android权限管理分为两种:
SDK<23:在manifest中声明,安装时赋予所有声明权限,不同意则不安装;
SDK>=23:
1、普通权限、声明即可直接赋予,不会在设置中显示给用户;
2、危险权限和特殊权限,需要声明且发送请求用户授权的intent,可自由开关每个权限;
系统中的定义权限位置在:
framework/base/core/res/AndroidManifest.xml
framework/base/data/etc/platform.xml
一、权限级别(ProtectionLevel)
1.1 Normal
android:protectionLevel="normal"
对用户隐私或者安全都不会带来影响
1.2 Dangerous
android:protectionLevel="dangerous"
需要在mainifest中声明且发送请求用户授权的intent,赋予某个组中的其中一个权限,自动赋予组内其他所有权限;
可用命令adb shell pm list permissions -d -g查看
1.3 Signature
android:protectionLevel="signature"
两类应用可使用
1.只有和定义了这个权限的apk用相同的私钥签名的应用才可以申请该权限
2.与系统签名相同的system app,即与厂商签名(厂商ROM中的系统app签名)相同的app
1.4 SignatureOrSystem
android:protectionLevel="signature|privileged"
三类应用可使用
1.只有和定义了这个权限的apk用相同的私钥签名的应用才可以申请该权限
2.与系统签名相同的app,即与厂商签名(厂商ROM中的系统app签名)相同的app
3.任意app只要标记了privileged(可暂理解为放到了/system/priv-app)就可以使用signatureOrSystem级别的权限
1.5 install权限和runtime权限
install权限:
安装时权限,是指在安装app的时候,赋予app的权限。normal和signature级别(包括SignatureOrSystem)的权限都是安装时权限。不会给用户提示界面,系统自动决定权限的赋予或拒绝。
runtime权限:
运行时权限,是指在app运行过程中,赋予app的权限。这个过程中,会显示明显的权限授予界面,让用户决定是否授予权限。dangerous权限就是运行时权限。(以下主要针对SDK<23时dangerous权限就变成了install权限)
二、app种类
1、system app (有ApplicationInfo.FLAG_SYSTEM标记)
2、privileged app (有ApplicationInfo.FLAG_SYSTEM和ApplicationInfo.PRIVATE_FLAG_PRIVILEGE两个标记)
2.1 system app
system app 定义很明了,就是在PMS初始化安装app的时候赋予了ApplicationInfo.FLAG_SYSTEM这个标记
1、特定shareUID的app
代码在PMS的构造函数中
mSettings.addSharedUserLPw("android.uid.system", Process.SYSTEM_UID,
ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);
mSettings.addSharedUserLPw("android.uid.phone", RADIO_UID,
ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);
mSettings.addSharedUserLPw("android.uid.log", LOG_UID,
ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);
mSettings.addSharedUserLPw("android.uid.nfc", NFC_UID,
ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);
mSettings.addSharedUserLPw("android.uid.bluetooth", BLUETOOTH_UID,
ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);
mSettings.addSharedUserLPw("android.uid.shell", SHELL_UID,
ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);2、扫描安装特定目录的app
代码在PMS的构造函数中,扫描安装时给予PackageParser.PARSE_IS_SYSTEM标记的app,如/vendor/overlay,/system/framework,/system/priv-app,/system/app,/vendor/app,/oem/app等,给予的PackageParser.PARSE_IS_SYSTEM最终会转换为ApplicationInfo.FLAG_SYSTEM,部分代码如下
File vendorOverlayDir = new File(VENDOR_OVERLAY_DIR);
scanDirTracedLI(vendorOverlayDir, mDefParseFlags
| PackageParser.PARSE_IS_SYSTEM
| PackageParser.PARSE_IS_SYSTEM_DIR
| PackageParser.PARSE_TRUSTED_OVERLAY, scanFlags | SCAN_TRUSTED_OVERLAY, 0);
File customFrameworkDir = new File("/custom/framework");
scanDirLI(customFrameworkDir, PackageParser.PARSE_IS_SYSTEM
| PackageParser.PARSE_IS_SYSTEM_DIR,
scanFlags | SCAN_NO_DEX, 0);
scanDirTracedLI(frameworkDir, mDefParseFlags
| PackageParser.PARSE_IS_SYSTEM
| PackageParser.PARSE_IS_SYSTEM_DIR
| PackageParser.PARSE_IS_PRIVILEGED,
scanFlags | SCAN_NO_DEX, 0);flag转换的过程大致如下
-> scanDirLI(File dir, final int parseFlags, int scanFlags, long currentTime)
-> scanPackageTracedLI(PackageParser.Package pkg, final int policyFlags,
int scanFlags, long currentTime, UserHandle user)
-> scanPackageLI(PackageParser.Package pkg, final int policyFlags,
int scanFlags, long currentTime, UserHandle user)
-> scanPackageDirtyLI(PackageParser.Package pkg,
final int policyFlags, final int scanFlags, long currentTime, UserHandle user)
//在scanPackageDirtyLI方法中将flag转换
// Apply policy
if ((policyFlags&PackageParser.PARSE_IS_SYSTEM) != 0) {
pkg.applicationInfo.flags |= ApplicationInfo.FLAG_SYSTEM;
...
