From fc202f748ff9fbd827ae1a073cf24f5eba9e3e9d Mon Sep 17 00:00:00 2001 From: "Philip P. Moltmann" Date: Tue, 5 Mar 2019 20:17:00 -0800 Subject: [PATCH] Get permissions flags with GET_RUNTIME_PERMISSION Only require a less-powerful, but heavily restricted permission to the the permission flags. Bug: 124317989 Test: Built Change-Id: Ibdd6baea6dcee57dc327c28663a136e47e80dcb8 --- api/system-current.txt | 2 +- api/test-current.txt | 2 +- core/java/android/content/pm/PackageManager.java | 3 ++- .../pm/permission/PermissionManagerService.java | 16 +++++++++++++++- 4 files changed, 19 insertions(+), 4 deletions(-) diff --git a/api/system-current.txt b/api/system-current.txt index ac2073f18927c..91b99403f2556 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -1609,7 +1609,7 @@ package android.content.pm { method @NonNull @RequiresPermission(android.Manifest.permission.ACCESS_INSTANT_APPS) public abstract java.util.List getInstantApps(); method public abstract java.util.List getIntentFilterVerifications(String); method @RequiresPermission(android.Manifest.permission.INTERACT_ACROSS_USERS_FULL) public abstract int getIntentVerificationStatusAsUser(String, int); - method @android.content.pm.PackageManager.PermissionFlags @RequiresPermission(anyOf={android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS, android.Manifest.permission.REVOKE_RUNTIME_PERMISSIONS}) public abstract int getPermissionFlags(String, String, @NonNull android.os.UserHandle); + method @android.content.pm.PackageManager.PermissionFlags @RequiresPermission(anyOf={android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS, android.Manifest.permission.REVOKE_RUNTIME_PERMISSIONS, android.Manifest.permission.GET_RUNTIME_PERMISSIONS}) public abstract int getPermissionFlags(String, String, @NonNull android.os.UserHandle); method @NonNull @RequiresPermission(android.Manifest.permission.SUSPEND_APPS) public String[] getUnsuspendablePackages(@NonNull String[]); method @RequiresPermission(android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS) public abstract void grantRuntimePermission(@NonNull String, @NonNull String, @NonNull android.os.UserHandle); method @Deprecated public abstract int installExistingPackage(String) throws android.content.pm.PackageManager.NameNotFoundException; diff --git a/api/test-current.txt b/api/test-current.txt index 4d1d44084ad2f..0bceddc09eef9 100644 --- a/api/test-current.txt +++ b/api/test-current.txt @@ -640,7 +640,7 @@ package android.content.pm { method @RequiresPermission("android.permission.INTERACT_ACROSS_USERS_FULL") public abstract java.util.List getInstalledPackagesAsUser(int, int); method @Nullable public abstract String[] getNamesForUids(int[]); method public abstract String getPermissionControllerPackageName(); - method @RequiresPermission(anyOf={"android.permission.GRANT_RUNTIME_PERMISSIONS", "android.permission.REVOKE_RUNTIME_PERMISSIONS"}) public abstract int getPermissionFlags(String, String, @NonNull android.os.UserHandle); + method @RequiresPermission(anyOf={"android.permission.GRANT_RUNTIME_PERMISSIONS", "android.permission.REVOKE_RUNTIME_PERMISSIONS", "android.permission.GET_RUNTIME_PERMISSIONS"}) public abstract int getPermissionFlags(String, String, @NonNull android.os.UserHandle); method @NonNull public abstract String getServicesSystemSharedLibraryPackageName(); method @NonNull public abstract String getSharedSystemSharedLibraryPackageName(); method public String getWellbeingPackageName(); diff --git a/core/java/android/content/pm/PackageManager.java b/core/java/android/content/pm/PackageManager.java index 7d05d508ef77b..d1ebcfdaca3a3 100644 --- a/core/java/android/content/pm/PackageManager.java +++ b/core/java/android/content/pm/PackageManager.java @@ -3867,7 +3867,8 @@ public abstract class PackageManager { @TestApi @RequiresPermission(anyOf = { android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS, - android.Manifest.permission.REVOKE_RUNTIME_PERMISSIONS + android.Manifest.permission.REVOKE_RUNTIME_PERMISSIONS, + android.Manifest.permission.GET_RUNTIME_PERMISSIONS }) public abstract @PermissionFlags int getPermissionFlags(String permissionName, String packageName, @NonNull UserHandle user); diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java index a37c0bb7af620..f7d8e0e278317 100644 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java @@ -2229,7 +2229,7 @@ public class PermissionManagerService { return 0; } - enforceGrantRevokeRuntimePermissionPermissions("getPermissionFlags"); + enforceGrantRevokeGetRuntimePermissionPermissions("getPermissionFlags"); enforceCrossUserPermission(callingUid, userId, true, // requireFullPermission @@ -2596,6 +2596,20 @@ public class PermissionManagerService { } } + private void enforceGrantRevokeGetRuntimePermissionPermissions(@NonNull String message) { + if (mContext.checkCallingOrSelfPermission(Manifest.permission.GET_RUNTIME_PERMISSIONS) + != PackageManager.PERMISSION_GRANTED + && mContext.checkCallingOrSelfPermission(Manifest.permission.GRANT_RUNTIME_PERMISSIONS) + != PackageManager.PERMISSION_GRANTED + && mContext.checkCallingOrSelfPermission(Manifest.permission.REVOKE_RUNTIME_PERMISSIONS) + != PackageManager.PERMISSION_GRANTED) { + throw new SecurityException(message + " requires " + + Manifest.permission.GRANT_RUNTIME_PERMISSIONS + " or " + + Manifest.permission.REVOKE_RUNTIME_PERMISSIONS + " or " + + Manifest.permission.GET_RUNTIME_PERMISSIONS); + } + } + /** * Checks if the request is from the system or an app that has INTERACT_ACROSS_USERS * or INTERACT_ACROSS_USERS_FULL permissions, if the userid is not for the caller.