[高通SDM450][Android9.0]CTA认证--Android6.0以下应用默认不授权
文章目录
-
- 开发平台基本信息
- 问题描述
- 解决方法
开发平台基本信息
芯片: SDM450
版本: Android 9.0
kernel: msm-4.9
问题描述
设备在进行入网认证的时候,实验室要求应用在使用特殊权限的时候,需要告知用户,要用户授权才能使用相应的权限;而Android的动态申请权限是6.0才有的,也就是说,如果应用把sdk版本设置为6.0以下,那么应用则不需要动态申请权限就能默认获得AndroidManifest.xml里面配置的权限;这在入网实验室的不允许的,虽然低版本的应用不会申请授权,但是实验室要求默认不给低版本的应用授权,让用户在设置的应用中手动授权即可。所以,要解决这个问题,就是去掉限制Android6.0的这个条件,让所有版本的应用都需要动态申请权限。
解决方法
diff --git a/frameworks/base/services/core/java/com/android/server/pm/PackageInstallerService.java b/frameworks/base/services/core/java/com/android/server/pm/PackageInstallerService.java
index 95b1a3a8a6..a0712e25c9 100644
--- a/frameworks/base/services/core/java/com/android/server/pm/PackageInstallerService.java
+++ b/frameworks/base/services/core/java/com/android/server/pm/PackageInstallerService.java
@@ -426,6 +426,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub {
// caller.
if (mContext.checkCallingOrSelfPermission(Manifest.permission.INSTALL_PACKAGES) !=
PackageManager.PERMISSION_GRANTED) {
+ mAppOps = mContext.getSystemService(AppOpsManager.class);
mAppOps.checkPackage(callingUid, installerPackageName);
}
diff --git a/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java b/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
index 3de4fc27b3..36b4f52fb9 100755
--- a/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -19548,8 +19548,7 @@ public class PackageManagerService extends IPackageManager.Stub
// If permission review is enabled and this is a legacy app, mark the
// permission as requiring a review as this is the initial state.
int flags = 0;
- if (mSettings.mPermissions.mPermissionReviewRequired
- && ps.pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
+ if (mSettings.mPermissions.mPermissionReviewRequired) {
flags |= FLAG_PERMISSION_REVIEW_REQUIRED;
}
if (permissionsState.updatePermissionFlags(bp, userId, userSettableMask, flags)) {
diff --git a/frameworks/base/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/frameworks/base/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index c51a72406b..b203e3805a 100644
--- a/frameworks/base/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/frameworks/base/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -716,8 +716,7 @@ public class PermissionManagerService {
for (int i = 0; i < N; i++) {
final String permName = pkg.requestedPermissions.get(i);
final BasePermission bp = mSettings.getPermissionLocked(permName);
- final boolean appSupportsRuntimePermissions =
- pkg.applicationInfo.targetSdkVersion >= Build.VERSION_CODES.M;
+ final boolean appSupportsRuntimePermissions =false;
if (DEBUG_INSTALL) {
Log.i(TAG, "Package " + pkg.packageName + " checking " + permName + ": " + bp);
@@ -767,10 +766,7 @@ public class PermissionManagerService {
// their permissions as always granted runtime ones since we need
// to keep the review required permission flag per user while an
// install permission's state is shared across all users.
- if (!appSupportsRuntimePermissions && !mSettings.mPermissionReviewRequired) {
- // For legacy apps dangerous permissions are install time ones.
- grant = GRANT_INSTALL;
- } else if (origPermissions.hasInstallPermission(bp.getName())) {
+ if (origPermissions.hasInstallPermission(bp.getName())) {
// For legacy apps that became modern, install becomes runtime.
grant = GRANT_UPGRADE;
} else if (isLegacySystemApp) {
@@ -1186,14 +1182,6 @@ public class PermissionManagerService {
}
}
if (!allowed) {
- if (!allowed
- && bp.isPre23()
- && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
- // If this was a previously normal/dangerous permission that got moved
- // to a system permission as part of the runtime permission redesign, then
- // we still want to blindly grant it to old apps.
- allowed = true;
- }
if (!allowed && bp.isInstaller()
&& pkg.packageName.equals(mPackageManagerInt.getKnownPackageName(
PackageManagerInternal.PACKAGE_INSTALLER, UserHandle.USER_SYSTEM))) {
@@ -1256,9 +1244,9 @@ public class PermissionManagerService {
}
// Permission review applies only to apps not supporting the new permission model.
- if (pkg.applicationInfo.targetSdkVersion >= Build.VERSION_CODES.M) {
- return false;
- }
+ //if (pkg.applicationInfo.targetSdkVersion >= Build.VERSION_CODES.M) {
+ // return false;
+ //}
// Legacy apps have the permission and get user consent on launch.
if (pkg == null || pkg.mExtras == null) {
@@ -1408,7 +1396,7 @@ public class PermissionManagerService {
// to keep the review required permission flag per user while an
// install permission's state is shared across all users.
if (mSettings.mPermissionReviewRequired
- && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
+ //&& pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
&& bp.isRuntime()) {
return;
}
@@ -1445,10 +1433,10 @@ public class PermissionManagerService {
+ permName + " for package " + packageName);
}
- if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
- Slog.w(TAG, "Cannot grant runtime permission to a legacy app");
- return;
- }
+ //if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
+ // Slog.w(TAG, "Cannot grant runtime permission to a legacy app");
+ // return;
+ //}
final int result = permissionsState.grantRuntimePermission(bp, userId);
switch (result) {
@@ -1529,7 +1517,7 @@ public class PermissionManagerService {
// to keep the review required permission flag per user while an
// install permission's state is shared across all users.
if (mSettings.mPermissionReviewRequired
- && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
+ //&& pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
&& bp.isRuntime()) {
return;
}
diff --git a/packages/apps/PackageInstaller/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java b/packages/apps/PackageInstaller/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
index aafce8df54..620a57a29b 100644
--- a/packages/apps/PackageInstaller/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
+++ b/packages/apps/PackageInstaller/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
@@ -209,8 +209,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
mUserHandle = userHandle;
mPackageManager = mContext.getPackageManager();
mPackageInfo = packageInfo;
- mAppSupportsRuntimePermissions = packageInfo.applicationInfo
- .targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1;
+ mAppSupportsRuntimePermissions = true;
mIsEphemeralApp = packageInfo.applicationInfo.isInstantApp();
mAppOps = context.getSystemService(AppOpsManager.class);
mActivityManager = context.getSystemService(ActivityManager.class);
@@ -407,6 +406,8 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
} else {
// Legacy apps cannot have a not granted permission but just in case.
if (!permission.isGranted()) {
+ mPackageManager.grantRuntimePermission(mPackageInfo.packageName,
+ permission.getName(), mUserHandle);
continue;
}