DefaultPermissionGrantPolicy.java revision c6ab8b9ecbf08fe3b2dda18caaa808ce6280530d
1/* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.android.server.pm; 18 19import android.Manifest; 20import android.app.DownloadManager; 21import android.app.admin.DevicePolicyManager; 22import android.content.Intent; 23import android.content.pm.ApplicationInfo; 24import android.content.pm.PackageManager; 25import android.content.pm.PackageManagerInternal.PackagesProvider; 26import android.content.pm.PackageManagerInternal.SyncAdapterPackagesProvider; 27import android.content.pm.PackageParser; 28import android.content.pm.ProviderInfo; 29import android.content.pm.ResolveInfo; 30import android.net.Uri; 31import android.os.Build; 32import android.os.UserHandle; 33import android.provider.CalendarContract; 34import android.provider.ContactsContract; 35import android.provider.MediaStore; 36import android.provider.Telephony.Sms.Intents; 37import android.util.ArraySet; 38import android.util.Log; 39 40import java.io.File; 41import java.util.ArrayList; 42import java.util.List; 43import java.util.Set; 44 45import static android.os.Process.FIRST_APPLICATION_UID; 46 47/** 48 * This class is the policy for granting runtime permissions to 49 * platform components and default handlers in the system such 50 * that the device is usable out-of-the-box. For example, the 51 * shell UID is a part of the system and the Phone app should 52 * have phone related permission by default. 53 */ 54final class DefaultPermissionGrantPolicy { 55 private static final String TAG = "DefaultPermGrantPolicy"; // must be <= 23 chars 56 private static final boolean DEBUG = false; 57 58 private static final String AUDIO_MIME_TYPE = "audio/mpeg"; 59 60 private static final Set<String> PHONE_PERMISSIONS = new ArraySet<>(); 61 static { 62 PHONE_PERMISSIONS.add(Manifest.permission.READ_PHONE_STATE); 63 PHONE_PERMISSIONS.add(Manifest.permission.CALL_PHONE); 64 PHONE_PERMISSIONS.add(Manifest.permission.READ_CALL_LOG); 65 PHONE_PERMISSIONS.add(Manifest.permission.WRITE_CALL_LOG); 66 PHONE_PERMISSIONS.add(Manifest.permission.ADD_VOICEMAIL); 67 PHONE_PERMISSIONS.add(Manifest.permission.USE_SIP); 68 PHONE_PERMISSIONS.add(Manifest.permission.PROCESS_OUTGOING_CALLS); 69 } 70 71 private static final Set<String> CONTACTS_PERMISSIONS = new ArraySet<>(); 72 static { 73 CONTACTS_PERMISSIONS.add(Manifest.permission.READ_CONTACTS); 74 CONTACTS_PERMISSIONS.add(Manifest.permission.WRITE_CONTACTS); 75 CONTACTS_PERMISSIONS.add(Manifest.permission.GET_ACCOUNTS); 76 } 77 78 private static final Set<String> LOCATION_PERMISSIONS = new ArraySet<>(); 79 static { 80 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_FINE_LOCATION); 81 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_COARSE_LOCATION); 82 } 83 84 private static final Set<String> CALENDAR_PERMISSIONS = new ArraySet<>(); 85 static { 86 CALENDAR_PERMISSIONS.add(Manifest.permission.READ_CALENDAR); 87 CALENDAR_PERMISSIONS.add(Manifest.permission.WRITE_CALENDAR); 88 } 89 90 private static final Set<String> SMS_PERMISSIONS = new ArraySet<>(); 91 static { 92 SMS_PERMISSIONS.add(Manifest.permission.SEND_SMS); 93 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_SMS); 94 SMS_PERMISSIONS.add(Manifest.permission.READ_SMS); 95 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_WAP_PUSH); 96 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_MMS); 97 SMS_PERMISSIONS.add(Manifest.permission.READ_CELL_BROADCASTS); 98 } 99 100 private static final Set<String> MICROPHONE_PERMISSIONS = new ArraySet<>(); 101 static { 102 MICROPHONE_PERMISSIONS.add(Manifest.permission.RECORD_AUDIO); 103 } 104 105 private static final Set<String> CAMERA_PERMISSIONS = new ArraySet<>(); 106 static { 107 CAMERA_PERMISSIONS.add(Manifest.permission.CAMERA); 108 } 109 110 private static final Set<String> SENSORS_PERMISSIONS = new ArraySet<>(); 111 static { 112 SENSORS_PERMISSIONS.add(Manifest.permission.BODY_SENSORS); 