Skip to content
Snippets Groups Projects
Commit dc8c435c authored by Hai Zhang's avatar Hai Zhang
Browse files

Create a better implementation for permission GIDs. 

The old subsystem creates "fake" permissions owned by the "android"
package that will contain the GIDs and be overridden by system apps,
however that approach is fragile because it depends a lot on the package
scan order since these "fake" permissions will be trimmed after we scan
the "android" package.

In contrast, it's a lot easier and straightforward to just look up the
GIDs upon scanning permission definitions, which will also fix the
package scanning order issue. It also helps with removing one type of
permission definition and the special cases we had to add for it.

This is a better version of the easier but behavior changing fix
ag/26216413.

This change is behind a bug-fix flag since it's still a new way of doing
things, despite that it's straightforward and there's no expected
behavior change except for fixing GID assignment for permissions
declared in APKs-in-APEX etc on first boot.

Fixes: 325137277
Bug: 322197421
Test: manually check the GIDs in dumpsys permissionmgr after clean flash
Change-Id: Ied24c45734e7c57ce8ed0d015121675bfcbae54f
Merged-In: Ied24c45734e7c57ce8ed0d015121675bfcbae54f
(cherry picked from commit 05b75fb4)
parent 5f561f0d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
core/java/android/permission/flags.aconfig
+ 11
0
View file @ dc8c435c
......@@ -64,3 +64,14 @@ flag {
description: "enable Permission PREPARE_FACTORY_RESET."
bug: "302016478"
}
flag {
name: "new_permission_gid_enabled"
is_fixed_read_only: true
namespace: "permissions"
description: "Enable new permission GID implementation"
bug: "325137277"
metadata {
purpose: PURPOSE_BUGFIX
}
}
services/permission/java/com/android/server/permission/access/permission/AppIdPermissionPolicy.kt
+ 54
32
View file @ dc8c435c
......@@ -22,6 +22,7 @@ import android.content.pm.PermissionGroupInfo
import android.content.pm.PermissionInfo
import android.content.pm.SigningDetails
import android.os.Build
import android.permission.flags.Flags
import android.util.Slog
import com.android.internal.os.RoSystemProperties
import com.android.internal.pm.permission.CompatibilityPermissionInfo
......@@ -45,6 +46,7 @@ import com.android.server.pm.KnownPackages
import com.android.server.pm.parsing.PackageInfoUtils
import com.android.server.pm.pkg.AndroidPackage
import com.android.server.pm.pkg.PackageState
import libcore.util.EmptyArray
class AppIdPermissionPolicy : SchemePolicy() {
private val persistence = AppIdPermissionPersistence()
......@@ -72,40 +74,42 @@ class AppIdPermissionPolicy : SchemePolicy() {
}
override fun MutateStateScope.onInitialized() {
newState.externalState.configPermissions.forEach { (permissionName, permissionEntry) ->
val oldPermission = newState.systemState.permissions[permissionName]
val newPermission =
if (oldPermission != null) {
if (permissionEntry.gids != null) {
oldPermission.copy(
gids = permissionEntry.gids,
areGidsPerUser = permissionEntry.perUser
)
} else {
return@forEach
}
} else {
@Suppress("DEPRECATION")
val permissionInfo =
PermissionInfo().apply {
name = permissionName
packageName = PLATFORM_PACKAGE_NAME
protectionLevel = PermissionInfo.PROTECTION_SIGNATURE
if (!Flags.newPermissionGidEnabled()) {
newState.externalState.configPermissions.forEach { (permissionName, permissionEntry) ->
val oldPermission = newState.systemState.permissions[permissionName]
val newPermission =
if (oldPermission != null) {
if (permissionEntry.gids != null) {
oldPermission.copy(
gids = permissionEntry.gids,
areGidsPerUser = permissionEntry.perUser
)
} else {
return@forEach
}
if (permissionEntry.gids != null) {
Permission(
permissionInfo,
false,
Permission.TYPE_CONFIG,
0,
permissionEntry.gids,
permissionEntry.perUser
)
} else {
Permission(permissionInfo, false, Permission.TYPE_CONFIG, 0)
@Suppress("DEPRECATION")
val permissionInfo =
PermissionInfo().apply {
name = permissionName
packageName = PLATFORM_PACKAGE_NAME
protectionLevel = PermissionInfo.PROTECTION_SIGNATURE
}
if (permissionEntry.gids != null) {
Permission(
permissionInfo,
false,
Permission.TYPE_CONFIG,
0,
permissionEntry.gids,
permissionEntry.perUser
)
} else {
Permission(permissionInfo, false, Permission.TYPE_CONFIG, 0)
}
}
}
newState.mutateSystemState().mutatePermissions()[permissionName] = newPermission
newState.mutateSystemState().mutatePermissions()[permissionName] = newPermission
}
}
}
......@@ -454,7 +458,7 @@ class AppIdPermissionPolicy : SchemePolicy() {
)
return@forEachIndexed
}
val newPermission =
var newPermission =
if (oldPermission != null && newPackageName != oldPermission.packageName) {
val oldPackageName = oldPermission.packageName
// Only allow system apps to redefine non-system permissions.
......@@ -577,6 +581,24 @@ class AppIdPermissionPolicy : SchemePolicy() {
)
}
}
if (Flags.newPermissionGidEnabled()) {
var gids = EmptyArray.INT
var areGidsPerUser = false
if (!parsedPermission.isTree && packageState.isSystem) {
newState.externalState.configPermissions[permissionName]?.let {
gids = it.gids
areGidsPerUser = it.perUser
}
}
newPermission = Permission(
newPermissionInfo,
true,
Permission.TYPE_MANIFEST,
packageState.appId,
gids,
areGidsPerUser
)
}
if (parsedPermission.isTree) {
newState.mutateSystemState().mutatePermissionTrees()[permissionName] = newPermission
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment