DefaultPermissionGrantPolicy.java revision d878f5327793310d5fda083f800644bc96d6a6e8
1/* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.android.server.pm; 18 19import android.Manifest; 20import android.app.DownloadManager; 21import android.app.admin.DevicePolicyManager; 22import android.content.Intent; 23import android.content.pm.ApplicationInfo; 24import android.content.pm.PackageManager; 25import android.content.pm.PackageManagerInternal.PackagesProvider; 26import android.content.pm.PackageManagerInternal.SyncAdapterPackagesProvider; 27import android.content.pm.PackageParser; 28import android.content.pm.ProviderInfo; 29import android.content.pm.ResolveInfo; 30import android.net.Uri; 31import android.os.Build; 32import android.os.UserHandle; 33import android.provider.CalendarContract; 34import android.provider.ContactsContract; 35import android.provider.MediaStore; 36import android.provider.Telephony.Sms.Intents; 37import android.security.Credentials; 38import android.util.ArraySet; 39import android.util.Log; 40 41import java.io.File; 42import java.util.ArrayList; 43import java.util.List; 44import java.util.Set; 45 46import static android.os.Process.FIRST_APPLICATION_UID; 47 48/** 49 * This class is the policy for granting runtime permissions to 50 * platform components and default handlers in the system such 51 * that the device is usable out-of-the-box. For example, the 52 * shell UID is a part of the system and the Phone app should 53 * have phone related permission by default. 54 */ 55final class DefaultPermissionGrantPolicy { 56 private static final String TAG = "DefaultPermGrantPolicy"; // must be <= 23 chars 57 private static final boolean DEBUG = false; 58 59 private static final String AUDIO_MIME_TYPE = "audio/mpeg"; 60 61 private static final Set<String> PHONE_PERMISSIONS = new ArraySet<>(); 62 static { 63 PHONE_PERMISSIONS.add(Manifest.permission.READ_PHONE_STATE); 64 PHONE_PERMISSIONS.add(Manifest.permission.CALL_PHONE); 65 PHONE_PERMISSIONS.add(Manifest.permission.READ_CALL_LOG); 66 PHONE_PERMISSIONS.add(Manifest.permission.WRITE_CALL_LOG); 67 PHONE_PERMISSIONS.add(Manifest.permission.ADD_VOICEMAIL); 68 PHONE_PERMISSIONS.add(Manifest.permission.USE_SIP); 69 PHONE_PERMISSIONS.add(Manifest.permission.PROCESS_OUTGOING_CALLS); 70 } 71 72 private static final Set<String> CONTACTS_PERMISSIONS = new ArraySet<>(); 73 static { 74 CONTACTS_PERMISSIONS.add(Manifest.permission.READ_CONTACTS); 75 CONTACTS_PERMISSIONS.add(Manifest.permission.WRITE_CONTACTS); 76 CONTACTS_PERMISSIONS.add(Manifest.permission.GET_ACCOUNTS); 77 } 78 79 private static final Set<String> LOCATION_PERMISSIONS = new ArraySet<>(); 80 static { 81 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_FINE_LOCATION); 82 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_COARSE_LOCATION); 83 } 84 85 private static final Set<String> CALENDAR_PERMISSIONS = new ArraySet<>(); 86 static { 87 CALENDAR_PERMISSIONS.add(Manifest.permission.READ_CALENDAR); 88 CALENDAR_PERMISSIONS.add(Manifest.permission.WRITE_CALENDAR); 89 } 90 91 private static final Set<String> SMS_PERMISSIONS = new ArraySet<>(); 92 static { 93 SMS_PERMISSIONS.add(Manifest.permission.SEND_SMS); 94 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_SMS); 95 SMS_PERMISSIONS.add(Manifest.permission.READ_SMS); 96 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_WAP_PUSH); 97 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_MMS); 98 SMS_PERMISSIONS.add(Manifest.permission.READ_CELL_BROADCASTS); 99 } 100 101 private static final Set<String> MICROPHONE_PERMISSIONS = new ArraySet<>(); 102 static { 103 MICROPHONE_PERMISSIONS.add(Manifest.permission.RECORD_AUDIO); 104 } 105 106 private static final Set<String> CAMERA_PERMISSIONS = new ArraySet<>(); 107 static { 108 CAMERA_PERMISSIONS.add(Manifest.permission.CAMERA); 109 } 110 111 private static final Set<String> SENSORS_PERMISSIONS = new ArraySet<>(); 112 static { 113 SENSORS_PERMISSIONS.add(Manifest.permission.BODY_SENSORS); 114 } 115 116 private static final Set<String> STORAGE_PERMISSIONS = new ArraySet<>(); 117 static { 118 STORAGE_PERMISSIONS.add(Manifest.permission.READ_EXTERNAL_STORAGE); 119 STORAGE_PERMISSIONS.add(Manifest.permission.WRITE_EXTERNAL_STORAGE); 120 } 121 122 private final PackageManagerService mService; 123 124 private PackagesProvider mImePackagesProvider; 125 private PackagesProvider mLocationPackagesProvider; 126 private PackagesProvider mVoiceInteractionPackagesProvider; 127 private PackagesProvider mSmsAppPackagesProvider; 128 private PackagesProvider mDialerAppPackagesProvider; 129 private PackagesProvider mSimCallManagerPackagesProvider; 130 private SyncAdapterPackagesProvider mSyncAdapterPackagesProvider; 131 132 public DefaultPermissionGrantPolicy(PackageManagerService service) { 133 mService = service; 134 } 135 136 public void setImePackagesProviderLPr(PackagesProvider provider) { 137 mImePackagesProvider = provider; 138 } 139 140 public void setLocationPackagesProviderLPw(PackagesProvider provider) { 141 mLocationPackagesProvider = provider; 142 } 143 144 public void setVoiceInteractionPackagesProviderLPw(PackagesProvider provider) { 145 mVoiceInteractionPackagesProvider = provider; 146 } 147 148 public void setSmsAppPackagesProviderLPw(PackagesProvider provider) { 149 mSmsAppPackagesProvider = provider; 150 } 151 152 public void setDialerAppPackagesProviderLPw(PackagesProvider provider) { 153 mDialerAppPackagesProvider = provider; 154 } 155 156 public void setSimCallManagerPackagesProviderLPw(PackagesProvider provider) { 157 mSimCallManagerPackagesProvider = provider; 158 } 159 160 public void setSyncAdapterPackagesProviderLPw(SyncAdapterPackagesProvider provider) { 161 mSyncAdapterPackagesProvider = provider; 162 } 163 164 public void grantDefaultPermissions(int userId) { 165 grantPermissionsToSysComponentsAndPrivApps(userId); 166 grantDefaultSystemHandlerPermissions(userId); 167 } 168 169 private void grantPermissionsToSysComponentsAndPrivApps(int userId) { 170 Log.i(TAG, "Granting permissions to platform components for user " + userId); 171 172 synchronized (mService.mPackages) { 173 for (PackageParser.Package pkg : mService.mPackages.values()) { 174 if (!isSysComponentOrPersistentPlatformSignedPrivAppLPr(pkg) 175 || !doesPackageSupportRuntimePermissions(pkg) 176 || pkg.requestedPermissions.isEmpty()) { 177 continue; 178 } 179 Set<String> permissions = new ArraySet<>(); 180 final int permissionCount = pkg.requestedPermissions.size(); 181 for (int i = 0; i < permissionCount; i++) { 182 String permission = pkg.requestedPermissions.get(i); 183 BasePermission bp = mService.mSettings.mPermissions.get(permission); 184 if (bp != null && bp.isRuntime()) { 185 permissions.add(permission); 186 } 187 } 188 if (!permissions.isEmpty()) { 189 grantRuntimePermissionsLPw(pkg, permissions, true, userId); 190 } 191 } 192 } 193 } 194 195 private void grantDefaultSystemHandlerPermissions(int userId) { 196 Log.i(TAG, "Granting permissions to default platform handlers for user " + userId); 197 198 final PackagesProvider imePackagesProvider; 199 final PackagesProvider locationPackagesProvider; 200 final PackagesProvider voiceInteractionPackagesProvider; 201 final PackagesProvider smsAppPackagesProvider; 202 final PackagesProvider dialerAppPackagesProvider; 203 final PackagesProvider simCallManagerPackagesProvider; 204 final SyncAdapterPackagesProvider syncAdapterPackagesProvider; 205 206 synchronized (mService.mPackages) { 207 imePackagesProvider = mImePackagesProvider; 208 locationPackagesProvider = mLocationPackagesProvider; 209 voiceInteractionPackagesProvider = mVoiceInteractionPackagesProvider; 210 smsAppPackagesProvider = mSmsAppPackagesProvider; 211 dialerAppPackagesProvider = mDialerAppPackagesProvider; 212 simCallManagerPackagesProvider = mSimCallManagerPackagesProvider; 213 syncAdapterPackagesProvider = mSyncAdapterPackagesProvider; 214 } 215 216 String[] imePackageNames = (imePackagesProvider != null) 217 ? imePackagesProvider.getPackages(userId) : null; 218 String[] voiceInteractPackageNames = (voiceInteractionPackagesProvider != null) 219 ? voiceInteractionPackagesProvider.getPackages(userId) : null; 220 String[] locationPackageNames = (locationPackagesProvider != null) 221 ? locationPackagesProvider.getPackages(userId) : null; 222 String[] smsAppPackageNames = (smsAppPackagesProvider != null) 223 ? smsAppPackagesProvider.getPackages(userId) : null; 224 String[] dialerAppPackageNames = (dialerAppPackagesProvider != null) 225 ? dialerAppPackagesProvider.getPackages(userId) : null; 226 String[] simCallManagerPackageNames = (simCallManagerPackagesProvider != null) 227 ? simCallManagerPackagesProvider.getPackages(userId) : null; 228 String[] contactsSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 229 syncAdapterPackagesProvider.getPackages(ContactsContract.AUTHORITY, userId) : null; 230 String[] calendarSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 231 syncAdapterPackagesProvider.getPackages(CalendarContract.AUTHORITY, userId) : null; 232 233 synchronized (mService.mPackages) { 234 // Installer 235 PackageParser.Package installerPackage = getSystemPackageLPr( 236 mService.mRequiredInstallerPackage); 237 if (installerPackage != null 238 && doesPackageSupportRuntimePermissions(installerPackage)) { 239 grantRuntimePermissionsLPw(installerPackage, STORAGE_PERMISSIONS, true, userId); 240 } 241 242 // Verifier 243 PackageParser.Package verifierPackage = getSystemPackageLPr( 244 mService.mRequiredVerifierPackage); 245 if (verifierPackage != null 246 && doesPackageSupportRuntimePermissions(verifierPackage)) { 247 grantRuntimePermissionsLPw(verifierPackage, STORAGE_PERMISSIONS, true, userId); 248 } 249 250 // SetupWizard 251 Intent setupIntent = new Intent(Intent.ACTION_MAIN); 252 setupIntent.addCategory(Intent.CATEGORY_SETUP_WIZARD); 253 PackageParser.Package setupPackage = getDefaultSystemHandlerActivityPackageLPr( 254 setupIntent, userId); 255 if (setupPackage != null 256 && doesPackageSupportRuntimePermissions(setupPackage)) { 257 grantRuntimePermissionsLPw(setupPackage, PHONE_PERMISSIONS, userId); 258 grantRuntimePermissionsLPw(setupPackage, CONTACTS_PERMISSIONS, userId); 259 } 260 261 // Camera 262 Intent cameraIntent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE); 263 PackageParser.Package cameraPackage = getDefaultSystemHandlerActivityPackageLPr( 264 cameraIntent, userId); 265 if (cameraPackage != null 266 && doesPackageSupportRuntimePermissions(cameraPackage)) { 267 grantRuntimePermissionsLPw(cameraPackage, CAMERA_PERMISSIONS, userId); 268 grantRuntimePermissionsLPw(cameraPackage, MICROPHONE_PERMISSIONS, userId); 269 grantRuntimePermissionsLPw(cameraPackage, STORAGE_PERMISSIONS, userId); 270 } 271 272 // Media provider 273 PackageParser.Package mediaStorePackage = getDefaultProviderAuthorityPackageLPr( 274 MediaStore.AUTHORITY, userId); 275 if (mediaStorePackage != null) { 276 grantRuntimePermissionsLPw(mediaStorePackage, STORAGE_PERMISSIONS, true, userId); 277 } 278 279 // Downloads provider 280 PackageParser.Package downloadsPackage = getDefaultProviderAuthorityPackageLPr( 281 "downloads", userId); 282 if (downloadsPackage != null) { 283 grantRuntimePermissionsLPw(downloadsPackage, STORAGE_PERMISSIONS, true, userId); 284 } 285 286 // Downloads UI 287 Intent downloadsUiIntent = new Intent(DownloadManager.ACTION_VIEW_DOWNLOADS); 288 PackageParser.Package downloadsUiPackage = getDefaultSystemHandlerActivityPackageLPr( 289 downloadsUiIntent, userId); 290 if (downloadsUiPackage != null 291 && doesPackageSupportRuntimePermissions(downloadsUiPackage)) { 292 grantRuntimePermissionsLPw(downloadsUiPackage, STORAGE_PERMISSIONS, true, userId); 293 } 294 295 // Storage provider 296 PackageParser.Package storagePackage = getDefaultProviderAuthorityPackageLPr( 297 "com.android.externalstorage.documents", userId); 298 if (storagePackage != null) { 299 grantRuntimePermissionsLPw(storagePackage, STORAGE_PERMISSIONS, userId); 300 } 301 302 // CertInstaller 303 Intent certInstallerIntent = new Intent(Credentials.INSTALL_ACTION); 304 PackageParser.Package certInstallerPackage = getDefaultSystemHandlerActivityPackageLPr( 305 certInstallerIntent, userId); 306 if (certInstallerPackage != null 307 && doesPackageSupportRuntimePermissions(certInstallerPackage)) { 308 grantRuntimePermissionsLPw(certInstallerPackage, STORAGE_PERMISSIONS, true, userId); 309 } 310 311 // Dialer 312 if (dialerAppPackageNames == null) { 313 Intent dialerIntent = new Intent(Intent.ACTION_DIAL); 314 PackageParser.Package dialerPackage = getDefaultSystemHandlerActivityPackageLPr( 315 dialerIntent, userId); 316 if (dialerPackage != null) { 317 grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId); 318 } 319 } else { 320 for (String dialerAppPackageName : dialerAppPackageNames) { 321 PackageParser.Package dialerPackage = getSystemPackageLPr(dialerAppPackageName); 322 if (dialerPackage != null) { 323 grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId); 324 } 325 } 326 } 327 328 // Sim call manager 329 if (simCallManagerPackageNames != null) { 330 for (String simCallManagerPackageName : simCallManagerPackageNames) { 331 PackageParser.Package simCallManagerPackage = 332 getSystemPackageLPr(simCallManagerPackageName); 333 if (simCallManagerPackage != null) { 334 grantDefaultPermissionsToDefaultSimCallManagerLPr(simCallManagerPackage, 335 userId); 336 } 337 } 338 } 339 340 // SMS 341 if (smsAppPackageNames == null) { 342 Intent smsIntent = new Intent(Intent.ACTION_MAIN); 343 smsIntent.addCategory(Intent.CATEGORY_APP_MESSAGING); 344 PackageParser.Package smsPackage = getDefaultSystemHandlerActivityPackageLPr( 345 smsIntent, userId); 346 if (smsPackage != null) { 347 grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId); 348 } 349 } else { 350 for (String smsPackageName : smsAppPackageNames) { 351 PackageParser.Package smsPackage = getSystemPackageLPr(smsPackageName); 352 if (smsPackage != null) { 353 grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId); 354 } 355 } 356 } 357 358 // Cell Broadcast Receiver 359 Intent cbrIntent = new Intent(Intents.SMS_CB_RECEIVED_ACTION); 360 PackageParser.Package cbrPackage = 361 getDefaultSystemHandlerActivityPackageLPr(cbrIntent, userId); 362 if (cbrPackage != null && doesPackageSupportRuntimePermissions(cbrPackage)) { 363 grantRuntimePermissionsLPw(cbrPackage, SMS_PERMISSIONS, false, userId); 364 } 365 366 // Carrier Provisioning Service 367 Intent carrierProvIntent = new Intent(Intents.SMS_CARRIER_PROVISION_ACTION); 368 PackageParser.Package carrierProvPackage = 369 getDefaultSystemHandlerServicePackageLPr(carrierProvIntent, userId); 370 if (carrierProvPackage != null && doesPackageSupportRuntimePermissions(carrierProvPackage)) { 371 grantRuntimePermissionsLPw(carrierProvPackage, SMS_PERMISSIONS, false, userId); 372 } 373 374 // Calendar 375 Intent calendarIntent = new Intent(Intent.ACTION_MAIN); 376 calendarIntent.addCategory(Intent.CATEGORY_APP_CALENDAR); 377 PackageParser.Package calendarPackage = getDefaultSystemHandlerActivityPackageLPr( 378 calendarIntent, userId); 379 if (calendarPackage != null 380 && doesPackageSupportRuntimePermissions(calendarPackage)) { 381 grantRuntimePermissionsLPw(calendarPackage, CALENDAR_PERMISSIONS, userId); 382 grantRuntimePermissionsLPw(calendarPackage, CONTACTS_PERMISSIONS, userId); 383 } 384 385 // Calendar provider 386 PackageParser.Package calendarProviderPackage = getDefaultProviderAuthorityPackageLPr( 387 CalendarContract.AUTHORITY, userId); 388 if (calendarProviderPackage != null) { 389 grantRuntimePermissionsLPw(calendarProviderPackage, CONTACTS_PERMISSIONS, userId); 390 grantRuntimePermissionsLPw(calendarProviderPackage, CALENDAR_PERMISSIONS, 391 true, userId); 392 grantRuntimePermissionsLPw(calendarProviderPackage, STORAGE_PERMISSIONS, userId); 393 } 394 395 // Calendar provider sync adapters 396 List<PackageParser.Package> calendarSyncAdapters = getHeadlessSyncAdapterPackagesLPr( 397 calendarSyncAdapterPackages, userId); 398 final int calendarSyncAdapterCount = calendarSyncAdapters.size(); 399 for (int i = 0; i < calendarSyncAdapterCount; i++) { 400 PackageParser.Package calendarSyncAdapter = calendarSyncAdapters.get(i); 401 if (doesPackageSupportRuntimePermissions(calendarSyncAdapter)) { 402 grantRuntimePermissionsLPw(calendarSyncAdapter, CALENDAR_PERMISSIONS, userId); 403 } 404 } 405 406 // Contacts 407 Intent contactsIntent = new Intent(Intent.ACTION_MAIN); 408 contactsIntent.addCategory(Intent.CATEGORY_APP_CONTACTS); 409 PackageParser.Package contactsPackage = getDefaultSystemHandlerActivityPackageLPr( 410 contactsIntent, userId); 411 if (contactsPackage != null 412 && doesPackageSupportRuntimePermissions(contactsPackage)) { 413 grantRuntimePermissionsLPw(contactsPackage, CONTACTS_PERMISSIONS, userId); 414 grantRuntimePermissionsLPw(contactsPackage, PHONE_PERMISSIONS, userId); 415 } 416 417 // Contacts provider sync adapters 418 List<PackageParser.Package> contactsSyncAdapters = getHeadlessSyncAdapterPackagesLPr( 419 contactsSyncAdapterPackages, userId); 420 final int contactsSyncAdapterCount = contactsSyncAdapters.size(); 421 for (int i = 0; i < contactsSyncAdapterCount; i++) { 422 PackageParser.Package contactsSyncAdapter = contactsSyncAdapters.get(i); 423 if (doesPackageSupportRuntimePermissions(contactsSyncAdapter)) { 424 grantRuntimePermissionsLPw(contactsSyncAdapter, CONTACTS_PERMISSIONS, userId); 425 } 426 } 427 428 // Contacts provider 429 PackageParser.Package contactsProviderPackage = getDefaultProviderAuthorityPackageLPr( 430 ContactsContract.AUTHORITY, userId); 431 if (contactsProviderPackage != null) { 432 grantRuntimePermissionsLPw(contactsProviderPackage, CONTACTS_PERMISSIONS, 433 true, userId); 434 grantRuntimePermissionsLPw(contactsProviderPackage, PHONE_PERMISSIONS, 435 true, userId); 436 grantRuntimePermissionsLPw(contactsProviderPackage, STORAGE_PERMISSIONS, userId); 437 } 438 439 // Device provisioning 440 Intent deviceProvisionIntent = new Intent( 441 DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE); 442 PackageParser.Package deviceProvisionPackage = 443 getDefaultSystemHandlerActivityPackageLPr(deviceProvisionIntent, userId); 444 if (deviceProvisionPackage != null 445 && doesPackageSupportRuntimePermissions(deviceProvisionPackage)) { 446 grantRuntimePermissionsLPw(deviceProvisionPackage, CONTACTS_PERMISSIONS, userId); 447 } 448 449 // Maps 450 Intent mapsIntent = new Intent(Intent.ACTION_MAIN); 451 mapsIntent.addCategory(Intent.CATEGORY_APP_MAPS); 452 PackageParser.Package mapsPackage = getDefaultSystemHandlerActivityPackageLPr( 453 mapsIntent, userId); 454 if (mapsPackage != null 455 && doesPackageSupportRuntimePermissions(mapsPackage)) { 456 grantRuntimePermissionsLPw(mapsPackage, LOCATION_PERMISSIONS, userId); 457 } 458 459 // Gallery 460 Intent galleryIntent = new Intent(Intent.ACTION_MAIN); 461 galleryIntent.addCategory(Intent.CATEGORY_APP_GALLERY); 462 PackageParser.Package galleryPackage = getDefaultSystemHandlerActivityPackageLPr( 463 galleryIntent, userId); 464 if (galleryPackage != null 465 && doesPackageSupportRuntimePermissions(galleryPackage)) { 466 grantRuntimePermissionsLPw(galleryPackage, STORAGE_PERMISSIONS, userId); 467 } 468 469 // Email 470 Intent emailIntent = new Intent(Intent.ACTION_MAIN); 471 emailIntent.addCategory(Intent.CATEGORY_APP_EMAIL); 472 PackageParser.Package emailPackage = getDefaultSystemHandlerActivityPackageLPr( 473 emailIntent, userId); 474 if (emailPackage != null 475 && doesPackageSupportRuntimePermissions(emailPackage)) { 476 grantRuntimePermissionsLPw(emailPackage, CONTACTS_PERMISSIONS, userId); 477 } 478 479 // Browser 480 PackageParser.Package browserPackage = null; 481 String defaultBrowserPackage = mService.getDefaultBrowserPackageName(userId); 482 if (defaultBrowserPackage != null) { 483 browserPackage = getPackageLPr(defaultBrowserPackage); 484 } 485 if (browserPackage == null) { 486 Intent browserIntent = new Intent(Intent.ACTION_MAIN); 487 browserIntent.addCategory(Intent.CATEGORY_APP_BROWSER); 488 browserPackage = getDefaultSystemHandlerActivityPackageLPr( 489 browserIntent, userId); 490 } 491 if (browserPackage != null 492 && doesPackageSupportRuntimePermissions(browserPackage)) { 493 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, userId); 494 } 495 496 // IME 497 if (imePackageNames != null) { 498 for (String imePackageName : imePackageNames) { 499 PackageParser.Package imePackage = getSystemPackageLPr(imePackageName); 500 if (imePackage != null 501 && doesPackageSupportRuntimePermissions(imePackage)) { 502 grantRuntimePermissionsLPw(imePackage, CONTACTS_PERMISSIONS, userId); 503 } 504 } 505 } 506 507 // Voice interaction 508 if (voiceInteractPackageNames != null) { 509 for (String voiceInteractPackageName : voiceInteractPackageNames) { 510 PackageParser.Package voiceInteractPackage = getSystemPackageLPr( 511 voiceInteractPackageName); 512 if (voiceInteractPackage != null 513 && doesPackageSupportRuntimePermissions(voiceInteractPackage)) { 514 grantRuntimePermissionsLPw(voiceInteractPackage, 515 CONTACTS_PERMISSIONS, userId); 516 grantRuntimePermissionsLPw(voiceInteractPackage, 517 CALENDAR_PERMISSIONS, userId); 518 grantRuntimePermissionsLPw(voiceInteractPackage, 519 MICROPHONE_PERMISSIONS, userId); 520 grantRuntimePermissionsLPw(voiceInteractPackage, 521 PHONE_PERMISSIONS, userId); 522 grantRuntimePermissionsLPw(voiceInteractPackage, 523 SMS_PERMISSIONS, userId); 524 grantRuntimePermissionsLPw(voiceInteractPackage, 525 LOCATION_PERMISSIONS, userId); 526 } 527 } 528 } 529 530 // Voice recognition 531 Intent voiceRecoIntent = new Intent("android.speech.RecognitionService"); 532 