113 } 114 115 private static final Set<String> STORAGE_PERMISSIONS = new ArraySet<>(); 116 static { 117 STORAGE_PERMISSIONS.add(Manifest.permission.READ_EXTERNAL_STORAGE); 118 STORAGE_PERMISSIONS.add(Manifest.permission.WRITE_EXTERNAL_STORAGE); 119 } 120 121 private final PackageManagerService mService; 122 123 private PackagesProvider mImePackagesProvider; 124 private PackagesProvider mLocationPackagesProvider; 125 private PackagesProvider mVoiceInteractionPackagesProvider; 126 private PackagesProvider mSmsAppPackagesProvider; 127 private PackagesProvider mDialerAppPackagesProvider; 128 private SyncAdapterPackagesProvider mSyncAdapterPackagesProvider; 129 130 public DefaultPermissionGrantPolicy(PackageManagerService service) { 131 mService = service; 132 } 133 134 public void setImePackagesProviderLPr(PackagesProvider provider) { 135 mImePackagesProvider = provider; 136 } 137 138 public void setLocationPackagesProviderLPw(PackagesProvider provider) { 139 mLocationPackagesProvider = provider; 140 } 141 142 public void setVoiceInteractionPackagesProviderLPw(PackagesProvider provider) { 143 mVoiceInteractionPackagesProvider = provider; 144 } 145 146 public void setSmsAppPackagesProviderLPw(PackagesProvider provider) { 147 mSmsAppPackagesProvider = provider; 148 } 149 150 public void setDialerAppPackagesProviderLPw(PackagesProvider provider) { 151 mDialerAppPackagesProvider = provider; 152 } 153 154 public void setSyncAdapterPackagesProviderLPw(SyncAdapterPackagesProvider provider) { 155 mSyncAdapterPackagesProvider = provider; 156 } 157 158 public void grantDefaultPermissions(int userId) { 159 grantPermissionsToSysComponentsAndPrivApps(userId); 160 grantDefaultSystemHandlerPermissions(userId); 161 } 162 163 private void grantPermissionsToSysComponentsAndPrivApps(int userId) { 164 Log.i(TAG, "Granting permissions to platform components for user " + userId); 165 166 synchronized (mService.mPackages) { 167 for (PackageParser.Package pkg : mService.mPackages.values()) { 168 if (!isSysComponentOrPersistentPlatformSignedPrivApp(pkg) 169 || !doesPackageSupportRuntimePermissions(pkg)) { 170 continue; 171 } 172 final int permissionCount = pkg.requestedPermissions.size(); 173 for (int i = 0; i < permissionCount; i++) { 174 String permission = pkg.requestedPermissions.get(i); 175 BasePermission bp = mService.mSettings.mPermissions.get(permission); 176 if (bp != null && bp.isRuntime()) { 177 final int flags = mService.getPermissionFlags(permission, 178 pkg.packageName, userId); 179 if ((flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) == 0) { 180 mService.grantRuntimePermission(pkg.packageName, permission, userId); 181 mService.updatePermissionFlags(permission, pkg.packageName, 182 PackageManager.MASK_PERMISSION_FLAGS, 183 PackageManager.FLAG_PERMISSION_SYSTEM_FIXED 184 | PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, userId); 185 if (DEBUG) { 186 Log.i(TAG, "Granted " + permission + " to system component " 187 + pkg.packageName); 188 } 189 } 190 } 191 } 192 } 193 } 194 } 195 196 private void grantDefaultSystemHandlerPermissions(int userId) { 197 Log.i(TAG, "Granting permissions to default platform handlers for user " + userId); 198 199 final PackagesProvider imePackagesProvider; 200 final PackagesProvider locationPackagesProvider; 201 final PackagesProvider voiceInteractionPackagesProvider; 202 final PackagesProvider smsAppPackagesProvider; 203 final PackagesProvider dialerAppPackagesProvider; 204 final SyncAdapterPackagesProvider syncAdapterPackagesProvider; 205 206 synchronized (mService.mPackages) { 207 imePackagesProvider = mImePackagesProvider; 208 locationPackagesProvider = mLocationPackagesProvider; 209 voiceInteractionPackagesProvider = mVoiceInteractionPackagesProvider; 210 smsAppPackagesProvider = mSmsAppPackagesProvider; 211 dialerAppPackagesProvider = mDialerAppPackagesProvider; 212 syncAdapterPackagesProvider = mSyncAdapterPackagesProvider; 213 } 214 