1 /* 2 * Copyright (C) 2019 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.pm.permission; 18 19 import android.annotation.NonNull; 20 import android.annotation.Nullable; 21 import android.annotation.UserIdInt; 22 import android.app.AppOpsManager; 23 import android.content.pm.PackageInstaller.SessionParams; 24 import android.content.pm.PermissionInfo; 25 import android.permission.PermissionManagerInternal; 26 import android.util.ArrayMap; 27 28 import com.android.internal.util.function.QuadFunction; 29 import com.android.internal.util.function.TriFunction; 30 import com.android.server.pm.pkg.AndroidPackage; 31 import com.android.server.pm.pkg.PackageState; 32 33 import java.util.ArrayList; 34 import java.util.Collections; 35 import java.util.List; 36 import java.util.Objects; 37 import java.util.Set; 38 39 /** 40 * Internal interfaces services. 41 * 42 * TODO: Move into module. 43 */ 44 public interface PermissionManagerServiceInternal extends PermissionManagerInternal, 45 LegacyPermissionDataProvider { 46 /** 47 * Check whether a particular package has been granted a particular permission. 48 * 49 * @param packageName the name of the package you are checking against 50 * @param permissionName the name of the permission you are checking for 51 * @param persistentDeviceId the persistent device ID to check permission for 52 * @param userId the user ID 53 * @return {@code PERMISSION_GRANTED} if the permission is granted, or {@code PERMISSION_DENIED} 54 * otherwise 55 */ 56 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) checkPermission(@onNull String packageName, @NonNull String permissionName, @NonNull String persistentDeviceId, @UserIdInt int userId)57 int checkPermission(@NonNull String packageName, @NonNull String permissionName, 58 @NonNull String persistentDeviceId, @UserIdInt int userId); 59 60 /** 61 * Check whether a particular UID has been granted a particular permission. 62 * 63 * @param uid the UID 64 * @param permissionName the name of the permission you are checking for 65 * @param deviceId the device for which you are checking the permission 66 * @return {@code PERMISSION_GRANTED} if the permission is granted, or {@code PERMISSION_DENIED} 67 * otherwise 68 */ 69 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) checkUidPermission(int uid, @NonNull String permissionName, int deviceId)70 int checkUidPermission(int uid, @NonNull String permissionName, int deviceId); 71 72 /** 73 * Get whether permission review is required for a package. 74 * 75 * @param packageName the name of the package 76 * @param userId the user ID 77 * @return whether permission review is required 78 */ 79 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) isPermissionsReviewRequired(@onNull String packageName, @UserIdInt int userId)80 boolean isPermissionsReviewRequired(@NonNull String packageName, @UserIdInt int userId); 81 82 /** 83 * Reset the runtime permission state changes for a package. 84 * 85 * TODO(zhanghai): Turn this into package change callback? 86 * 87 * @param pkg the package 88 * @param userId the user ID 89 */ 90 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) resetRuntimePermissions(@onNull AndroidPackage pkg, @UserIdInt int userId)91 void resetRuntimePermissions(@NonNull AndroidPackage pkg, @UserIdInt int userId); 92 93 /** 94 * Reset the runtime permission state changes for all packages in a user. 95 * 96 * @param userId the user ID 97 */ 98 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) resetRuntimePermissionsForUser(@serIdInt int userId)99 void resetRuntimePermissionsForUser(@UserIdInt int userId); 100 101 /** 102 * Read legacy permission state from package settings. 103 * 104 * TODO(zhanghai): This is a temporary method because we should not expose 105 * {@code PackageSetting} which is a implementation detail that permission should not know. 106 * Instead, it should retrieve the legacy state via a defined API. 107 */ readLegacyPermissionStateTEMP()108 void readLegacyPermissionStateTEMP(); 109 110 /** 111 * Write legacy permission state to package settings. 