diff options
3 files changed, 35 insertions, 46 deletions
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index 8231faa85bec..cf9867cf312a 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -388,7 +388,6 @@ import com.android.server.pm.permission.LegacyPermissionManagerService; import com.android.server.pm.permission.Permission; import com.android.server.pm.permission.PermissionManagerService; import com.android.server.pm.permission.PermissionManagerServiceInternal; -import com.android.server.policy.PermissionPolicyInternal; import com.android.server.rollback.RollbackManagerInternal; import com.android.server.security.VerityUtils; import com.android.server.storage.DeviceStorageMonitorInternal; @@ -3721,7 +3720,7 @@ public class PackageManagerService extends IPackageManager.Stub Slog.i(TAG, "Platform changed from " + ver.sdkVersion + " to " + mSdkVersion + "; regranting permissions for internal storage"); } - mPermissionManager.updateAllPermissions( + mPermissionManager.onStorageVolumeMounted( StorageManager.UUID_PRIVATE_INTERNAL, sdkUpdated); ver.sdkVersion = mSdkVersion; @@ -22354,23 +22353,6 @@ public class PackageManagerService extends IPackageManager.Stub mUserManager.systemReady(); - // Now that we've scanned all packages, and granted any default - // permissions, ensure permissions are updated. Beware of dragons if you - // try optimizing this. - synchronized (mLock) { - mPermissionManager.updateAllPermissions(StorageManager.UUID_PRIVATE_INTERNAL, false); - - final PermissionPolicyInternal permissionPolicyInternal = - mInjector.getLocalService(PermissionPolicyInternal.class); - permissionPolicyInternal.setOnInitializedCallback(userId -> { - // The SDK updated case is already handled when we run during the ctor. - synchronized (mLock) { - mPermissionManager.updateAllPermissions( - StorageManager.UUID_PRIVATE_INTERNAL, false); - } - }); - } - // Watch for external volumes that come and go over time final StorageManager storage = mInjector.getSystemService(StorageManager.class); storage.registerListener(mStorageListener); @@ -23426,7 +23408,7 @@ public class PackageManagerService extends IPackageManager.Stub logCriticalInfo(Log.INFO, "Platform changed from " + ver.sdkVersion + " to " + mSdkVersion + "; regranting permissions for " + volumeUuid); } - mPermissionManager.updateAllPermissions(volumeUuid, sdkUpdated); + mPermissionManager.onStorageVolumeMounted(volumeUuid, sdkUpdated); // Yay, everything is now upgraded ver.forceCurrent(); diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java index 4b794687cb6e..004c0154963b 100644 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java @@ -4004,19 +4004,18 @@ public class PermissionManagerService extends IPermissionManager.Stub { * <li>Update the state (grant, flags) of the permissions</li> * </ol> * - * @param volumeUuid The volume of the packages to be updated, {@code null} for all volumes - * @param allPackages All currently known packages - * @param callback Callback to call after permission changes + * @param volumeUuid The volume UUID of the packages to be updated + * @param sdkVersionChanged whether the current SDK version is different from what it was when + * this volume was last mounted */ - private void updateAllPermissions(@Nullable String volumeUuid, boolean sdkUpdated, - @NonNull PermissionCallback callback) { + private void updateAllPermissions(@NonNull String volumeUuid, boolean sdkVersionChanged) { PackageManager.corkPackageInfoCache(); // Prevent invalidation storm try { final int flags = UPDATE_PERMISSIONS_ALL | - (sdkUpdated + (sdkVersionChanged ? UPDATE_PERMISSIONS_REPLACE_PKG | UPDATE_PERMISSIONS_REPLACE_ALL : 0); - updatePermissions(null, null, volumeUuid, flags, callback); + updatePermissions(null, null, volumeUuid, flags, mDefaultPermissionCallback); } finally { PackageManager.uncorkPackageInfoCache(); } @@ -4457,6 +4456,20 @@ public class PermissionManagerService extends IPermissionManager.Stub { } private void systemReady() { + // Now that we've scanned all packages, and granted any default + // permissions, ensure permissions are updated. Beware of dragons if you + // try optimizing this. + updateAllPermissions(StorageManager.UUID_PRIVATE_INTERNAL, false); + + final PermissionPolicyInternal permissionPolicyInternal = LocalServices.getService( + PermissionPolicyInternal.class); + permissionPolicyInternal.setOnInitializedCallback(userId -> { + // The SDK updated case is already handled when we run during the ctor. + synchronized (mLock) { + updateAllPermissions(StorageManager.UUID_PRIVATE_INTERNAL, false); + } + }); + mSystemReady = true; synchronized (mLock) { @@ -4982,9 +4995,8 @@ public class PermissionManagerService extends IPermissionManager.Stub { return PermissionManagerService.this.getAppOpPermissionPackagesInternal(permissionName); } @Override - public void updateAllPermissions(@Nullable String volumeUuid, boolean sdkUpdated) { - PermissionManagerService.this - .updateAllPermissions(volumeUuid, sdkUpdated, mDefaultPermissionCallback); + public void onStorageVolumeMounted(@Nullable String volumeUuid, boolean sdkVersionChanged) { + updateAllPermissions(volumeUuid, sdkVersionChanged); } @Override public void resetRuntimePermissions(@NonNull AndroidPackage pkg, @UserIdInt int userId) { @@ -5084,8 +5096,7 @@ public class PermissionManagerService extends IPermissionManager.Stub { public void onUserCreated(@UserIdInt int userId) { Preconditions.checkArgumentNonNegative(userId, "userId"); // NOTE: This adds UPDATE_PERMISSIONS_REPLACE_PKG - PermissionManagerService.this.updateAllPermissions(StorageManager.UUID_PRIVATE_INTERNAL, - true, mDefaultPermissionCallback); + updateAllPermissions(StorageManager.UUID_PRIVATE_INTERNAL, true); } @Override diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java index 0f6de858c502..59682e13c7e1 100644 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceInternal.java @@ -90,20 +90,6 @@ public interface PermissionManagerServiceInternal extends PermissionManagerInter @UserIdInt int userId); /** - * Update all permissions for all apps. - * - * <p><ol> - * <li>Reconsider the ownership of permission</li> - * <li>Update the state (grant, flags) of the permissions</li> - * </ol> - * - * @param volumeUuid The volume of the packages to be updated, {@code null} for all volumes - * @param allPackages All currently known packages - * @param callback Callback to call after permission changes - */ - void updateAllPermissions(@Nullable String volumeUuid, boolean sdkUpdate); - - /** * Reset the runtime permission state changes for a package. * * TODO(zhanghai): Turn this into package change callback? @@ -221,6 +207,16 @@ public interface PermissionManagerServiceInternal extends PermissionManagerInter void onSystemReady(); /** + * Callback when a storage volume is mounted, so that all packages on it become available. + * + * @param volumeUuid the UUID of the storage volume + * @param sdkVersionChanged whether the current SDK version is different from what it was when + * this volume was last mounted + */ + //@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) + void onStorageVolumeMounted(@NonNull String volumeUuid, boolean sdkVersionChanged); + + /** * Callback when a user has been created. * * @param userId the created user ID |