DefaultPermissionGrantPolicy.java revision 5ff4383b466fc26e6696a7bbeb6df5eb7a3c8cc5
1/* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.android.server.pm; 18 19import android.Manifest; 20import android.app.DownloadManager; 21import android.app.admin.DevicePolicyManager; 22import android.content.Intent; 23import android.content.pm.ApplicationInfo; 24import android.content.pm.PackageManager; 25import android.content.pm.PackageManagerInternal.PackagesProvider; 26import android.content.pm.PackageManagerInternal.SyncAdapterPackagesProvider; 27import android.content.pm.PackageParser; 28import android.content.pm.ProviderInfo; 29import android.content.pm.ResolveInfo; 30import android.net.Uri; 31import android.os.Build; 32import android.os.UserHandle; 33import android.provider.CalendarContract; 34import android.provider.ContactsContract; 35import android.provider.MediaStore; 36import android.provider.Telephony.Sms.Intents; 37import android.util.ArraySet; 38import android.util.Log; 39 40import java.io.File; 41import java.util.ArrayList; 42import java.util.List; 43import java.util.Set; 44 45import static android.os.Process.FIRST_APPLICATION_UID; 46 47/** 48 * This class is the policy for granting runtime permissions to 49 * platform components and default handlers in the system such 50 * that the device is usable out-of-the-box. For example, the 51 * shell UID is a part of the system and the Phone app should 52 * have phone related permission by default. 53 */ 54final class DefaultPermissionGrantPolicy { 55 private static final String TAG = "DefaultPermGrantPolicy"; // must be <= 23 chars 56 private static final boolean DEBUG = false; 57 58 private static final String AUDIO_MIME_TYPE = "audio/mpeg"; 59 60 private static final Set<String> PHONE_PERMISSIONS = new ArraySet<>(); 61 static { 62 PHONE_PERMISSIONS.add(Manifest.permission.READ_PHONE_STATE); 63 PHONE_PERMISSIONS.add(Manifest.permission.CALL_PHONE); 64 PHONE_PERMISSIONS.add(Manifest.permission.READ_CALL_LOG); 65 PHONE_PERMISSIONS.add(Manifest.permission.WRITE_CALL_LOG); 66 PHONE_PERMISSIONS.add(Manifest.permission.ADD_VOICEMAIL); 67 PHONE_PERMISSIONS.add(Manifest.permission.USE_SIP); 68 PHONE_PERMISSIONS.add(Manifest.permission.PROCESS_OUTGOING_CALLS); 69 } 70 71 private static final Set<String> CONTACTS_PERMISSIONS = new ArraySet<>(); 72 static { 73 CONTACTS_PERMISSIONS.add(Manifest.permission.READ_CONTACTS); 74 CONTACTS_PERMISSIONS.add(Manifest.permission.WRITE_CONTACTS); 75// CONTACTS_PERMISSIONS.add(Manifest.permission.GET_ACCOUNTS); 76 } 77 78 private static final Set<String> LOCATION_PERMISSIONS = new ArraySet<>(); 79 static { 80 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_FINE_LOCATION); 81 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_COARSE_LOCATION); 82 } 83 84 private static final Set<String> CALENDAR_PERMISSIONS = new ArraySet<>(); 85 static { 86 CALENDAR_PERMISSIONS.add(Manifest.permission.READ_CALENDAR); 87 CALENDAR_PERMISSIONS.add(Manifest.permission.WRITE_CALENDAR); 88 } 89 90 private static final Set<String> SMS_PERMISSIONS = new ArraySet<>(); 91 static { 92 SMS_PERMISSIONS.add(Manifest.permission.SEND_SMS); 93 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_SMS); 94 SMS_PERMISSIONS.add(Manifest.permission.READ_SMS); 95 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_WAP_PUSH); 96 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_MMS); 97 SMS_PERMISSIONS.add(Manifest.permission.READ_CELL_BROADCASTS); 98 } 99 100 private static final Set<String> MICROPHONE_PERMISSIONS = new ArraySet<>(); 101 static { 102 MICROPHONE_PERMISSIONS.add(Manifest.permission.RECORD_AUDIO); 103 } 104 105 private static final Set<String> CAMERA_PERMISSIONS = new ArraySet<>(); 106 static { 107 CAMERA_PERMISSIONS.add(Manifest.permission.CAMERA); 108 } 109 110 