112 * 113 * TODO(zhanghai): This is a temporary method and should be removed once we migrated persistence 114 * for permission. 115 */ writeLegacyPermissionStateTEMP()116 void writeLegacyPermissionStateTEMP(); 117 118 /** 119 * Get all the permissions definitions from a package that's installed in the system. 120 * <p> 121 * A permission definition in a normal app may not be installed if it's overridden by the 122 * platform or system app that contains a conflicting definition after system upgrade. 123 * 124 * @param packageName the name of the package 125 * @return the names of the installed permissions 126 */ 127 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 128 @NonNull getInstalledPermissions(@onNull String packageName)129 Set<String> getInstalledPermissions(@NonNull String packageName); 130 131 /** 132 * Get all the permissions granted to a package. 133 * 134 * @param packageName the name of the package 135 * @param userId the user ID 136 * @return the names of the granted permissions 137 */ 138 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 139 @NonNull getGrantedPermissions(@onNull String packageName, @UserIdInt int userId)140 Set<String> getGrantedPermissions(@NonNull String packageName, @UserIdInt int userId); 141 142 /** 143 * Get the GIDs of a permission. 144 * 145 * @param permissionName the name of the permission 146 * @param userId the user ID 147 * @return the GIDs of the permission 148 */ 149 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 150 @NonNull getPermissionGids(@onNull String permissionName, @UserIdInt int userId)151 int[] getPermissionGids(@NonNull String permissionName, @UserIdInt int userId); 152 153 /** 154 * Get the packages that have requested an app op permission. 155 * 156 * @param permissionName the name of the app op permission 157 * @return the names of the packages that have requested the app op permission 158 */ 159 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 160 @NonNull getAppOpPermissionPackages(@onNull String permissionName)161 String[] getAppOpPermissionPackages(@NonNull String permissionName); 162 163 /** HACK HACK methods to allow for partial migration of data to the PermissionManager class */ 164 @Nullable getPermissionTEMP(@onNull String permName)165 Permission getPermissionTEMP(@NonNull String permName); 166 167 /** Get all permissions that have a certain protection */ 168 @NonNull getAllPermissionsWithProtection( @ermissionInfo.Protection int protection)169 List<PermissionInfo> getAllPermissionsWithProtection( 170 @PermissionInfo.Protection int protection); 171 172 /** Get all permissions that have certain protection flags 173 * @return*/ getAllPermissionsWithProtectionFlags( @ermissionInfo.ProtectionFlags int protectionFlags)174 @NonNull List<PermissionInfo> getAllPermissionsWithProtectionFlags( 175 @PermissionInfo.ProtectionFlags int protectionFlags); 176 177 /** 178 * Sets the current check permission delegate 179 */ setCheckPermissionDelegate(CheckPermissionDelegate delegate)180 void setCheckPermissionDelegate(CheckPermissionDelegate delegate); 181 182 /** 183 * Interface to intercept permission checks and optionally pass through to the original 184 * implementation. 185 */ 186 interface CheckPermissionDelegate { 187 188 /** 189 * Check whether the given package has been granted the specified permission. 190 * 191 * @param packageName the name of the package to be checked 192 * @param permissionName the name of the permission to be checked 193 * @param persistentDeviceId The persistent device ID 194 * @param userId the user ID 195 * @param superImpl the original implementation that can be delegated to 196 * @return {@link android.content.pm.PackageManager#PERMISSION_GRANTED} if the package has 197 * the permission, or {@link android.content.pm.PackageManager#PERMISSION_DENIED} otherwise 198 * 199 * @see android.content.pm.PackageManager#checkPermission(String, String) 200 */ checkPermission(@onNull String packageName, @NonNull String permissionName, @NonNull String persistentDeviceId, @UserIdInt int userId, @NonNull QuadFunction<String, String, String, Integer, Integer> superImpl)201 int checkPermission(@NonNull String packageName, @NonNull String permissionName, 202 @NonNull String persistentDeviceId, @UserIdInt int userId, 203 @NonNull QuadFunction<String, String, String, Integer, Integer> superImpl); 204 205 /** 206 * Check whether the given UID has been granted the specified permission. 