summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--services/core/java/com/android/server/pm/permission/PermissionManagerService.java39
1 files changed, 30 insertions, 9 deletions
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index bc7554c54eb0..a4e8b1c01620 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -83,6 +83,7 @@ import android.content.pm.PackageParser;
import android.content.pm.ParceledListSlice;
import android.content.pm.PermissionGroupInfo;
import android.content.pm.PermissionInfo;
+import android.content.pm.UserInfo;
import android.content.pm.parsing.component.ParsedPermission;
import android.content.pm.parsing.component.ParsedPermissionGroup;
import android.content.pm.permission.SplitPermissionInfoParcelable;
@@ -120,6 +121,7 @@ import android.util.Log;
import android.util.Slog;
import android.util.SparseArray;
import android.util.SparseBooleanArray;
+import android.util.TimingsTraceLog;
import com.android.internal.annotations.GuardedBy;
import com.android.internal.annotations.VisibleForTesting;
@@ -2516,12 +2518,12 @@ public class PermissionManagerService extends IPermissionManager.Stub {
final PermissionsState permissionsState = ps.getPermissionsState();
- final int[] currentUserIds = UserManagerService.getInstance().getUserIds();
+ final int[] userIds = getAllUserIds();
boolean runtimePermissionsRevoked = false;
int[] updatedUserIds = EMPTY_INT_ARRAY;
- for (int userId : currentUserIds) {
+ for (int userId : userIds) {
if (permissionsState.isMissing(userId)) {
Collection<String> requestedPermissions;
int targetSdkVersion;
@@ -2587,7 +2589,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
// runtime and revocation of a runtime from a shared user.
synchronized (mLock) {
updatedUserIds = revokeUnusedSharedUserPermissionsLocked(
- ps.getSharedUser(), UserManagerService.getInstance().getUserIds());
+ ps.getSharedUser(), userIds);
if (!ArrayUtils.isEmpty(updatedUserIds)) {
runtimePermissionsRevoked = true;
}
@@ -2740,7 +2742,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
// a runtime permission being downgraded to an install one.
// Also in permission review mode we keep dangerous permissions
// for legacy apps
- for (int userId : UserManagerService.getInstance().getUserIds()) {
+ for (int userId : userIds) {
if (origPermissions.getRuntimePermissionState(
perm, userId) != null) {
// Revoke the runtime permission and clear the flags.
@@ -2763,7 +2765,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
boolean hardRestricted = bp.isHardRestricted();
boolean softRestricted = bp.isSoftRestricted();
- for (int userId : currentUserIds) {
+ for (int userId : userIds) {
// If permission policy is not ready we don't deal with restricted
// permissions as the policy may whitelist some permissions. Once
// the policy is initialized we would re-evaluate permissions.
@@ -2902,7 +2904,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
boolean hardRestricted = bp.isHardRestricted();
boolean softRestricted = bp.isSoftRestricted();
- for (int userId : currentUserIds) {
+ for (int userId : userIds) {
// If permission policy is not ready we don't deal with restricted
// permissions as the policy may whitelist some permissions. Once
// the policy is initialized we would re-evaluate permissions.
@@ -3071,6 +3073,25 @@ public class PermissionManagerService extends IPermissionManager.Stub {
}
/**
+ * Returns all relevant user ids. This list include the current set of created user ids as well
+ * as pre-created user ids.
+ * @return user ids for created users and pre-created users
+ */
+ private int[] getAllUserIds() {
+ final TimingsTraceLog t = new TimingsTraceLog(TAG, Trace.TRACE_TAG_SYSTEM_SERVER);
+ t.traceBegin("getAllUserIds");
+ List<UserInfo> users = UserManagerService.getInstance().getUsers(
+ /*excludePartial=*/ true, /*excludeDying=*/ true, /*excludePreCreated=*/ false);
+ int size = users.size();
+ final int[] userIds = new int[size];
+ for (int i = 0; i < size; i++) {
+ userIds[i] = users.get(i).id;
+ }
+ t.traceEnd();
+ return userIds;
+ }
+
+ /**
* Revoke permissions that are not implicit anymore and that have
* {@link PackageManager#FLAG_PERMISSION_REVOKE_WHEN_REQUESTED} set.
*
@@ -3088,7 +3109,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
boolean supportsRuntimePermissions = pkg.getTargetSdkVersion()
>= Build.VERSION_CODES.M;
- int[] users = UserManagerService.getInstance().getUserIds();
+ int[] users = getAllUserIds();
int numUsers = users.length;
for (int i = 0; i < numUsers; i++) {
int userId = users[i];
@@ -3197,7 +3218,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
if (replace && pkg.isRequestLegacyExternalStorage() && (
pkg.getRequestedPermissions().contains(READ_EXTERNAL_STORAGE)
|| pkg.getRequestedPermissions().contains(WRITE_EXTERNAL_STORAGE))) {
- return UserManagerService.getInstance().getUserIds();
+ return getAllUserIds();
}
return updatedUserIds;
@@ -3251,7 +3272,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
if (!ps.hasInstallPermission(newPerm)) {
BasePermission bp = mSettings.getPermissionLocked(newPerm);
- int[] users = UserManagerService.getInstance().getUserIds();
+ int[] users = getAllUserIds();
int numUsers = users.length;
for (int userNum = 0; userNum < numUsers; userNum++) {
int userId = users[userNum];
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-10 21:28:17 +0000