1.apk需要放到/system/priv-app/下
2.在system/etc/下添加permission xml 增加需要的权限
<privapp-permissions package="com.example.xxx">
<permission name="android.permission.ACCESS_NOTIFICATIONS"/>
<permission name="android.permission.HDMI_CEC"/>
<permission name="android.permission.WRITE_SECURE_SETTINGS"/>
<permission name="android.permission.INSTALL_PACKAGES" />
</privapp-permissions>
3.runtime permissions (android6.0以上版本) 除了系统签名的apk是不能默认获得的,但在DefaultPermissionGrantPolicy.java的grantDefaultSystemHandlerPermissions()会对一些包含基础功能的provider的系统应用授予权限. provider的应用列表在framework的res里定义,可以通过overlay的方法把包名加到res中,获得 runtime permissions.
不同provider授予权限的源码:
synchronized (mService.mPackages) {
// Installer
PackageParser.Package installerPackage = getSystemPackageLPr(mService.mRequiredInstallerPackage);
if (installerPackage != null&& doesPackageSupportRuntimePermissions(installerPackage)) {
grantRuntimePermissionsLPw(installerPackage, STORAGE_PERMISSIONS, true, userId);
}
// Verifier
PackageParser.Package verifierPackage = getSystemPackageLPr(mService.mRequiredVerifierPackage);
if (verifierPackage != null&& doesPackageSupportRuntimePermissions(verifierPackage)) {
grantRuntimePermissionsLPw(verifierPackage, STORAGE_PERMISSIONS, true, userId);
grantRuntimePermissionsLPw(verifierPackage, PHONE_PERMISSIONS, false, userId);
grantRuntimePermissionsLPw(verifierPackage, SMS_PERMISSIONS, false, userId);
}
// SetupWizard
PackageParser.Package setupPackage = getSystemPackageLPr(mService.mSetupWizardPackage);
if (setupPackage != null&& doesPackageSupportRuntimePermissions(setupPackage)) {
grantRuntimePermissionsLPw(setupPackage, PHONE_PERMISSIONS, userId);
grantRuntimePermissionsLPw(setupPackage, CONTACTS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(setupPackage, LOCATION_PERMISSIONS, userId);
grantRuntimePermissionsLPw(setupPackage, CAMERA_PERMISSIONS, userId);
}
// Camera
Intent cameraIntent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE);
PackageParser.Package cameraPackage = getDefaultSystemHandlerActivityPackageLPr(cameraIntent, userId);
if (cameraPackage != null&& doesPackageSupportRuntimePermissions(cameraPackage)) {
grantRuntimePermissionsLPw(cameraPackage, CAMERA_PERMISSIONS, userId);
grantRuntimePermissionsLPw(cameraPackage, MICROPHONE_PERMISSIONS, userId);
grantRuntimePermissionsLPw(cameraPackage, STORAGE_PERMISSIONS, userId);
}
// Media provider
PackageParser.Package mediaStorePackage = getDefaultProviderAuthorityPackageLPr(MediaStore.AUTHORITY, userId);
if (mediaStorePackage != null) {
grantRuntimePermissionsLPw(mediaStorePackage, STORAGE_PERMISSIONS, true, userId);
}
// Downloads
providerPackageParser.Package downloadsPackage = getDefaultProviderAuthorityPackageLPr("downloads", userId);
if (downloadsPackage != null) {
grantRuntimePermissionsLPw(downloadsPackage, STORAGE_PERMISSIONS, true, userId);
}
// Downloads UI
Intent downloadsUiIntent = new Intent(DownloadManager.ACTION_VIEW_DOWNLOADS);
PackageParser.Package downloadsUiPackage = getDefaultSystemHandlerActivityPackageLPr(downloadsUiIntent, userId);
if (downloadsUiPackage != null&& doesPackageSupportRuntimePermissions(downloadsUiPackage)) {
grantRuntimePermissionsLPw(downloadsUiPackage, STORAGE_PERMISSIONS, true, userId);
}
// Storage provider
PackageParser.Package storagePackage = getDefaultProviderAuthorityPackageLPr("com.android.externalstorage.documents", userId);
if (storagePackage != null) {
grantRuntimePermissionsLPw(storagePackage, STORAGE_PERMISSIONS, true, userId);
}
// CertInstaller
Intent certInstallerIntent = new Intent(Credentials.INSTALL_ACTION);
PackageParser.Package certInstallerPackage = getDefaultSystemHandlerActivityPackageLPr(certInstallerIntent, userId);
if (certInstallerPackage != null&& doesPackageSupportRuntimePermissions(certInstallerPackage)) {
grantRuntimePermissionsLPw(certInstallerPackage, STORAGE_PERMISSIONS, true, userId);
}
// Dialer