207 * 208 * @param uid the UID to be checked 209 * @param permissionName the name of the permission to be checked 210 * @param persistentDeviceId The persistent device ID 211 * @param superImpl the original implementation that can be delegated to 212 * @return {@link android.content.pm.PackageManager#PERMISSION_GRANTED} if the package has 213 * the permission, or {@link android.content.pm.PackageManager#PERMISSION_DENIED} otherwise 214 */ checkUidPermission(int uid, @NonNull String permissionName, @NonNull String persistentDeviceId, @NonNull TriFunction<Integer, String, String, Integer> superImpl)215 int checkUidPermission(int uid, @NonNull String permissionName, 216 @NonNull String persistentDeviceId, 217 @NonNull TriFunction<Integer, String, String, Integer> superImpl); 218 } 219 220 /** 221 * Read legacy permissions from legacy permission settings. 222 * 223 * TODO(zhanghai): This is a temporary method because we should not expose 224 * {@code LegacyPermissionSettings} which is a implementation detail that permission should not 225 * know. Instead, it should retrieve the legacy permissions via a defined API. 226 */ readLegacyPermissionsTEMP(@onNull LegacyPermissionSettings legacyPermissionSettings)227 void readLegacyPermissionsTEMP(@NonNull LegacyPermissionSettings legacyPermissionSettings); 228 229 /** 230 * Write legacy permissions to legacy permission settings. 231 * 232 * TODO(zhanghai): This is a temporary method and should be removed once we migrated persistence 233 * for permission. 234 */ writeLegacyPermissionsTEMP(@onNull LegacyPermissionSettings legacyPermissionSettings)235 void writeLegacyPermissionsTEMP(@NonNull LegacyPermissionSettings legacyPermissionSettings); 236 237 /** 238 * Get the fingerprint for default permission grants. 239 */ 240 @Nullable getDefaultPermissionGrantFingerprint(@serIdInt int userId)241 String getDefaultPermissionGrantFingerprint(@UserIdInt int userId); 242 243 /** 244 * Set the fingerprint for default permission grants. 245 */ setDefaultPermissionGrantFingerprint(@onNull String fingerprint, @UserIdInt int userId)246 void setDefaultPermissionGrantFingerprint(@NonNull String fingerprint, @UserIdInt int userId); 247 248 /** 249 * Callback when the system is ready. 250 */ 251 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onSystemReady()252 void onSystemReady(); 253 254 /** 255 * Callback when a storage volume is mounted, so that all packages on it become available. 256 * 257 * @param volumeUuid the UUID of the storage volume 258 * @param fingerprintChanged whether the current build fingerprint is different from what it was 259 * when this volume was last mounted 260 */ 261 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onStorageVolumeMounted(@onNull String volumeUuid, boolean fingerprintChanged)262 void onStorageVolumeMounted(@NonNull String volumeUuid, boolean fingerprintChanged); 263 264 /** 265 * Callback when a user has been created. 266 * 267 * @param userId the created user ID 268 */ 269 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onUserCreated(@serIdInt int userId)270 void onUserCreated(@UserIdInt int userId); 271 272 /** 273 * Callback when a user has been removed. 274 * 275 * @param userId the removed user ID 276 */ 277 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onUserRemoved(@serIdInt int userId)278 void onUserRemoved(@UserIdInt int userId); 279 280 /** 281 * Callback when a package has been added. 