DefaultPermissionGrantPolicy.java revision fce33d58d87fd494686aae4e21332b58ec260b73
1/* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.android.server.pm; 18 19import android.Manifest; 20import android.app.DownloadManager; 21import android.app.admin.DevicePolicyManager; 22import android.content.Intent; 23import android.content.pm.ApplicationInfo; 24import android.content.pm.PackageManager; 25import android.content.pm.PackageManagerInternal.PackagesProvider; 26import android.content.pm.PackageManagerInternal.SyncAdapterPackagesProvider; 27import android.content.pm.PackageParser; 28import android.content.pm.ProviderInfo; 29import android.content.pm.ResolveInfo; 30import android.net.Uri; 31import android.os.Build; 32import android.os.UserHandle; 33import android.provider.CalendarContract; 34import android.provider.ContactsContract; 35import android.provider.MediaStore; 36import android.provider.Telephony.Sms.Intents; 37import android.security.Credentials; 38import android.util.ArraySet; 39import android.util.Log; 40 41import java.io.File; 42import java.util.ArrayList; 43import java.util.List; 44import java.util.Set; 45 46import static android.os.Process.FIRST_APPLICATION_UID; 47 48/** 49 * This class is the policy for granting runtime permissions to 50 * platform components and default handlers in the system such 51 * that the device is usable out-of-the-box. For example, the 52 * shell UID is a part of the system and the Phone app should 53 * have phone related permission by default. 54 */ 55final class DefaultPermissionGrantPolicy { 56 private static final String TAG = "DefaultPermGrantPolicy"; // must be <= 23 chars 57 private static final boolean DEBUG = false; 58 59 private static final String AUDIO_MIME_TYPE = "audio/mpeg"; 60 61 private static final Set<String> PHONE_PERMISSIONS = new ArraySet<>(); 62 static { 63 PHONE_PERMISSIONS.add(Manifest.permission.READ_PHONE_STATE); 64 PHONE_PERMISSIONS.add(Manifest.permission.CALL_PHONE); 65 PHONE_PERMISSIONS.add(Manifest.permission.READ_CALL_LOG); 66 PHONE_PERMISSIONS.add(Manifest.permission.WRITE_CALL_LOG); 67 PHONE_PERMISSIONS.add(Manifest.permission.ADD_VOICEMAIL); 68 PHONE_PERMISSIONS.add(Manifest.permission.USE_SIP); 69 PHONE_PERMISSIONS.add(Manifest.permission.PROCESS_OUTGOING_CALLS); 70 } 71 72 private static final Set<String> CONTACTS_PERMISSIONS = new ArraySet<>(); 73 static { 74 CONTACTS_PERMISSIONS.add(Manifest.permission.READ_CONTACTS); 75 CONTACTS_PERMISSIONS.add(Manifest.permission.WRITE_CONTACTS); 76 CONTACTS_PERMISSIONS.add(Manifest.permission.GET_ACCOUNTS); 77 } 78 79 private static final Set<String> LOCATION_PERMISSIONS = new ArraySet<>(); 80 static { 81 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_FINE_LOCATION); 82 LOCATION_PERMISSIONS.add(Manifest.permission.ACCESS_COARSE_LOCATION); 83 } 84 85 private static final Set<String> CALENDAR_PERMISSIONS = new ArraySet<>(); 86 static { 87 CALENDAR_PERMISSIONS.add(Manifest.permission.READ_CALENDAR); 88 CALENDAR_PERMISSIONS.add(Manifest.permission.WRITE_CALENDAR); 89 } 90 91 private static final Set<String> SMS_PERMISSIONS = new ArraySet<>(); 92 static { 93 SMS_PERMISSIONS.add(Manifest.permission.SEND_SMS); 94 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_SMS); 95 SMS_PERMISSIONS.add(Manifest.permission.READ_SMS); 96 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_WAP_PUSH); 97 SMS_PERMISSIONS.add(Manifest.permission.RECEIVE_MMS); 98 SMS_PERMISSIONS.add(Manifest.permission.READ_CELL_BROADCASTS); 99 } 100 101 private static final Set<String> MICROPHONE_PERMISSIONS = new ArraySet<>(); 102 static { 103 MICROPHONE_PERMISSIONS.add(Manifest.permission.RECORD_AUDIO); 104 } 105 106 private static final Set<String> CAMERA_PERMISSIONS = new ArraySet<>(); 107 static { 108 CAMERA_PERMISSIONS.add(Manifest.permission.CAMERA); 109 } 110 111 private static final Set<String> SENSORS_PERMISSIONS = new ArraySet<>(); 112 static { 113 SENSORS_PERMISSIONS.add(Manifest.permission.BODY_SENSORS); 114 } 115 116 private static final Set<String> STORAGE_PERMISSIONS = new ArraySet<>(); 117 static { 118 STORAGE_PERMISSIONS.add(Manifest.permission.READ_EXTERNAL_STORAGE); 119 STORAGE_PERMISSIONS.add(Manifest.permission.WRITE_EXTERNAL_STORAGE); 120 } 121 122 private final PackageManagerService mService; 123 