215 String[] imePackageNames = (imePackagesProvider != null) 216 ? imePackagesProvider.getPackages(userId) : null; 217 String[] voiceInteractPackageNames = (voiceInteractionPackagesProvider != null) 218 ? voiceInteractionPackagesProvider.getPackages(userId) : null; 219 String[] locationPackageNames = (locationPackagesProvider != null) 220 ? locationPackagesProvider.getPackages(userId) : null; 221 String[] smsAppPackageNames = (smsAppPackagesProvider != null) 222 ? smsAppPackagesProvider.getPackages(userId) : null; 223 String[] dialerAppPackageNames = (dialerAppPackagesProvider != null) 224 ? dialerAppPackagesProvider.getPackages(userId) : null; 225 String[] contactsSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 226 syncAdapterPackagesProvider.getPackages(ContactsContract.AUTHORITY, userId) : null; 227 String[] calendarSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 228 syncAdapterPackagesProvider.getPackages(CalendarContract.AUTHORITY, userId) : null; 229 230 synchronized (mService.mPackages) { 231 // Installer 232 PackageParser.Package installerPackage = getSystemPackageLPr( 233 mService.mRequiredInstallerPackage); 234 if (installerPackage != null 235 && doesPackageSupportRuntimePermissions(installerPackage)) { 236 grantRuntimePermissionsLPw(installerPackage, STORAGE_PERMISSIONS, true, userId); 237 } 238 239 // Verifier 240 PackageParser.Package verifierPackage = getSystemPackageLPr( 241 mService.mRequiredVerifierPackage); 242 if (verifierPackage != null 243 && doesPackageSupportRuntimePermissions(verifierPackage)) { 244 grantRuntimePermissionsLPw(verifierPackage, STORAGE_PERMISSIONS, true, userId); 245 } 246 247 // SetupWizard 248 Intent setupIntent = new Intent(Intent.ACTION_MAIN); 249 setupIntent.addCategory(Intent.CATEGORY_SETUP_WIZARD); 250 PackageParser.Package setupPackage = getDefaultSystemHandlerActivityPackageLPr( 251 setupIntent, userId); 252 if (setupPackage != null 253 && doesPackageSupportRuntimePermissions(setupPackage)) { 254 grantRuntimePermissionsLPw(setupPackage, PHONE_PERMISSIONS, userId); 255 grantRuntimePermissionsLPw(setupPackage, CONTACTS_PERMISSIONS, userId); 256 } 257 258 // Camera 259 Intent cameraIntent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE); 260 PackageParser.Package cameraPackage = getDefaultSystemHandlerActivityPackageLPr( 261 cameraIntent, userId); 262 if (cameraPackage != null 263 && doesPackageSupportRuntimePermissions(cameraPackage)) { 264 grantRuntimePermissionsLPw(cameraPackage, CAMERA_PERMISSIONS, userId); 265 grantRuntimePermissionsLPw(cameraPackage, MICROPHONE_PERMISSIONS, userId); 266 grantRuntimePermissionsLPw(cameraPackage, STORAGE_PERMISSIONS, userId); 267 } 268 269 // Media provider 270 PackageParser.Package mediaStorePackage = getDefaultProviderAuthorityPackageLPr( 271 MediaStore.AUTHORITY, userId); 272 if (mediaStorePackage != null) { 273 grantRuntimePermissionsLPw(mediaStorePackage, STORAGE_PERMISSIONS, true, userId); 274 } 275 276 // Downloads provider 277 PackageParser.Package downloadsPackage = getDefaultProviderAuthorityPackageLPr( 278 "downloads", userId); 279 if (downloadsPackage != null) { 280 grantRuntimePermissionsLPw(downloadsPackage, STORAGE_PERMISSIONS, true, userId); 281 } 282 283 // Downloads UI 284 Intent downloadsUiIntent = new Intent(DownloadManager.ACTION_VIEW_DOWNLOADS); 285 PackageParser.Package downloadsUiPackage = getDefaultSystemHandlerActivityPackageLPr( 286 downloadsUiIntent, userId); 287 if (downloadsUiPackage != null 288 && doesPackageSupportRuntimePermissions(downloadsUiPackage)) { 289 grantRuntimePermissionsLPw(downloadsUiPackage, STORAGE_PERMISSIONS, true, userId); 290 } 291 292 // Storage provider 293 PackageParser.Package storagePackage = getDefaultProviderAuthorityPackageLPr( 294 "com.android.externalstorage.documents", userId); 295 if (storagePackage != null) { 296 grantRuntimePermissionsLPw(storagePackage, STORAGE_PERMISSIONS, userId); 297 } 298 299 // Dialer 