactsSyncAdapterCount = contactsSyncAdapters.size(); 403 for (int i = 0; i < contactsSyncAdapterCount; i++) { 404 PackageParser.Package contactsSyncAdapter = contactsSyncAdapters.get(i); 405 if (doesPackageSupportRuntimePermissions(contactsSyncAdapter)) { 406 grantRuntimePermissionsLPw(contactsSyncAdapter, CONTACTS_PERMISSIONS, userId); 407 } 408 } 409 410 // Contacts provider 411 PackageParser.Package contactsProviderPackage = getDefaultProviderAuthorityPackageLPr( 412 ContactsContract.AUTHORITY, userId); 413 if (contactsProviderPackage != null) { 414 grantRuntimePermissionsLPw(contactsProviderPackage, CONTACTS_PERMISSIONS, 415 true, userId); 416 grantRuntimePermissionsLPw(contactsProviderPackage, PHONE_PERMISSIONS, 417 true, userId); 418 grantRuntimePermissionsLPw(contactsProviderPackage, STORAGE_PERMISSIONS, userId); 419 } 420 421 // Device provisioning 422 Intent deviceProvisionIntent = new Intent( 423 DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE); 424 PackageParser.Package deviceProvisionPackage = 425 getDefaultSystemHandlerActivityPackageLPr(deviceProvisionIntent, userId); 426 if (deviceProvisionPackage != null 427 && doesPackageSupportRuntimePermissions(deviceProvisionPackage)) { 428 grantRuntimePermissionsLPw(deviceProvisionPackage, CONTACTS_PERMISSIONS, userId); 429 } 430 431 // Maps 432 Intent mapsIntent = new Intent(Intent.ACTION_MAIN); 433 mapsIntent.addCategory(Intent.CATEGORY_APP_MAPS); 434 PackageParser.Package mapsPackage = getDefaultSystemHandlerActivityPackageLPr( 435 mapsIntent, userId); 436 if (mapsPackage != null 437 && doesPackageSupportRuntimePermissions(mapsPackage)) { 438 grantRuntimePermissionsLPw(mapsPackage, LOCATION_PERMISSIONS, userId); 439 } 440 441 // Gallery 442 Intent galleryIntent = new Intent(Intent.ACTION_MAIN); 443 galleryIntent.addCategory(Intent.CATEGORY_APP_GALLERY); 444 PackageParser.Package galleryPackage = getDefaultSystemHandlerActivityPackageLPr( 445 galleryIntent, userId); 446 if (galleryPackage != null 447 && doesPackageSupportRuntimePermissions(galleryPackage)) { 448 grantRuntimePermissionsLPw(galleryPackage, STORAGE_PERMISSIONS, userId); 449 } 450 451 // Email 452 Intent emailIntent = new Intent(Intent.ACTION_MAIN); 453 emailIntent.addCategory(Intent.CATEGORY_APP_EMAIL); 454 PackageParser.Package emailPackage = getDefaultSystemHandlerActivityPackageLPr( 455 emailIntent, userId); 456 if (emailPackage != null 457 && doesPackageSupportRuntimePermissions(emailPackage)) { 458 grantRuntimePermissionsLPw(emailPackage, CONTACTS_PERMISSIONS, userId); 459 } 460 461 // Browser 462 PackageParser.Package browserPackage = null; 463 String defaultBrowserPackage = mService.getDefaultBrowserPackageName(userId); 464 if (defaultBrowserPackage != null) { 465 browserPackage = getPackageLPr(defaultBrowserPackage); 466 } 467 if (browserPackage == null) { 468 Intent browserIntent = new Intent(Intent.ACTION_MAIN); 469 browserIntent.addCategory(Intent.CATEGORY_APP_BROWSER); 470 browserPackage = getDefaultSystemHandlerActivityPackageLPr( 471 browserIntent, userId); 472 } 473 if (browserPackage != null 474 && doesPackageSupportRuntimePermissions(browserPackage)) { 475 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, userId); 476 } 477 478 // IME 479 if (imePackageNames != null) { 480 for (String imePackageName : imePackageNames) { 481 PackageParser.Package imePackage = getSystemPackageLPr(imePackageName); 482 if (imePackage != null 483 && doesPackageSupportRuntimePermissions(imePackage)) { 484 