124 private PackagesProvider mImePackagesProvider; 125 private PackagesProvider mLocationPackagesProvider; 126 private PackagesProvider mVoiceInteractionPackagesProvider; 127 private PackagesProvider mSmsAppPackagesProvider; 128 private PackagesProvider mDialerAppPackagesProvider; 129 private PackagesProvider mSimCallManagerPackagesProvider; 130 private SyncAdapterPackagesProvider mSyncAdapterPackagesProvider; 131 132 public DefaultPermissionGrantPolicy(PackageManagerService service) { 133 mService = service; 134 } 135 136 public void setImePackagesProviderLPr(PackagesProvider provider) { 137 mImePackagesProvider = provider; 138 } 139 140 public void setLocationPackagesProviderLPw(PackagesProvider provider) { 141 mLocationPackagesProvider = provider; 142 } 143 144 public void setVoiceInteractionPackagesProviderLPw(PackagesProvider provider) { 145 mVoiceInteractionPackagesProvider = provider; 146 } 147 148 public void setSmsAppPackagesProviderLPw(PackagesProvider provider) { 149 mSmsAppPackagesProvider = provider; 150 } 151 152 public void setDialerAppPackagesProviderLPw(PackagesProvider provider) { 153 mDialerAppPackagesProvider = provider; 154 } 155 156 public void setSimCallManagerPackagesProviderLPw(PackagesProvider provider) { 157 mSimCallManagerPackagesProvider = provider; 158 } 159 160 public void setSyncAdapterPackagesProviderLPw(SyncAdapterPackagesProvider provider) { 161 mSyncAdapterPackagesProvider = provider; 162 } 163 164 public void grantDefaultPermissions(int userId) { 165 grantPermissionsToSysComponentsAndPrivApps(userId); 166 grantDefaultSystemHandlerPermissions(userId); 167 } 168 169 private void grantPermissionsToSysComponentsAndPrivApps(int userId) { 170 Log.i(TAG, "Granting permissions to platform components for user " + userId); 171 172 synchronized (mService.mPackages) { 173 for (PackageParser.Package pkg : mService.mPackages.values()) { 174 if (!isSysComponentOrPersistentPlatformSignedPrivAppLPr(pkg) 175 || !doesPackageSupportRuntimePermissions(pkg) 176 || pkg.requestedPermissions.isEmpty()) { 177 continue; 178 } 179 Set<String> permissions = new ArraySet<>(); 180 final int permissionCount = pkg.requestedPermissions.size(); 181 for (int i = 0; i < permissionCount; i++) { 182 String permission = pkg.requestedPermissions.get(i); 183 BasePermission bp = mService.mSettings.mPermissions.get(permission); 184 if (bp != null && bp.isRuntime()) { 185 permissions.add(permission); 186 } 187 } 188 if (!permissions.isEmpty()) { 189 grantRuntimePermissionsLPw(pkg, permissions, true, userId); 190 } 191 } 192 } 193 } 194 195 private void grantDefaultSystemHandlerPermissions(int userId) { 196 Log.i(TAG, "Granting permissions to default platform handlers for user " + userId); 197 198 final PackagesProvider imePackagesProvider; 199 final PackagesProvider locationPackagesProvider; 200 final PackagesProvider voiceInteractionPackagesProvider; 201 final PackagesProvider smsAppPackagesProvider; 202 final PackagesProvider dialerAppPackagesProvider; 203 final PackagesProvider simCallManagerPackagesProvider; 204 final SyncAdapterPackagesProvider syncAdapterPackagesProvider; 205 206 synchronized (mService.mPackages) { 207 imePackagesProvider = mImePackagesProvider; 208 locationPackagesProvider = mLocationPackagesProvider; 209 voiceInteractionPackagesProvider = mVoiceInteractionPackagesProvider; 210 smsAppPackagesProvider = mSmsAppPackagesProvider; 211 dialerAppPackagesProvider = mDialerAppPackagesProvider; 212 simCallManagerPackagesProvider = mSimCallManagerPackagesProvider; 213 syncAdapterPackagesProvider = mSyncAdapterPackagesProvider; 214 } 215 216 String[] imePackageNames = (imePackagesProvider != null) 217 ? imePackagesProvider.getPackages(userId) : null; 218 String[] voiceInteractPackageNames = (voiceInteractionPackagesProvider != null) 219 ? voiceInteractionPackagesProvider.getPackages(userId) : null; 220 String[] locationPackageNames = (locationPackagesProvider != null) 221 ? locationPackagesProvider.getPackages(userId) : null; 222 String[] smsAppPackageNames = (smsAppPackagesProvider != null) 223 ? smsAppPackagesProvider.getPackages(userId) : null; 224 String[] dialerAppPackageNames = (dialerAppPackagesProvider != null) 225 ? dialerAppPackagesProvider.getPackages(userId) : null; 226 String[] simCallManagerPackageNames = (simCallManagerPackagesProvider != null) 227 ? simCallManagerPackagesProvider.getPackages(userId) : null; 228 String[] contactsSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 229 syncAdapterPackagesProvider.getPackages(ContactsContract.AUTHORITY, userId) : null; 230 String[] calendarSyncAdapterPackages = (syncAdapterPackagesProvider != null) ? 