From 5fc2d767ce34101f8e3e4444dbde9efc94a52939 Mon Sep 17 00:00:00 2001 From: Eugene Susla Date: Wed, 4 Mar 2020 13:53:10 -0800 Subject: [PATCH] Replace auto-revoke whitelist permission flags with appop Bug: 146513245 Test: presubmit Change-Id: I6f901b7e5dfe64840e7c3c0ee444730ac6eb4cfc --- api/system-current.txt | 7 +++--- core/java/android/app/AppOpsManager.java | 19 +++++++++++++- core/java/android/app/AsyncNotedAppOp.java | 25 +++++++++++-------- .../android/content/pm/PackageManager.java | 25 +------------------ 4 files changed, 37 insertions(+), 39 deletions(-) diff --git a/api/system-current.txt b/api/system-current.txt index e2957157d4b38..6183850b82687 100755 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -388,6 +388,7 @@ package android.app { field public static final String OPSTR_AUDIO_NOTIFICATION_VOLUME = "android:audio_notification_volume"; field public static final String OPSTR_AUDIO_RING_VOLUME = "android:audio_ring_volume"; field public static final String OPSTR_AUDIO_VOICE_VOLUME = "android:audio_voice_volume"; + field public static final String OPSTR_AUTO_REVOKE_PERMISSIONS_IF_UNUSED = "android:auto_revoke_permissions_if_unused"; field public static final String OPSTR_BIND_ACCESSIBILITY_SERVICE = "android:bind_accessibility_service"; field public static final String OPSTR_CHANGE_WIFI_STATE = "android:change_wifi_state"; field public static final String OPSTR_GET_ACCOUNTS = "android:get_accounts"; @@ -2224,9 +2225,7 @@ package android.content.pm { field public static final String FEATURE_TELEPHONY_CARRIERLOCK = "android.hardware.telephony.carrierlock"; field public static final int FLAGS_PERMISSION_RESERVED_PERMISSIONCONTROLLER = -268435456; // 0xf0000000 field public static final int FLAG_PERMISSION_APPLY_RESTRICTION = 16384; // 0x4000 - field public static final int FLAG_PERMISSION_AUTO_REVOKED = 1048576; // 0x100000 - field public static final int FLAG_PERMISSION_AUTO_REVOKE_IF_UNUSED = 131072; // 0x20000 - field public static final int FLAG_PERMISSION_AUTO_REVOKE_USER_SET = 262144; // 0x40000 + field public static final int FLAG_PERMISSION_AUTO_REVOKED = 131072; // 0x20000 field public static final int FLAG_PERMISSION_GRANTED_BY_DEFAULT = 32; // 0x20 field public static final int FLAG_PERMISSION_GRANTED_BY_ROLE = 32768; // 0x8000 field public static final int FLAG_PERMISSION_ONE_TIME = 65536; // 0x10000 @@ -2310,7 +2309,7 @@ package android.content.pm { method public void onPermissionsChanged(int); } - @IntDef(prefix={"FLAG_PERMISSION_"}, value={android.content.pm.PackageManager.FLAG_PERMISSION_USER_SET, android.content.pm.PackageManager.FLAG_PERMISSION_USER_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_POLICY_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_REVOKE_ON_UPGRADE, android.content.pm.PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_APPLY_RESTRICTION, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_ROLE, android.content.pm.PackageManager.FLAG_PERMISSION_REVOKED_COMPAT, android.content.pm.PackageManager.FLAG_PERMISSION_ONE_TIME, android.content.pm.PackageManager.FLAG_PERMISSION_AUTO_REVOKE_IF_UNUSED, android.content.pm.PackageManager.FLAG_PERMISSION_AUTO_REVOKE_USER_SET, android.content.pm.PackageManager.FLAG_PERMISSION_AUTO_REVOKED}) @java.lang.annotation.Retention(java.lang.annotation.RetentionPolicy.SOURCE) public static @interface PackageManager.PermissionFlags { + @IntDef(prefix={"FLAG_PERMISSION_"}, value={android.content.pm.PackageManager.FLAG_PERMISSION_USER_SET, android.content.pm.PackageManager.FLAG_PERMISSION_USER_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_POLICY_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_REVOKE_ON_UPGRADE, android.content.pm.PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_APPLY_RESTRICTION, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_ROLE, android.content.pm.PackageManager.FLAG_PERMISSION_REVOKED_COMPAT, android.content.pm.PackageManager.FLAG_PERMISSION_ONE_TIME, android.content.pm.PackageManager.FLAG_PERMISSION_AUTO_REVOKED}) @java.lang.annotation.Retention(java.lang.annotation.RetentionPolicy.SOURCE) public static @interface PackageManager.PermissionFlags { } public class PermissionGroupInfo extends android.content.pm.PackageItemInfo implements android.os.Parcelable { diff --git a/core/java/android/app/AppOpsManager.java b/core/java/android/app/AppOpsManager.java index a53fc35080018..3500cd527224a 100644 --- a/core/java/android/app/AppOpsManager.java +++ b/core/java/android/app/AppOpsManager.java @@ -1038,9 +1038,12 @@ public class AppOpsManager { /** @hide Access telephony call audio */ public static final int OP_ACCESS_CALL_AUDIO = 96; + /** @hide Auto-revoke app permissions if app is unused for an extended period */ + public static final int OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED = 97; + /** @hide */ @UnsupportedAppUsage - public static final int _NUM_OP = 97; + public static final int _NUM_OP = 98; /** Access to coarse location information. */ public static final String OPSTR_COARSE_LOCATION = "android:coarse_location"; @@ -1335,6 +1338,11 @@ public class AppOpsManager { @SystemApi public static final String OPSTR_ACCESS_CALL_AUDIO = "android:access_call_audio"; + /** @hide Auto-revoke app permissions if app is unused for an extended period */ + @SystemApi + public static final String OPSTR_AUTO_REVOKE_PERMISSIONS_IF_UNUSED = + "android:auto_revoke_permissions_if_unused"; + /** @hide Communicate cross-profile within the same profile group. */ @SystemApi public static final String OPSTR_INTERACT_ACROSS_PROFILES = "android:interact_across_profiles"; @@ -1424,6 +1432,7 @@ public class AppOpsManager { OP_INTERACT_ACROSS_PROFILES, OP_LOADER_USAGE_STATS, OP_ACCESS_CALL_AUDIO, + OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED, }; /** @@ -1532,6 +1541,7 @@ public class AppOpsManager { OP_ACTIVATE_PLATFORM_VPN, // ACTIVATE_PLATFORM_VPN OP_LOADER_USAGE_STATS, // LOADER_USAGE_STATS OP_ACCESS_CALL_AUDIO, // ACCESS_CALL_AUDIO + OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED, //AUTO_REVOKE_PERMISSIONS_IF_UNUSED }; /** @@ -1635,6 +1645,7 @@ public class AppOpsManager { OPSTR_ACTIVATE_PLATFORM_VPN, OPSTR_LOADER_USAGE_STATS, OPSTR_ACCESS_CALL_AUDIO, + OPSTR_AUTO_REVOKE_PERMISSIONS_IF_UNUSED, }; /** @@ -1739,6 +1750,7 @@ public class AppOpsManager { "ACTIVATE_PLATFORM_VPN", "LOADER_USAGE_STATS", "ACCESS_CALL_AUDIO", + "AUTO_REVOKE_PERMISSIONS_IF_UNUSED", }; /** @@ -1844,6 +1856,7 @@ public class AppOpsManager { null, // no permission for OP_ACTIVATE_PLATFORM_VPN android.Manifest.permission.LOADER_USAGE_STATS, Manifest.permission.ACCESS_CALL_AUDIO, + null, // no permission for OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED }; /** @@ -1949,6 +1962,7 @@ public class AppOpsManager { null, // ACTIVATE_PLATFORM_VPN null, // LOADER_USAGE_STATS null, // ACCESS_CALL_AUDIO + null, // AUTO_REVOKE_PERMISSIONS_IF_UNUSED }; /** @@ -2053,6 +2067,7 @@ public class AppOpsManager { false, // ACTIVATE_PLATFORM_VPN false, // LOADER_USAGE_STATS false, // ACCESS_CALL_AUDIO + false, // AUTO_REVOKE_PERMISSIONS_IF_UNUSED }; /** @@ -2156,6 +2171,7 @@ public