1 /* 2 * Copyright (C) 2019 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.pm.permission; 18 19 import android.annotation.NonNull; 20 import android.annotation.Nullable; 21 import android.annotation.UserIdInt; 22 import android.app.AppOpsManager; 23 import android.content.pm.PackageInstaller.SessionParams; 24 import android.content.pm.PermissionInfo; 25 import android.permission.PermissionManagerInternal; 26 import android.util.ArrayMap; 27 28 import com.android.server.pm.pkg.AndroidPackage; 29 import com.android.server.pm.pkg.PackageState; 30 31 import java.util.ArrayList; 32 import java.util.Collections; 33 import java.util.List; 34 import java.util.Objects; 35 import java.util.Set; 36 37 /** 38 * Internal interfaces services. 39 * 40 * TODO: Move into module. 41 */ 42 public interface PermissionManagerServiceInternal extends PermissionManagerInternal, 43 LegacyPermissionDataProvider { 44 /** 45 * Check whether a particular package has been granted a particular permission. 46 * 47 * @param packageName the name of the package you are checking against 48 * @param permissionName the name of the permission you are checking for 49 * @param userId the user ID 50 * @return {@code PERMISSION_GRANTED} if the permission is granted, or {@code PERMISSION_DENIED} 51 * otherwise 52 */ 53 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) checkPermission(@onNull String packageName, @NonNull String permissionName, @UserIdInt int userId)54 int checkPermission(@NonNull String packageName, @NonNull String permissionName, 55 @UserIdInt int userId); 56 57 /** 58 * Check whether a particular UID has been granted a particular permission. 59 * 60 * @param uid the UID 61 * @param permissionName the name of the permission you are checking for 62 * @return {@code PERMISSION_GRANTED} if the permission is granted, or {@code PERMISSION_DENIED} 63 * otherwise 64 */ 65 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) checkUidPermission(int uid, @NonNull String permissionName)66 int checkUidPermission(int uid, @NonNull String permissionName); 67 68 /** 69 * Adds a listener for runtime permission state (permissions or flags) changes. 70 * 71 * @param listener The listener. 72 */ addOnRuntimePermissionStateChangedListener( @onNull OnRuntimePermissionStateChangedListener listener)73 void addOnRuntimePermissionStateChangedListener( 74 @NonNull OnRuntimePermissionStateChangedListener listener); 75 76 /** 77 * Removes a listener for runtime permission state (permissions or flags) changes. 78 * 79 * @param listener The listener. 80 */ removeOnRuntimePermissionStateChangedListener( @onNull OnRuntimePermissionStateChangedListener listener)81 void removeOnRuntimePermissionStateChangedListener( 82 @NonNull OnRuntimePermissionStateChangedListener listener); 83 84 /** 85 * Get whether permission review is required for a package. 86 * 87 * @param packageName the name of the package 88 * @param userId the user ID 89 * @return whether permission review is required 90 */ 91 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) isPermissionsReviewRequired(@onNull String packageName, @UserIdInt int userId)92 boolean isPermissionsReviewRequired(@NonNull String packageName, 93 @UserIdInt int userId); 94 95 /** 96 * Reset the runtime permission state changes for a package. 97 * 98 * TODO(zhanghai): Turn this into package change callback? 99 * 100 * @param pkg the package 101 * @param userId the user ID 102 */ 103 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) resetRuntimePermissions(@onNull AndroidPackage pkg, @UserIdInt int userId)104 void resetRuntimePermissions(@NonNull AndroidPackage pkg, 105 @UserIdInt int userId); 106 107 /** 108 * Reset the runtime permission state changes for all packages in a user. 109 * 110 * @param userId the user ID 111 */ 112 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) resetRuntimePermissionsForUser(@serIdInt int userId)113 void resetRuntimePermissionsForUser(@UserIdInt int userId); 114 115 /** 116 * Read legacy permission state from package settings. 117 * 118 * TODO(zhanghai): This is a temporary method because we should not expose 119 * {@code PackageSetting} which is a implementation detail that permission should not know. 120 * Instead, it should retrieve the legacy state via a defined API. 121 */ readLegacyPermissionStateTEMP()122 void readLegacyPermissionStateTEMP(); 123 124 /** 125 * Write legacy permission state to package settings. 126 * 127 * TODO(zhanghai): This is a temporary method and should be removed once we migrated persistence 128 * for permission. 129 */ writeLegacyPermissionStateTEMP()130 void writeLegacyPermissionStateTEMP(); 131 132 /** 133 * Get all the permissions definitions from a package that's installed in the system. 