if (dialerAppPackageNames == null) {
Intent dialerIntent = new Intent(Intent.ACTION_DIAL);
PackageParser.Package dialerPackage = getDefaultSystemHandlerActivityPackageLPr(dialerIntent, userId);
if (dialerPackage != null) {
grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId);
}
} else {
for (String dialerAppPackageName : dialerAppPackageNames) {
PackageParser.Package dialerPackage = getSystemPackageLPr(dialerAppPackageName);
if (dialerPackage != null) {
grantDefaultPermissionsToDefaultSystemDialerAppLPr(dialerPackage, userId);
}
}
}
// Sim call manager
if (simCallManagerPackageNames != null) {
for (String simCallManagerPackageName : simCallManagerPackageNames) {
PackageParser.Package simCallManagerPackage =getSystemPackageLPr(simCallManagerPackageName);
if (simCallManagerPackage != null) {
grantDefaultPermissionsToDefaultSimCallManagerLPr(simCallManagerPackage,userId);
}
}
}
// SMS
if (smsAppPackageNames == null) {
Intent smsIntent = new Intent(Intent.ACTION_MAIN);
smsIntent.addCategory(Intent.CATEGORY_APP_MESSAGING);
PackageParser.Package smsPackage = getDefaultSystemHandlerActivityPackageLPr(smsIntent, userId);
if (smsPackage != null) {
grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId);
}
} else {
for (String smsPackageName : smsAppPackageNames) {
PackageParser.Package smsPackage = getSystemPackageLPr(smsPackageName);
if (smsPackage != null) {
grantDefaultPermissionsToDefaultSystemSmsAppLPr(smsPackage, userId);
}
}
}
// Cell Broadcast Receiver
Intent cbrIntent = new Intent(Intents.SMS_CB_RECEIVED_ACTION);
PackageParser.Package cbrPackage =getDefaultSystemHandlerActivityPackageLPr(cbrIntent, userId);
if (cbrPackage != null && doesPackageSupportRuntimePermissions(cbrPackage)) {
grantRuntimePermissionsLPw(cbrPackage, SMS_PERMISSIONS, userId);
}
// Carrier Provisioning Service
Intent carrierProvIntent = new Intent(Intents.SMS_CARRIER_PROVISION_ACTION);
PackageParser.Package carrierProvPackage =getDefaultSystemHandlerServicePackageLPr(carrierProvIntent, userId);
if (carrierProvPackage != null && doesPackageSupportRuntimePermissions(carrierProvPackage)) {
grantRuntimePermissionsLPw(carrierProvPackage, SMS_PERMISSIONS, false, userId);
}
// Calendar
Intent calendarIntent = new Intent(Intent.ACTION_MAIN);
calendarIntent.addCategory(Intent.CATEGORY_APP_CALENDAR);
PackageParser.Package calendarPackage = getDefaultSystemHandlerActivityPackageLPr(calendarIntent, userId);
if (calendarPackage != null&& doesPackageSupportRuntimePermissions(calendarPackage)) {
grantRuntimePermissionsLPw(calendarPackage, CALENDAR_PERMISSIONS, userId);
grantRuntimePermissionsLPw(calendarPackage, CONTACTS_PERMISSIONS, userId);
}
// Calendar provider
PackageParser.Package calendarProviderPackage = getDefaultProviderAuthorityPackageLPr(CalendarContract.AUTHORITY, userId);
if (calendarProviderPackage != null) {grantRuntimePermissionsLPw(calendarProviderPackage, CONTACTS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(calendarProviderPackage, CALENDAR_PERMISSIONS,true, userId);
grantRuntimePermissionsLPw(calendarProviderPackage, STORAGE_PERMISSIONS, userId);
}
// Calendar provider sync adapters
List<PackageParser.Package> calendarSyncAdapters = getHeadlessSyncAdapterPackagesLPr(calendarSyncAdapterPackages, userId);
final int calendarSyncAdapterCount = calendarSyncAdapters.size();
for (int i = 0; i < calendarSyncAdapterCount; i++) {
PackageParser.Package calendarSyncAdapter = calendarSyncAdapters.get(i);
if (doesPackageSupportRuntimePermissions(calendarSyncAdapter)) {
grantRuntimePermissionsLPw(calendarSyncAdapter, CALENDAR_PERMISSIONS, userId);
}
}
// Contacts
Intent contactsIntent = new Intent(Intent.ACTION_MAIN);
contactsIntent.addCategory(Intent.CATEGORY_APP_CONTACTS);
PackageParser.Package contactsPackage = getDefaultSystemHandlerActivityPackageLPr(contactsIntent, userId);