231 syncAdapterPackagesProvider.getPackages(CalendarContract.AUTHORITY, userId) : null; 232 233 synchronized (mService.mPackages) { 234 // Installer 235 PackageParser.Package installerPackage = getSystemPackageLPr( 236 mService.mRequiredInstallerPackage); 237 if (installerPackage != null 238 && doesPackageSupportRuntimePermissions(installerPackage)) { 239 grantRuntimePermissionsLPw(installerPackage, STORAGE_PERMISSIONS, true, userId); 240 } 241 242 // Verifier 243 PackageParser.Package verifierPackage = getSystemPackageLPr( 244 mService.mRequiredVerifierPackage); 245 if (verifierPackage != null 246 && doesPackageSupportRuntimePermissions(verifierPackage)) { 247 grantRuntimePermissionsLPw(verifierPackage, STORAGE_PERMISSIONS, true, userId); 248 } 249 250 // SetupWizard 251 Intent setupIntent = new Intent(Intent.ACTION_MAIN); 252 setupIntent.addCategory(Intent.CATEGORY_SETUP_WIZARD); 253 PackageParser.Package setupPackage = getDefaultSystemHandlerActivityPackageLPr( 254 setupIntent, userId); 255 if (setupPackage != null 256 && doesPackageSupportRuntimePermissions(setupPackage)) { 257 grantRuntimePermissionsLPw(setupPackage, PHONE_PERMISSIONS, userId); 258 grantRuntimePermissionsLPw(setupPackage, CONTACTS_PERMISSIONS, userId); 259 } 260 261 // Camera 262 Intent cameraIntent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE); 263 PackageParser.Package cameraPackage = getDefaultSystemHandlerActivityPackageLPr( 264 cameraIntent, userId); 265 if (cameraPackage != null 266 && doesPackageSupportRuntimePermissions(cameraPackage)) { 267 grantRuntimePermissionsLPw(cameraPackage, CAMERA_PERMISSIONS, userId); 268 grantRuntimePermissionsLPw(cameraPackage, MICROPHONE_PERMISSIONS, userId); 269 grantRuntimePermissionsLPw(cameraPackage, STORAGE_PERMISSIONS, userId); 270 } 271 272 // Media provider 273 PackageParser.Package mediaStorePackage = getDefaultProviderAuthorityPackageLPr( 274 MediaStore.AUTHORITY, userId); 275 if (mediaStorePackage != null) { 276 grantRuntimePermissionsLPw(mediaStorePackage, STORAGE_PERMISSIONS, true, userId); 277 } 278 279 // Downloads provider 280 PackageParser.Package downloadsPackage = getDefaultProviderAuthorityPackageLPr( 281 "downloads", userId); 282 if (downloadsPackage != null) { 283 grantRuntimePermissionsLPw(downloadsPackage, STORAGE_PERMISSIONS, true, userId); 284 } 285 286 // Downloads UI 287 Intent downloadsUiIntent = new Intent(DownloadManager.ACTION_VIEW_DOWNLOADS); 288 PackageParser.Package downloadsUiPackage = getDefaultSystemHandlerActivityPackageLPr( 289 downloadsUiIntent, userId); 290 if (downloadsUiPackage != null 291 && doesPackageSupportRuntimePermissions(downloadsUiPackage)) { 292 grantRuntimePermissionsLPw(downloadsUiPackage, STORAGE_PERMISSIONS, true, userId); 293 } 294 295 // Storage provider 296 PackageParser.Package storagePackage = getDefaultProviderAuthorityPackageLPr( 297 "com.android.externalstorage.documents", userId); 298 if (storagePackage != null) { 299 grantRuntimePermissionsLPw(storagePackage, STORAGE_PERMISSIONS, true, userId); 300 } 301 302 // CertInstaller 303 Intent certInstallerIntent = new Intent(Credentials.INSTALL_ACTION); 304 PackageParser.Package certInstallerPackage = getDefaultSystemHandlerActivityPackageLPr( 305 certInstallerIntent, userId); 306 if (certInstallerPackage != null 307 && doesPackageSupportRuntimePermissions(certInstallerPackage)) { 308 grantRuntimePermissionsLPw(certInstallerPackage, STORAGE_PERMISSIONS, true, userId); 309 } 310 311 // Dialer 312 if (dialerAppPackageNames == null) { 313 Intent dialerIntent = new Intent(Intent.ACTION_DIAL); 314 PackageParser.Package dialerPackage = getDefaultSystemHandlerActivityPackageLPr( 315 dialerIntent, userId); 316 if (dialerPackage != null) { 317 grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId); 318 } 319 } else { 320 for (String dialerAppPackageName : dialerAppPackageNames) { 321 PackageParser.Package dialerPackage = getSystemPackageLPr(dialerAppPackageName); 322 if (dialerPackage != null) { 323 grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId); 324 } 325 } 326 } 327 328 // Sim call manager 329 if (simCallManagerPackageNames != null) { 330 for (String simCallManagerPackageName : simCallManagerPackageNames) { 331 PackageParser.Package simCallManagerPackage = 332 getSystemPackageLPr(simCallManagerPackageName); 333 if (simCallManagerPackage != null) { 334 grantDefaultPermissionsToDefaultSimCallManagerLPr(simCallManagerPackage, 335 userId); 336 } 337 } 338 } 339 340 // SMS 341 if (smsAppPackageNames == null) { 342 Intent smsIntent = new Intent(Intent.ACTION_MAIN); 343 smsIntent.addCategory(Intent.CATEGORY_APP_MESSAGING); 344 PackageParser.Package smsPackage = getDefaultSystemHandlerActivityPackageLPr( 345 smsIntent, userId); 346 if (smsPackage != null) { 347 grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId); 348 } 349 } else { 350 for (String smsPackageName : smsAppPackageNames) { 351 PackageParser.Package smsPackage = getSystemPackageLPr(smsPackageName); 352 if (smsPackage != null) { 353 grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId); 354 } 355 } 356 } 357 358 // Cell Broadcast Receiver 359 Intent cbrIntent = new Intent(Intents.SMS_CB_RECEIVED_ACTION); 360 PackageParser.Package cbrPackage = 361 getDefaultSystemHandlerActivityPackageLPr(cbrIntent, userId); 362 if (cbrPackage != null && doesPackageSupportRuntimePermissions(cbrPackage)) { 363 grantRuntimePermissionsLPw(cbrPackage, SMS_PERMISSIONS, userId); 364 } 365 366 // Carrier Provisioning Service 367 Intent carrierProvIntent = new Intent(Intents.SMS_CARRIER_PROVISION_ACTION); 368 PackageParser.Package carrierProvPackage = 369 getDefaultSystemHandlerServicePackageLPr(carrierProvIntent, userId); 370 if (carrierProvPackage != null && doesPackageSupportRuntimePermissions(carrierProvPackage)) { 371 grantRuntimePermissionsLPw(carrierProvPackage, SMS_PERMISSIONS, false, userId); 372 } 373 374 // Calendar 375 Intent calendarIntent = new Intent(Intent.ACTION_MAIN); 376 calendarIntent.addCategory(Intent.CATEGORY_APP_CALENDAR); 377 PackageParser.Package calendarPackage = getDefaultSystemHandlerActivityPackageLPr( 378 calendarIntent, userId); 379 if (calendarPackage != null 380 && doesPackageSupportRuntimePermissions(calendarPackage)) { 381 grantRuntimePermissionsLPw(calendarPackage, CALENDAR_PERMISSIONS, userId); 382 grantRuntimePermissionsLPw(calendarPackage, CONTACTS_PERMISSIONS, userId); 383 } 384 385 // Calendar provider 386 PackageParser.Package calendarProviderPackage = getDefaultProviderAuthorityPackageLPr( 387 CalendarContract.AUTHORITY, userId); 388 if (calendarProviderPackage != null) { 389 grantRuntimePermissionsLPw(calendarProviderPackage, CONTACTS_PERMISSIONS, userId); 390 grantRuntimePermissionsLPw(calendarProviderPackage, CALENDAR_PERMISSIONS, 391 true, userId); 392 grantRuntimePermissionsLPw(calendarProviderPackage, STORAGE_PERMISSIONS, userId); 393 } 394 395 // Calendar provider sync adapters 396 List<PackageParser.Package> calendarSyncAdapters = getHeadlessSyncAdapterPackagesLPr( 397 calendarSyncAdapterPackages, userId); 398 final int calendarSyncAdapterCount = calendarSyncAdapters.size(); 399 for (int i = 0; i < calendarSyncAdapterCount; i++) { 400 PackageParser.Package calendarSyncAdapter = calendarSyncAdapters.get(i); 401 if (doesPackageSupportRuntimePermissions(calendarSyncAdapter)) { 402 grantRuntimePermissionsLPw(calendarSyncAdapter, CALENDAR_PERMISSIONS, userId); 403 } 404 } 405 406 // Contacts 407 Intent contactsIntent = new Intent(Intent.ACTION_MAIN); 408 contactsIntent.addCategory(Intent.CATEGORY_APP_CONTACTS); 409 PackageParser.Package contactsPackage = getDefaultSystemHandlerActivityPackageLPr( 410 contactsIntent, userId); 411 if (contactsPackage != null 412 && doesPackageSupportRuntimePermissions(contactsPackage)) { 413 grantRuntimePermissionsLPw(contactsPackage, CONTACTS_PERMISSIONS, userId); 414 grantRuntimePermissionsLPw(contactsPackage, PHONE_PERMISSIONS, userId); 415 } 416 417 // Contacts provider sync adapters 418 List<PackageParser.Package> contactsSyncAdapters = getHeadlessSyncAdapterPackagesLPr( 419 contactsSyncAdapterPackages, userId); 420 final int contactsSyncAdapterCount = contactsSyncAdapters.size(); 421 for (int i = 