134 * <p> 135 * A permission definition in a normal app may not be installed if it's overridden by the 136 * platform or system app that contains a conflicting definition after system upgrade. 137 * 138 * @param packageName the name of the package 139 * @return the names of the installed permissions 140 */ 141 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 142 @NonNull getInstalledPermissions(@onNull String packageName)143 Set<String> getInstalledPermissions(@NonNull String packageName); 144 145 /** 146 * Get all the permissions granted to a package. 147 * 148 * @param packageName the name of the package 149 * @param userId the user ID 150 * @return the names of the granted permissions 151 */ 152 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 153 @NonNull getGrantedPermissions(@onNull String packageName, @UserIdInt int userId)154 Set<String> getGrantedPermissions(@NonNull String packageName, @UserIdInt int userId); 155 156 /** 157 * Get the GIDs of a permission. 158 * 159 * @param permissionName the name of the permission 160 * @param userId the user ID 161 * @return the GIDs of the permission 162 */ 163 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 164 @NonNull getPermissionGids(@onNull String permissionName, @UserIdInt int userId)165 int[] getPermissionGids(@NonNull String permissionName, @UserIdInt int userId); 166 167 /** 168 * Get the packages that have requested an app op permission. 169 * 170 * @param permissionName the name of the app op permission 171 * @return the names of the packages that have requested the app op permission 172 */ 173 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 174 @NonNull getAppOpPermissionPackages(@onNull String permissionName)175 String[] getAppOpPermissionPackages(@NonNull String permissionName); 176 177 /** HACK HACK methods to allow for partial migration of data to the PermissionManager class */ 178 @Nullable getPermissionTEMP(@onNull String permName)179 Permission getPermissionTEMP(@NonNull String permName); 180 181 /** Get all permissions that have a certain protection */ 182 @NonNull getAllPermissionsWithProtection( @ermissionInfo.Protection int protection)183 List<PermissionInfo> getAllPermissionsWithProtection( 184 @PermissionInfo.Protection int protection); 185 186 /** Get all permissions that have certain protection flags 187 * @return*/ getAllPermissionsWithProtectionFlags( @ermissionInfo.ProtectionFlags int protectionFlags)188 @NonNull List<PermissionInfo> getAllPermissionsWithProtectionFlags( 189 @PermissionInfo.ProtectionFlags int protectionFlags); 190 191 /** 192 * Start delegate the permission identity of the shell UID to the given UID. 193 * 194 * @param uid the UID to delegate shell permission identity to 195 * @param packageName the name of the package to delegate shell permission identity to 196 * @param permissionNames the names of the permissions to delegate shell permission identity 197 * for, or {@code null} for all permissions 198 */ 199 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) startShellPermissionIdentityDelegation(int uid, @NonNull String packageName, @Nullable List<String> permissionNames)200 void startShellPermissionIdentityDelegation(int uid, 201 @NonNull String packageName, @Nullable List<String> permissionNames); 202 203 /** 204 * Stop delegating the permission identity of the shell UID. 205 * 206 * @see #startShellPermissionIdentityDelegation(int, String, List) 207 */ 208 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) stopShellPermissionIdentityDelegation()209 void stopShellPermissionIdentityDelegation(); 210 211 /** 212 * Get all delegated shell permissions. 213 */ getDelegatedShellPermissions()214 @NonNull List<String> getDelegatedShellPermissions(); 215 216 /** 217 * Read legacy permissions from legacy permission settings. 218 * 219 * TODO(zhanghai): This is a temporary method because we should not expose 220 * {@code LegacyPermissionSettings} which is a implementation detail that permission should not 221 * know. Instead, it should retrieve the legacy permissions via a defined API. 222 */ readLegacyPermissionsTEMP(@onNull LegacyPermissionSettings legacyPermissionSettings)223 void readLegacyPermissionsTEMP(@NonNull LegacyPermissionSettings legacyPermissionSettings); 224 225 /** 226 * Write legacy permissions to legacy permission settings. 227 * 228 * TODO(zhanghai): This is a temporary method and should be removed once we migrated persistence 229 * for permission. 230 */ writeLegacyPermissionsTEMP(@onNull LegacyPermissionSettings legacyPermissionSettings)231 void writeLegacyPermissionsTEMP(@NonNull LegacyPermissionSettings legacyPermissionSettings); 232 233 /** 234 * Callback when the system is ready. 235 */ 236 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onSystemReady()237 void onSystemReady(); 238 239 /** 240 * Callback when a storage volume is mounted, so that all packages on it become available. 