if (contactsPackage != null&& doesPackageSupportRuntimePermissions(contactsPackage)) {
grantRuntimePermissionsLPw(contactsPackage, CONTACTS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(contactsPackage, PHONE_PERMISSIONS, userId);
}
// Contacts provider sync adapters
List<PackageParser.Package> contactsSyncAdapters = getHeadlessSyncAdapterPackagesLPr(contactsSyncAdapterPackages, userId);
final int contactsSyncAdapterCount = contactsSyncAdapters.size();
for (int i = 0; i < contactsSyncAdapterCount; i++) {
PackageParser.Package contactsSyncAdapter = contactsSyncAdapters.get(i);
if (doesPackageSupportRuntimePermissions(contactsSyncAdapter)) {
grantRuntimePermissionsLPw(contactsSyncAdapter, CONTACTS_PERMISSIONS, userId);
}
}
// Contacts provider
PackageParser.Package contactsProviderPackage = getDefaultProviderAuthorityPackageLPr(ContactsContract.AUTHORITY, userId);
if (contactsProviderPackage != null) {
grantRuntimePermissionsLPw(contactsProviderPackage, CONTACTS_PERMISSIONS,true, userId);
grantRuntimePermissionsLPw(contactsProviderPackage, PHONE_PERMISSIONS,true, userId);
grantRuntimePermissionsLPw(contactsProviderPackage, STORAGE_PERMISSIONS, userId);
}
// Device provisioning
Intent deviceProvisionIntent = new Intent(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE);
PackageParser.Package deviceProvisionPackage =getDefaultSystemHandlerActivityPackageLPr(deviceProvisionIntent, userId);
if (deviceProvisionPackage != null&& doesPackageSupportRuntimePermissions(deviceProvisionPackage)) {
grantRuntimePermissionsLPw(deviceProvisionPackage, CONTACTS_PERMISSIONS, userId);
}
// Maps
Intent mapsIntent = new Intent(Intent.ACTION_MAIN);
mapsIntent.addCategory(Intent.CATEGORY_APP_MAPS);
PackageParser.Package mapsPackage = getDefaultSystemHandlerActivityPackageLPr(mapsIntent, userId);
if (mapsPackage != null&& doesPackageSupportRuntimePermissions(mapsPackage)) {
grantRuntimePermissionsLPw(mapsPackage, LOCATION_PERMISSIONS, userId);
}
// Gallery
Intent galleryIntent = new Intent(Intent.ACTION_MAIN);
galleryIntent.addCategory(Intent.CATEGORY_APP_GALLERY);
PackageParser.Package galleryPackage = getDefaultSystemHandlerActivityPackageLPr(galleryIntent, userId);
if (galleryPackage != null&& doesPackageSupportRuntimePermissions(galleryPackage)) {
grantRuntimePermissionsLPw(galleryPackage, STORAGE_PERMISSIONS, userId);
}
// Email
Intent emailIntent = new Intent(Intent.ACTION_MAIN);
emailIntent.addCategory(Intent.CATEGORY_APP_EMAIL);
PackageParser.Package emailPackage = getDefaultSystemHandlerActivityPackageLPr(emailIntent, userId);
if (emailPackage != null&& doesPackageSupportRuntimePermissions(emailPackage)) {
grantRuntimePermissionsLPw(emailPackage, CONTACTS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(emailPackage, CALENDAR_PERMISSIONS, userId);
}
// Browser
PackageParser.Package browserPackage = null;
String defaultBrowserPackage = mService.getDefaultBrowserPackageName(userId);
if (defaultBrowserPackage != null) {
browserPackage = getPackageLPr(defaultBrowserPackage);
}
if (browserPackage == null) {
Intent browserIntent = new Intent(Intent.ACTION_MAIN);
browserIntent.addCategory(Intent.CATEGORY_APP_BROWSER);
browserPackage = getDefaultSystemHandlerActivityPackageLPr(browserIntent, userId);
}
if (browserPackage != null&& doesPackageSupportRuntimePermissions(browserPackage)) {
grantRuntimePermissionsLPw(browserPackage, LOCATION_PERMISSIONS, userId);
}
// Voice interaction
if (voiceInteractPackageNames != null) {
for (String voiceInteractPackageName : voiceInteractPackageNames) {
PackageParser.Package voiceInteractPackage = getSystemPackageLPr(voiceInteractPackageName);
if (voiceInteractPackage != null&& doesPackageSupportRuntimePermissions(voiceInteractPackage)) {
grantRuntimePermissionsLPw(voiceInteractPackage,CONTACTS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(voiceInteractPackage,CALENDAR_PERMISSIONS, userId);