private static final Set<String> SENSORS_PERMISSIONS = new ArraySet<>(); 111 static { 112 SENSORS_PERMISSIONS.add(Manifest.permission.BODY_SENSORS); 113 } 114 115 private static final Set<String> STORAGE_PERMISSIONS = new ArraySet<>(); 116 static { 117 STORAGE_PERMISSIONS.add(Manifest.permission.READ_EXTERNAL_STORAGE); 118 STORAGE_PERMISSIONS.add(Manifest.permission.WRITE_EXTERNAL_STORAGE); 119 } 120 121 private final PackageManagerService mService; 122 123 private PackagesProvider mImePackagesProvider; 124 private PackagesProvider mLocationPackagesProvider; 125 private PackagesProvider mVoiceInteractionPackagesProvider; 126 private PackagesProvider mSmsAppPackagesProvider; 127 private PackagesProvider mDialerAppPackagesProvider; 128 private SyncAdapterPackagesProvider mSyncAdapterPackagesProvider; 129 130 public DefaultPermissionGrantPolicy(PackageManagerService service) { 131 mService = service; 132 } 133 134 public void setImePackagesProviderLPr(PackagesProvider provider) { 135 mImePackagesProvider = provider; 136 } 137 138 public void setLocationPackagesProviderLPw(PackagesProvider provider) { 139 mLocationPackagesProvider = provider; 140 } 141 142 public void setVoiceInteractionPackagesProviderLPw(PackagesProvider provider) { 143 mVoiceInteractionPackagesProvider = provider; 144 } 145 146 public void setSmsAppPackagesProviderLPw(PackagesProvider provider) { 147 mSmsAppPackagesProvider = provider; 148 } 149 150 public void setDialerAppPackagesProviderLPw(PackagesProvider provider) { 151 mDialerAppPackagesProvider = provider; 152 } 153 154 public void setSyncAdapterPackagesProviderLPw(SyncAdapterPackagesProvider provider) { 155 mSyncAdapterPackagesProvider = provider; 156 } 157 158 public void grantDefaultPermissions(int userId) { 159 grantPermissionsToSysComponentsAndPrivApps(userId); 160 grantDefaultSystemHandlerPermissions(userId); 161 } 162 163 private void grantPermissionsToSysComponentsAndPrivApps(int userId) { 164 Log.i(TAG, "Granting permissions to platform components for user " + userId); 165 166 synchronized (mService.mPackages) { 167 for (PackageParser.Package pkg : mService.mPackages.values()) { 168 if (!isSysComponentOrPersistentPlatformSignedPrivApp(pkg) 169 || !doesPackageSupportRuntimePermissions(pkg)) { 170 continue; 171 } 172 final int permissionCount = pkg.requestedPermissions.size(); 173 for (int i = 0; i < permissionCount; i++) { 174 String permission = pkg.requestedPermissions.get(i); 175 BasePermission bp = mService.mSettings.mPermissions.get(permission); 176 if (bp != null && bp.isRuntime()) { 177 final int flags = mService.getPermissionFlags(permission, 178 pkg.packageName, userId); 179 if ((flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) == 0) { 180 mService.grantRuntimePermission(pkg.packageName, permission, userId); 181 mService.updatePermissionFlags(permission, pkg.packageName, 182 PackageManager.MASK_PERMISSION_FLAGS, 183 PackageManager.FLAG_PERMISSION_SYSTEM_FIXED 184 | PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, userId); 185 if (DEBUG) { 186 Log.i(TAG, "Granted " + permission + " to system component " 187 + pkg.packageName); 188 } 189 } 190 } 191 } 192 } 193 } 194 } 195 196 private void grantDefaultSystemHandlerPermissions(int userId) { 197 Log.i(TAG, "Granting permissions to default platform handlers for user " + userId); 198 199 final PackagesProvider imePackagesProvider; 200 final PackagesProvider locationPackagesProvider; 201 final PackagesProvider voiceInteractionPackagesProvider; 202 final PackagesProvider smsAppPackagesProvider; 203 final PackagesProvider dialerAppPackagesProvider; 204 final SyncAdapterPackagesProvider syncAdapterPackagesProvider; 205 206 synchronized (mService.mPackages) { 207 imePackagesProvider = mImePackagesProvider; 208 locationPackagesProvider = mLocationPackagesProvider; 209 voiceInteractionPackagesProvider = mVoiceInteractionPackagesProvider; 210 smsAppPackagesProvider = mSmsAppPackagesProvider; 211 dialerAppPackagesProvider = mDialerAppPackagesProvider; 212 syncAdapterPackagesProvider = mSyncAdapterPackagesProvider; 213 } 214 215 String[] imePackageNames = (imePackagesProvider != null) 216 ? imePackagesProvider.getPackages(userId) : null; 217 String[] voiceInteractPackageNames = (voiceInteractionPackagesProvider != null) 218 ? voiceInteractionPackagesProvider.getPackages(userId) : null; 219 String[] locationPackageNames = (locationPackagesProvider != null) 220 ? locationPackagesProvider.getPackages(userId) : null; 221 String[] smsAppPackageNames = (smsAppPackagesProvider != null) 222 ? smsAppPackagesProvider.getPackages(userId) : null; 223 String[] dialerAppPackageNames = (dialerAppPackagesProvider != null) 224 ? dialerAppPackagesProvider.getPackages(userId) : null; 225 String[] contactsSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 226 syncAdapterPackagesProvider.getPackages(ContactsContract.AUTHORITY, userId) : null; 227 String[] calendarSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 228 syncAdapterPackagesProvider.getPackages(CalendarContract.AUTHORITY, userId) : null; 229 230 synchronized (mService.mPackages) { 231 // Installer 232 PackageParser.Package installerPackage = getSystemPackageLPr( 233 mService.mRequiredInstallerPackage); 234 if (installerPackage != null 235 && doesPackageSupportRuntimePermissions(installerPackage)) { 236 grantRuntimePermissionsLPw(installerPackage, STORAGE_PERMISSIONS, true, userId); 237 } 238 239 // Verifier 240 PackageParser.Package verifierPackage = getSystemPackageLPr( 241 mService.mRequiredVerifierPackage); 242 if (verifierPackage != null 243 && doesPackageSupportRuntimePermissions(verifierPackage)) { 244 grantRuntimePermissionsLPw(verifierPackage, STORAGE_PERMISSIONS, true, userId); 245 } 246 247 // SetupWizard 248 Intent setupIntent = new Intent(Intent.ACTION_MAIN); 249 setupIntent.addCategory(Intent.CATEGORY_SETUP_WIZARD); 250 PackageParser.Package setupPackage = getDefaultSystemHandlerActivityPackageLPr( 251 setupIntent, userId); 252 if (setupPackage != null 253 && doesPackageSupportRuntimePermissions(setupPackage)) { 254 grantRuntimePermissionsLPw(setupPackage, PHONE_PERMISSIONS, userId); 255 grantRuntimePermissionsLPw(setupPackage, CONTACTS_PERMISSIONS, userId); 256 } 257 258 // Camera 259 Intent cameraIntent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE); 260 PackageParser.Package cameraPackage = getDefaultSystemHandlerActivityPackageLPr( 261 cameraIntent, userId); 262 if (cameraPackage != null 263 && doesPackageSupportRuntimePermissions(cameraPackage)) { 264 grantRuntimePermissionsLPw(cameraPackage, CAMERA_PERMISSIONS, userId); 265 grantRuntimePermissionsLPw(cameraPackage, MICROPHONE_PERMISSIONS, userId); 266 grantRuntimePermissionsLPw(cameraPackage, STORAGE_PERMISSIONS, userId); 267 } 268 269 // Media provider 270 PackageParser.Package mediaStorePackage = getDefaultProviderAuthorityPackageLPr( 271 MediaStore.AUTHORITY, userId); 272 if (mediaStorePackage != null) { 273 grantRuntimePermissionsLPw(mediaStorePackage, STORAGE_PERMISSIONS, true, userId); 274 } 275 276 // Downloads provider 277 PackageParser.Package downloadsPackage = getDefaultProviderAuthorityPackageLPr( 278 "downloads", userId); 279 if (downloadsPackage != null) { 280 grantRuntimePermissionsLPw(downloadsPackage, STORAGE_PERMISSIONS, true, userId); 281 } 282 283 // Downloads UI 284 Intent downloadsUiIntent = new Intent(DownloadManager.ACTION_VIEW_DOWNLOADS); 285 PackageParser.Package downloadsUiPackage = getDefaultSystemHandlerActivityPackageLPr( 286 downloadsUiIntent, userId); 287 if (downloadsUiPackage != null 288 && doesPackageSupportRuntimePermissions(downloadsUiPackage)) { 289 grantRuntimePermissionsLPw(downloadsUiPackage, STORAGE_PERMISSIONS, true, userId); 290 } 291 292 // Storage provider 293 PackageParser.Package storagePackage = getDefaultProviderAuthorityPackageLPr( 294 "com.android.externalstorage.documents", userId); 295 if (storagePackage != null) { 296 grantRuntimePermissionsLPw(storagePackage, STORAGE_PERMISSIONS, userId); 297 } 298 299 // Dialer 300 if (dialerAppPackageNames == null) { 301 Intent dialerIntent = new Intent(Intent.ACTION_DIAL); 302 PackageParser.Package dialerPackage = getDefaultSystemHandlerActivityPackageLPr( 303 dialerIntent, userId); 304 if (dialerPackage != null) { 305 grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId); 306 } 307 } else { 308 for (String dialerAppPackageName : dialerAppPackageNames) { 309 PackageParser.Package dialerPackage = getSystemPackageLPr(dialerAppPackageName); 310 if (dialerPackage != null) { 311 grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId); 312 } 313 } 314 } 315 316 // SMS 317 if (smsAppPackageNames == null) { 318 Intent smsIntent = new Intent(Intent.ACTION_MAIN); 319 smsIntent.addCategory(Intent.CATEGORY_APP_MESSAGING); 320 PackageParser.Package smsPackage = getDefaultSystemHandlerActivityPackageLPr( 321 smsIntent, userId); 322 if (smsPackage != null) { 323 grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId); 324 } 325 } else { 326 for (String smsPackageName : smsAppPackageNames) { 327 PackageParser.Package smsPackage = getSystemPackageLPr(smsPackageName); 328 if (smsPackage != null) { 329 grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId); 330 } 331 } 332 } 333 334 // Cell Broadcast Receiver 335 Intent cbrIntent = new Intent(Intents.SMS_CB_RECEIVED_ACTION); 336 PackageParser.Package cbrPackage = 337 getDefaultSystemHandlerActivityPackageLPr(cbrIntent, userId); 338 if (cbrPackage != null && doesPackageSupportRuntimePermissions(cbrPackage)) { 339 grantRuntimePermissionsLPw(cbrPackage, SMS_PERMISSIONS, false, userId); 340 } 341 342 // Calendar 343 Intent calendarIntent = new Intent(Intent.ACTION_MAIN); 344 calendarIntent.addCategory(Intent.CATEGORY_APP_CALENDAR); 345 PackageParser.Package calendarPackage = getDefaultSystemHandlerActivityPackageLPr( 346 calendarIntent, userId); 347 if (calendarPackage != null 348 && doesPackageSupportRuntimePermissions(calendarPackage)) { 349 grantRuntimePermissionsLPw(calendarPackage, CALENDAR_PERMISSIONS, userId); 350 grantRuntimePermissionsLPw(calendarPackage, CONTACTS_PERMISSIONS, userId); 351 } 352 353 // Calendar provider 354 PackageParser.Package calendarProviderPackage = getDefaultProviderAuthorityPackageLPr( 355 CalendarContract.AUTHORITY, userId); 356 if (calendarProviderPackage != null) { 357 grantRuntimePermissionsLPw(calendarProviderPackage, CONTACTS_PERMISSIONS, userId); 358 grantRuntimePermissionsLPw(calendarProviderPackage, CALENDAR_PERMISSIONS, 359 true, userId); 360 grantRuntimePermissionsLPw(calendarProviderPackage, STORAGE_PERMISSIONS, userId); 361 } 362 363 // Calendar provider sync adapters 364 List<PackageParser.Package> calendarSyncAdapters = getHeadlessSyncAdapterPackagesLPr( 365 calendarSyncAdapterPackages, userId); 366 final int calendarSyncAdapterCount = calendarSyncAdapters.size(); 367 for (int i = 0; i < calendarSyncAdapterCount; i++) { 368 PackageParser.Package calendarSyncAdapter = calendarSyncAdapters.get(i); 369 if (doesPackageSupportRuntimePermissions(calendarSyncAdapter)) { 370 grantRuntimePermissionsLPw(calendarSyncAdapter, CALENDAR_PERMISSIONS, userId); 371 } 372 } 373 374 // Contacts 375 Intent contactsIntent = new Intent(Intent.ACTION_MAIN); 376 contactsIntent.addCategory(Intent.CATEGORY_APP_CONTACTS); 377 PackageParser.Package contactsPackage = getDefaultSystemHandlerActivityPackageLPr( 378 