diff options
| -rw-r--r-- | core/res/AndroidManifest.xml | 7 | ||||
| -rw-r--r-- | data/etc/platform.xml | 1 | ||||
| -rw-r--r-- | services/core/java/com/android/server/DropBoxManagerService.java | 9 |
3 files changed, 17 insertions, 0 deletions
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 11a506229654..5bb18015c879 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -4647,6 +4647,13 @@ android:protectionLevel="normal" /> <uses-permission android:name="android.permission.QUERY_ALL_PACKAGES"/> + <!-- @hide Allow the caller to collect debugging data from processes that otherwise + would require USAGE_STATS. Before sharing this data with other apps, holders + of this permission are REQUIRED to themselves check that the caller has + PACKAGE_USAGE_STATS and OP_GET_USAGE_STATS. --> + <permission android:name="android.permission.PEEK_DROPBOX_DATA" + android:protectionLevel="signature|privileged" /> + <application android:process="system" android:persistent="true" android:hasCode="false" diff --git a/data/etc/platform.xml b/data/etc/platform.xml index dceb243972e2..80098c5a81f5 100644 --- a/data/etc/platform.xml +++ b/data/etc/platform.xml @@ -174,6 +174,7 @@ <assign-permission name="android.permission.PACKAGE_USAGE_STATS" uid="incidentd" /> <assign-permission name="android.permission.INTERACT_ACROSS_USERS" uid="incidentd" /> <assign-permission name="android.permission.REQUEST_INCIDENT_REPORT_APPROVAL" uid="incidentd" /> + <assign-permission name="android.permission.PEEK_DROPBOX_DATA" uid="incidentd" /> <assign-permission name="android.permission.ACCESS_LOWPAN_STATE" uid="lowpan" /> <assign-permission name="android.permission.MANAGE_LOWPAN_INTERFACES" uid="lowpan" /> diff --git a/services/core/java/com/android/server/DropBoxManagerService.java b/services/core/java/com/android/server/DropBoxManagerService.java index aeb3e7fd94de..7365e78c707f 100644 --- a/services/core/java/com/android/server/DropBoxManagerService.java +++ b/services/core/java/com/android/server/DropBoxManagerService.java @@ -23,6 +23,7 @@ import android.content.ContentResolver; import android.content.Context; import android.content.Intent; import android.content.IntentFilter; +import android.content.pm.PackageManager; import android.content.res.Resources; import android.database.ContentObserver; import android.net.Uri; @@ -464,6 +465,14 @@ public final class DropBoxManagerService extends SystemService { } private boolean checkPermission(int callingUid, String callingPackage) { + // If callers have this permission, then we don't need to check + // USAGE_STATS, because they are part of the system and have agreed to + // check USAGE_STATS before passing the data along. + if (getContext().checkCallingPermission(android.Manifest.permission.PEEK_DROPBOX_DATA) + == PackageManager.PERMISSION_GRANTED) { + return true; + } + // Callers always need this permission getContext().enforceCallingOrSelfPermission( android.Manifest.permission.READ_LOGS, TAG); |