}2.2 privileged app
privileged app在ApplicationInfo.FLAG_SYSTEM基础上还必须有ApplicationInfo.PRIVATE_FLAG_PRIVILEGED标记
1、特定shareUID的app
特定shareUID的app有ApplicationInfo.FLAG_SYSTEM的同时都有ApplicationInfo.PRIVATE_FLAG_PRIVILEGED
2、扫描特定目录app时,给予了PackageParser.PARSE_IS_SYSTEM标记和PackageParser.PARSE_IS_PRIVILEGED标记,目录有三个:system/framework,system/priv-app,vendor/priv-app
例如:
//vender/framework目录下有PackageParser.PARSE_IS_SYSTEM没有PackageParser.PARSE_IS_PRIVILEGED标记
File vendorFrameworkDir = new File(Environment.getVendorDirectory(), "framework");
scanDirTracedLI(vendorFrameworkDir, PackageParser.PARSE_IS_SYSTEM
| PackageParser.PARSE_IS_SYSTEM_DIR,
scanFlags | SCAN_NO_DEX, 0);
//system/framework目录下两个标记都有
scanDirTracedLI(frameworkDir, mDefParseFlags
| PackageParser.PARSE_IS_SYSTEM
| PackageParser.PARSE_IS_SYSTEM_DIR
| PackageParser.PARSE_IS_PRIVILEGED,
scanFlags | SCAN_NO_DEX, 0);PackageParser.PARSE_IS_PRIVILEGED也是在scanPackageDirtyLI方法中转换的
if ((policyFlags&PackageParser.PARSE_IS_PRIVILEGED) != 0) {
pkg.applicationInfo.privateFlags |= ApplicationInfo.PRIVATE_FLAG_PRIVILEGED;
}Android 12 系统存在permissioncontroller的apk,用来管理权限
涉及 PackageManagerService 和 PermissionManagerService
app源码路径为packages/modules/Permission/PermissionController/src/com/android/permissioncontroller/permission/
AppPermissions:是权限的实体类
packages\modules\Permission\PermissionController\src\com\android\permissioncontroller\permission\model\AppPermissions.java
其中:AppPermissionGroup用于管理权限的授予与收回
packages\modules\Permission\PermissionController\src\com\android\permissioncontroller\permission\model\AppPermissionGroup.java
收回权限:
public boolean revokeRuntimePermissions(boolean fixedByTheUser) {
return revokeRuntimePermissions(fixedByTheUser, null);
}申请权限:
public boolean grantRuntimePermissions(boolean setByTheUser, boolean fixedByTheUser) {
return grantRuntimePermissions(setByTheUser, fixedByTheUser, null);
} /**
* Grant permissions of the group.
*
* <p>This also automatically grants all app ops for permissions that have app ops.
* <p>This does <u>only</u> grant permissions in {@link #mPermissions}, i.e. usually not
* the background permissions.
*
* @param setByTheUser If the user has made the decision. This does not unset the flag
* @param fixedByTheUser If the user requested that she/he does not want to be asked again
* @param filterPermissions If {@code null} all permissions of the group will be granted.