contactsIntent, userId); 379 if (contactsPackage != null 380 && doesPackageSupportRuntimePermissions(contactsPackage)) { 381 grantRuntimePermissionsLPw(contactsPackage, CONTACTS_PERMISSIONS, userId); 382 grantRuntimePermissionsLPw(contactsPackage, PHONE_PERMISSIONS, userId); 383 } 384 385 // Contacts provider sync adapters 386 List<PackageParser.Package> contactsSyncAdapters = getHeadlessSyncAdapterPackagesLPr( 387 contactsSyncAdapterPackages, userId); 388 final int contactsSyncAdapterCount = contactsSyncAdapters.size(); 389 for (int i = 0; i < contactsSyncAdapterCount; i++) { 390 PackageParser.Package contactsSyncAdapter = contactsSyncAdapters.get(i); 391 if (doesPackageSupportRuntimePermissions(contactsSyncAdapter)) { 392 grantRuntimePermissionsLPw(contactsSyncAdapter, CONTACTS_PERMISSIONS, userId); 393 } 394 } 395 396 // Contacts provider 397 PackageParser.Package contactsProviderPackage = getDefaultProviderAuthorityPackageLPr( 398 ContactsContract.AUTHORITY, userId); 399 if (contactsProviderPackage != null) { 400 grantRuntimePermissionsLPw(contactsProviderPackage, CONTACTS_PERMISSIONS, 401 true, userId); 402 grantRuntimePermissionsLPw(contactsProviderPackage, PHONE_PERMISSIONS, 403 true, userId); 404 grantRuntimePermissionsLPw(contactsProviderPackage, STORAGE_PERMISSIONS, userId); 405 } 406 407 // Device provisioning 408 Intent deviceProvisionIntent = new Intent( 409 DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE); 410 PackageParser.Package deviceProvisionPackage = 411 getDefaultSystemHandlerActivityPackageLPr(deviceProvisionIntent, userId); 412 if (deviceProvisionPackage != null 413 && doesPackageSupportRuntimePermissions(deviceProvisionPackage)) { 414 grantRuntimePermissionsLPw(deviceProvisionPackage, CONTACTS_PERMISSIONS, userId); 415 } 416 417 // Maps 418 Intent mapsIntent = new Intent(Intent.ACTION_MAIN); 419 mapsIntent.addCategory(Intent.CATEGORY_APP_MAPS); 420 PackageParser.Package mapsPackage = getDefaultSystemHandlerActivityPackageLPr( 421 mapsIntent, userId); 422 if (mapsPackage != null 423 && doesPackageSupportRuntimePermissions(mapsPackage)) { 424 grantRuntimePermissionsLPw(mapsPackage, LOCATION_PERMISSIONS, userId); 425 } 426 427 // Gallery 428 Intent galleryIntent = new Intent(Intent.ACTION_MAIN); 429 galleryIntent.addCategory(Intent.CATEGORY_APP_GALLERY); 430 PackageParser.Package galleryPackage = getDefaultSystemHandlerActivityPackageLPr( 431 galleryIntent, userId); 432 if (galleryPackage != null 433 && doesPackageSupportRuntimePermissions(galleryPackage)) { 434 grantRuntimePermissionsLPw(galleryPackage, STORAGE_PERMISSIONS, userId); 435 } 436 437 // Email 438 Intent emailIntent = new Intent(Intent.ACTION_MAIN); 439 emailIntent.addCategory(Intent.CATEGORY_APP_EMAIL); 440 PackageParser.Package emailPackage = getDefaultSystemHandlerActivityPackageLPr( 441 emailIntent, userId); 442 if (emailPackage != null 443 && doesPackageSupportRuntimePermissions(emailPackage)) { 444 grantRuntimePermissionsLPw(emailPackage, CONTACTS_PERMISSIONS, userId); 445 } 446 447 // Browser 448 PackageParser.Package browserPackage = null; 449 String defaultBrowserPackage = mService.getDefaultBrowserPackageName(userId); 450 if (defaultBrowserPackage != null) { 451 browserPackage = getPackageLPr(defaultBrowserPackage); 452 } 453 if (browserPackage == null) { 454 Intent browserIntent = new Intent(Intent.ACTION_MAIN); 455 browserIntent.addCategory(Intent.CATEGORY_APP_BROWSER); 456 browserPackage = getDefaultSystemHandlerActivityPackageLPr( 457 browserIntent, userId); 458 } 459 if (browserPackage != null 460 && doesPackageSupportRuntimePermissions(browserPackage)) { 461 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, userId); 462 } 463 464 // IME 465 if (imePackageNames != null) { 466 for (String imePackageName : imePackageNames) { 