282 * 283 * @param packageState the added package 284 * @param isInstantApp whether the added package is an instant app 285 * @param oldPkg the old package, or {@code null} if none 286 */ 287 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageAdded(@onNull PackageState packageState, boolean isInstantApp, @Nullable AndroidPackage oldPkg)288 void onPackageAdded(@NonNull PackageState packageState, 289 boolean isInstantApp, @Nullable AndroidPackage oldPkg); 290 291 /** 292 * Callback when a package has been installed for a user. 293 * 294 * @param pkg the installed package 295 * @param previousAppId the previous app ID if the package is leaving a shared UID, 296 * or Process.INVALID_UID 297 * @param params the parameters passed in for package installation 298 * @param userId the user ID this package is installed for 299 */ 300 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageInstalled(@onNull AndroidPackage pkg, int previousAppId, @NonNull PackageInstalledParams params, @UserIdInt int userId)301 void onPackageInstalled(@NonNull AndroidPackage pkg, int previousAppId, 302 @NonNull PackageInstalledParams params, 303 @UserIdInt int userId); 304 305 /** 306 * Callback when a package has been removed. 307 * 308 * @param pkg the removed package 309 */ 310 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageRemoved(@onNull AndroidPackage pkg)311 void onPackageRemoved(@NonNull AndroidPackage pkg); 312 313 /** 314 * Callback when a package has been uninstalled. 315 * <p> 316 * The package may have been fully removed from the system, or only marked as uninstalled for 317 * this user but still instlaled for other users. 318 * 319 * @param packageName the name of the uninstalled package 320 * @param appId the app ID of the uninstalled package 321 * @param packageState the uninstalled package, or {@code null} if unavailable 322 * @param sharedUserPkgs the packages that are in the same shared user 323 * @param userId the user ID the package is uninstalled for 324 */ 325 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageUninstalled(@onNull String packageName, int appId, @Nullable PackageState packageState, @Nullable AndroidPackage pkg, @NonNull List<AndroidPackage> sharedUserPkgs, @UserIdInt int userId)326 void onPackageUninstalled(@NonNull String packageName, int appId, 327 @Nullable PackageState packageState, @Nullable AndroidPackage pkg, 328 @NonNull List<AndroidPackage> sharedUserPkgs, @UserIdInt int userId); 329 330 /** 331 * The permission-related parameters passed in for package installation. 332 * 333 * @see SessionParams 334 */ 335 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 336 final class PackageInstalledParams { 337 /** 338 * A static instance whose parameters are all in their default state. 339 */ 340 public static final PackageInstalledParams DEFAULT = new Builder().build(); 341 342 @NonNull 343 private final ArrayMap<String, Integer> mPermissionStates; 344 @NonNull 345 private final List<String> mAllowlistedRestrictedPermissions; 346 @NonNull 347 private final int mAutoRevokePermissionsMode; 348 PackageInstalledParams(@onNull ArrayMap<String, Integer> permissionStates, @NonNull List<String> allowlistedRestrictedPermissions, int autoRevokePermissionsMode)349 private PackageInstalledParams(@NonNull ArrayMap<String, Integer> permissionStates, 350 @NonNull List<String> allowlistedRestrictedPermissions, 351 int autoRevokePermissionsMode) { 352 mPermissionStates = permissionStates; 353 mAllowlistedRestrictedPermissions = allowlistedRestrictedPermissions; 354 mAutoRevokePermissionsMode = autoRevokePermissionsMode; 355 } 356 357 /** 358 * @return the permissions states requested 359 * 360 * @see SessionParams#setPermissionState(String, int) 361 */ 362 @NonNull getPermissionStates()363 public ArrayMap<String, Integer> getPermissionStates() { 364 return mPermissionStates; 365 } 366 367 /** 368 * Get the restricted permissions to be allowlisted. 369 * 370 * @return the restricted permissions to be allowlisted 371 */ 372 @NonNull getAllowlistedRestrictedPermissions()373 public List<String> getAllowlistedRestrictedPermissions() { 374 return mAllowlistedRestrictedPermissions; 375 } 376 377 /** 378 * Get the mode for auto revoking permissions. 