Merge "Define protection level for document manager."

2018-12-11 20:53:47 +00:00
parent b5555f6929 15707b3f4d
commit 05ab573f4a
9 changed files with 59 additions and 5 deletions
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -173,6 +173,7 @@ package android {
    field public static final java.lang.String REGISTER_CONNECTION_MANAGER = "android.permission.REGISTER_CONNECTION_MANAGER";
    field public static final java.lang.String REGISTER_SIM_SUBSCRIPTION = "android.permission.REGISTER_SIM_SUBSCRIPTION";
    field public static final java.lang.String REMOVE_DRM_CERTIFICATES = "android.permission.REMOVE_DRM_CERTIFICATES";
+    field public static final java.lang.String REMOVE_TASKS = "android.permission.REMOVE_TASKS";
    field public static final java.lang.String RESET_PASSWORD = "android.permission.RESET_PASSWORD";
    field public static final java.lang.String RESTRICTED_VR_ACCESS = "android.permission.RESTRICTED_VR_ACCESS";
    field public static final java.lang.String RETRIEVE_WINDOW_CONTENT = "android.permission.RETRIEVE_WINDOW_CONTENT";
@@ -1365,6 +1366,7 @@ package android.content.pm {

  public class PermissionInfo extends android.content.pm.PackageItemInfo implements android.os.Parcelable {
    field public static final int FLAG_REMOVED = 2; // 0x2
+    field public static final int PROTECTION_FLAG_DOCUMENTER = 262144; // 0x40000
    field public static final int PROTECTION_FLAG_OEM = 16384; // 0x4000
    field public static final int PROTECTION_FLAG_SYSTEM_TEXT_CLASSIFIER = 65536; // 0x10000
    field public static final int PROTECTION_FLAG_WELLBEING = 131072; // 0x20000
--- a/api/test-current.txt
+++ b/api/test-current.txt
@@ -10,6 +10,8 @@ package android {
    field public static final java.lang.String FORCE_STOP_PACKAGES = "android.permission.FORCE_STOP_PACKAGES";
    field public static final java.lang.String MANAGE_ACTIVITY_STACKS = "android.permission.MANAGE_ACTIVITY_STACKS";
    field public static final java.lang.String READ_CELL_BROADCASTS = "android.permission.READ_CELL_BROADCASTS";
+    field public static final java.lang.String REMOVE_TASKS = "android.permission.REMOVE_TASKS";
+    field public static final java.lang.String WRITE_OBB = "android.permission.WRITE_OBB";
  }

 }
@@ -372,6 +374,7 @@ package android.content.pm {
  }

  public class PermissionInfo extends android.content.pm.PackageItemInfo implements android.os.Parcelable {
+    field public static final int PROTECTION_FLAG_DOCUMENTER = 262144; // 0x40000
    field public static final int PROTECTION_FLAG_SYSTEM_TEXT_CLASSIFIER = 65536; // 0x10000
    field public static final int PROTECTION_FLAG_VENDOR_PRIVILEGED = 32768; // 0x8000
    field public static final int PROTECTION_FLAG_WELLBEING = 131072; // 0x20000
--- a/core/java/android/content/pm/PackageManagerInternal.java
+++ b/core/java/android/content/pm/PackageManagerInternal.java
@@ -54,6 +54,7 @@ public abstract class PackageManagerInternal {
    public static final int PACKAGE_SYSTEM_TEXT_CLASSIFIER = 5;
    public static final int PACKAGE_PERMISSION_CONTROLLER = 6;
    public static final int PACKAGE_WELLBEING = 7;
+    public static final int PACKAGE_DOCUMENTER = 8;
    @IntDef(value = {
        PACKAGE_SYSTEM,
        PACKAGE_SETUP_WIZARD,
@@ -63,6 +64,7 @@ public abstract class PackageManagerInternal {
        PACKAGE_SYSTEM_TEXT_CLASSIFIER,
        PACKAGE_PERMISSION_CONTROLLER,
        PACKAGE_WELLBEING,
+        PACKAGE_DOCUMENTER,
    })
    @Retention(RetentionPolicy.SOURCE)
    public @interface KnownPackage {}
--- a/core/java/android/content/pm/PermissionInfo.java
+++ b/core/java/android/content/pm/PermissionInfo.java
@@ -192,6 +192,17 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable {
    @TestApi
    public static final int PROTECTION_FLAG_WELLBEING = 0x20000;

+    /**
+     * Additional flag for {@link #protectionLevel}, corresponding to the
+     * {@code documenter} value of {@link android.R.attr#protectionLevel}.
+     *
+     * @hide
+     */
+    @SystemApi
+    @TestApi
+    public static final int PROTECTION_FLAG_DOCUMENTER = 0x40000;
+
+
    /** @hide */
    @IntDef(flag = true, prefix = { "PROTECTION_FLAG_" }, value = {
            PROTECTION_FLAG_PRIVILEGED,
@@ -209,6 +220,7 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable {
            PROTECTION_FLAG_VENDOR_PRIVILEGED,
            PROTECTION_FLAG_SYSTEM_TEXT_CLASSIFIER,
            PROTECTION_FLAG_WELLBEING,
+            PROTECTION_FLAG_DOCUMENTER,
    })
    @Retention(RetentionPolicy.SOURCE)
    public @interface ProtectionFlags {}
@@ -401,6 +413,9 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable {
        if ((level & PermissionInfo.PROTECTION_FLAG_WELLBEING) != 0) {
            protLevel += "|wellbeing";
        }
+        if ((level & PermissionInfo.PROTECTION_FLAG_DOCUMENTER) != 0) {
+            protLevel += "|documenter";
+        }
        return protLevel;
    }

--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -897,7 +897,7 @@
        android:protectionLevel="dangerous"
        android:usageInfoRequired="true" />

-    <!-- @hide @SystemApi
+    <!-- @hide @SystemApi @TestApi
         Allows an application to modify OBB files visible to other apps. -->
    <permission android:name="android.permission.WRITE_OBB"
        android:protectionLevel="signature|privileged" />
@@ -2087,10 +2087,9 @@
         <p>This permission should <em>only</em> be requested by the platform
         document management app.  This permission cannot be granted to
         third-party apps.
-         <p>Protection level: signature
    -->
    <permission android:name="android.permission.MANAGE_DOCUMENTS"
-        android:protectionLevel="signature" />
+        android:protectionLevel="signature|documenter" />

    <!-- @hide Allows an application to cache content.
         <p>Not for use by third-party applications.
@@ -2213,9 +2212,9 @@
        android:description="@string/permdesc_reorderTasks"
        android:protectionLevel="normal" />

-    <!-- @hide Allows an application to change to remove/kill tasks -->
+    <!-- @SystemApi @TestApi @hide Allows an application to change to remove/kill tasks -->
    <permission android:name="android.permission.REMOVE_TASKS"
-        android:protectionLevel="signature" />
+        android:protectionLevel="signature|documenter" />

    <!-- @SystemApi @TestApi @hide Allows an application to create/manage/remove stacks -->
    <permission android:name="android.permission.MANAGE_ACTIVITY_STACKS"
--- a/core/res/res/values/attrs_manifest.xml
+++ b/core/res/res/values/attrs_manifest.xml
@@ -271,6 +271,9 @@
        <!-- Additional flag from base permission type: this permission will be granted to the
             wellbeing app, as defined by the OEM. -->
        <flag name="wellbeing" value="0x20000" />
+        <!-- Additional flag from base permission type: this permission can be automatically
+            granted to the document manager -->
+        <flag name="documenter" value="0x40000" />
    </attr>

    <!-- Flags indicating more context for a permission group. -->
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -1298,6 +1298,7 @@ public class PackageManagerService extends IPackageManager.Stub
    final @Nullable String mStorageManagerPackage;
    final @Nullable String mSystemTextClassifierPackage;
    final @Nullable String mWellbeingPackage;
+    final @Nullable String mDocumenterPackage;
    final @NonNull String mServicesSystemSharedLibraryPackageName;
    final @NonNull String mSharedSystemSharedLibraryPackageName;

@@ -2781,6 +2782,7 @@ public class PackageManagerService extends IPackageManager.Stub
            mSystemTextClassifierPackage = getSystemTextClassifierPackageName();

            mWellbeingPackage = getWellbeingPackageName();
+            mDocumenterPackage = getDocumenterPackageName();

            // Now that we know all of the shared libraries, update all clients to have
            // the correct library paths.
@@ -19567,6 +19569,22 @@ public class PackageManagerService extends IPackageManager.Stub
        return mContext.getString(R.string.config_defaultTextClassifierPackage);
    }

+    private @Nullable String getDocumenterPackageName() {
+        final Intent intent = new Intent(Intent.ACTION_OPEN_DOCUMENT);
+
+        final List<ResolveInfo> matches = queryIntentActivitiesInternal(intent, null,
+                MATCH_SYSTEM_ONLY | MATCH_DIRECT_BOOT_AWARE | MATCH_DIRECT_BOOT_UNAWARE
+                        | MATCH_DISABLED_COMPONENTS,
+                UserHandle.myUserId());
+        if (matches.size() == 1) {
+            return matches.get(0).getComponentInfo().packageName;
+        } else {
+            Slog.e(TAG, "There should probably be exactly one documenter; found "
+                    + matches.size() + ": matches=" + matches);
+            return null;
+        }
+    }
+
    @Override
    public String getWellbeingPackageName() {
        return mContext.getString(R.string.config_defaultWellbeingPackage);
@@ -22730,6 +22748,8 @@ public class PackageManagerService extends IPackageManager.Stub
                    return mRequiredPermissionControllerPackage;
                case PackageManagerInternal.PACKAGE_WELLBEING:
                    return mWellbeingPackage;
+                case PackageManagerInternal.PACKAGE_DOCUMENTER:
+                    return mDocumenterPackage;
            }
            return null;
        }
--- a/services/core/java/com/android/server/pm/permission/BasePermission.java
+++ b/services/core/java/com/android/server/pm/permission/BasePermission.java
@@ -244,6 +244,9 @@ public final class BasePermission {
    public boolean isWellbeing() {
        return (protectionLevel & PermissionInfo.PROTECTION_FLAG_WELLBEING) != 0;
    }
+    public boolean isDocumenter() {
+        return (protectionLevel & PermissionInfo.PROTECTION_FLAG_DOCUMENTER) != 0;
+    }

    public void transfer(@NonNull String origPackageName, @NonNull String newPackageName) {
        if (!origPackageName.equals(sourcePackageName)) {
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -1647,6 +1647,13 @@ public class PermissionManagerService {
                // Special permission granted only to the OEM specified wellbeing app
                allowed = true;
            }
+            if (!allowed && bp.isDocumenter()
+                    && pkg.packageName.equals(mPackageManagerInt.getKnownPackageName(
+                            PackageManagerInternal.PACKAGE_DOCUMENTER, UserHandle.USER_SYSTEM))) {
+                // If this permission is to be granted to the documenter and
+                // this app is the documenter, then it gets the permission.
+                allowed = true;
+            }
        }
        return allowed;
    }