Google Git
Sign in
android / platform / prebuilts / fullsdk / sources / android-29 / refs/heads/main / . / com / android / server / policy / SoftRestrictedPermissionPolicy.java
blob: c1a6dbd8ae147b343aa1457aa600293acb75de82 [file] [log] [blame]
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.server.policy;
import static android.Manifest.permission.READ_EXTERNAL_STORAGE;
import static android.Manifest.permission.WRITE_EXTERNAL_STORAGE;
import static android.app.AppOpsManager.MODE_ALLOWED;
import static android.app.AppOpsManager.MODE_DEFAULT;
import static android.app.AppOpsManager.MODE_IGNORED;
import static android.app.AppOpsManager.OP_LEGACY_STORAGE;
import static android.app.AppOpsManager.OP_NONE;
import static android.content.pm.PackageManager.FLAG_PERMISSION_APPLY_RESTRICTION;
import static android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT;
import static android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT;
import static android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT;
import static java.lang.Integer.min;
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.app.AppOpsManager;
import android.content.Context;
import android.content.pm.ApplicationInfo;
import android.content.pm.PackageManager;
import android.os.Build;
import android.os.UserHandle;
/**
* The behavior of soft restricted permissions is different for each permission. This class collects
* the policies in one place.
*
* This is the twin of
* {@link com.android.packageinstaller.permission.utils.SoftRestrictedPermissionPolicy}
*/
public abstract class SoftRestrictedPermissionPolicy {
private static final int FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT =
FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT
| FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT
| FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT;
private static final SoftRestrictedPermissionPolicy DUMMY_POLICY =
new SoftRestrictedPermissionPolicy() {
@Override
public int resolveAppOp() {
return OP_NONE;
}
@Override
public int getDesiredOpMode() {
return MODE_DEFAULT;
}
@Override
public boolean shouldSetAppOpIfNotDefault() {
return false;
}
@Override
public boolean canBeGranted() {
return true;
}
};
/**
* TargetSDK is per package. To make sure two apps int the same shared UID do not fight over
* what to set, always compute the combined targetSDK.
*
* @param context A context
* @param appInfo The app that is changed
* @param user The user the app belongs to
*
* @return The minimum targetSDK of all apps sharing the uid of the app
*/
private static int getMinimumTargetSDK(@NonNull Context context,
@NonNull ApplicationInfo appInfo, @NonNull UserHandle user) {
PackageManager pm = context.getPackageManager();
int minimumTargetSDK = appInfo.targetSdkVersion;
String[] uidPkgs = pm.getPackagesForUid(appInfo.uid);
if (uidPkgs != null) {
for (String uidPkg : uidPkgs) {
if (!uidPkg.equals(appInfo.packageName)) {
ApplicationInfo uidPkgInfo;
try {
uidPkgInfo = pm.getApplicationInfoAsUser(uidPkg, 0, user);
} catch (PackageManager.NameNotFoundException e) {
continue;
}
minimumTargetSDK = min(minimumTargetSDK, uidPkgInfo.targetSdkVersion);
}
}
}
return minimumTargetSDK;
}
/**
* Get the policy for a soft restricted permission.
*
* @param context A context to use
* @param appInfo The application the permission belongs to. Can be {@code null}, but then
* only {@link #resolveAppOp} will work.
* @param user The user the app belongs to. Can be {@code null}, but then only
* {@link #resolveAppOp} will work.