379 * 380 * @return the mode for auto revoking permissions 381 */ getAutoRevokePermissionsMode()382 public int getAutoRevokePermissionsMode() { 383 return mAutoRevokePermissionsMode; 384 } 385 386 /** 387 * Builder class for {@link PackageInstalledParams}. 388 */ 389 public static final class Builder { 390 @Nullable 391 private ArrayMap<String, Integer> mPermissionStates = null; 392 @NonNull 393 private List<String> mAllowlistedRestrictedPermissions = Collections.emptyList(); 394 @NonNull 395 private int mAutoRevokePermissionsMode = AppOpsManager.MODE_DEFAULT; 396 397 /** 398 * Set the permissions states requested by the installer. 399 * 400 * @see SessionParams#setPermissionState(String, int) 401 */ setPermissionStates( @onNull ArrayMap<String, Integer> permissionStates)402 public Builder setPermissionStates( 403 @NonNull ArrayMap<String, Integer> permissionStates) { 404 Objects.requireNonNull(permissionStates); 405 mPermissionStates = permissionStates; 406 return this; 407 } 408 409 /** 410 * Set the restricted permissions to be allowlisted. 411 * <p> 412 * Permissions that are not restricted are ignored, so one can just pass in all 413 * requested permissions of a package to get all its restricted permissions allowlisted. 414 * 415 * @param allowlistedRestrictedPermissions the restricted permissions to be allowlisted 416 * 417 * @see SessionParams#setWhitelistedRestrictedPermissions(Set) 418 */ setAllowlistedRestrictedPermissions( @onNull List<String> allowlistedRestrictedPermissions)419 public void setAllowlistedRestrictedPermissions( 420 @NonNull List<String> allowlistedRestrictedPermissions) { 421 Objects.requireNonNull(allowlistedRestrictedPermissions); 422 mAllowlistedRestrictedPermissions = new ArrayList<>( 423 allowlistedRestrictedPermissions); 424 } 425 426 /** 427 * Set the mode for auto revoking permissions. 428 * <p> 429 * {@link AppOpsManager#MODE_ALLOWED} means the system is allowed to auto revoke 430 * permissions from this package, and {@link AppOpsManager#MODE_IGNORED} means this 431 * package should be ignored when auto revoking permissions. 432 * {@link AppOpsManager#MODE_DEFAULT} means no changes will be made to the auto revoke 433 * mode of this package. 434 * 435 * @param autoRevokePermissionsMode the mode for auto revoking permissions 436 * 437 * @see SessionParams#setAutoRevokePermissionsMode(boolean) 438 */ setAutoRevokePermissionsMode(int autoRevokePermissionsMode)439 public void setAutoRevokePermissionsMode(int autoRevokePermissionsMode) { 440 mAutoRevokePermissionsMode = autoRevokePermissionsMode; 441 } 442 443 /** 444 * Build a new instance of {@link PackageInstalledParams}. 445 * 446 * @return the {@link PackageInstalledParams} built 447 */ 448 @NonNull build()449 public PackageInstalledParams build() { 450 return new PackageInstalledParams( 451 mPermissionStates == null ? new ArrayMap<>() : mPermissionStates, 452 mAllowlistedRestrictedPermissions, mAutoRevokePermissionsMode); 453 } 454 } 455 } 456 457 /** 458 * Sets the provider of the currently active HotwordDetectionService. 459 * 460 * @see HotwordDetectionServiceProvider 461 */ setHotwordDetectionServiceProvider(@ullable HotwordDetectionServiceProvider provider)462 void setHotwordDetectionServiceProvider(@Nullable HotwordDetectionServiceProvider provider); 463 464 /** 465 * Gets the provider of the currently active HotwordDetectionService. 466 * 467 * @see HotwordDetectionServiceProvider 468 */ 469 @Nullable getHotwordDetectionServiceProvider()470 HotwordDetectionServiceProvider getHotwordDetectionServiceProvider(); 471 472 /** 473 * Provides the uid of the currently active 474 * {@link android.service.voice.HotwordDetectionService}, which should be granted RECORD_AUDIO, 475 * CAPTURE_AUDIO_HOTWORD and CAPTURE_AUDIO_OUTPUT permissions. 476 */ 477 interface HotwordDetectionServiceProvider { getUid()478 int getUid(); 479 } 480 } 481