300 if (dialerAppPackageNames == null) { 301 Intent dialerIntent = new Intent(Intent.ACTION_DIAL); 302 PackageParser.Package dialerPackage = getDefaultSystemHandlerActivityPackageLPr( 303 dialerIntent, userId); 304 if (dialerPackage != null) { 305 grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId); 306 } 307 } else { 308 for (String dialerAppPackageName : dialerAppPackageNames) { 309 PackageParser.Package dialerPackage = getSystemPackageLPr(dialerAppPackageName); 310 if (dialerPackage != null) { 311 grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId); 312 } 313 } 314 } 315 316 // SMS 317 if (smsAppPackageNames == null) { 318 Intent smsIntent = new Intent(Intent.ACTION_MAIN); 319 smsIntent.addCategory(Intent.CATEGORY_APP_MESSAGING); 320 PackageParser.Package smsPackage = getDefaultSystemHandlerActivityPackageLPr( 321 smsIntent, userId); 322 if (smsPackage != null) { 323 grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId); 324 } 325 } else { 326 for (String smsPackageName : smsAppPackageNames) { 327 PackageParser.Package smsPackage = getSystemPackageLPr(smsPackageName); 328 if (smsPackage != null) { 329 grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId); 330 } 331 } 332 } 333 334 // Cell Broadcast Receiver 335 Intent cbrIntent = new Intent(Intents.SMS_CB_RECEIVED_ACTION); 336 PackageParser.Package cbrPackage = 337 getDefaultSystemHandlerActivityPackageLPr(cbrIntent, userId); 338 if (cbrPackage != null && doesPackageSupportRuntimePermissions(cbrPackage)) { 339 grantRuntimePermissionsLPw(cbrPackage, SMS_PERMISSIONS, false, userId); 340 } 341 342 // Calendar 343 Intent calendarIntent = new Intent(Intent.ACTION_MAIN); 344 calendarIntent.addCategory(Intent.CATEGORY_APP_CALENDAR); 345 PackageParser.Package calendarPackage = getDefaultSystemHandlerActivityPackageLPr( 346 calendarIntent, userId); 347 if (calendarPackage != null 348 && doesPackageSupportRuntimePermissions(calendarPackage)) { 349 grantRuntimePermissionsLPw(calendarPackage, CALENDAR_PERMISSIONS, userId); 350 grantRuntimePermissionsLPw(calendarPackage, CONTACTS_PERMISSIONS, userId); 351 } 352 353 // Calendar provider 354 PackageParser.Package calendarProviderPackage = getDefaultProviderAuthorityPackageLPr( 355 CalendarContract.AUTHORITY, userId); 356 if (calendarProviderPackage != null) { 357 grantRuntimePermissionsLPw(calendarProviderPackage, CONTACTS_PERMISSIONS, userId); 358 grantRuntimePermissionsLPw(calendarProviderPackage, CALENDAR_PERMISSIONS, 359 true, userId); 360 grantRuntimePermissionsLPw(calendarProviderPackage, STORAGE_PERMISSIONS, userId); 361 } 362 363 // Calendar provider sync adapters 364 List<PackageParser.Package> calendarSyncAdapters = getHeadlessSyncAdapterPackagesLPr( 365 calendarSyncAdapterPackages, userId); 366 final int calendarSyncAdapterCount = calendarSyncAdapters.size(); 367 for (int i = 0; i < calendarSyncAdapterCount; i++) { 368 PackageParser.Package calendarSyncAdapter = calendarSyncAdapters.get(i); 369 if (doesPackageSupportRuntimePermissions(calendarSyncAdapter)) { 370 grantRuntimePermissionsLPw(calendarSyncAdapter, CALENDAR_PERMISSIONS, userId); 371 } 372 } 373 374 // Contacts 375 Intent contactsIntent = new Intent(Intent.ACTION_MAIN); 376 contactsIntent.addCategory(Intent.CATEGORY_APP_CONTACTS); 377 PackageParser.Package contactsPackage = getDefaultSystemHandlerActivityPackageLPr( 378 contactsIntent, userId); 379 if (contactsPackage != null 380 && doesPackageSupportRuntimePermissions(contactsPackage)) { 381 grantRuntimePermissionsLPw(contactsPackage, CONTACTS_PERMISSIONS, userId); 382 grantRuntimePermissionsLPw(contactsPackage, PHONE_PERMISSIONS, userId); 383 } 384 385 // Contacts provider sync adapters 386 List<PackageParser.Package> contactsSyncAdapters = getHeadlessSyncAdapterPackagesLPr( 387 contactsSyncAdapterPackages, userId); 388 final int contactsSyncAdapterCount = contactsSyncAdapters.size(); 389 for (int i = 0; i < contactsSyncAdapterCount; i++) { 