grantRuntimePermissionsLPw(imePackage, CONTACTS_PERMISSIONS, userId); 485 } 486 } 487 } 488 489 // Voice interaction 490 if (voiceInteractPackageNames != null) { 491 for (String voiceInteractPackageName : voiceInteractPackageNames) { 492 PackageParser.Package voiceInteractPackage = getSystemPackageLPr( 493 voiceInteractPackageName); 494 if (voiceInteractPackage != null 495 && doesPackageSupportRuntimePermissions(voiceInteractPackage)) { 496 grantRuntimePermissionsLPw(voiceInteractPackage, 497 CONTACTS_PERMISSIONS, userId); 498 grantRuntimePermissionsLPw(voiceInteractPackage, 499 CALENDAR_PERMISSIONS, userId); 500 grantRuntimePermissionsLPw(voiceInteractPackage, 501 MICROPHONE_PERMISSIONS, userId); 502 grantRuntimePermissionsLPw(voiceInteractPackage, 503 PHONE_PERMISSIONS, userId); 504 grantRuntimePermissionsLPw(voiceInteractPackage, 505 SMS_PERMISSIONS, userId); 506 grantRuntimePermissionsLPw(voiceInteractPackage, 507 LOCATION_PERMISSIONS, userId); 508 } 509 } 510 } 511 512 // Voice recognition 513 Intent voiceRecoIntent = new Intent("android.speech.RecognitionService"); 514 voiceRecoIntent.addCategory(Intent.CATEGORY_DEFAULT); 515 PackageParser.Package voiceRecoPackage = getDefaultSystemHandlerServicePackageLPr( 516 voiceRecoIntent, userId); 517 if (voiceRecoPackage != null 518 && doesPackageSupportRuntimePermissions(voiceRecoPackage)) { 519 grantRuntimePermissionsLPw(voiceRecoPackage, MICROPHONE_PERMISSIONS, userId); 520 } 521 522 // Location 523 if (locationPackageNames != null) { 524 for (String packageName : locationPackageNames) { 525 PackageParser.Package locationPackage = getSystemPackageLPr(packageName); 526 if (locationPackage != null 527 && doesPackageSupportRuntimePermissions(locationPackage)) { 528 grantRuntimePermissionsLPw(locationPackage, CONTACTS_PERMISSIONS, userId); 529 grantRuntimePermissionsLPw(locationPackage, CALENDAR_PERMISSIONS, userId); 530 grantRuntimePermissionsLPw(locationPackage, MICROPHONE_PERMISSIONS, userId); 531 grantRuntimePermissionsLPw(locationPackage, PHONE_PERMISSIONS, userId); 532 grantRuntimePermissionsLPw(locationPackage, SMS_PERMISSIONS, userId); 533 grantRuntimePermissionsLPw(locationPackage, LOCATION_PERMISSIONS, 534 true, userId); 535 grantRuntimePermissionsLPw(locationPackage, CAMERA_PERMISSIONS, userId); 536 grantRuntimePermissionsLPw(locationPackage, SENSORS_PERMISSIONS, userId); 537 grantRuntimePermissionsLPw(locationPackage, STORAGE_PERMISSIONS, userId); 538 } 539 } 540 } 541 542 // Music 543 Intent musicIntent = new Intent(Intent.ACTION_VIEW); 544 musicIntent.addCategory(Intent.CATEGORY_DEFAULT); 545 musicIntent.setDataAndType(Uri.fromFile(new File("foo.mp3")), 546 AUDIO_MIME_TYPE); 547 PackageParser.Package musicPackage = getDefaultSystemHandlerActivityPackageLPr( 548 musicIntent, userId); 549 if (musicPackage != null 550 && doesPackageSupportRuntimePermissions(musicPackage)) { 551 grantRuntimePermissionsLPw(musicPackage, STORAGE_PERMISSIONS, userId); 552 } 553 554 mService.mSettings.onDefaultRuntimePermissionsGrantedLPr(userId); 555 } 556 } 557 558 private void grantDefaultPermissionsToDefaultSystemDialerAppLPr( 559 PackageParser.Package dialerPackage, int userId) { 560 if (doesPackageSupportRuntimePermissions(dialerPackage)) { 561 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, userId); 562 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, userId); 563 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, userId); 564 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, userId); 565 } 566 } 567 568 569 private void grantDefaultPermissionsToDefaultSystemSmsAppLPr( 570 PackageParser.Package smsPackage, int userId) { 571 if (doesPackageSupportRuntimePermissions(smsPackage)) { 572 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, userId); 573 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, userId); 574 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, userId); 575 } 576 } 577 578 579 public void grantDefaultPermissionsToDefaultSmsAppLPr(String packageName, int userId) { 580 Log.i(TAG, "Granting permissions to default sms app for user:" + userId); 581 if (packageName == null) { 582 return; 583 } 584 PackageParser.Package smsPackage = getPackageLPr(packageName); 585 if (smsPackage != null && doesPackageSupportRuntimePermissions(smsPackage)) { 586 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, false, true, userId); 587 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, false, true, userId); 588 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, false, true, userId); 589 } 590 } 591 592 public void grantDefaultPermissionsToDefaultDialerAppLPr(String packageName, int userId) { 593 Log.i(TAG, "Granting permissions to default dialer app for user:" + userId); 594 if (packageName == null) { 595 return; 596 } 597 PackageParser.Package dialerPackage = getPackageLPr(packageName); 598 if (dialerPackage != null 599 && doesPackageSupportRuntimePermissions(dialerPackage)) { 600 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, false, true, userId); 601 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, false, true, userId); 602 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, false, true, userId); 603 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, false, true, userId); 604 } 605 } 606 607 private void grantDefaultPermissionsToDefaultSimCallManagerLPr( 608 PackageParser.Package simCallManagerPackage, int userId) { 609 Log.i(TAG, "Granting permissions to sim call manager for user:" + userId); 610 if (doesPackageSupportRuntimePermissions(simCallManagerPackage)) { 611 grantRuntimePermissionsLPw(simCallManagerPackage, PHONE_PERMISSIONS, userId); 612 grantRuntimePermissionsLPw(simCallManagerPackage, MICROPHONE_PERMISSIONS, userId); 613 } 614 } 615 616 public void grantDefaultPermissionsToDefaultSimCallManagerLPr(String packageName, int userId) { 617 if (packageName == null) { 618 return; 619 } 620 PackageParser.Package simCallManagerPackage = getPackageLPr(packageName); 621 if (simCallManagerPackage != null) { 622 grantDefaultPermissionsToDefaultSimCallManagerLPr(simCallManagerPackage, userId); 623 } 624 } 625 626 public void grantDefaultPermissionsToEnabledCarrierAppsLPr(String[] packageNames, int userId) { 627 Log.i(TAG, "Granting permissions to enabled carrier apps for user:" + userId); 628 if (packageNames == null) { 629 return; 630 } 631 for (String packageName : packageNames) { 632 PackageParser.Package carrierPackage = getSystemPackageLPr(packageName); 633 if (carrierPackage != null 634 && doesPackageSupportRuntimePermissions(carrierPackage)) { 635 grantRuntimePermissionsLPw(carrierPackage, PHONE_PERMISSIONS, userId); 636 grantRuntimePermissionsLPw(carrierPackage, LOCATION_PERMISSIONS, userId); 637 } 638 } 639 } 640 641 public void grantDefaultPermissionsToDefaultBrowserLPr(String packageName, int userId) { 642 Log.i(TAG, "Granting permissions to default browser for user:" + userId); 643 if (packageName == null) { 644 return; 645 } 646 PackageParser.Package browserPackage = getSystemPackageLPr(packageName); 647 if (browserPackage != null 648 && doesPackageSupportRuntimePermissions(browserPackage)) { 649 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, false, false, userId); 650 } 651 } 652 653 private PackageParser.Package getDefaultSystemHandlerActivityPackageLPr( 654 Intent intent, int userId) { 655 List<ResolveInfo> handlers = mService.mActivities.queryIntent(intent, 656 intent.resolveType(mService.mContext.getContentResolver()), 657 PackageManager.GET_DISABLED_COMPONENTS, userId); 658 if (handlers == null) { 659 return null; 660 } 661 final int handlerCount = handlers.size(); 662 for (int i = 0; i < handlerCount; i++) { 663 ResolveInfo handler = handlers.get(i); 664 PackageParser.Package handlerPackage = getSystemPackageLPr( 665 handler.activityInfo.packageName); 666 if (handlerPackage != null) { 667 return handlerPackage; 668 } 669 } 670 return null; 671 } 672 673 private PackageParser.Package getDefaultSystemHandlerServicePackageLPr( 674 Intent intent, int userId) { 675 List<ResolveInfo> handlers = mService.queryIntentServices(intent, 676 intent.resolveType(mService.mContext.getContentResolver()), 677 PackageManager.GET_DISABLED_COMPONENTS, userId); 678 if (handlers == null) { 679 return null; 680 } 681 final int handlerCount = handlers.size(); 682 for (int i = 0; i < handlerCount; i++) { 683 ResolveInfo handler = handlers.get(i); 684 PackageParser.Package handlerPackage = getSystemPackageLPr( 685 handler.serviceInfo.packageName); 686 if (handlerPackage != null) { 687 return handlerPackage; 688 } 689 } 690 return null; 691 } 692 693 private List<PackageParser.Package> getHeadlessSyncAdapterPackagesLPr( 694 String[] syncAdapterPackageNames, int userId) { 695 List<PackageParser.Package> syncAdapterPackages = new ArrayList<>(); 696 697 Intent homeIntent = new Intent(Intent.ACTION_MAIN); 698 homeIntent.addCategory(Intent.CATEGORY_HOME); 699 700 for (String syncAdapterPackageName : syncAdapterPackageNames) { 701 homeIntent.setPackage(syncAdapterPackageName); 702 703 List<ResolveInfo> homeActivities = mService.mActivities.queryIntent(homeIntent, 704 homeIntent.resolveType(mService.mContext.getContentResolver()), 705 PackageManager.GET_DISABLED_COMPONENTS, userId); 706 if (!homeActivities.isEmpty()) { 707 continue; 708 } 709 710 PackageParser.Package syncAdapterPackage = getSystemPackageLPr(syncAdapterPackageName); 711 if (syncAdapterPackage != null) { 712 syncAdapterPackages.add(syncAdapterPackage); 713 } 714 } 715 716 return syncAdapterPackages; 717 } 718 719 private PackageParser.Package getDefaultProviderAuthorityPackageLPr( 720 String authority, int userId) { 721 ProviderInfo provider = mService.resolveContentProvider(authority, 0, userId); 722 if (provider != null) { 723 return getSystemPackageLPr(provider.packageName); 724 } 725 return null; 726 } 727 728 private PackageParser.Package getPackageLPr(String packageName) { 729 return mService.mPackages.get(packageName); 730 } 731 732 private PackageParser.Package getSystemPackageLPr(String packageName) { 733 PackageParser.Package pkg = getPackageLPr(packageName); 734 if (pkg != null && pkg.isSystemApp()) { 735 return !isSysComponentOrPersistentPlatformSignedPrivAppLPr(pkg) ? pkg : null; 736 } 737 return null; 738 } 739 740 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 741 int userId) { 742 grantRuntimePermissionsLPw(pkg, permissions, false, false, userId); 743 } 744 745 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 746 boolean systemFixed, int