grantRuntimePermissionsLPw(voiceInteractPackage,MICROPHONE_PERMISSIONS, userId);
grantRuntimePermissionsLPw(voiceInteractPackage,PHONE_PERMISSIONS, userId);
grantRuntimePermissionsLPw(voiceInteractPackage,SMS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(voiceInteractPackage,LOCATION_PERMISSIONS, userId);
}
}
}
if (ActivityManager.isLowRamDeviceStatic()) {
// Allow voice search on low-ram devices
Intent globalSearchIntent = new Intent("android.search.action.GLOBAL_SEARCH");
PackageParser.Package globalSearchPickerPackage =getDefaultSystemHandlerActivityPackageLPr(globalSearchIntent, userId);
if (globalSearchPickerPackage != null&& doesPackageSupportRuntimePermissions(globalSearchPickerPackage)) {
grantRuntimePermissionsLPw(globalSearchPickerPackage,MICROPHONE_PERMISSIONS, true, userId);
grantRuntimePermissionsLPw(globalSearchPickerPackage,LOCATION_PERMISSIONS, true, userId);
}
}
// Voice recognition
Intent voiceRecoIntent = new Intent("android.speech.RecognitionService");
voiceRecoIntent.addCategory(Intent.CATEGORY_DEFAULT);
PackageParser.Package voiceRecoPackage = getDefaultSystemHandlerServicePackageLPr(voiceRecoIntent, userId);
if (voiceRecoPackage != null&& doesPackageSupportRuntimePermissions(voiceRecoPackage)) {
grantRuntimePermissionsLPw(voiceRecoPackage, MICROPHONE_PERMISSIONS, userId);
}
// Location
if (locationPackageNames != null) {
for (String packageName : locationPackageNames) {
Log.d(TAG,"locationPackgeName "+packageName);
PackageParser.Package locationPackage = getSystemPackageLPr(packageName);
if (locationPackage != null&& doesPackageSupportRuntimePermissions(locationPackage)) {
grantRuntimePermissionsLPw(locationPackage, CONTACTS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, CALENDAR_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, MICROPHONE_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, PHONE_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, SMS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, LOCATION_PERMISSIONS,true, userId);
grantRuntimePermissionsLPw(locationPackage, CAMERA_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, SENSORS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, STORAGE_PERMISSIONS, userId);
}
}
PackageParser.Package locationPackage = getSystemPackageLPr("com.example.xxx");
if (locationPackage != null&& doesPackageSupportRuntimePermissions(locationPackage)) {
grantRuntimePermissionsLPw(locationPackage, CONTACTS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, CALENDAR_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, MICROPHONE_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, PHONE_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, SMS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, LOCATION_PERMISSIONS,true, userId);
grantRuntimePermissionsLPw(locationPackage, CAMERA_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, SENSORS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(locationPackage, STORAGE_PERMISSIONS, userId);
}
}
// MusicIntent music
Intent = new Intent(Intent.ACTION_VIEW);
musicIntent.addCategory(Intent.CATEGORY_DEFAULT);
musicIntent.setDataAndType(Uri.fromFile(new File("foo.mp3")),AUDIO_MIME_TYPE);
PackageParser.Package musicPackage = getDefaultSystemHandlerActivityPackageLPr(musicIntent, userId);
if (musicPackage != null&& doesPackageSupportRuntimePermissions(musicPackage)) {
grantRuntimePermissionsLPw(musicPackage, STORAGE_PERMISSIONS, userId);
}
// Home
Intent homeIntent = new Intent(Intent.ACTION_MAIN);
homeIntent.addCategory(Intent.CATEGORY_HOME);
homeIntent.addCategory(Intent.CATEGORY_LAUNCHER_APP);
PackageParser.Package homePackage = getDefaultSystemHandlerActivityPackageLPr(homeIntent, userId);
if (homePackage != null&& doesPackageSupportRuntimePermissions(homePackage)) {
grantRuntimePermissionsLPw(homePackage, LOCATION_PERMISSIONS, false, userId);
}
// Watches