class AppOpsManager { AppOpsManager.MODE_IGNORED, // ACTIVATE_PLATFORM_VPN AppOpsManager.MODE_DEFAULT, // LOADER_USAGE_STATS AppOpsManager.MODE_DEFAULT, // ACCESS_CALL_AUDIO + AppOpsManager.MODE_DEFAULT, // OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED }; /** @@ -2263,6 +2279,7 @@ public class AppOpsManager { false, // ACTIVATE_PLATFORM_VPN false, // LOADER_USAGE_STATS false, // ACCESS_CALL_AUDIO + false, // AUTO_REVOKE_PERMISSIONS_IF_UNUSED }; /** diff --git a/core/java/android/app/AsyncNotedAppOp.java b/core/java/android/app/AsyncNotedAppOp.java index 6b1afdad82df7..c2b2063062b56 100644 --- a/core/java/android/app/AsyncNotedAppOp.java +++ b/core/java/android/app/AsyncNotedAppOp.java @@ -23,6 +23,7 @@ import android.os.Parcelable; import com.android.internal.annotations.Immutable; import com.android.internal.util.DataClass; +import com.android.internal.util.Preconditions; /** * When an {@link AppOpsManager#noteOp(String, int, String, String, String) app-op is noted} and the @@ -40,7 +41,7 @@ import com.android.internal.util.DataClass; @DataClass.Suppress({"getOpCode"}) public final class AsyncNotedAppOp implements Parcelable { /** Op that was noted */ - private final @IntRange(from = 0, to = AppOpsManager._NUM_OP - 1) int mOpCode; + private final @IntRange(from = 0) int mOpCode; /** Uid that noted the op */ private final @IntRange(from = 0) int mNotingUid; @@ -61,6 +62,12 @@ public final class AsyncNotedAppOp implements Parcelable { return AppOpsManager.opToPublicName(mOpCode); } + //TODO eugenesusla: support inlinable expressions in annotation params of @DataClass members to + // allow validating via @IntRange(from = 0, to = AppOpsManager._NUM_OP - 1) + private void onConstructed() { + Preconditions.checkArgumentInRange(mOpCode, 0, AppOpsManager._NUM_OP - 1, "opCode"); + } + // Code below generated by codegen v1.0.14. @@ -93,7 +100,7 @@ public final class AsyncNotedAppOp implements Parcelable { */ @DataClass.Generated.Member public AsyncNotedAppOp( - @IntRange(from = 0, to = AppOpsManager._NUM_OP - 1) int opCode, + @IntRange(from = 0) int opCode, @IntRange(from = 0) int notingUid, @Nullable String featureId, @NonNull String message, @@ -101,8 +108,7 @@ public final class AsyncNotedAppOp implements Parcelable { this.mOpCode = opCode; com.android.internal.util.AnnotationValidations.validate( IntRange.class, null, mOpCode, - "from", 0, - "to", AppOpsManager._NUM_OP - 1); + "from", 0); this.mNotingUid = notingUid; com.android.internal.util.AnnotationValidations.validate( IntRange.class, null, mNotingUid, @@ -116,7 +122,7 @@ public final class AsyncNotedAppOp implements Parcelable { IntRange.class, null, mTime, "from", 0); - // onConstructed(); // You can define this method to get a callback + onConstructed(); } /** @@ -223,8 +229,7 @@ public final class AsyncNotedAppOp implements Parcelable { this.mOpCode = opCode; com.android.internal.util.AnnotationValidations.validate( IntRange.class, null, mOpCode, - "from", 0, - "to", AppOpsManager._NUM_OP - 1); + "from", 0); this.mNotingUid = notingUid; com.android.internal.util.AnnotationValidations.validate( IntRange.class, null, mNotingUid, @@ -238,7 +243,7 @@ public final class AsyncNotedAppOp implements Parcelable { IntRange.class, null, mTime, "from", 0); - // onConstructed(); // You can define this method to get a callback + onConstructed(); } @DataClass.Generated.Member @@ -256,10 +261,10 @@ public final class AsyncNotedAppOp implements Parcelable { }; @DataClass.Generated( - time = 1581728574427L, + time = 1583375913345L, codegenVersion = "1.0.14", sourceFile = "frameworks/base/core/java/android/app/AsyncNotedAppOp.java", - inputSignatures = "private final @android.annotation.IntRange(from=0L, to=96L) int mOpCode\nprivate final @android.annotation.IntRange(from=0L) int mNotingUid\nprivate final @android.annotation.Nullable java.lang.String mFeatureId\nprivate final @android.annotation.NonNull java.lang.String mMessage\nprivate final @android.annotation.IntRange(from=0L) long mTime\npublic @android.annotation.NonNull java.lang.String getOp()\nclass AsyncNotedAppOp extends java.lang.Object implements [android.os.Parcelable]\n@com.android.internal.util.DataClass(genEqualsHashCode=true, genAidl=true, genHiddenConstructor=true)") + inputSignatures = "private final @android.annotation.IntRange(from=0L) int mOpCode\nprivate final @android.annotation.IntRange(from=0L) int mNotingUid\nprivate final @android.annotation.Nullable java.lang.String mFeatureId\nprivate final @android.annotation.NonNull java.lang.String mMessage\nprivate final @android.annotation.IntRange(from=0L) long mTime\npublic @android.annotation.NonNull java.lang.String getOp()\nprivate void onConstructed()\nclass AsyncNotedAppOp extends java.lang.Object implements [android.os.Parcelable]\n@com.android.internal.util.DataClass(genEqualsHashCode=true, genAidl=true, genHiddenConstructor=true)") @Deprecated private void __metadata() {} diff --git a/core/java/android/content/pm/PackageManager.java b/core/java/android/content/pm/PackageManager.java index 9b28cb5e88ab6..44c598644f85f 100644 --- a/core/java/android/content/pm/PackageManager.java +++ b/core/java/android/content/pm/PackageManager.java @@ -3399,30 +3399,13 @@ public abstract class PackageManager { @SystemApi public static final int FLAG_PERMISSION_ONE_TIME = 1 << 16; - /** - * Permission flag: The permission is whitelisted to not be auto-revoked when app goes unused. - * - * @hide - */ - @SystemApi - public static final int FLAG_PERMISSION_AUTO_REVOKE_IF_UNUSED = 1 << 17; - - /** - * Permission flag: Whether {@link #FLAG_PERMISSION_AUTO_REVOKE_IF_UNUSED} state was set by - * user. - * - * @hide - */ - @SystemApi - public static final int FLAG_PERMISSION_AUTO_REVOKE_USER_SET = 1 << 18; - /** * Permission flag: Whether permission was revoked by auto-revoke. * * @hide */ @SystemApi - public static final int FLAG_PERMISSION_AUTO_REVOKED = 1 << 20; + public static final int FLAG_PERMISSION_AUTO_REVOKED = 1 << 17; /** * Permission flags: Reserved for use by the permission controller. @@ -3476,8 +3459,6 @@ public abstract class PackageManager { | FLAG_PERMISSION_GRANTED_BY_ROLE | FLAG_PERMISSION_REVOKED_COMPAT | FLAG_PERMISSION_ONE_TIME - | FLAG_PERMISSION_AUTO_REVOKE_IF_UNUSED - | FLAG_PERMISSION_AUTO_REVOKE_USER_SET | FLAG_PERMISSION_AUTO_REVOKED; /** @@ -4302,8 +4283,6 @@ public abstract class PackageManager { FLAG_PERMISSION_GRANTED_BY_ROLE, FLAG_PERMISSION_REVOKED_COMPAT, FLAG_PERMISSION_ONE_TIME, - FLAG_PERMISSION_AUTO_REVOKE_IF_UNUSED, - FLAG_PERMISSION_AUTO_REVOKE_USER_SET, FLAG_PERMISSION_AUTO_REVOKED }) @Retention(RetentionPolicy.SOURCE) @@ -7471,8 +7450,6 @@ public abstract class PackageManager { case FLAG_PERMISSION_GRANTED_BY_ROLE: return "GRANTED_BY_ROLE"; case FLAG_PERMISSION_REVOKED_COMPAT: return "REVOKED_COMPAT"; case FLAG_PERMISSION_ONE_TIME: return "ONE_TIME"; - case FLAG_PERMISSION_AUTO_REVOKE_IF_UNUSED: return "AUTO_REVOKE_IF_UNUSED"; - case FLAG_PERMISSION_AUTO_REVOKE_USER_SET: return "AUTO_REVOKE_USER_SET"; case FLAG_PERMISSION_AUTO_REVOKED: return "AUTO_REVOKED"; default: return Integer.toString(flag); }