467 PackageParser.Package imePackage = getSystemPackageLPr(imePackageName); 468 if (imePackage != null 469 && doesPackageSupportRuntimePermissions(imePackage)) { 470 grantRuntimePermissionsLPw(imePackage, CONTACTS_PERMISSIONS, userId); 471 } 472 } 473 } 474 475 // Voice interaction 476 if (voiceInteractPackageNames != null) { 477 for (String voiceInteractPackageName : voiceInteractPackageNames) { 478 PackageParser.Package voiceInteractPackage = getSystemPackageLPr( 479 voiceInteractPackageName); 480 if (voiceInteractPackage != null 481 && doesPackageSupportRuntimePermissions(voiceInteractPackage)) { 482 grantRuntimePermissionsLPw(voiceInteractPackage, 483 CONTACTS_PERMISSIONS, userId); 484 grantRuntimePermissionsLPw(voiceInteractPackage, 485 CALENDAR_PERMISSIONS, userId); 486 grantRuntimePermissionsLPw(voiceInteractPackage, 487 MICROPHONE_PERMISSIONS, userId); 488 grantRuntimePermissionsLPw(voiceInteractPackage, 489 PHONE_PERMISSIONS, userId); 490 grantRuntimePermissionsLPw(voiceInteractPackage, 491 SMS_PERMISSIONS, userId); 492 grantRuntimePermissionsLPw(voiceInteractPackage, 493 LOCATION_PERMISSIONS, userId); 494 } 495 } 496 } 497 498 // Location 499 if (locationPackageNames != null) { 500 for (String packageName : locationPackageNames) { 501 PackageParser.Package locationPackage = getSystemPackageLPr(packageName); 502 if (locationPackage != null 503 && doesPackageSupportRuntimePermissions(locationPackage)) { 504 grantRuntimePermissionsLPw(locationPackage, CONTACTS_PERMISSIONS, userId); 505 grantRuntimePermissionsLPw(locationPackage, CALENDAR_PERMISSIONS, userId); 506 grantRuntimePermissionsLPw(locationPackage, MICROPHONE_PERMISSIONS, userId); 507 grantRuntimePermissionsLPw(locationPackage, PHONE_PERMISSIONS, userId); 508 grantRuntimePermissionsLPw(locationPackage, SMS_PERMISSIONS, userId); 509 grantRuntimePermissionsLPw(locationPackage, LOCATION_PERMISSIONS, 510 true, userId); 511 grantRuntimePermissionsLPw(locationPackage, CAMERA_PERMISSIONS, userId); 512 grantRuntimePermissionsLPw(locationPackage, SENSORS_PERMISSIONS, userId); 513 grantRuntimePermissionsLPw(locationPackage, STORAGE_PERMISSIONS, userId); 514 } 515 } 516 } 517 518 // Music 519 Intent musicIntent = new Intent(Intent.ACTION_VIEW); 520 musicIntent.addCategory(Intent.CATEGORY_DEFAULT); 521 musicIntent.setDataAndType(Uri.fromFile(new File("foo.mp3")), 522 AUDIO_MIME_TYPE); 523 PackageParser.Package musicPackage = getDefaultSystemHandlerActivityPackageLPr( 524 musicIntent, userId); 525 if (musicPackage != null 526 && doesPackageSupportRuntimePermissions(musicPackage)) { 527 grantRuntimePermissionsLPw(musicPackage, STORAGE_PERMISSIONS, userId); 528 } 529 530 mService.mSettings.onDefaultRuntimePermissionsGrantedLPr(userId); 531 } 532 } 533 534 private void grantDefaultPermissionsToDefaultSystemDialerAppLPr( 535 PackageParser.Package dialerPackage, int userId) { 536 if (doesPackageSupportRuntimePermissions(dialerPackage)) { 537 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, userId); 538 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, userId); 539 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, userId); 540 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, userId); 541 } 542 } 543 544 545 private void grantDefaultPermissionsToDefaultSystemSmsAppLPr( 546 PackageParser.Package smsPackage, int userId) { 547 if (doesPackageSupportRuntimePermissions(smsPackage)) { 548 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, userId); 549 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, userId); 550 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, userId); 551 } 552 } 553 554 555 public void grantDefaultPermissionsToDefaultSmsAppLPr(String packageName, int userId) { 556 Log.i(TAG, "Granting permissions to default sms app for user:" + userId); 