* Otherwise only permissions in {@code filterPermissions} will be
* granted.
*
* @return {@code true} iff all permissions of this group could be granted.
*/
public boolean grantRuntimePermissions(boolean setByTheUser, boolean fixedByTheUser,
String[] filterPermissions) {
boolean killApp = false;
boolean wasAllGranted = true;
// We toggle permissions only to apps that support runtime
// permissions, otherwise we toggle the app op corresponding
// to the permission if the permission is granted to the app.
for (Permission permission : mPermissions.values()) {
if (filterPermissions != null
&& !ArrayUtils.contains(filterPermissions, permission.getName())) {
continue;
}
if (!permission.isGrantingAllowed(mIsEphemeralApp, mAppSupportsRuntimePermissions)) {
// Skip unallowed permissions.
continue;
}
boolean wasGranted = permission.isGrantedIncludingAppOp();
if (mAppSupportsRuntimePermissions) {
// Do not touch permissions fixed by the system.
if (permission.isSystemFixed()) {
wasAllGranted = false;
break;
}
// Ensure the permission app op is enabled before the permission grant.
if (permission.affectsAppOp() && !permission.isAppOpAllowed()) {
permission.setAppOpAllowed(true);
}
// Grant the permission if needed.
if (!permission.isGranted()) {
permission.setGranted(true);
}
// Update the permission flags.
if (!fixedByTheUser) {
if (permission.isUserFixed()) {
permission.setUserFixed(false);
}
if (setByTheUser) {
if (!permission.isUserSet()) {
permission.setUserSet(true);
}
}
} else {
if (!permission.isUserFixed()) {
permission.setUserFixed(true);
}
if (permission.isUserSet()) {
permission.setUserSet(false);
}
}
} else {
// Legacy apps cannot have a not granted permission but just in case.
if (!permission.isGranted()) {
continue;
}
// If the permissions has no corresponding app op, then it is a
// third-party one and we do not offer toggling of such permissions.
if (permission.affectsAppOp()) {
if (!permission.isAppOpAllowed()) {
permission.setAppOpAllowed(true);
// Legacy apps do not know that they have to retry access to a
// resource due to changes in runtime permissions (app ops in this
// case). Therefore, we restart them on app op change, so they
// can pick up the change.
killApp = true;
}
// Mark that the permission is not kept granted only for compatibility.
if (permission.isRevokedCompat()) {
permission.setRevokedCompat(false);
}
}
// Granting a permission explicitly means the user already
// reviewed it so clear the review flag on every grant.
if (permission.isReviewRequired()) {
permission.unsetReviewRequired();
}
}
// If we newly grant background access to the fine location, double-guess the user some
// time later if this was really the right choice.
if (!wasGranted && permission.isGrantedIncludingAppOp()) {
if (permission.getName().equals(ACCESS_FINE_LOCATION)) {
Permission bgPerm = permission.getBackgroundPermission();
if (bgPerm != null) {
if (bgPerm.isGrantedIncludingAppOp()) {
mTriggerLocationAccessCheckOnPersist = true;
}
}
} else if (permission.getName().equals(ACCESS_BACKGROUND_LOCATION)) {
ArrayList<Permission> fgPerms = permission.getForegroundPermissions();
if (fgPerms != null) {
int numFgPerms = fgPerms.size();
for (int fgPermNum = 0; fgPermNum < numFgPerms; fgPermNum++) {
Permission fgPerm = fgPerms.get(fgPermNum);
if (fgPerm.getName().equals(ACCESS_FINE_LOCATION)) {
if (fgPerm.isGrantedIncludingAppOp()) {
mTriggerLocationAccessCheckOnPersist = true;
}
break;
}
}
}
}
}
}
if (!mDelayChanges) {
persistChanges(false);
if (killApp) {
killApp(KILL_REASON_APP_OP_CHANGE);
}
}
return wasAllGranted;
}通过调用persistChanges(false);方法 来调用PMS更新权限
/**
* If the changes to this group were delayed, persist them to the platform.
