AOSP permissions are granted by default

Environment Android 8.1

Android the permissions were divided into normal grade, dangerous, signature, signatureOrSystem

  • Normal is a low-risk permission that can be declared in the AndroidManifest;
  • Dangerous is a high-risk permission that you need to alert the user to when acquiring, namely the Runtime permission.
  • Signature is a permission granted automatically only when the signature of the app requesting permission is the same as that of the app claiming permission.
  • SignatureOrSystem is deprecated in API 23.

Runtime permissions


The runtime permissions awarded the work done by grantDefaultPermissions DefaultPermissionGrantPolicy class by default. There are two times to call:

1. When a new User is created

void onNewUserCreated(final int userId) {
    mDefaultPermissionPolicy.grantDefaultPermissions(userId);
    // If permission review for legacy apps is required, we represent
    // dagerous permissions for such apps as always granted runtime
    // permissions to keep per user flag state whether review is needed.
    // Hence, if a new user is added we have to propagate dangerous
    // permission grants for these legacy apps.
    if (mPermissionReviewRequired) {
        updatePermissionsLPw(null.null, UPDATE_PERMISSIONS_ALL | UPDATE_PERMISSIONS_REPLACE_ALL); }}Copy the code

2. SystemReady from time to time

@Override
public void systemReady(a) {
    enforceSystemOrRoot("Only the system can claim the system is ready");

    mSystemReady = true; ...// If we upgraded grant all default permissions before kicking off.
    for (int userId : grantPermissionsUserIds) {
        mDefaultPermissionPolicy.grantDefaultPermissions(userId);
    }
    ……
}
Copy the code

Method implementation:

public void grantDefaultPermissions(int userId) {
    if (mService.hasSystemFeature(PackageManager.FEATURE_EMBEDDED, 0)) {
        grantAllRuntimePermissions(userId);
    } else{ grantPermissionsToSysComponentsAndPrivApps(userId); grantDefaultSystemHandlerPermissions(userId); grantDefaultPermissionExceptions(userId); }}Copy the code

There are four method calls

1.grantAllRuntimePermissions(userId);

Call grantAllRuntimePermissions is a prerequisite for hasSystemFeature (PackageManager. FEATURE_EMBEDDED, 0), look at the FEATURE_EMBEDDED annotation, Discovery is a license to iot devices without a UI.

 /**
     * Feature for {@link #getSystemAvailableFeatures} and
     * {@link #hasSystemFeature}: This is a device for IoT and may not have an UI. An embedded
     * device is defined as a full stack Android device with or without a display and no
     * user-installable apps.
     */
    @SdkConstant(SdkConstantType.FEATURE)
    public static final String FEATURE_EMBEDDED = "android.hardware.type.embedded";
Copy the code

2.grantPermissionsToSysComponentsAndPrivApps(userId);

private void grantPermissionsToSysComponentsAndPrivApps(int userId) {
    Log.i(TAG, "Granting permissions to platform components for user " + userId);

    synchronized (mService.mPackages) {
        for (PackageParser.Package pkg : mService.mPackages.values()) {
            if(! isSysComponentOrPersistentPlatformSignedPrivAppLPr(pkg) || ! doesPackageSupportRuntimePermissions(pkg) || pkg.requestedPermissions.isEmpty()) {continue; } grantRuntimePermissionsForPackageLocked(userId, pkg); }}}Copy the code

The condition is not satisfied

! IsSysComponentOrPersistentPlatformSignedPrivAppLPr (PKG),

! doesPackageSupportRuntimePermissions(pkg)

And the PKG. RequestedPermissions. IsEmpty (),

PKG will be authorized, that is, the conditions of authorization are as follows:

IsSysComponentOrPersistentPlatformSignedPrivAppLPr && doesPackageSupportRuntimePermissions &&! pkg.requestedPermissions.isEmpty()

Translation:

Android.uid. system (adb shell ps); the first column is system (system <10000); SupportRuntimePermissions is application targetSdkVersion > 22 PKG request permissions not empty 3. GrantDefaultSystemHandlerPermissions (userId);

Grant specific permissions to business-specific modules such as STORAGE_PERMISSIONS to the Media provider, The Installer, Verifier, SetupWizard, Camera, Media provider that grants CONTACTS_PERMISSIONS and PHONE_PERMISSIONS to Contacts, etc. Downloads Provider, Downloads UI, Storage Provider, CertInstaller, Dialer, Sim Call Manager, SMS, Cell Broadcast Receiver, Carrier Provisioning Service, Calendar provider, Calendar Provider Sync Adapters, Contacts, Contacts Provider Sync Adapters, Contacts Provider, Device Provisioning, Maps, Gallery, Email, Browser, Voice Interaction, Voice Recognition, Location, Music, Home, Watches, Print Spooler, EmergencyInfo, NFC Tag Viewer, Storage Manager, Companion Devices, Ringtone Picker

4.grantDefaultPermissionExceptions(userId);

Exceptional permissions are granted: The PRODUCT_COPY_FILES mechanism can be used to copy the XML file to the target location and read the XML file under system/etc/default-permissions and vendor/etc/default-permissions. Define the applications and permissions you want to pre-license like this

<exception
    package="foo.bar.permission">
    <permission name="android.permission.READ_CONTACTS" fixed="true"/>
    <permission name="android.permission.READ_CALENDAR" fixed="false"/>
</exception>
Copy the code

Fixed permissions means Fixed permissions that can no longer be manually changed by the user

You can run the following command to view the permission grant result:

adb shell pm dump com.xx.xxx | grep permission

It is important to note that due to the PMS to award, through enforceDeclaredAsUsedAndRuntimeOrDevelopmentPermission method to do check, So the permissions added in default-Mega-Permissions need to be declared in the App’s AndroidManifest and be Runtime or Development permissions to complete the default grant

private static void enforceDeclaredAsUsedAndRuntimeOrDevelopmentPermission( PackageParser.Package pkg, BasePermission bp) {
        int index = pkg.requestedPermissions.indexOf(bp.name);
        if (index == -1) {
            throw new SecurityException("Package " + pkg.packageName
                    + " has not requested permission " + bp.name);
        }
        if(! bp.isRuntime() && ! bp.isDevelopment()) {throw new SecurityException("Permission " + bp.name
                    + " is not a changeable permission type"); }}Copy the code

Franchise rights


For signature permission, refer to the Privilege whitelist

Reference/frameworks/base/core/res/AndroidManifest. XML is known, People with android. Permission. ACCESS_IMS_CALL_SERVICE android. Permission. SEND_SMS_NO_CONFIRMATION android.permission.NETWORK_SETTINGS android.permission.ACCOUNT_MANAGER

To summarize


Want to automatically obtain the Runtime permissions (that is, the dangerous permissions), through grantDefaultPermissionExceptions

To obtain privileges (also known as signature privileges), use the privilege whitelist mechanism