557 if (packageName == null) { 558 return; 559 } 560 PackageParser.Package smsPackage = getPackageLPr(packageName); 561 if (smsPackage != null && doesPackageSupportRuntimePermissions(smsPackage)) { 562 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, false, true, userId); 563 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, false, true, userId); 564 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, false, true, userId); 565 } 566 } 567 568 public void grantDefaultPermissionsToDefaultDialerAppLPr(String packageName, int userId) { 569 Log.i(TAG, "Granting permissions to default dialer app for user:" + userId); 570 if (packageName == null) { 571 return; 572 } 573 PackageParser.Package dialerPackage = getPackageLPr(packageName); 574 if (dialerPackage != null 575 && doesPackageSupportRuntimePermissions(dialerPackage)) { 576 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, false, true, userId); 577 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, false, true, userId); 578 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, false, true, userId); 579 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, false, true, userId); 580 } 581 } 582 583 public void grantDefaultPermissionsToEnabledCarrierAppsLPr(String[] packageNames, int userId) { 584 Log.i(TAG, "Granting permissions to enabled carrier apps for user:" + userId); 585 if (packageNames == null) { 586 return; 587 } 588 for (String packageName : packageNames) { 589 PackageParser.Package carrierPackage = getSystemPackageLPr(packageName); 590 if (carrierPackage != null 591 && doesPackageSupportRuntimePermissions(carrierPackage)) { 592 grantRuntimePermissionsLPw(carrierPackage, PHONE_PERMISSIONS, userId); 593 grantRuntimePermissionsLPw(carrierPackage, LOCATION_PERMISSIONS, userId); 594 } 595 } 596 } 597 598 public void grantDefaultPermissionsToDefaultBrowserLPr(String packageName, int userId) { 599 Log.i(TAG, "Granting permissions to default browser for user:" + userId); 600 if (packageName == null) { 601 return; 602 } 603 PackageParser.Package browserPackage = getSystemPackageLPr(packageName); 604 if (browserPackage != null 605 && doesPackageSupportRuntimePermissions(browserPackage)) { 606 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, false, false, userId); 607 } 608 } 609 610 private PackageParser.Package getDefaultSystemHandlerActivityPackageLPr( 611 Intent intent, int userId) { 612 List<ResolveInfo> handlers = mService.mActivities.queryIntent(intent, 613 intent.resolveType(mService.mContext.getContentResolver()), 614 PackageManager.GET_DISABLED_COMPONENTS, userId); 615 if (handlers == null) { 616 return null; 617 } 618 final int handlerCount = handlers.size(); 619 for (int i = 0; i < handlerCount; i++) { 620 ResolveInfo handler = handlers.get(i); 621 PackageParser.Package handlerPackage = getSystemPackageLPr( 622 handler.activityInfo.packageName); 623 if (handlerPackage != null) { 624 return handlerPackage; 625 } 626 } 627 return null; 628 } 629 630 private List<PackageParser.Package> getHeadlessSyncAdapterPackagesLPr( 631 String[] syncAdapterPackageNames, int userId) { 632 List<PackageParser.Package> syncAdapterPackages = new ArrayList<>(); 633 634 Intent homeIntent = new Intent(Intent.ACTION_MAIN); 635 homeIntent.addCategory(Intent.CATEGORY_HOME); 636 637 for (String syncAdapterPackageName : syncAdapterPackageNames) { 638 homeIntent.setPackage(syncAdapterPackageName); 639 640 List<ResolveInfo> homeActivities = mService.mActivities.queryIntent(homeIntent, 641 homeIntent.resolveType(mService.mContext.getContentResolver()), 642 PackageManager.GET_DISABLED_COMPONENTS, userId); 643 if (!homeActivities.isEmpty()) { 644 continue; 645 } 646 647 PackageParser.Package syncAdapterPackage = getSystemPackageLPr(syncAdapterPackageName); 648 if (syncAdapterPackage != null) { 649 syncAdapterPackages.add(syncAdapterPackage); 650 } 651 } 652 653 return syncAdapterPackages; 654 } 655 656 private PackageParser.Package getDefaultProviderAuthorityPackageLPr( 657 String authority, int userId) { 658 ProviderInfo provider = mService.resolveContentProvider(authority, 0, userId); 659 if (provider != null) { 660 return getSystemPackageLPr(provider.packageName); 661 } 662 return null; 663 } 664 665 private PackageParser.Package getPackageLPr(String packageName) { 666 return mService.mPackages.get(packageName); 667 } 668 669 private PackageParser.Package getSystemPackageLPr(String packageName) { 670 PackageParser.Package pkg = getPackageLPr(packageName); 671 if (pkg != null && pkg.isSystemApp()) { 672 return !isSysComponentOrPersistentPlatformSignedPrivApp(pkg) ? pkg : null; 673 } 674 return null; 675 } 676 677 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 678 int userId) { 679 grantRuntimePermissionsLPw(pkg, permissions, false, false, userId); 680 } 681 682 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 683 boolean systemFixed, int userId) { 684 grantRuntimePermissionsLPw(pkg, permissions, systemFixed, false, userId); 685 } 686 687 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 688 boolean systemFixed, boolean overrideUserChoice, int userId) { 689 List<String> requestedPermissions = pkg.requestedPermissions; 690 691 if (pkg.isUpdatedSystemApp()) { 692 PackageSetting sysPs = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName); 693 if (sysPs != null) { 694 requestedPermissions = sysPs.pkg.requestedPermissions; 695 } 696 } 697 698 final int permissionCount = requestedPermissions.size(); 699 for (int i = 0; i < permissionCount; i++) { 700 String permission = requestedPermissions.get(i); 701 if (permissions.contains(permission)) { 702 final int flags = mService.getPermissionFlags(permission, pkg.packageName, userId); 703 704 // If any flags are set to the permission, then it is either set in 705 // its current state by the system or device/profile owner or the user. 706 // In all these cases we do not want to clobber the current state. 707 // Unless the caller wants to override user choices. The override is 708 // to make sure we can grant the needed permission to the default 709 // sms and phone apps after the user chooses this in the UI. 710 if (flags == 0 || overrideUserChoice) { 711 // Never clobber policy or system. 712 final int fixedFlags = PackageManager.FLAG_PERMISSION_SYSTEM_FIXED 713 | PackageManager.FLAG_PERMISSION_POLICY_FIXED; 714 if ((flags & fixedFlags) != 0) { 715 continue; 716 } 717 718 mService.grantRuntimePermission(pkg.packageName, permission, userId); 719 if (DEBUG) { 720 Log.i(TAG, "Granted " + permission + " to default handler " 721 + pkg.packageName); 722 } 723 724 int newFlags = PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT; 725 if (systemFixed) { 726 newFlags |= PackageManager.FLAG_PERMISSION_SYSTEM_FIXED; 727 } 728 729 mService.updatePermissionFlags(permission, pkg.packageName, 730 newFlags, newFlags, userId); 731 } 732 } 733 } 734 } 735 736 private boolean isSysComponentOrPersistentPlatformSignedPrivApp(PackageParser.Package pkg) { 737 if (UserHandle.getAppId(pkg.applicationInfo.uid) < FIRST_APPLICATION_UID) { 738 return true; 739 } 740 if ((pkg.applicationInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) == 0 741 || (pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) { 742 return false; 743 } 744 return PackageManagerService.compareSignatures(mService.mPlatformPackage.mSignatures, 745 pkg.mSignatures) == PackageManager.SIGNATURE_MATCH; 746 } 747 748 private static boolean doesPackageSupportRuntimePermissions(PackageParser.Package pkg) { 749 return pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1; 750 } 751} 752