*
* @param mayKillBecauseOfAppOpsChange If the app these permissions belong to may be killed if
* app ops change. If this is set to {@code false} the
* caller has to make sure to kill the app if needed.
* @param revokeReason If any permissions are getting revoked, the reason for revoking them.
*/
public void persistChanges(boolean mayKillBecauseOfAppOpsChange, String revokeReason) {
int uid = mPackageInfo.applicationInfo.uid;
int numPermissions = mPermissions.size();
boolean shouldKillApp = false;
for (int i = 0; i < numPermissions; i++) {
Permission permission = mPermissions.valueAt(i);
if (!permission.isSystemFixed()) {
if (permission.isGranted()) {
mPackageManager.grantRuntimePermission(mPackageInfo.packageName,
permission.getName(), mUserHandle);
} else {
boolean isCurrentlyGranted = mContext.checkPermission(permission.getName(), -1,
uid) == PERMISSION_GRANTED;
if (isCurrentlyGranted) {
if (revokeReason == null) {
mPackageManager.revokeRuntimePermission(mPackageInfo.packageName,
permission.getName(), mUserHandle);
} else {
mPackageManager.revokeRuntimePermission(mPackageInfo.packageName,
permission.getName(), mUserHandle, revokeReason);
}
}
}
}
int flags = (permission.isUserSet() ? PackageManager.FLAG_PERMISSION_USER_SET : 0)
| (permission.isUserFixed() ? PackageManager.FLAG_PERMISSION_USER_FIXED : 0)
| (permission.isRevokedCompat()
? PackageManager.FLAG_PERMISSION_REVOKED_COMPAT : 0)
| (permission.isPolicyFixed() ? PackageManager.FLAG_PERMISSION_POLICY_FIXED : 0)
| (permission.isReviewRequired()
? PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED : 0)
| (permission.isOneTime() ? PackageManager.FLAG_PERMISSION_ONE_TIME : 0);
mPackageManager.updatePermissionFlags(permission.getName(),
mPackageInfo.packageName,
PackageManager.FLAG_PERMISSION_USER_SET
| PackageManager.FLAG_PERMISSION_USER_FIXED
| PackageManager.FLAG_PERMISSION_REVOKED_COMPAT
| PackageManager.FLAG_PERMISSION_POLICY_FIXED
| (permission.isReviewRequired()
? 0 : PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED)
| PackageManager.FLAG_PERMISSION_ONE_TIME
| PackageManager.FLAG_PERMISSION_AUTO_REVOKED, // clear auto revoke
flags, mUserHandle);
if (permission.affectsAppOp()) {
if (!permission.isSystemFixed()) {
// Enabling/Disabling an app op may put the app in a situation in which it has
// a handle to state it shouldn't have, so we have to kill the app. This matches
// the revoke runtime permission behavior.
if (permission.isAppOpAllowed()) {
boolean wasChanged = allowAppOp(permission, uid);
shouldKillApp |= wasChanged && !mAppSupportsRuntimePermissions;
} else {
shouldKillApp |= disallowAppOp(permission, uid);
}
}
}
}
if (mayKillBecauseOfAppOpsChange && shouldKillApp) {
killApp(KILL_REASON_APP_OP_CHANGE);
}
if (mTriggerLocationAccessCheckOnPersist) {
new LocationAccessCheck(mContext, null).checkLocationAccessSoon();
mTriggerLocationAccessCheckOnPersist = false;
}
String packageName = mPackageInfo.packageName;
if (isOneTime() && areRuntimePermissionsGranted()) {
mContext.getSystemService(PermissionManager.class)
.startOneTimePermissionSession(packageName,
Utils.getOneTimePermissionsTimeout(),
ONE_TIME_PACKAGE_IMPORTANCE_LEVEL_TO_RESET_TIMER,
ONE_TIME_PACKAGE_IMPORTANCE_LEVEL_TO_KEEP_SESSION_ALIVE);
} else if (!Utils.hasOneTimePermissions(mContext, packageName)) {
mContext.getSystemService(PermissionManager.class)
.stopOneTimePermissionSession(packageName);
}
}PackageManager是抽象类,实现类为PackageManagerService
frameworks\base\services\core\java\com\android\server\pm\PackageManagerService.java
// NOTE: Can't remove due to unsupported app usage
@Override
public void grantRuntimePermission(String packageName, String permName, final int userId) {
