Add FLAG_PERMISSION_REVOKED_COMPAT.

We used to store the actual permission state for pre-M apps in app ops, which creates two different sources of permission state and is hard to handle correctly. This change will allow us to store the permission state for pre-M apps within permission as FLAG_PERMISSION_REVOKED_COMPAT (and syncing app op state based on it), and is part of the effort to support rollback of runtime permission state managed by PermissionController. Actually, we do set a REVOKE_ON_UPGRADE flag properly when user grants/revokes a runtime permission for pre-M apps, so it can be used for computing app op state. In the case where app ops are incorrectly set to denied without setting this flag, the app won't get the permission revoked upon upgrade to support runtime permissions, and is stuck with the denied app op, so overriding the app op state in this case is arguably fixing a bad state. Since the proposed new flag will cover whatever REVOKE_ON_UPGRADE does currently, and REVOKE_ON_UPGRADE did imply denying app op in its javadoc, this change is simply adding our new flag by renaming REVOKE_ON_UPGRADE. Bug: 136503238 Test: manual Change-Id: Ib910f4df543d2fd8de259a6675f043d870a6f4c1
author: Hai Zhang <zhanghai@google.com> 2019-09-19 13:57:45 -0700
committer: Hai Zhang <zhanghai@google.com> 2019-09-23 10:57:00 -0700
commit: 50a5a9bb64570f3c042feceb31b9000aaa269bde (patch)
tree: 8f5b21811d9c447113d64340c0d7b7cfe1babd92 /core/java/android
parent: 703ce15fef823e865ae8a1c14538e2887c3e17e0 (diff)
1 files changed, 20 insertions, 3 deletions
diff --git a/core/java/android/content/pm/PackageManager.java b/core/java/android/content/pm/PackageManager.java
index c561013e6768..bdd0ca81e15d 100644
--- a/core/java/android/content/pm/PackageManager.java
+++ b/core/java/android/content/pm/PackageManager.java
@@ -3078,8 +3078,11 @@ public abstract class PackageManager {
      * because the app was updated to support runtime permissions, the
      * the permission will be revoked in the upgrade process.
      *
+     * @deprecated Renamed to {@link #FLAG_PERMISSION_REVOKED_COMPAT}.
+     *
      * @hide
      */
+    @Deprecated
     @SystemApi
     @TestApi
     public static final int FLAG_PERMISSION_REVOKE_ON_UPGRADE =  1 << 3;
@@ -3202,6 +3205,18 @@ public abstract class PackageManager {
     public static final int FLAG_PERMISSION_GRANTED_BY_ROLE =  1 << 15;
 
     /**
+     * Permission flag: The permission should have been revoked but is kept granted for
+     * compatibility. The data protected by the permission should be protected by a no-op (empty
+     * list, default error, etc) instead of crashing the client. The permission will be revoked if
+     * the app is upgraded to supports it.
+     *
+     * @hide
+     */
+    @SystemApi
+    @TestApi
+    public static final int FLAG_PERMISSION_REVOKED_COMPAT =  FLAG_PERMISSION_REVOKE_ON_UPGRADE;
+
+    /**
      * Permission flags: Bitwise or of all permission flags allowing an
      * exemption for a restricted permission.
      * @hide
@@ -3241,7 +3256,8 @@ public abstract class PackageManager {
             | FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT
             | FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT
             | FLAG_PERMISSION_APPLY_RESTRICTION
-            | FLAG_PERMISSION_GRANTED_BY_ROLE;
+            | FLAG_PERMISSION_GRANTED_BY_ROLE
+            | FLAG_PERMISSION_REVOKED_COMPAT;
 
     /**
      * Injected activity in app that forwards user to setting activity of that app.
@@ -4017,7 +4033,8 @@ public abstract class PackageManager {
             FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT,
             FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT,
             FLAG_PERMISSION_APPLY_RESTRICTION,
-            FLAG_PERMISSION_GRANTED_BY_ROLE
+            FLAG_PERMISSION_GRANTED_BY_ROLE,
+            FLAG_PERMISSION_REVOKED_COMPAT
     })
     @Retention(RetentionPolicy.SOURCE)
     public @interface PermissionFlags {}
@@ -7086,7 +7103,6 @@ public abstract class PackageManager {
             case FLAG_PERMISSION_POLICY_FIXED: return "POLICY_FIXED";
             case FLAG_PERMISSION_SYSTEM_FIXED: return "SYSTEM_FIXED";
             case FLAG_PERMISSION_USER_SET: return "USER_SET";
-            case FLAG_PERMISSION_REVOKE_ON_UPGRADE: return "REVOKE_ON_UPGRADE";
             case FLAG_PERMISSION_USER_FIXED: return "USER_FIXED";
             case FLAG_PERMISSION_REVIEW_REQUIRED: return "REVIEW_REQUIRED";
             case FLAG_PERMISSION_REVOKE_WHEN_REQUESTED: return "REVOKE_WHEN_REQUESTED";
@@ -7097,6 +7113,7 @@ public abstract class PackageManager {
             case FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT: return "RESTRICTION_UPGRADE_EXEMPT";
             case FLAG_PERMISSION_APPLY_RESTRICTION: return "APPLY_RESTRICTION";
             case FLAG_PERMISSION_GRANTED_BY_ROLE: return "GRANTED_BY_ROLE";
+            case FLAG_PERMISSION_REVOKED_COMPAT: return "REVOKED_COMPAT";
             default: return Integer.toString(flag);
         }
     }
author	Hai Zhang <zhanghai@google.com>	2019-09-19 13:57:45 -0700
committer	Hai Zhang <zhanghai@google.com>	2019-09-23 10:57:00 -0700
commit	50a5a9bb64570f3c042feceb31b9000aaa269bde (patch)
tree	8f5b21811d9c447113d64340c0d7b7cfe1babd92 /core/java/android
parent	703ce15fef823e865ae8a1c14538e2887c3e17e0 (diff)