voiceRecoIntent.addCategory(Intent.CATEGORY_DEFAULT); 533 PackageParser.Package voiceRecoPackage = getDefaultSystemHandlerServicePackageLPr( 534 voiceRecoIntent, userId); 535 if (voiceRecoPackage != null 536 && doesPackageSupportRuntimePermissions(voiceRecoPackage)) { 537 grantRuntimePermissionsLPw(voiceRecoPackage, MICROPHONE_PERMISSIONS, userId); 538 } 539 540 // Location 541 if (locationPackageNames != null) { 542 for (String packageName : locationPackageNames) { 543 PackageParser.Package locationPackage = getSystemPackageLPr(packageName); 544 if (locationPackage != null 545 && doesPackageSupportRuntimePermissions(locationPackage)) { 546 grantRuntimePermissionsLPw(locationPackage, CONTACTS_PERMISSIONS, userId); 547 grantRuntimePermissionsLPw(locationPackage, CALENDAR_PERMISSIONS, userId); 548 grantRuntimePermissionsLPw(locationPackage, MICROPHONE_PERMISSIONS, userId); 549 grantRuntimePermissionsLPw(locationPackage, PHONE_PERMISSIONS, userId); 550 grantRuntimePermissionsLPw(locationPackage, SMS_PERMISSIONS, userId); 551 grantRuntimePermissionsLPw(locationPackage, LOCATION_PERMISSIONS, 552 true, userId); 553 grantRuntimePermissionsLPw(locationPackage, CAMERA_PERMISSIONS, userId); 554 grantRuntimePermissionsLPw(locationPackage, SENSORS_PERMISSIONS, userId); 555 grantRuntimePermissionsLPw(locationPackage, STORAGE_PERMISSIONS, userId); 556 } 557 } 558 } 559 560 // Music 561 Intent musicIntent = new Intent(Intent.ACTION_VIEW); 562 musicIntent.addCategory(Intent.CATEGORY_DEFAULT); 563 musicIntent.setDataAndType(Uri.fromFile(new File("foo.mp3")), 564 AUDIO_MIME_TYPE); 565 PackageParser.Package musicPackage = getDefaultSystemHandlerActivityPackageLPr( 566 musicIntent, userId); 567 if (musicPackage != null 568 && doesPackageSupportRuntimePermissions(musicPackage)) { 569 grantRuntimePermissionsLPw(musicPackage, STORAGE_PERMISSIONS, userId); 570 } 571 572 mService.mSettings.onDefaultRuntimePermissionsGrantedLPr(userId); 573 } 574 } 575 576 private void grantDefaultPermissionsToDefaultSystemDialerAppLPr( 577 PackageParser.Package dialerPackage, int userId) { 578 if (doesPackageSupportRuntimePermissions(dialerPackage)) { 579 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, userId); 580 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, userId); 581 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, userId); 582 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, userId); 583 } 584 } 585 586 587 private void grantDefaultPermissionsToDefaultSystemSmsAppLPr( 588 PackageParser.Package smsPackage, int userId) { 589 if (doesPackageSupportRuntimePermissions(smsPackage)) { 590 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, userId); 591 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, userId); 592 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, userId); 593 } 594 } 595 596 597 public void grantDefaultPermissionsToDefaultSmsAppLPr(String packageName, int userId) { 598 Log.i(TAG, "Granting permissions to default sms app for user:" + userId); 599 if (packageName == null) { 600 return; 601 } 602 PackageParser.Package smsPackage = getPackageLPr(packageName); 603 if (smsPackage != null && doesPackageSupportRuntimePermissions(smsPackage)) { 604 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, false, true, userId); 605 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, false, true, userId); 606 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, false, true, userId); 607 } 608 } 609 610 public void grantDefaultPermissionsToDefaultDialerAppLPr(String packageName, int userId) { 611 Log.i(TAG, "Granting permissions to default dialer app for user:" + userId); 612 if (packageName == null) { 613 return; 614 } 615 PackageParser.Package dialerPackage = getPackageLPr(packageName); 616 if (dialerPackage != null 617 && doesPackageSupportRuntimePermissions(dialerPackage)) { 618 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, false, true, userId); 619 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, false, true, userId); 620 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, false, true, userId); 621 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, false, true, userId); 622 } 623 } 624 625 private void grantDefaultPermissionsToDefaultSimCallManagerLPr( 626 PackageParser.Package simCallManagerPackage, int userId) { 627 Log.i(TAG, "Granting