241 * 242 * @param volumeUuid the UUID of the storage volume 243 * @param fingerprintChanged whether the current build fingerprint is different from what it was 244 * when this volume was last mounted 245 */ 246 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onStorageVolumeMounted(@onNull String volumeUuid, boolean fingerprintChanged)247 void onStorageVolumeMounted(@NonNull String volumeUuid, boolean fingerprintChanged); 248 249 /** 250 * Callback when a user has been created. 251 * 252 * @param userId the created user ID 253 */ 254 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onUserCreated(@serIdInt int userId)255 void onUserCreated(@UserIdInt int userId); 256 257 /** 258 * Callback when a user has been removed. 259 * 260 * @param userId the removed user ID 261 */ 262 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onUserRemoved(@serIdInt int userId)263 void onUserRemoved(@UserIdInt int userId); 264 265 /** 266 * Callback when a package has been added. 267 * 268 * @param packageState the added package 269 * @param isInstantApp whether the added package is an instant app 270 * @param oldPkg the old package, or {@code null} if none 271 */ 272 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageAdded(@onNull PackageState packageState, boolean isInstantApp, @Nullable AndroidPackage oldPkg)273 void onPackageAdded(@NonNull PackageState packageState, 274 boolean isInstantApp, @Nullable AndroidPackage oldPkg); 275 276 /** 277 * Callback when a package has been installed for a user. 278 * 279 * @param pkg the installed package 280 * @param previousAppId the previous app ID if the package is leaving a shared UID, 281 * or Process.INVALID_UID 282 * @param params the parameters passed in for package installation 283 * @param userId the user ID this package is installed for 284 */ 285 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageInstalled(@onNull AndroidPackage pkg, int previousAppId, @NonNull PackageInstalledParams params, @UserIdInt int userId)286 void onPackageInstalled(@NonNull AndroidPackage pkg, int previousAppId, 287 @NonNull PackageInstalledParams params, 288 @UserIdInt int userId); 289 290 /** 291 * Callback when a package has been removed. 292 * 293 * @param pkg the removed package 294 */ 295 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageRemoved(@onNull AndroidPackage pkg)296 void onPackageRemoved(@NonNull AndroidPackage pkg); 297 298 /** 299 * Callback when a package has been uninstalled. 300 * <p> 301 * The package may have been fully removed from the system, or only marked as uninstalled for 302 * this user but still instlaled for other users. 303 * 304 * @param packageName the name of the uninstalled package 305 * @param appId the app ID of the uninstalled package 306 * @param packageState the uninstalled package, or {@code null} if unavailable 307 * @param sharedUserPkgs the packages that are in the same shared user 308 * @param userId the user ID the package is uninstalled for 309 */ 310 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) onPackageUninstalled(@onNull String packageName, int appId, @Nullable PackageState packageState, @Nullable AndroidPackage pkg, @NonNull List<AndroidPackage> sharedUserPkgs, @UserIdInt int userId)311 void onPackageUninstalled(@NonNull String packageName, int appId, 312 @Nullable PackageState packageState, @Nullable AndroidPackage pkg, 313 @NonNull List<AndroidPackage> sharedUserPkgs, @UserIdInt int userId); 314 315 /** 316 * Listener for package permission state (permissions or flags) changes. 317 */ 318 interface OnRuntimePermissionStateChangedListener { 319 320 /** 321 * Called when the runtime permission state (permissions or flags) changed. 322 * 323 * @param packageName The package for which the change happened. 324 * @param userId the user id for which the change happened. 325 */ 326 @Nullable onRuntimePermissionStateChanged(@onNull String packageName, @UserIdInt int userId)327 void onRuntimePermissionStateChanged(@NonNull String packageName, 328 @UserIdInt int userId); 329 } 330 331 /** 332 * The permission-related parameters passed in for package installation. 333 * 334 * @see SessionParams 335 */ 336 //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 337 final class PackageInstalledParams { 338 /** 339 * A static instance whose parameters are all in their default state. 