Android 8.0 权限警告（not in privapp-permissions whitelist）解决

android.util.Log$TerribleFailure: Signature|privileged permissions not in privapp-permissions whitelist: {com.tct.gdpr: android.permission.CHANGE_CONFIGURATION, com.tct.gdpr: android.permission.MANAGE_USERS}
    at android.util.Log.wtf(Log.java:299)
    at android.util.Slog.wtf(Slog.java:82)
    at com.android.server.pm.PackageManagerService.systemReady(PackageManagerService.java:23099)
    at com.android.server.SystemServer.startOtherServices(SystemServer.java:1810)
    at com.android.server.SystemServer.run(SystemServer.java:457)
    at com.android.server.SystemServer.main(SystemServer.java:304)
    at java.lang.reflect.Method.invoke(Native Method)
    at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:438)
    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:850)

具体分析

以下是定位的log位置

文件路径：PackageManagerService.java (framework\base\services\core\java\com\android\server\pm)
 
        mInstallerService.systemReady();
        mPackageDexOptimizer.systemReady();

        // Now that we're mostly running, clean up stale users and apps
        sUserManager.reconcileUsers(StorageManager.UUID_PRIVATE_INTERNAL);
        reconcileApps(StorageManager.UUID_PRIVATE_INTERNAL);

        if (mPrivappPermissionsViolations != null) {
            Slog.wtf(TAG,"Signature|privileged permissions not in "
                    + "privapp-permissions whitelist: " + mPrivappPermissionsViolations);
            mPrivappPermissionsViolations = null;
        }

文件路径：PackageManagerService.java (framework\base\services\core\java\com\android\server\pm)

private boolean grantSignaturePermission(String perm, PackageParser.Package pkg,
            BasePermission bp, PermissionsState origPermissions) {
        boolean privilegedPermission = (bp.protectionLevel
                & PermissionInfo.PROTECTION_FLAG_PRIVILEGED) != 0;
        boolean privappPermissionsDisable =
                RoSystemProperties.CONTROL_PRIVAPP_PERMISSIONS_DISABLE;
        boolean platformPermission = PLATFORM_PACKAGE_NAME.equals(bp.sourcePackage);
        boolean platformPackage = PLATFORM_PACKAGE_NAME.equals(pkg.packageName);
        if (!privappPermissionsDisable && privilegedPermission && pkg.isPrivilegedApp()
                && !platformPackage && platformPermission) {
            final ArraySet allowedPermissions = SystemConfig.getInstance()
                    .getPrivAppPermissions(pkg.packageName);
            final boolean whitelisted =
                    allowedPermissions != null && allowedPermissions.contains(perm);
            if (!whitelisted) {
                if (DEBUG_SHOW_INFO) {
                    Slog.w(TAG, "Privileged permission " + perm + " for package "
                        + pkg.packageName + " - not in privapp-permissions whitelist");
                }
                // Only report violations for apps on system image
                if (!mSystemReady && !pkg.isUpdatedSystemApp()) {
                    // it's only a reportable violation if the permission isn't explicitly denied
                    final ArraySet deniedPermissions = SystemConfig.getInstance()
                            .getPrivAppDenyPermissions(pkg.packageName);
                    final boolean permissionViolation =
                            deniedPermissions == null || !deniedPermissions.contains(perm);
                    if (permissionViolation) {
                        if (mPrivappPermissionsViolations == null) {
                            mPrivappPermissionsViolations = new ArraySet<>();
                        }
                        mPrivappPermissionsViolations.add(pkg.packageName + ": " + perm);
                    } else {
                        return false;
                    }
                }
                if (RoSystemProperties.CONTROL_PRIVAPP_PERMISSIONS_ENFORCE) {
                    return false;
                }

通过定位可以发现allowedPermissions是关键点。

最后定位到权限白名单添加在/frameworks/base/data/etc/privapp-permissions-platform.xml

添加进去就可以了