* @param permission The name of the permission
*
* @return The policy for this permission
*/
public static @NonNull SoftRestrictedPermissionPolicy forPermission(@NonNull Context context,
@Nullable ApplicationInfo appInfo, @Nullable UserHandle user,
@NonNull String permission) {
switch (permission) {
// Storage uses a special app op to decide the mount state and supports soft restriction
// where the restricted state allows the permission but only for accessing the medial
// collections.
case READ_EXTERNAL_STORAGE: {
final int flags;
final boolean applyRestriction;
final boolean isWhiteListed;
final boolean hasRequestedLegacyExternalStorage;
final int targetSDK;
if (appInfo != null) {
PackageManager pm = context.getPackageManager();
flags = pm.getPermissionFlags(permission, appInfo.packageName, user);
applyRestriction = (flags & FLAG_PERMISSION_APPLY_RESTRICTION) != 0;
isWhiteListed = (flags & FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT) != 0;
targetSDK = getMinimumTargetSDK(context, appInfo, user);
boolean hasAnyRequestedLegacyExternalStorage =
appInfo.hasRequestedLegacyExternalStorage();
// hasRequestedLegacyExternalStorage is per package. To make sure two apps in
// the same shared UID do not fight over what to set, always compute the
// combined hasRequestedLegacyExternalStorage
String[] uidPkgs = pm.getPackagesForUid(appInfo.uid);
if (uidPkgs != null) {
for (String uidPkg : uidPkgs) {
if (!uidPkg.equals(appInfo.packageName)) {
ApplicationInfo uidPkgInfo;
try {
uidPkgInfo = pm.getApplicationInfoAsUser(uidPkg, 0, user);
} catch (PackageManager.NameNotFoundException e) {
continue;
}
hasAnyRequestedLegacyExternalStorage |=
uidPkgInfo.hasRequestedLegacyExternalStorage();
}
}
}
hasRequestedLegacyExternalStorage = hasAnyRequestedLegacyExternalStorage;
} else {
flags = 0;
applyRestriction = false;
isWhiteListed = false;
hasRequestedLegacyExternalStorage = false;
targetSDK = 0;
}
return new SoftRestrictedPermissionPolicy() {
@Override
public int resolveAppOp() {
return OP_LEGACY_STORAGE;
}
@Override
public int getDesiredOpMode() {
if (applyRestriction) {
return MODE_DEFAULT;
} else if (hasRequestedLegacyExternalStorage) {
return MODE_ALLOWED;
} else {
return MODE_IGNORED;
}
}
@Override
public boolean shouldSetAppOpIfNotDefault() {
// Do not switch from allowed -> ignored as this would mean to retroactively
// turn on isolated storage. This will make the app loose all its files.
return getDesiredOpMode() != MODE_IGNORED;
}
@Override
public boolean canBeGranted() {
if (isWhiteListed || targetSDK >= Build.VERSION_CODES.Q) {
return true;
} else {
return false;
}
}
};
}
case WRITE_EXTERNAL_STORAGE: {
final boolean isWhiteListed;
final int targetSDK;
if (appInfo != null) {
final int flags = context.getPackageManager().getPermissionFlags(permission,
appInfo.packageName, user);
isWhiteListed = (flags & FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT) != 0;
targetSDK = getMinimumTargetSDK(context, appInfo, user);
} else {
isWhiteListed = false;
targetSDK = 0;
}
return new SoftRestrictedPermissionPolicy() {
@Override
public int resolveAppOp() {
return OP_NONE;
}
@Override
public int getDesiredOpMode() {
return MODE_DEFAULT;
}
@Override
public boolean shouldSetAppOpIfNotDefault() {
return false;
}
@Override
public boolean canBeGranted() {
return isWhiteListed || targetSDK >= Build.VERSION_CODES.Q;
}
};
}
default:
return DUMMY_POLICY;
}
}
/**
* @return An app op to be changed based on the state of the permission or
* {@link AppOpsManager#OP_NONE} if not app-op should be set.
*/
public abstract int resolveAppOp();
/**
* @return The mode the {@link #resolveAppOp() app op} should be in.
*/
public abstract @AppOpsManager.Mode int getDesiredOpMode();
/**
* @return If the {@link #resolveAppOp() app op} should be set even if the app-op is currently
* not {@link AppOpsManager#MODE_DEFAULT}.
*/
public abstract boolean shouldSetAppOpIfNotDefault();
/**
* @return If the permission can be granted
*/
public abstract boolean canBeGranted();
}