390 PackageParser.Package contactsSyncAdapter = contactsSyncAdapters.get(i); 391 if (doesPackageSupportRuntimePermissions(contactsSyncAdapter)) { 392 grantRuntimePermissionsLPw(contactsSyncAdapter, CONTACTS_PERMISSIONS, userId); 393 } 394 } 395 396 // Contacts provider 397 PackageParser.Package contactsProviderPackage = getDefaultProviderAuthorityPackageLPr( 398 ContactsContract.AUTHORITY, userId); 399 if (contactsProviderPackage != null) { 400 grantRuntimePermissionsLPw(contactsProviderPackage, CONTACTS_PERMISSIONS, 401 true, userId); 402 grantRuntimePermissionsLPw(contactsProviderPackage, PHONE_PERMISSIONS, 403 true, userId); 404 grantRuntimePermissionsLPw(contactsProviderPackage, STORAGE_PERMISSIONS, userId); 405 } 406 407 // Device provisioning 408 Intent deviceProvisionIntent = new Intent( 409 DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE); 410 PackageParser.Package deviceProvisionPackage = 411 getDefaultSystemHandlerActivityPackageLPr(deviceProvisionIntent, userId); 412 if (deviceProvisionPackage != null 413 && doesPackageSupportRuntimePermissions(deviceProvisionPackage)) { 414 grantRuntimePermissionsLPw(deviceProvisionPackage, CONTACTS_PERMISSIONS, userId); 415 } 416 417 // Maps 418 Intent mapsIntent = new Intent(Intent.ACTION_MAIN); 419 mapsIntent.addCategory(Intent.CATEGORY_APP_MAPS); 420 PackageParser.Package mapsPackage = getDefaultSystemHandlerActivityPackageLPr( 421 mapsIntent, userId); 422 if (mapsPackage != null 423 && doesPackageSupportRuntimePermissions(mapsPackage)) { 424 grantRuntimePermissionsLPw(mapsPackage, LOCATION_PERMISSIONS, userId); 425 } 426 427 // Gallery 428 Intent galleryIntent = new Intent(Intent.ACTION_MAIN); 429 galleryIntent.addCategory(Intent.CATEGORY_APP_GALLERY); 430 PackageParser.Package galleryPackage = getDefaultSystemHandlerActivityPackageLPr( 431 galleryIntent, userId); 432 if (galleryPackage != null 433 && doesPackageSupportRuntimePermissions(galleryPackage)) { 434 grantRuntimePermissionsLPw(galleryPackage, STORAGE_PERMISSIONS, userId); 435 } 436 437 // Email 438 Intent emailIntent = new Intent(Intent.ACTION_MAIN); 439 emailIntent.addCategory(Intent.CATEGORY_APP_EMAIL); 440 PackageParser.Package emailPackage = getDefaultSystemHandlerActivityPackageLPr( 441 emailIntent, userId); 442 if (emailPackage != null 443 && doesPackageSupportRuntimePermissions(emailPackage)) { 444 grantRuntimePermissionsLPw(emailPackage, CONTACTS_PERMISSIONS, userId); 445 } 446 447 // Browser 448 PackageParser.Package browserPackage = null; 449 String defaultBrowserPackage = mService.getDefaultBrowserPackageName(userId); 450 if (defaultBrowserPackage != null) { 451 browserPackage = getPackageLPr(defaultBrowserPackage); 452 } 453 if (browserPackage == null) { 454 Intent browserIntent = new Intent(Intent.ACTION_MAIN); 455 browserIntent.addCategory(Intent.CATEGORY_APP_BROWSER); 456 browserPackage = getDefaultSystemHandlerActivityPackageLPr( 457 browserIntent, userId); 458 } 459 if (browserPackage != null 460 && doesPackageSupportRuntimePermissions(browserPackage)) { 461 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, userId); 462 } 463 464 // IME 465 if (imePackageNames != null) { 466 for (String imePackageName : imePackageNames) { 467 PackageParser.Package imePackage = getSystemPackageLPr(imePackageName); 468 if (imePackage != null 469 && doesPackageSupportRuntimePermissions(imePackage)) { 470 grantRuntimePermissionsLPw(imePackage, CONTACTS_PERMISSIONS, userId); 471 } 472 } 473 } 474 475 // Voice interaction 476 if (voiceInteractPackageNames != null) { 477 for (String voiceInteractPackageName : voiceInteractPackageNames) { 478 PackageParser.Package voiceInteractPackage = getSystemPackageLPr( 479 voiceInteractPackageName); 480 if (voiceInteractPackage != null 481 && doesPackageSupportRuntimePermissions(voiceInteractPackage)) { 482 grantRuntimePermissionsLPw(voiceInteractPackage, 483 CONTACTS_PERMISSIONS, userId); 484 