340 */ 341 public static final PackageInstalledParams DEFAULT = new Builder().build(); 342 343 @NonNull 344 private final ArrayMap<String, Integer> mPermissionStates; 345 @NonNull 346 private final List<String> mAllowlistedRestrictedPermissions; 347 @NonNull 348 private final int mAutoRevokePermissionsMode; 349 PackageInstalledParams(@onNull ArrayMap<String, Integer> permissionStates, @NonNull List<String> allowlistedRestrictedPermissions, int autoRevokePermissionsMode)350 private PackageInstalledParams(@NonNull ArrayMap<String, Integer> permissionStates, 351 @NonNull List<String> allowlistedRestrictedPermissions, 352 int autoRevokePermissionsMode) { 353 mPermissionStates = permissionStates; 354 mAllowlistedRestrictedPermissions = allowlistedRestrictedPermissions; 355 mAutoRevokePermissionsMode = autoRevokePermissionsMode; 356 } 357 358 /** 359 * @return the permissions states requested 360 * 361 * @see SessionParams#setPermissionState(String, int) 362 */ 363 @NonNull getPermissionStates()364 public ArrayMap<String, Integer> getPermissionStates() { 365 return mPermissionStates; 366 } 367 368 /** 369 * Get the restricted permissions to be allowlisted. 370 * 371 * @return the restricted permissions to be allowlisted 372 */ 373 @NonNull getAllowlistedRestrictedPermissions()374 public List<String> getAllowlistedRestrictedPermissions() { 375 return mAllowlistedRestrictedPermissions; 376 } 377 378 /** 379 * Get the mode for auto revoking permissions. 380 * 381 * @return the mode for auto revoking permissions 382 */ getAutoRevokePermissionsMode()383 public int getAutoRevokePermissionsMode() { 384 return mAutoRevokePermissionsMode; 385 } 386 387 /** 388 * Builder class for {@link PackageInstalledParams}. 389 */ 390 public static final class Builder { 391 @Nullable 392 private ArrayMap<String, Integer> mPermissionStates = null; 393 @NonNull 394 private List<String> mAllowlistedRestrictedPermissions = Collections.emptyList(); 395 @NonNull 396 private int mAutoRevokePermissionsMode = AppOpsManager.MODE_DEFAULT; 397 398 /** 399 * Set the permissions states requested by the installer. 400 * 401 * @see SessionParams#setPermissionState(String, int) 402 */ setPermissionStates( @onNull ArrayMap<String, Integer> permissionStates)403 public Builder setPermissionStates( 404 @NonNull ArrayMap<String, Integer> permissionStates) { 405 Objects.requireNonNull(permissionStates); 406 mPermissionStates = permissionStates; 407 return this; 408 } 409 410 /** 411 * Set the restricted permissions to be allowlisted. 412 * <p> 413 * Permissions that are not restricted are ignored, so one can just pass in all 414 * requested permissions of a package to get all its restricted permissions allowlisted. 415 * 416 * @param allowlistedRestrictedPermissions the restricted permissions to be allowlisted 417 * 418 * @see SessionParams#setWhitelistedRestrictedPermissions(Set) 419 */ setAllowlistedRestrictedPermissions( @onNull List<String> allowlistedRestrictedPermissions)420 public void setAllowlistedRestrictedPermissions( 421 @NonNull List<String> allowlistedRestrictedPermissions) { 422 Objects.requireNonNull(allowlistedRestrictedPermissions); 423 mAllowlistedRestrictedPermissions = new ArrayList<>( 424 allowlistedRestrictedPermissions); 425 } 426 427 /** 428 * Set the mode for auto revoking permissions. 429 * <p> 430 * {@link AppOpsManager#MODE_ALLOWED} means the system is allowed to auto revoke 431 * permissions from this package, and {@link AppOpsManager#MODE_IGNORED} means this 432 * package should be ignored when auto revoking permissions. 433 * {@link AppOpsManager#MODE_DEFAULT} means no changes will be made to the auto revoke 434 * mode of this package. 435 * 436 * @param autoRevokePermissionsMode the mode for auto revoking permissions 437 * 438 * @see SessionParams#setAutoRevokePermissionsMode(boolean) 439 */ setAutoRevokePermissionsMode(int autoRevokePermissionsMode)440 public void setAutoRevokePermissionsMode(int autoRevokePermissionsMode) { 441 mAutoRevokePermissionsMode = autoRevokePermissionsMode; 442 } 443 444 /** 445 * Build a new instance of {@link PackageInstalledParams}. 446 * 447 * @return the {@link PackageInstalledParams} built 448 */ 449 @NonNull build()450 public PackageInstalledParams build() { 451 return new PackageInstalledParams( 452 mPermissionStates == null ? new ArrayMap<>() : mPermissionStates, 453 mAllowlistedRestrictedPermissions, mAutoRevokePermissionsMode); 454 } 455 } 456 } 457 458 /** 459 * Sets the provider of the currently active HotwordDetectionService. 460 * 461 * @see HotwordDetectionServiceProvider 462 */ setHotwordDetectionServiceProvider(@ullable HotwordDetectionServiceProvider provider)463 void setHotwordDetectionServiceProvider(@Nullable HotwordDetectionServiceProvider provider); 464 465 /** 466 * Gets the provider of the currently active HotwordDetectionService. 467 * 468 * @see HotwordDetectionServiceProvider 469 */ 470 @Nullable getHotwordDetectionServiceProvider()471 HotwordDetectionServiceProvider getHotwordDetectionServiceProvider(); 472 473 /** 474 * Provides the uid of the currently active 475 * {@link android.service.voice.HotwordDetectionService}, which should be granted RECORD_AUDIO, 476 * CAPTURE_AUDIO_HOTWORD and CAPTURE_AUDIO_OUTPUT permissions. 477 */ 478 interface HotwordDetectionServiceProvider { getUid()479 int getUid(); 480 } 481 } 482