Android绕过usb主机permision确认对话框framework修改方案

在Android平板上连接USB读卡器，每次启动应用程序时总是会出现USB权限确认对话框提示（如下图所示）。 
 
即使点选“默认情况下用于该USB设备后”在设备重启后也会出现该权限提示，最后笔者通过修改Android Framework层的代码解决，解决方案的原理可以自行分析Android Framwork源码。 
解决方案如下： 
1. 修改 
($ANDROID_PROJ)\frameworks\base\packages\SystemUI\src\com\android\systemui\usb\UsbPermissionActivity.Java，将onCreate(Bundle icicle)函数修改为以下代码。

public void onCreate(Bundle icicle) {
   super.onCreate(icicle);

   Intent intent = getIntent();
   mDevice = (UsbDevice)intent.getParcelableExtra(UsbManager.EXTRA_DEVICE);
   mAccessory = (UsbAccessory)intent.getParcelableExtra(UsbManager.EXTRA_ACCESSORY);
   mPendingIntent = (PendingIntent)intent.getParcelableExtra(Intent.EXTRA_INTENT);
   mUid = intent.getIntExtra(Intent.EXTRA_UID, -1);
   mPackageName = intent.getStringExtra("package");

   PackageManager packageManager = getPackageManager();
   ApplicationInfo aInfo;
   try {
       aInfo = packageManager.getApplicationInfo(mPackageName, 0);
   } catch (PackageManager.NameNotFoundException e) {
       Log.e(TAG, "unable to look up package name", e);
       finish();
       return;
   }
   String appName = aInfo.loadLabel(packageManager).toString();

   final AlertController.AlertParams ap = mAlertParams;
   ap.mIcon = aInfo.loadIcon(packageManager);
   ap.mTitle = appName;
   if (mDevice == null) {
       ap.mMessage = getString(R.string.usb_accessory_permission_prompt, appName);
       mDisconnectedReceiver = new UsbDisconnectedReceiver(this, mAccessory);
   } else {
       ap.mMessage = getString(R.string.usb_device_permission_prompt, appName);
       mDisconnectedReceiver = new UsbDisconnectedReceiver(this, mDevice);
   }
   ap.mPositiveButtonText = getString(android.R.string.ok);
   ap.mNegativeButtonText = getString(android.R.string.cancel);
   ap.mPositiveButtonListener = this;
   ap.mNegativeButtonListener = this;

   // add "always use" checkbox
   LayoutInflater inflater = (LayoutInflater)getSystemService(
           Context.LAYOUT_INFLATER_SERVICE);
   ap.mView = inflater.inflate(com.android.internal.R.layout.always_use_checkbox, null);
   mAlwaysUse = (CheckBox)ap.mView.findViewById(com.android.internal.R.id.alwaysUse);
   if (mDevice == null) {
       mAlwaysUse.setText(R.string.always_use_accessory);
   } else {
       mAlwaysUse.setText(R.string.always_use_device);
   }
   mAlwaysUse.setOnCheckedChangeListener(this);
   mClearDefaultHint = (TextView)ap.mView.findViewById(
                                               com.android.internal.R.id.clearDefaultHint);
   mClearDefaultHint.setVisibility(View.GONE);

   //setupAlert();
   mPermissionGranted = true;
   finish();
}
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

粗体中为修改点，这也是stackoverflow中提到的点，但是实测发现仅仅修改这不能达到目标。 
2. 修改 
($ANDROID_PROJ)\frameworks\base\services\java\com\android\server\usb\UsbSettingsManager.java，依次修改hasPermission(UsbDevice device)、hasPermission(UsbAccessory accessory)、checkPermission(UsbDevice device)、checkPermission(UsbAccessory accessory)、requestPermission(UsbDevice device, String packageName, PendingIntent pi)、requestPermission(UsbAccessory accessory, String packageName, PendingIntent pi)等6个函数，修改代码如下。

public boolean hasPermission(UsbDevice device) {
        synchronized (mLock) {
            //int uid = Binder.getCallingUid();
            //if (uid == Process.SYSTEM_UID) {
            //    return true;
            //}
            //SparseBooleanArray uidList = mDevicePermissionMap.get(device.getDeviceName());
            //if (uidList == null) {
            //    return false;
            //}
            //return uidList.get(uid);
            return true;
        }
    }
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14

public boolean hasPermission(UsbAccessory accessory) {
        synchronized (mLock) {
            //int uid = Binder.getCallingUid();
            //if (uid == Process.SYSTEM_UID) {
            //    return true;
            //}
            //SparseBooleanArray uidList = mAccessoryPermissionMap.get(accessory);
            //if (uidList == null) {
            //    return false;
            //}
            //return uidList.get(uid);
            return true;
        }
    }
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14

public void checkPermission(UsbDevice device) {
        //if (!hasPermission(device)) {
        //    throw new SecurityException("User has not given permission to device " + device);
        //}
    }
 
 
1
2
3
4
5
 
 
1
2
3
4
5

public void checkPermission(UsbAccessory accessory) {
        //if (!hasPermission(accessory)) {
        //    throw new SecurityException("User has not given permission to accessory " + accessory);
        //}
    }
 
 
1
2
3
4
5
 
 
1
2
3
4
5

public void requestPermission(UsbDevice device, String packageName, PendingIntent pi) {
      Intent intent = new Intent();

        // respond immediately if permission has already been granted
      //if (hasPermission(device)) {
      if (true) {         
            intent.putExtra(UsbManager.EXTRA_DEVICE, device);
            intent.putExtra(UsbManager.EXTRA_PERMISSION_GRANTED, true);
            try {
                pi.send(mUserContext, 0, intent);
            } catch (PendingIntent.CanceledException e) {
                if (DEBUG) Slog.d(TAG, "requestPermission PendingIntent was cancelled");
            }
            return;
        }

        // start UsbPermissionActivity so user can choose an activity
        intent.putExtra(UsbManager.EXTRA_DEVICE, device);
        requestPermissionDialog(intent, packageName, pi);
    }
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

public void requestPermission(UsbAccessory accessory, String packageName, PendingIntent pi) {
        Intent intent = new Intent();

        // respond immediately if permission has already been granted
        //if (hasPermission(accessory)) {
        if (true) {
            intent.putExtra(UsbManager.EXTRA_ACCESSORY, accessory);
            intent.putExtra(UsbManager.EXTRA_PERMISSION_GRANTED, true);
            try {
                pi.send(mUserContext, 0, intent);
            } catch (PendingIntent.CanceledException e) {
                if (DEBUG) Slog.d(TAG, "requestPermission PendingIntent was cancelled");
            }
            return;
        }

        intent.putExtra(UsbManager.EXTRA_ACCESSORY, accessory);
        requestPermissionDialog(intent, packageName, pi);
    }
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

修改完成后重新编译framework得到system，update固件就OK了。 
都是做减法，所以是不是so easy，目前通过测试暂时未发现副作用，如果有问题欢迎交流。