grantRuntimePermissionsLPw(voiceInteractPackage, 485 CALENDAR_PERMISSIONS, userId); 486 grantRuntimePermissionsLPw(voiceInteractPackage, 487 MICROPHONE_PERMISSIONS, userId); 488 grantRuntimePermissionsLPw(voiceInteractPackage, 489 PHONE_PERMISSIONS, userId); 490 grantRuntimePermissionsLPw(voiceInteractPackage, 491 SMS_PERMISSIONS, userId); 492 grantRuntimePermissionsLPw(voiceInteractPackage, 493 LOCATION_PERMISSIONS, userId); 494 } 495 } 496 } 497 498 // Voice recognition 499 Intent voiceRecoIntent = new Intent("android.speech.RecognitionService"); 500 voiceRecoIntent.addCategory(Intent.CATEGORY_DEFAULT); 501 PackageParser.Package voiceRecoPackage = getDefaultSystemHandlerServicePackageLPr( 502 voiceRecoIntent, userId); 503 if (voiceRecoPackage != null 504 && doesPackageSupportRuntimePermissions(voiceRecoPackage)) { 505 grantRuntimePermissionsLPw(voiceRecoPackage, MICROPHONE_PERMISSIONS, userId); 506 } 507 508 // Location 509 if (locationPackageNames != null) { 510 for (String packageName : locationPackageNames) { 511 PackageParser.Package locationPackage = getSystemPackageLPr(packageName); 512 if (locationPackage != null 513 && doesPackageSupportRuntimePermissions(locationPackage)) { 514 grantRuntimePermissionsLPw(locationPackage, CONTACTS_PERMISSIONS, userId); 515 grantRuntimePermissionsLPw(locationPackage, CALENDAR_PERMISSIONS, userId); 516 grantRuntimePermissionsLPw(locationPackage, MICROPHONE_PERMISSIONS, userId); 517 grantRuntimePermissionsLPw(locationPackage, PHONE_PERMISSIONS, userId); 518 grantRuntimePermissionsLPw(locationPackage, SMS_PERMISSIONS, userId); 519 grantRuntimePermissionsLPw(locationPackage, LOCATION_PERMISSIONS, 520 true, userId); 521 grantRuntimePermissionsLPw(locationPackage, CAMERA_PERMISSIONS, userId); 522 grantRuntimePermissionsLPw(locationPackage, SENSORS_PERMISSIONS, userId); 523 grantRuntimePermissionsLPw(locationPackage, STORAGE_PERMISSIONS, userId); 524 } 525 } 526 } 527 528 // Music 529 Intent musicIntent = new Intent(Intent.ACTION_VIEW); 530 musicIntent.addCategory(Intent.CATEGORY_DEFAULT); 531 musicIntent.setDataAndType(Uri.fromFile(new File("foo.mp3")), 532 AUDIO_MIME_TYPE); 533 PackageParser.Package musicPackage = getDefaultSystemHandlerActivityPackageLPr( 534 musicIntent, userId); 535 if (musicPackage != null 536 && doesPackageSupportRuntimePermissions(musicPackage)) { 537 grantRuntimePermissionsLPw(musicPackage, STORAGE_PERMISSIONS, userId); 538 } 539 540 mService.mSettings.onDefaultRuntimePermissionsGrantedLPr(userId); 541 } 542 } 543 544 private void grantDefaultPermissionsToDefaultSystemDialerAppLPr( 545 PackageParser.Package dialerPackage, int userId) { 546 if (doesPackageSupportRuntimePermissions(dialerPackage)) { 547 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, userId); 548 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, userId); 549 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, userId); 550 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, userId); 551 } 552 } 553 554 555 private void grantDefaultPermissionsToDefaultSystemSmsAppLPr( 556 PackageParser.Package smsPackage, int userId) { 557 if (doesPackageSupportRuntimePermissions(smsPackage)) { 558 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, userId); 559 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, userId); 560 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, userId); 561 } 562 } 563 564 565 public void grantDefaultPermissionsToDefaultSmsAppLPr(String packageName, int userId) { 566 Log.i(TAG, "Granting permissions to default sms app for user:" + userId); 567 if (packageName == null) { 568 return; 569 } 570 PackageParser.Package smsPackage = getPackageLPr(packageName); 571 if (smsPackage != null && doesPackageSupportRuntimePermissions(smsPackage)) { 572 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, false, true, userId); 573 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, false, true, userId); 574 