userId) { 747 grantRuntimePermissionsLPw(pkg, permissions, systemFixed, false, userId); 748 } 749 750 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 751 boolean systemFixed, boolean overrideUserChoice, int userId) { 752 if (pkg.requestedPermissions.isEmpty()) { 753 return; 754 } 755 756 List<String> requestedPermissions = pkg.requestedPermissions; 757 Set<String> grantablePermissions = null; 758 759 if (pkg.isUpdatedSystemApp()) { 760 PackageSetting sysPs = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName); 761 if (sysPs != null) { 762 if (sysPs.pkg.requestedPermissions.isEmpty()) { 763 return; 764 } 765 if (!requestedPermissions.equals(sysPs.pkg.requestedPermissions)) { 766 grantablePermissions = new ArraySet<>(requestedPermissions); 767 requestedPermissions = sysPs.pkg.requestedPermissions; 768 } 769 } 770 } 771 772 final int grantablePermissionCount = requestedPermissions.size(); 773 for (int i = 0; i < grantablePermissionCount; i++) { 774 String permission = requestedPermissions.get(i); 775 776 // If there is a disabled system app it may request a permission the updated 777 // version ot the data partition doesn't, In this case skip the permission. 778 if (grantablePermissions != null && !grantablePermissions.contains(permission)) { 779 continue; 780 } 781 782 if (permissions.contains(permission)) { 783 final int flags = mService.getPermissionFlags(permission, pkg.packageName, userId); 784 785 // If any flags are set to the permission, then it is either set in 786 // its current state by the system or device/profile owner or the user. 787 // In all these cases we do not want to clobber the current state. 788 // Unless the caller wants to override user choices. The override is 789 // to make sure we can grant the needed permission to the default 790 // sms and phone apps after the user chooses this in the UI. 791 if (flags == 0 || overrideUserChoice) { 792 // Never clobber policy or system. 793 final int fixedFlags = PackageManager.FLAG_PERMISSION_SYSTEM_FIXED 794 | PackageManager.FLAG_PERMISSION_POLICY_FIXED; 795 if ((flags & fixedFlags) != 0) { 796 continue; 797 } 798 799 mService.grantRuntimePermission(pkg.packageName, permission, userId); 800 if (DEBUG) { 801 Log.i(TAG, "Granted " + permission + " to default handler " 802 + pkg.packageName); 803 } 804 805 int newFlags = PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT; 806 if (systemFixed) { 807 newFlags |= PackageManager.FLAG_PERMISSION_SYSTEM_FIXED; 808 } 809 810 mService.updatePermissionFlags(permission, pkg.packageName, 811 newFlags, newFlags, userId); 812 } 813 } 814 } 815 } 816 817 private boolean isSysComponentOrPersistentPlatformSignedPrivAppLPr(PackageParser.Package pkg) { 818 if (UserHandle.getAppId(pkg.applicationInfo.uid) < FIRST_APPLICATION_UID) { 819 return true; 820 } 821 if (!pkg.isPrivilegedApp()) { 822 return false; 823 } 824 PackageSetting sysPkg = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName); 825 if (sysPkg != null) { 826 if ((sysPkg.pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) { 827 return false; 828 } 829 } else if ((pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) { 830 return false; 831 } 832 return PackageManagerService.compareSignatures(mService.mPlatformPackage.mSignatures, 833 pkg.mSignatures) == PackageManager.SIGNATURE_MATCH; 834 } 835 836 private static boolean doesPackageSupportRuntimePermissions(PackageParser.Package pkg) { 837 return pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1; 838 } 839} 840