// Because this is accessed via the package manager service AIDL,
// go through the permission manager service AIDL
mContext.getSystemService(PermissionManager.class)
.grantRuntimePermission(packageName, permName, UserHandle.of(userId));
}frameworks\base\core\java\android\permission\PermissionManager.java
@RequiresPermission(android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS)
//@SystemApi
public void grantRuntimePermission(@NonNull String packageName,
@NonNull String permissionName, @NonNull UserHandle user) {
if (DEBUG_TRACE_GRANTS
&& shouldTraceGrant(packageName, permissionName, user.getIdentifier())) {
Log.i(LOG_TAG_TRACE_GRANTS, "App " + mContext.getPackageName() + " is granting "
+ packageName + " "
+ permissionName + " for user " + user.getIdentifier(), new RuntimeException());
}
try {
mPermissionManager.grantRuntimePermission(packageName, permissionName,
user.getIdentifier());
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
}frameworks\base\services\core\java\com\android\server\pm\permission\PermissionManagerService.java
@Override
public void grantRuntimePermission(String packageName, String permName, final int userId) {
final int callingUid = Binder.getCallingUid();
final boolean overridePolicy =
checkUidPermission(callingUid, ADJUST_RUNTIME_PERMISSIONS_POLICY)
== PackageManager.PERMISSION_GRANTED;
grantRuntimePermissionInternal(packageName, permName, overridePolicy,
callingUid, userId, mDefaultPermissionCallback);
}
private void grantRuntimePermissionInternal(String packageName, String permName,
boolean overridePolicy, int callingUid, final int userId, PermissionCallback callback) {
if (PermissionManager.DEBUG_TRACE_GRANTS
&& PermissionManager.shouldTraceGrant(packageName, permName, userId)) {
Log.i(PermissionManager.LOG_TAG_TRACE_GRANTS, "System is granting " + packageName + " "
+ permName + " for user " + userId + " on behalf of uid " + callingUid
+ " " + mPackageManagerInt.getNameForUid(callingUid),
new RuntimeException());
}
if (!mUserManagerInt.exists(userId)) {
Log.e(TAG, "No such user:" + userId);
return;
}
// 要添加权限,也需要“添加”权限
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS,
"grantRuntimePermission");
enforceCrossUserPermission(callingUid, userId,
true, // requireFullPermission
true, // checkShell
"grantRuntimePermission");
final AndroidPackage pkg = mPackageManagerInt.getPackage(packageName);
final PackageSetting ps = mPackageManagerInt.getPackageSetting(packageName);
if (pkg == null || ps == null) {
Log.e(TAG, "Unknown package: " + packageName);
return;
}
if (mPackageManagerInt.filterAppAccess(pkg, callingUid, userId)) {
throw new IllegalArgumentException("Unknown package: " + packageName);
}
final boolean isRolePermission;
final boolean isSoftRestrictedPermission;
synchronized (mLock) {
final Permission permission = mRegistry.getPermission(permName);
if (permission == null) {
throw new IllegalArgumentException("Unknown permission: " + permName);
}
isRolePermission = permission.isRole();
isSoftRestrictedPermission = permission.isSoftRestricted();
}
final boolean mayGrantRolePermission = isRolePermission
&& mayManageRolePermission(callingUid);
final boolean mayGrantSoftRestrictedPermission = isSoftRestrictedPermission
&& SoftRestrictedPermissionPolicy.forPermission(mContext,
pkg.toAppInfoWithoutState(), pkg, UserHandle.of(userId), permName)
.mayGrantPermission();
final boolean isRuntimePermission;
final boolean permissionHasGids;
synchronized (mLock) {
final Permission bp = mRegistry.getPermission(permName);
if (bp == null) {
throw new IllegalArgumentException("Unknown permission: " + permName);
}
isRuntimePermission = bp.isRuntime();
permissionHasGids = bp.hasGids();
if (isRuntimePermission || bp.isDevelopment()) {
// Good.