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, false, true, userId); 575 } 576 } 577 578 public void grantDefaultPermissionsToDefaultDialerAppLPr(String packageName, int userId) { 579 Log.i(TAG, "Granting permissions to default dialer app for user:" + userId); 580 if (packageName == null) { 581 return; 582 } 583 PackageParser.Package dialerPackage = getPackageLPr(packageName); 584 if (dialerPackage != null 585 && doesPackageSupportRuntimePermissions(dialerPackage)) { 586 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, false, true, userId); 587 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, false, true, userId); 588 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, false, true, userId); 589 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, false, true, userId); 590 } 591 } 592 593 public void grantDefaultPermissionsToEnabledCarrierAppsLPr(String[] packageNames, int userId) { 594 Log.i(TAG, "Granting permissions to enabled carrier apps for user:" + userId); 595 if (packageNames == null) { 596 return; 597 } 598 for (String packageName : packageNames) { 599 PackageParser.Package carrierPackage = getSystemPackageLPr(packageName); 600 if (carrierPackage != null 601 && doesPackageSupportRuntimePermissions(carrierPackage)) { 602 grantRuntimePermissionsLPw(carrierPackage, PHONE_PERMISSIONS, userId); 603 grantRuntimePermissionsLPw(carrierPackage, LOCATION_PERMISSIONS, userId); 604 } 605 } 606 } 607 608 public void grantDefaultPermissionsToDefaultBrowserLPr(String packageName, int userId) { 609 Log.i(TAG, "Granting permissions to default browser for user:" + userId); 610 if (packageName == null) { 611 return; 612 } 613 PackageParser.Package browserPackage = getSystemPackageLPr(packageName); 614 if (browserPackage != null 615 && doesPackageSupportRuntimePermissions(browserPackage)) { 616 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, false, false, userId); 617 } 618 } 619 620 private PackageParser.Package getDefaultSystemHandlerActivityPackageLPr( 621 Intent intent, int userId) { 622 List<ResolveInfo> handlers = mService.mActivities.queryIntent(intent, 623 intent.resolveType(mService.mContext.getContentResolver()), 624 PackageManager.GET_DISABLED_COMPONENTS, userId); 625 if (handlers == null) { 626 return null; 627 } 628 final int handlerCount = handlers.size(); 629 for (int i = 0; i < handlerCount; i++) { 630 ResolveInfo handler = handlers.get(i); 631 PackageParser.Package handlerPackage = getSystemPackageLPr( 632 handler.activityInfo.packageName); 633 if (handlerPackage != null) { 634 return handlerPackage; 635 } 636 } 637 return null; 638 } 639 640 private PackageParser.Package getDefaultSystemHandlerServicePackageLPr( 641 Intent intent, int userId) { 642 List<ResolveInfo> handlers = mService.queryIntentServices(intent, 643 intent.resolveType(mService.mContext.getContentResolver()), 644 PackageManager.GET_DISABLED_COMPONENTS, userId); 645 if (handlers == null) { 646 return null; 647 } 648 final int handlerCount = handlers.size(); 649 for (int i = 0; i < handlerCount; i++) { 650 ResolveInfo handler = handlers.get(i); 651 PackageParser.Package handlerPackage = getSystemPackageLPr( 652 handler.serviceInfo.packageName); 653 if (handlerPackage != null) { 654 return handlerPackage; 655 } 656 } 657 return null; 658 } 659 660 private List<PackageParser.Package> getHeadlessSyncAdapterPackagesLPr( 661 String[] syncAdapterPackageNames, int userId) { 662 List<PackageParser.Package> syncAdapterPackages = new ArrayList<>(); 663 664 Intent homeIntent = new Intent(Intent.ACTION_MAIN); 665 homeIntent.addCategory(Intent.CATEGORY_HOME); 666 667 for (String syncAdapterPackageName : syncAdapterPackageNames) { 668 homeIntent.setPackage(syncAdapterPackageName); 669 670 List<ResolveInfo> homeActivities = mService.mActivities.queryIntent(homeIntent, 671 homeIntent.resolveType(mService.mContext.getContentResolver()), 672 PackageManager.GET_DISABLED_COMPONENTS, userId); 673 if (!homeActivities.isEmpty()) { 