0; i < contactsSyncAdapterCount; i++) { 422 PackageParser.Package contactsSyncAdapter = contactsSyncAdapters.get(i); 423 if (doesPackageSupportRuntimePermissions(contactsSyncAdapter)) { 424 grantRuntimePermissionsLPw(contactsSyncAdapter, CONTACTS_PERMISSIONS, userId); 425 } 426 } 427 428 // Contacts provider 429 PackageParser.Package contactsProviderPackage = getDefaultProviderAuthorityPackageLPr( 430 ContactsContract.AUTHORITY, userId); 431 if (contactsProviderPackage != null) { 432 grantRuntimePermissionsLPw(contactsProviderPackage, CONTACTS_PERMISSIONS, 433 true, userId); 434 grantRuntimePermissionsLPw(contactsProviderPackage, PHONE_PERMISSIONS, 435 true, userId); 436 grantRuntimePermissionsLPw(contactsProviderPackage, STORAGE_PERMISSIONS, userId); 437 } 438 439 // Device provisioning 440 Intent deviceProvisionIntent = new Intent( 441 DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE); 442 PackageParser.Package deviceProvisionPackage = 443 getDefaultSystemHandlerActivityPackageLPr(deviceProvisionIntent, userId); 444 if (deviceProvisionPackage != null 445 && doesPackageSupportRuntimePermissions(deviceProvisionPackage)) { 446 grantRuntimePermissionsLPw(deviceProvisionPackage, CONTACTS_PERMISSIONS, userId); 447 } 448 449 // Maps 450 Intent mapsIntent = new Intent(Intent.ACTION_MAIN); 451 mapsIntent.addCategory(Intent.CATEGORY_APP_MAPS); 452 PackageParser.Package mapsPackage = getDefaultSystemHandlerActivityPackageLPr( 453 mapsIntent, userId); 454 if (mapsPackage != null 455 && doesPackageSupportRuntimePermissions(mapsPackage)) { 456 grantRuntimePermissionsLPw(mapsPackage, LOCATION_PERMISSIONS, userId); 457 } 458 459 // Gallery 460 Intent galleryIntent = new Intent(Intent.ACTION_MAIN); 461 galleryIntent.addCategory(Intent.CATEGORY_APP_GALLERY); 462 PackageParser.Package galleryPackage = getDefaultSystemHandlerActivityPackageLPr( 463 galleryIntent, userId); 464 if (galleryPackage != null 465 && doesPackageSupportRuntimePermissions(galleryPackage)) { 466 grantRuntimePermissionsLPw(galleryPackage, STORAGE_PERMISSIONS, userId); 467 } 468 469 // Email 470 Intent emailIntent = new Intent(Intent.ACTION_MAIN); 471 emailIntent.addCategory(Intent.CATEGORY_APP_EMAIL); 472 PackageParser.Package emailPackage = getDefaultSystemHandlerActivityPackageLPr( 473 emailIntent, userId); 474 if (emailPackage != null 475 && doesPackageSupportRuntimePermissions(emailPackage)) { 476 grantRuntimePermissionsLPw(emailPackage, CONTACTS_PERMISSIONS, userId); 477 } 478 479 // Browser 480 PackageParser.Package browserPackage = null; 481 String defaultBrowserPackage = mService.getDefaultBrowserPackageName(userId); 482 if (defaultBrowserPackage != null) { 483 browserPackage = getPackageLPr(defaultBrowserPackage); 484 } 485 if (browserPackage == null) { 486 Intent browserIntent = new Intent(Intent.ACTION_MAIN); 487 browserIntent.addCategory(Intent.CATEGORY_APP_BROWSER); 488 browserPackage = getDefaultSystemHandlerActivityPackageLPr( 489 browserIntent, userId); 490 } 491 if (browserPackage != null 492 && doesPackageSupportRuntimePermissions(browserPackage)) { 493 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, userId); 494 } 495 496 // IME 497 if (imePackageNames != null) { 498 for (String imePackageName : imePackageNames) { 499 PackageParser.Package imePackage = getSystemPackageLPr(imePackageName); 500 if (imePackage != null 501 && doesPackageSupportRuntimePermissions(imePackage)) { 502 grantRuntimePermissionsLPw(imePackage, CONTACTS_PERMISSIONS, userId); 503 } 504 } 505 } 506 507 // Voice interaction 508 if (voiceInteractPackageNames != null) { 509 for (String voiceInteractPackageName : voiceInteractPackageNames) { 510 PackageParser.Package voiceInteractPackage = getSystemPackageLPr( 511 voiceInteractPackageName); 512 if (voiceInteractPackage != null 513 && doesPackageSupportRuntimePermissions(voiceInteractPackage)) { 514 grantRuntimePermissionsLPw(voiceInteractPackage, 515 CONTACTS_PERMISSIONS, userId); 516 grantRuntimePermissionsLPw(voiceInteractPackage, 517 CALENDAR_PERMISSIONS, userId); 518 grantRuntimePermissionsLPw(voiceInteractPackage, 519 MICROPHONE_PERMISSIONS, userId); 520 grantRuntimePermissionsLPw(voiceInteractPackage, 521 PHONE_PERMISSIONS, userId); 522 grantRuntimePermissionsLPw(voiceInteractPackage, 523 SMS_PERMISSIONS, userId); 