permissions to sim call manager for user:" + userId); 628 if (doesPackageSupportRuntimePermissions(simCallManagerPackage)) { 629 grantRuntimePermissionsLPw(simCallManagerPackage, PHONE_PERMISSIONS, userId); 630 grantRuntimePermissionsLPw(simCallManagerPackage, MICROPHONE_PERMISSIONS, userId); 631 } 632 } 633 634 public void grantDefaultPermissionsToDefaultSimCallManagerLPr(String packageName, int userId) { 635 if (packageName == null) { 636 return; 637 } 638 PackageParser.Package simCallManagerPackage = getPackageLPr(packageName); 639 if (simCallManagerPackage != null) { 640 grantDefaultPermissionsToDefaultSimCallManagerLPr(simCallManagerPackage, userId); 641 } 642 } 643 644 public void grantDefaultPermissionsToEnabledCarrierAppsLPr(String[] packageNames, int userId) { 645 Log.i(TAG, "Granting permissions to enabled carrier apps for user:" + userId); 646 if (packageNames == null) { 647 return; 648 } 649 for (String packageName : packageNames) { 650 PackageParser.Package carrierPackage = getSystemPackageLPr(packageName); 651 if (carrierPackage != null 652 && doesPackageSupportRuntimePermissions(carrierPackage)) { 653 grantRuntimePermissionsLPw(carrierPackage, PHONE_PERMISSIONS, userId); 654 grantRuntimePermissionsLPw(carrierPackage, LOCATION_PERMISSIONS, userId); 655 grantRuntimePermissionsLPw(carrierPackage, SMS_PERMISSIONS, userId); 656 } 657 } 658 } 659 660 public void grantDefaultPermissionsToDefaultBrowserLPr(String packageName, int userId) { 661 Log.i(TAG, "Granting permissions to default browser for user:" + userId); 662 if (packageName == null) { 663 return; 664 } 665 PackageParser.Package browserPackage = getSystemPackageLPr(packageName); 666 if (browserPackage != null 667 && doesPackageSupportRuntimePermissions(browserPackage)) { 668 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, false, false, userId); 669 } 670 } 671 672 private PackageParser.Package getDefaultSystemHandlerActivityPackageLPr( 673 Intent intent, int userId) { 674 List<ResolveInfo> handlers = mService.mActivities.queryIntent(intent, 675 intent.resolveType(mService.mContext.getContentResolver()), 676 PackageManager.GET_DISABLED_COMPONENTS, userId); 677 if (handlers == null) { 678 return null; 679 } 680 final int handlerCount = handlers.size(); 681 for (int i = 0; i < handlerCount; i++) { 682 ResolveInfo handler = handlers.get(i); 683 PackageParser.Package handlerPackage = getSystemPackageLPr( 684 handler.activityInfo.packageName); 685 if (handlerPackage != null) { 686 return handlerPackage; 687 } 688 } 689 return null; 690 } 691 692 private PackageParser.Package getDefaultSystemHandlerServicePackageLPr( 693 Intent intent, int userId) { 694 List<ResolveInfo> handlers = mService.queryIntentServices(intent, 695 intent.resolveType(mService.mContext.getContentResolver()), 696 PackageManager.GET_DISABLED_COMPONENTS, userId); 697 if (handlers == null) { 698 return null; 699 } 700 final int handlerCount = handlers.size(); 701 for (int i = 0; i < handlerCount; i++) { 702 ResolveInfo handler = handlers.get(i); 703 PackageParser.Package handlerPackage = getSystemPackageLPr( 704 handler.serviceInfo.packageName); 705 if (handlerPackage != null) { 706 return handlerPackage; 707 } 708 } 709 return null; 710 } 711 712 private List<PackageParser.Package> getHeadlessSyncAdapterPackagesLPr( 713 String[] syncAdapterPackageNames, int userId) { 714 List<PackageParser.Package> syncAdapterPackages = new ArrayList<>(); 715 716 Intent homeIntent = new Intent(Intent.ACTION_MAIN); 717 homeIntent.addCategory(Intent.CATEGORY_LAUNCHER); 718 719 for (String syncAdapterPackageName : syncAdapterPackageNames) { 720 homeIntent.setPackage(syncAdapterPackageName); 721 722 List<ResolveInfo> homeActivities = mService.mActivities.queryIntent(homeIntent, 723 homeIntent.resolveType(mService.mContext.getContentResolver()), 724 PackageManager.GET_DISABLED_COMPONENTS, userId); 725 if (!homeActivities.isEmpty()) { 726 continue; 727 } 728 729 PackageParser.Package syncAdapterPackage = getSystemPackageLPr(syncAdapterPackageName); 730 if (syncAdapterPackage != null) { 731 syncAdapterPackages.add(syncAdapterPackage); 732 } 733 } 734 735 return syncAdapterPackages; 736 } 737 738 private PackageParser.Package getDefaultProviderAuthorityPackageLPr( 739 String authority, int userId) { 740 ProviderInfo provider = mService.resolveContentProvider(authority, 0, userId); 741 if (provider != null) { 742 return getSystemPackageLPr(provider.packageName); 743 } 744 return null; 745 } 746 747 private PackageParser.Package getPackageLPr(String packageName) { 748 return mService.mPackages.get(packageName); 749 } 750 751 private PackageParser.Package getSystemPackageLPr(String packageName) { 752 PackageParser.Package pkg = getPackageLPr(packageName); 753 if (pkg != null && pkg.isSystemApp()) { 754 return !isSysComponentOrPersistentPlatformSignedPrivAppLPr(pkg) ? pkg : null; 755 } 756 return null; 757 } 758 759 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 760 int userId) { 761 grantRuntimePermissionsLPw(pkg, permissions, false, false, userId); 762 } 763 764 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 765 boolean systemFixed, int userId) { 766 grantRuntimePermissionsLPw(pkg, permissions, systemFixed, false, userId); 767 } 768 769 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 770 boolean systemFixed, boolean overrideUserChoice, int userId) { 771 if (pkg.requestedPermissions.isEmpty()) { 772 return; 773 } 774 775 List<String> requestedPermissions = pkg.requestedPermissions; 776 Set<String> grantablePermissions = null; 777 778 if (pkg.isUpdatedSystemApp()) { 779 PackageSetting sysPs = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName); 780 if (sysPs != null) { 781 if (sysPs.pkg.requestedPermissions.isEmpty()) { 782 return; 783 } 784 if (!requestedPermissions.equals(sysPs.pkg.requestedPermissions)) { 785 grantablePermissions = new ArraySet<>(requestedPermissions); 786 requestedPermissions = sysPs.pkg.requestedPermissions; 787 } 788 } 789 } 790 791 final int grantablePermissionCount = requestedPermissions.size(); 792 for (int i = 0; i < grantablePermissionCount; i++) { 793 String permission = requestedPermissions.get(i); 794 795 // If there is a disabled system app it may request a permission the updated 796 // version ot the data partition doesn't, In this case skip the permission. 797 if (grantablePermissions != null && !grantablePermissions.contains(permission)) { 798 continue; 799 } 800 801 if (permissions.contains(permission)) { 802 final int flags = mService.getPermissionFlags(permission, pkg.packageName, userId); 803 804 // If any flags are set to the permission, then it is either set in 805 // its current state by the system or device/profile owner or the user. 806 // In all these cases we do not want to clobber the current state. 807 // Unless the caller wants to override user choices. The override is 808 // to make sure we can grant the needed permission to the default 809 // sms and phone apps after the user chooses this in the UI. 810 if (flags == 0 || overrideUserChoice) { 811 // Never clobber policy or system. 812 final int fixedFlags = PackageManager.FLAG_PERMISSION_SYSTEM_FIXED 813 | PackageManager.FLAG_PERMISSION_POLICY_FIXED; 814 if ((flags & fixedFlags) != 0) { 815 continue; 816 } 817 818 mService.grantRuntimePermission(pkg.packageName, permission, userId); 819 if (DEBUG) { 820 Log.i(TAG, "Granted " + permission + " to default handler " 821 + pkg.packageName); 822 } 823 824 int newFlags = PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT; 825 if (systemFixed) { 826 newFlags |= PackageManager.FLAG_PERMISSION_SYSTEM_FIXED; 827 } 828 829 mService.updatePermissionFlags(permission, pkg.packageName, 830 newFlags, newFlags, userId); 831 } 832 } 833 } 834 } 835 836 private boolean isSysComponentOrPersistentPlatformSignedPrivAppLPr(PackageParser.Package pkg) { 837 if (UserHandle.getAppId(pkg.applicationInfo.uid) < FIRST_APPLICATION_UID) { 838 return true; 839 } 840 if (!pkg.isPrivilegedApp()) { 841 return false; 842 } 843 PackageSetting sysPkg = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName); 844 if (sysPkg != null) { 845 if ((sysPkg.pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) { 846 return false; 847 } 848 } else if ((pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) { 849 return false; 850 } 851 return PackageManagerService.compareSignatures(mService.mPlatformPackage.mSignatures, 852 pkg.mSignatures) == PackageManager.SIGNATURE_MATCH; 853 } 854 855 private static boolean doesPackageSupportRuntimePermissions(PackageParser.Package pkg) { 856 return pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1; 857 } 858} 859