diff options
5 files changed, 137 insertions, 0 deletions
diff --git a/core/java/android/permission/ILegacyPermissionManager.aidl b/core/java/android/permission/ILegacyPermissionManager.aidl index f1f083668711..78e12de04e89 100644 --- a/core/java/android/permission/ILegacyPermissionManager.aidl +++ b/core/java/android/permission/ILegacyPermissionManager.aidl @@ -49,4 +49,6 @@ interface ILegacyPermissionManager { void grantDefaultPermissionsToActiveLuiApp(in String packageName, int userId); void revokeDefaultPermissionsFromLuiApps(in String[] packageNames, int userId); + + void grantDefaultPermissionsToCarrierServiceApp(in String packageName, int userId); } diff --git a/core/java/android/permission/LegacyPermissionManager.java b/core/java/android/permission/LegacyPermissionManager.java index a4fa11b5121b..57776857864e 100644 --- a/core/java/android/permission/LegacyPermissionManager.java +++ b/core/java/android/permission/LegacyPermissionManager.java @@ -22,6 +22,7 @@ import android.annotation.NonNull; import android.annotation.Nullable; import android.annotation.RequiresPermission; import android.annotation.SystemService; +import android.annotation.UserIdInt; import android.content.Context; import android.content.pm.PackageManager; import android.os.RemoteException; @@ -244,4 +245,20 @@ public final class LegacyPermissionManager { e.rethrowFromSystemServer(); } } + + /** + * Grant permissions to a newly set Carrier Services app. + * @param packageName The newly set Carrier Services app + * @param userId The user for which to grant the permissions. + * @hide + */ + public void grantDefaultPermissionsToCarrierServiceApp(@NonNull String packageName, + @UserIdInt int userId) { + try { + mLegacyPermissionManager.grantDefaultPermissionsToCarrierServiceApp(packageName, + userId); + } catch (RemoteException e) { + throw e.rethrowFromSystemServer(); + } + } } diff --git a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java index 0311524cd768..284c29ecfbe9 100644 --- a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java +++ b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java @@ -21,6 +21,7 @@ import static android.os.Process.FIRST_APPLICATION_UID; import android.Manifest; import android.annotation.NonNull; import android.annotation.Nullable; +import android.annotation.UserIdInt; import android.app.ActivityManager; import android.app.DownloadManager; import android.app.SearchManager; @@ -1093,6 +1094,14 @@ final class DefaultPermissionGrantPolicy { } } + public void grantDefaultPermissionsToCarrierServiceApp(@NonNull String packageName, + @UserIdInt int userId) { + Log.i(TAG, "Grant permissions to Carrier Service app " + packageName + " for user:" + + userId); + grantPermissionsToPackage(NO_PM_CACHE, packageName, userId, /* ignoreSystemPackage */ false, + /* whitelistRestricted */ true, NOTIFICATION_PERMISSIONS); + } + private String getDefaultSystemHandlerActivityPackage(PackageManagerWrapper pm, String intentAction, int userId) { return getDefaultSystemHandlerActivityPackage(pm, new Intent(intentAction), userId); diff --git a/services/core/java/com/android/server/pm/permission/LegacyPermissionManagerService.java b/services/core/java/com/android/server/pm/permission/LegacyPermissionManagerService.java index ea554d3d7996..360a04f7e9bc 100644 --- a/services/core/java/com/android/server/pm/permission/LegacyPermissionManagerService.java +++ b/services/core/java/com/android/server/pm/permission/LegacyPermissionManagerService.java @@ -18,6 +18,7 @@ package com.android.server.pm.permission; import android.annotation.NonNull; import android.annotation.Nullable; +import android.annotation.UserIdInt; import android.app.AppOpsManager; import android.app.admin.DevicePolicyManager; import android.content.Context; @@ -248,6 +249,15 @@ public class LegacyPermissionManagerService extends ILegacyPermissionManager.Stu } @Override + public void grantDefaultPermissionsToCarrierServiceApp(@NonNull String packageName, + @UserIdInt int userId) { + PackageManagerServiceUtils.enforceSystemOrRoot( + "grantDefaultPermissionsForCarrierServiceApp"); + Binder.withCleanCallingIdentity(() -> mDefaultPermissionGrantPolicy + .grantDefaultPermissionsToCarrierServiceApp(packageName, userId)); + } + + @Override public void grantDefaultPermissionsToActiveLuiApp(String packageName, int userId) { final int callingUid = Binder.getCallingUid(); PackageManagerServiceUtils.enforceSystemOrPhoneCaller( diff --git a/services/core/java/com/android/server/policy/PermissionPolicyService.java b/services/core/java/com/android/server/policy/PermissionPolicyService.java index 89ac9e773906..14abc9aabc29 100644 --- a/services/core/java/com/android/server/policy/PermissionPolicyService.java +++ b/services/core/java/com/android/server/policy/PermissionPolicyService.java @@ -66,11 +66,13 @@ import android.os.Process; import android.os.RemoteException; import android.os.ServiceManager; import android.os.UserHandle; +import android.permission.LegacyPermissionManager; import android.permission.PermissionControllerManager; import android.permission.PermissionManager; import android.provider.Settings; import android.provider.Telephony; import android.telecom.TelecomManager; +import android.telephony.TelephonyManager; import android.util.ArrayMap; import android.util.ArraySet; import android.util.Log; @@ -106,6 +108,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Objects; +import java.util.Set; import java.util.concurrent.ExecutionException; /** @@ -163,6 +166,7 @@ public final class PermissionPolicyService extends SystemService { private PackageManagerInternal mPackageManagerInternal; private PermissionManagerServiceInternal mPermissionManagerInternal; private NotificationManagerInternal mNotificationManager; + private TelephonyManager mTelephonyManager; private final KeyguardManager mKeyguardManager; private final PackageManager mPackageManager; private final Handler mHandler; @@ -384,6 +388,13 @@ public final class PermissionPolicyService extends SystemService { public void onBootPhase(int phase) { if (DEBUG) Slog.i(LOG_TAG, "onBootPhase(" + phase + ")"); + if (phase == PHASE_DEVICE_SPECIFIC_SERVICES_READY) { + registerCarrierPrivilegesCallbacks(); + IntentFilter filter = + new IntentFilter(TelephonyManager.ACTION_MULTI_SIM_CONFIG_CHANGED); + mContext.registerReceiver(mSimConfigBroadcastReceiver, filter); + } + if (phase == PHASE_ACTIVITY_MANAGER_READY) { final UserManagerInternal um = LocalServices.getService(UserManagerInternal.class); @@ -408,6 +419,94 @@ public final class PermissionPolicyService extends SystemService { } + private void initTelephonyManagerIfNeeded() { + if (mTelephonyManager == null) { + mTelephonyManager = TelephonyManager.from(mContext); + } + } + + private void registerCarrierPrivilegesCallbacks() { + initTelephonyManagerIfNeeded(); + if (mTelephonyManager == null) { + return; + } + + int numPhones = mTelephonyManager.getActiveModemCount(); + for (int i = 0; i < numPhones; i++) { + PhoneCarrierPrivilegesCallback callback = new PhoneCarrierPrivilegesCallback(i); + mPhoneCarrierPrivilegesCallbacks.add(callback); + mTelephonyManager.registerCarrierPrivilegesCallback(i, mContext.getMainExecutor(), + callback); + } + } + + private void unregisterCarrierPrivilegesCallback() { + initTelephonyManagerIfNeeded(); + if (mTelephonyManager == null) { + return; + } + + for (int i = 0; i < mPhoneCarrierPrivilegesCallbacks.size(); i++) { + PhoneCarrierPrivilegesCallback callback = mPhoneCarrierPrivilegesCallbacks.get(i); + if (callback != null) { + mTelephonyManager.unregisterCarrierPrivilegesCallback(callback); + } + } + mPhoneCarrierPrivilegesCallbacks.clear(); + } + + private final class PhoneCarrierPrivilegesCallback + implements TelephonyManager.CarrierPrivilegesCallback { + private int mPhoneId; + + PhoneCarrierPrivilegesCallback(int phoneId) { + mPhoneId = phoneId; + } + @Override + public void onCarrierPrivilegesChanged( + @NonNull Set<String> privilegedPackageNames, + @NonNull Set<Integer> privilegedUids) { + initTelephonyManagerIfNeeded(); + if (mTelephonyManager == null) { + Log.e(LOG_TAG, "Cannot grant default permissions to Carrier Service app. " + + "TelephonyManager is null"); + return; + } + + String servicePkg = mTelephonyManager.getCarrierServicePackageNameForLogicalSlot( + mPhoneId); + if (servicePkg == null) { + return; + } + int[] users = LocalServices.getService(UserManagerInternal.class).getUserIds(); + LegacyPermissionManager legacyPermManager = + mContext.getSystemService(LegacyPermissionManager.class); + for (int i = 0; i < users.length; i++) { + try { + mPackageManager.getPackageInfoAsUser(servicePkg, 0, users[i]); + legacyPermManager.grantDefaultPermissionsToCarrierServiceApp( + servicePkg, users[i]); + } catch (PackageManager.NameNotFoundException e) { + // Do nothing if the package does not exist for the specified user + } + } + } + } + + private final ArrayList<PhoneCarrierPrivilegesCallback> mPhoneCarrierPrivilegesCallbacks = + new ArrayList<>(); + + private final BroadcastReceiver mSimConfigBroadcastReceiver = new BroadcastReceiver() { + @Override + public void onReceive(Context context, Intent intent) { + if (!TelephonyManager.ACTION_MULTI_SIM_CONFIG_CHANGED.equals(intent.getAction())) { + return; + } + unregisterCarrierPrivilegesCallback(); + registerCarrierPrivilegesCallbacks(); + } + }; + /** * @return Whether the user is started but not yet stopped */ |