} else if (bp.isRole()) {
if (!mayGrantRolePermission) {
throw new SecurityException("Permission " + permName + " is managed by role");
}
} else {
throw new SecurityException("Permission " + permName + " requested by "
+ pkg.getPackageName() + " is not a changeable permission type");
}
final UidPermissionState uidState = getUidStateLocked(pkg, userId);
if (uidState == null) {
Slog.e(TAG, "Missing permissions state for " + pkg.getPackageName() + " and user "
+ userId);
return;
}
if (!(uidState.hasPermissionState(permName)
|| pkg.getRequestedPermissions().contains(permName))) {
throw new SecurityException("Package " + pkg.getPackageName()
+ " has not requested permission " + permName);
}
// If a permission review is required for legacy apps we represent
// their permissions as always granted runtime ones since we need
// to keep the review required permission flag per user while an
// install permission's state is shared across all users.
if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M && bp.isRuntime()) {
return;
}
final int flags = uidState.getPermissionFlags(permName);
if ((flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) != 0) {
Log.e(TAG, "Cannot grant system fixed permission "
+ permName + " for package " + packageName);
return;
}
if (!overridePolicy && (flags & PackageManager.FLAG_PERMISSION_POLICY_FIXED) != 0) {
Log.e(TAG, "Cannot grant policy fixed permission "
+ permName + " for package " + packageName);
return;
}
if (bp.isHardRestricted()
&& (flags & PackageManager.FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT) == 0) {
Log.e(TAG, "Cannot grant hard restricted non-exempt permission "
+ permName + " for package " + packageName);
return;
}
if (bp.isSoftRestricted() && !mayGrantSoftRestrictedPermission) {
Log.e(TAG, "Cannot grant soft restricted permission " + permName + " for package "
+ packageName);
return;
}
if (bp.isDevelopment() || bp.isRole()) {
// Development permissions must be handled specially, since they are not
// normal runtime permissions. For now they apply to all users.
// TODO(zhanghai): We are breaking the behavior above by making all permission state
// per-user. It isn't documented behavior and relatively rarely used anyway.
if (!uidState.grantPermission(bp)) {
return;
}
} else {
if (ps.getInstantApp(userId) && !bp.isInstant()) {
throw new SecurityException("Cannot grant non-ephemeral permission" + permName
+ " for package " + packageName);
}
if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M) {
Slog.w(TAG, "Cannot grant runtime permission to a legacy app");
return;
}
if (!uidState.grantPermission(bp)) {
return;
}
}
}
if (isRuntimePermission) {
logPermission(MetricsEvent.ACTION_PERMISSION_GRANTED, permName, packageName);
}
final int uid = UserHandle.getUid(userId, pkg.getUid());
if (callback != null) {
if (isRuntimePermission) {
callback.onPermissionGranted(uid, userId);
} else {
callback.onInstallPermissionGranted();
}
if (permissionHasGids) {
callback.onGidsChanged(UserHandle.getAppId(pkg.getUid()), userId);
}
}
// PermissionsChanged监听
if (isRuntimePermission) {
notifyRuntimePermissionStateChanged(packageName, userId);
}
} private void notifyRuntimePermissionStateChanged(@NonNull String packageName,
@UserIdInt int userId) {
FgThread.getHandler().sendMessage(PooledLambda.obtainMessage
(PermissionManagerService::doNotifyRuntimePermissionStateChanged,
PermissionManagerService.this, packageName, userId));
}
private void doNotifyRuntimePermissionStateChanged(@NonNull String packageName,
@UserIdInt int userId) {
final ArrayList<OnRuntimePermissionStateChangedListener> listeners;
synchronized (mLock) {
if (mRuntimePermissionStateChangedListeners.isEmpty()) {
return;
}
listeners = new ArrayList<>(mRuntimePermissionStateChangedListeners);
}
final int listenerCount = listeners.size();
for (int i = 0; i < listenerCount; i++) {
listeners.get(i).onRuntimePermissionStateChanged(packageName, userId);
}
}最后grantRuntimePermission就是把permission存到mPermissions数据map中,再把数据跟新到/data/system/users/0/runtime-permissions.xml中
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