524 grantRuntimePermissionsLPw(voiceInteractPackage, 525 LOCATION_PERMISSIONS, userId); 526 } 527 } 528 } 529 530 // Voice recognition 531 Intent voiceRecoIntent = new Intent("android.speech.RecognitionService"); 532 voiceRecoIntent.addCategory(Intent.CATEGORY_DEFAULT); 533 PackageParser.Package voiceRecoPackage = getDefaultSystemHandlerServicePackageLPr( 534 voiceRecoIntent, userId); 535 if (voiceRecoPackage != null 536 && doesPackageSupportRuntimePermissions(voiceRecoPackage)) { 537 grantRuntimePermissionsLPw(voiceRecoPackage, MICROPHONE_PERMISSIONS, userId); 538 } 539 540 // Location 541 if (locationPackageNames != null) { 542 for (String packageName : locationPackageNames) { 543 PackageParser.Package locationPackage = getSystemPackageLPr(packageName); 544 if (locationPackage != null 545 && doesPackageSupportRuntimePermissions(locationPackage)) { 546 grantRuntimePermissionsLPw(locationPackage, CONTACTS_PERMISSIONS, userId); 547 grantRuntimePermissionsLPw(locationPackage, CALENDAR_PERMISSIONS, userId); 548 grantRuntimePermissionsLPw(locationPackage, MICROPHONE_PERMISSIONS, userId); 549 grantRuntimePermissionsLPw(locationPackage, PHONE_PERMISSIONS, userId); 550 grantRuntimePermissionsLPw(locationPackage, SMS_PERMISSIONS, userId); 551 grantRuntimePermissionsLPw(locationPackage, LOCATION_PERMISSIONS, 552 true, userId); 553 grantRuntimePermissionsLPw(locationPackage, CAMERA_PERMISSIONS, userId); 554 grantRuntimePermissionsLPw(locationPackage, SENSORS_PERMISSIONS, userId); 555 grantRuntimePermissionsLPw(locationPackage, STORAGE_PERMISSIONS, userId); 556 } 557 } 558 } 559 560 // Music 561 Intent musicIntent = new Intent(Intent.ACTION_VIEW); 562 musicIntent.addCategory(Intent.CATEGORY_DEFAULT); 563 musicIntent.setDataAndType(Uri.fromFile(new File("foo.mp3")), 564 AUDIO_MIME_TYPE); 565 PackageParser.Package musicPackage = getDefaultSystemHandlerActivityPackageLPr( 566 musicIntent, userId); 567 if (musicPackage != null 568 && doesPackageSupportRuntimePermissions(musicPackage)) { 569 grantRuntimePermissionsLPw(musicPackage, STORAGE_PERMISSIONS, userId); 570 } 571 572 mService.mSettings.onDefaultRuntimePermissionsGrantedLPr(userId); 573 } 574 } 575 576 private void grantDefaultPermissionsToDefaultSystemDialerAppLPr( 577 PackageParser.Package dialerPackage, int userId) { 578 if (doesPackageSupportRuntimePermissions(dialerPackage)) { 579 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, userId); 580 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, userId); 581 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, userId); 582 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, userId); 583 } 584 } 585 586 private void grantDefaultPermissionsToDefaultSystemSmsAppLPr( 587 PackageParser.Package smsPackage, int userId) { 588 if (doesPackageSupportRuntimePermissions(smsPackage)) { 589 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, userId); 590 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, userId); 591 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, userId); 592 } 593 } 594 595 public void grantDefaultPermissionsToDefaultSmsAppLPr(String packageName, int userId) { 596 Log.i(TAG, "Granting permissions to default sms app for user:" + userId); 597 if (packageName == null) { 598 return; 599 } 600 PackageParser.Package smsPackage = getPackageLPr(packageName); 601 if (smsPackage != null && doesPackageSupportRuntimePermissions(smsPackage)) { 602 grantRuntimePermissionsLPw(smsPackage, PHONE_PERMISSIONS, false, true, userId); 603 grantRuntimePermissionsLPw(smsPackage, CONTACTS_PERMISSIONS, false, true, userId); 604 grantRuntimePermissionsLPw(smsPackage, SMS_PERMISSIONS, false, true, userId); 605 } 606 } 607 608 public void grantDefaultPermissionsToDefaultDialerAppLPr(String packageName, int userId) { 609 Log.i(TAG, "Granting permissions to default dialer app for user:" + userId); 610 if (packageName == null) { 611 return; 612 } 613 PackageParser.Package dialerPackage = getPackageLPr(packageName); 614 if (dialerPackage != null 615 && doesPackageSupportRuntimePermissions(dialerPackage)) { 616 grantRuntimePermissionsLPw(dialerPackage, PHONE_PERMISSIONS, false, true, userId); 617 grantRuntimePermissionsLPw(dialerPackage, CONTACTS_PERMISSIONS, false, true, userId); 618 