674 continue; 675 } 676 677 PackageParser.Package syncAdapterPackage = getSystemPackageLPr(syncAdapterPackageName); 678 if (syncAdapterPackage != null) { 679 syncAdapterPackages.add(syncAdapterPackage); 680 } 681 } 682 683 return syncAdapterPackages; 684 } 685 686 private PackageParser.Package getDefaultProviderAuthorityPackageLPr( 687 String authority, int userId) { 688 ProviderInfo provider = mService.resolveContentProvider(authority, 0, userId); 689 if (provider != null) { 690 return getSystemPackageLPr(provider.packageName); 691 } 692 return null; 693 } 694 695 private PackageParser.Package getPackageLPr(String packageName) { 696 return mService.mPackages.get(packageName); 697 } 698 699 private PackageParser.Package getSystemPackageLPr(String packageName) { 700 PackageParser.Package pkg = getPackageLPr(packageName); 701 if (pkg != null && pkg.isSystemApp()) { 702 return !isSysComponentOrPersistentPlatformSignedPrivApp(pkg) ? pkg : null; 703 } 704 return null; 705 } 706 707 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 708 int userId) { 709 grantRuntimePermissionsLPw(pkg, permissions, false, false, userId); 710 } 711 712 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 713 boolean systemFixed, int userId) { 714 grantRuntimePermissionsLPw(pkg, permissions, systemFixed, false, userId); 715 } 716 717 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 718 boolean systemFixed, boolean overrideUserChoice, int userId) { 719 List<String> requestedPermissions = pkg.requestedPermissions; 720 721 if (pkg.isUpdatedSystemApp()) { 722 PackageSetting sysPs = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName); 723 if (sysPs != null) { 724 requestedPermissions = sysPs.pkg.requestedPermissions; 725 } 726 } 727 728 final int permissionCount = requestedPermissions.size(); 729 for (int i = 0; i < permissionCount; i++) { 730 String permission = requestedPermissions.get(i); 731 if (permissions.contains(permission)) { 732 final int flags = mService.getPermissionFlags(permission, pkg.packageName, userId); 733 734 // If any flags are set to the permission, then it is either set in 735 // its current state by the system or device/profile owner or the user. 736 // In all these cases we do not want to clobber the current state. 737 // Unless the caller wants to override user choices. The override is 738 // to make sure we can grant the needed permission to the default 739 // sms and phone apps after the user chooses this in the UI. 740 if (flags == 0 || overrideUserChoice) { 741 // Never clobber policy or system. 742 final int fixedFlags = PackageManager.FLAG_PERMISSION_SYSTEM_FIXED 743 | PackageManager.FLAG_PERMISSION_POLICY_FIXED; 744 if ((flags & fixedFlags) != 0) { 745 continue; 746 } 747 748 mService.grantRuntimePermission(pkg.packageName, permission, userId); 749 if (DEBUG) { 750 Log.i(TAG, "Granted " + permission + " to default handler " 751 + pkg.packageName); 752 } 753 754 int newFlags = PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT; 755 if (systemFixed) { 756 newFlags |= PackageManager.FLAG_PERMISSION_SYSTEM_FIXED; 757 } 758 759 mService.updatePermissionFlags(permission, pkg.packageName, 760 newFlags, newFlags, userId); 761 } 762 } 763 } 764 } 765 766 private boolean isSysComponentOrPersistentPlatformSignedPrivApp(PackageParser.Package pkg) { 767 if (UserHandle.getAppId(pkg.applicationInfo.uid) < FIRST_APPLICATION_UID) { 768 return true; 769 } 770 if ((pkg.applicationInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) == 0 771 || (pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) { 772 return false; 773 } 774 return PackageManagerService.compareSignatures(mService.mPlatformPackage.mSignatures, 775 pkg.mSignatures) == PackageManager.SIGNATURE_MATCH; 776 } 777 778 private static boolean doesPackageSupportRuntimePermissions(PackageParser.Package pkg) { 779 return pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1; 780 } 781} 782