if (mService.hasSystemFeature(PackageManager.FEATURE_WATCH, 0)) {
// Home application on watches
Intent wearHomeIntent = new Intent(Intent.ACTION_MAIN);
wearHomeIntent.addCategory(Intent.CATEGORY_HOME_MAIN);
PackageParser.Package wearHomePackage = getDefaultSystemHandlerActivityPackageLPr(wearHomeIntent, userId);
if (wearHomePackage != null&& doesPackageSupportRuntimePermissions(wearHomePackage)) {
grantRuntimePermissionsLPw(wearHomePackage, CONTACTS_PERMISSIONS, false,userId);
grantRuntimePermissionsLPw(wearHomePackage, PHONE_PERMISSIONS, true, userId);
grantRuntimePermissionsLPw(wearHomePackage, MICROPHONE_PERMISSIONS, false,userId);
grantRuntimePermissionsLPw(wearHomePackage, LOCATION_PERMISSIONS, false,userId);
}
// Fitness tracking on watches
Intent trackIntent = new Intent(ACTION_TRACK);
PackageParser.Package trackPackage = getDefaultSystemHandlerActivityPackageLPr(trackIntent, userId);
if (trackPackage != null&& doesPackageSupportRuntimePermissions(trackPackage)) {
grantRuntimePermissionsLPw(trackPackage, SENSORS_PERMISSIONS, false, userId);
grantRuntimePermissionsLPw(trackPackage, LOCATION_PERMISSIONS, false, userId);
}
}
// Print Spooler
PackageParser.Package printSpoolerPackage = getSystemPackageLPr(PrintManager.PRINT_SPOOLER_PACKAGE_NAME);
if (printSpoolerPackage != null&& doesPackageSupportRuntimePermissions(printSpoolerPackage)) {
grantRuntimePermissionsLPw(printSpoolerPackage, LOCATION_PERMISSIONS, true, userId);
}
// EmergencyInfo
Intent emergencyInfoIntent = new Intent(TelephonyManager.ACTION_EMERGENCY_ASSISTANCE);
PackageParser.Package emergencyInfoPckg = getDefaultSystemHandlerActivityPackageLPr(emergencyInfoIntent, userId);
if (emergencyInfoPckg != null&& doesPackageSupportRuntimePermissions(emergencyInfoPckg)) {
grantRuntimePermissionsLPw(emergencyInfoPckg, CONTACTS_PERMISSIONS, true, userId);
grantRuntimePermissionsLPw(emergencyInfoPckg, PHONE_PERMISSIONS, true, userId);
}
// NFC Tag viewer
Intent nfcTagIntent = new Intent(Intent.ACTION_VIEW);
nfcTagIntent.setType("vnd.android.cursor.item/ndef_msg");
PackageParser.Package nfcTagPkg = getDefaultSystemHandlerActivityPackageLPr(nfcTagIntent, userId);
if (nfcTagPkg != null&& doesPackageSupportRuntimePermissions(nfcTagPkg)) {
grantRuntimePermissionsLPw(nfcTagPkg, CONTACTS_PERMISSIONS, false, userId);
grantRuntimePermissionsLPw(nfcTagPkg, PHONE_PERMISSIONS, false, userId);
}
// Storage Manager
Intent storageManagerIntent = new Intent(StorageManager.ACTION_MANAGE_STORAGE);
PackageParser.Package storageManagerPckg = getDefaultSystemHandlerActivityPackageLPr(storageManagerIntent, userId);
if (storageManagerPckg != null&& doesPackageSupportRuntimePermissions(storageManagerPckg)) {
grantRuntimePermissionsLPw(storageManagerPckg, STORAGE_PERMISSIONS, true, userId);
}
// Companion devices
PackageParser.Package companionDeviceDiscoveryPackage = getSystemPackageLPr(CompanionDeviceManager.COMPANION_DEVICE_DISCOVERY_PACKAGE_NAME);
if (companionDeviceDiscoveryPackage != null&& doesPackageSupportRuntimePermissions(companionDeviceDiscoveryPackage)) {
grantRuntimePermissionsLPw(companionDeviceDiscoveryPackage,LOCATION_PERMISSIONS, true, userId);
}
// Ringtone Picker
Intent ringtonePickerIntent = new Intent(RingtoneManager.ACTION_RINGTONE_PICKER);
PackageParser.Package ringtonePickerPackage =getDefaultSystemHandlerActivityPackageLPr(ringtonePickerIntent, userId);
if (ringtonePickerPackage != null&& doesPackageSupportRuntimePermissions(ringtonePickerPackage)) {
grantRuntimePermissionsLPw(ringtonePickerPackage,STORAGE_PERMISSIONS, true, userId);
}
mService.mSettings.onDefaultRuntimePermissionsGrantedLPr(userId);
应用如果需要android.permission.READ_EXTERNAL_STORAGE: 可以加到 location里,修改
<string-array name="config_locationProviderPackageNames">
<item>com.google.android.gms</item>
<item>com.android.location.fused</item>
<item>com.example.xxx</item><
/string-array>