grantRuntimePermissionsLPw(dialerPackage, SMS_PERMISSIONS, false, true, userId); 619 grantRuntimePermissionsLPw(dialerPackage, MICROPHONE_PERMISSIONS, false, true, userId); 620 } 621 } 622 623 private void grantDefaultPermissionsToDefaultSimCallManagerLPr( 624 PackageParser.Package simCallManagerPackage, int userId) { 625 Log.i(TAG, "Granting permissions to sim call manager for user:" + userId); 626 if (doesPackageSupportRuntimePermissions(simCallManagerPackage)) { 627 grantRuntimePermissionsLPw(simCallManagerPackage, PHONE_PERMISSIONS, userId); 628 grantRuntimePermissionsLPw(simCallManagerPackage, MICROPHONE_PERMISSIONS, userId); 629 } 630 } 631 632 public void grantDefaultPermissionsToDefaultSimCallManagerLPr(String packageName, int userId) { 633 if (packageName == null) { 634 return; 635 } 636 PackageParser.Package simCallManagerPackage = getPackageLPr(packageName); 637 if (simCallManagerPackage != null) { 638 grantDefaultPermissionsToDefaultSimCallManagerLPr(simCallManagerPackage, userId); 639 } 640 } 641 642 public void grantDefaultPermissionsToEnabledCarrierAppsLPr(String[] packageNames, int userId) { 643 Log.i(TAG, "Granting permissions to enabled carrier apps for user:" + userId); 644 if (packageNames == null) { 645 return; 646 } 647 for (String packageName : packageNames) { 648 PackageParser.Package carrierPackage = getSystemPackageLPr(packageName); 649 if (carrierPackage != null 650 && doesPackageSupportRuntimePermissions(carrierPackage)) { 651 grantRuntimePermissionsLPw(carrierPackage, PHONE_PERMISSIONS, userId); 652 grantRuntimePermissionsLPw(carrierPackage, LOCATION_PERMISSIONS, userId); 653 grantRuntimePermissionsLPw(carrierPackage, SMS_PERMISSIONS, userId); 654 } 655 } 656 } 657 658 public void grantDefaultPermissionsToDefaultBrowserLPr(String packageName, int userId) { 659 Log.i(TAG, "Granting permissions to default browser for user:" + userId); 660 if (packageName == null) { 661 return; 662 } 663 PackageParser.Package browserPackage = getSystemPackageLPr(packageName); 664 if (browserPackage != null 665 && doesPackageSupportRuntimePermissions(browserPackage)) { 666 grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, false, false, userId); 667 } 668 } 669 670 private PackageParser.Package getDefaultSystemHandlerActivityPackageLPr( 671 Intent intent, int userId) { 672 ResolveInfo handler = mService.resolveIntent(intent, 673 intent.resolveType(mService.mContext.getContentResolver()), 0, userId); 674 if (handler == null) { 675 return null; 676 } 677 return getSystemPackageLPr(handler.activityInfo.packageName); 678 } 679 680 private PackageParser.Package getDefaultSystemHandlerServicePackageLPr( 681 Intent intent, int userId) { 682 List<ResolveInfo> handlers = mService.queryIntentServices(intent, 683 intent.resolveType(mService.mContext.getContentResolver()), 0, userId); 684 if (handlers == null) { 685 return null; 686 } 687 final int handlerCount = handlers.size(); 688 for (int i = 0; i < handlerCount; i++) { 689 ResolveInfo handler = handlers.get(i); 690 PackageParser.Package handlerPackage = getSystemPackageLPr( 691 handler.serviceInfo.packageName); 692 if (handlerPackage != null) { 693 return handlerPackage; 694 } 695 } 696 return null; 697 } 698 699 private List<PackageParser.Package> getHeadlessSyncAdapterPackagesLPr( 700 String[] syncAdapterPackageNames, int userId) { 701 List<PackageParser.Package> syncAdapterPackages = new ArrayList<>(); 702 703 Intent homeIntent = new Intent(Intent.ACTION_MAIN); 704 homeIntent.addCategory(Intent.CATEGORY_LAUNCHER); 705 706 for (String syncAdapterPackageName : syncAdapterPackageNames) { 707 homeIntent.setPackage(syncAdapterPackageName); 708 709 ResolveInfo homeActivity = mService.resolveIntent(homeIntent, 710 homeIntent.resolveType(mService.mContext.getContentResolver()), 0, userId); 711 if (homeActivity != null) { 712 continue; 713 } 714 715 PackageParser.Package syncAdapterPackage = getSystemPackageLPr(syncAdapterPackageName); 716 if (syncAdapterPackage != null) { 717 syncAdapterPackages.add(syncAdapterPackage); 718 } 719 } 720 721 return syncAdapterPackages; 722 } 723 724 private PackageParser.Package getDefaultProviderAuthorityPackageLPr( 725 String authority, int userId) { 726 ProviderInfo provider = mService.resolveContentProvider(authority, 0, userId); 727 if (provider != null) { 728 return getSystemPackageLPr(provider.packageName); 729 } 730 return null; 731 } 732 733 private PackageParser.Package getPackageLPr(String packageName) { 734 return mService.mPackages.get(packageName); 735 } 736 737 private PackageParser.Package getSystemPackageLPr(String packageName) { 738 PackageParser.Package pkg = getPackageLPr(packageName); 739 if (pkg != null && pkg.isSystemApp()) { 740 return !isSysComponentOrPersistentPlatformSignedPrivAppLPr(pkg) ? pkg : null; 741 } 742 return null; 743 } 744 745 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 746 int userId) { 747 grantRuntimePermissionsLPw(pkg, permissions, false, false, userId); 748 } 749 750 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 751 boolean systemFixed, int userId) { 752 grantRuntimePermissionsLPw(pkg, permissions, systemFixed, false, userId); 753 } 754 755 private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions, 756 boolean systemFixed, boolean overrideUserChoice, int userId) { 757 if (pkg.requestedPermissions.isEmpty()) { 758 return; 759 } 760 761 List<String> requestedPermissions = pkg.requestedPermissions; 762 Set<String> grantablePermissions = null; 763 764 if (pkg.isUpdatedSystemApp()) { 765 PackageSetting sysPs = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName); 766 if (sysPs != null) { 767 if (sysPs.pkg.requestedPermissions.isEmpty()) { 768 return; 769 } 770 if (!requestedPermissions.equals(sysPs.pkg.requestedPermissions)) { 771 grantablePermissions = new ArraySet<>(requestedPermissions); 772 requestedPermissions = sysPs.pkg.requestedPermissions; 773 } 774 } 775 } 776 777 final int grantablePermissionCount = requestedPermissions.size(); 778 for (int i = 0; i < grantablePermissionCount; i++) { 779 String permission = requestedPermissions.get(i); 780 781 // If there is a disabled system app it may request a permission the updated 782 // version ot the data partition doesn't, In this case skip the permission. 783 if (grantablePermissions != null && !grantablePermissions.contains(permission)) { 784 continue; 785 } 786 787 if (permissions.contains(permission)) { 788 final int flags = mService.getPermissionFlags(permission, pkg.packageName, userId); 789 790 // If any flags are set to the permission, then it is either set in 791 // its current state by the system or device/profile owner or the user. 792 // In all these cases we do not want to clobber the current state. 793 // Unless the caller wants to override user choices. The override is 794 // to make sure we can grant the needed permission to the default 795 // sms and phone apps after the user chooses this in the UI. 796 if (flags == 0 || overrideUserChoice) { 797 // Never clobber policy or system. 798 final int fixedFlags = PackageManager.FLAG_PERMISSION_SYSTEM_FIXED 799 | PackageManager.FLAG_PERMISSION_POLICY_FIXED; 800 if ((flags & fixedFlags) != 0) { 801 continue; 802 } 803 804 mService.grantRuntimePermission(pkg.packageName, permission, userId); 805 if (DEBUG) { 806 Log.i(TAG, "Granted " + permission + " to default handler " 807 + pkg.packageName); 808 } 809 810 int newFlags = PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT; 811 if (systemFixed) { 812 newFlags |= PackageManager.FLAG_PERMISSION_SYSTEM_FIXED; 813 } 814 815 mService.updatePermissionFlags(permission, pkg.packageName, 816 newFlags, newFlags, userId); 817 } 818 } 819 } 820 } 821 822 private boolean isSysComponentOrPersistentPlatformSignedPrivAppLPr(PackageParser.Package pkg) { 823 if (UserHandle.getAppId(pkg.applicationInfo.uid) < FIRST_APPLICATION_UID) { 824 return true; 825 } 826 if (!pkg.isPrivilegedApp()) { 827 return false; 828 } 829 PackageSetting sysPkg = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName); 830 if (sysPkg != null) { 831 if ((sysPkg.pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) { 832 return false; 833 } 834 } else if ((pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) { 835 return false; 836 } 837 return PackageManagerService.compareSignatures(mService.mPlatformPackage.mSignatures, 838 pkg.mSignatures) == PackageManager.SIGNATURE_MATCH; 839 } 840 841 private static boolean doesPackageSupportRuntimePermissions(PackageParser.Package pkg) { 842 return pkg.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1; 843 } 844} 845