Revert "READ_DROPBOX_DATA permission"
Revert submission 24670896-DropBoxPermission
Reason for revert: DroidMonitor: Potential culprit for Bug 305144053 - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted
Reverted changes: /q/submissionid:24670896-DropBoxPermission
Change-Id: Ieac6a8a63f77aa002672bf4ea9c18ddf0d9a4a23
diff --git a/core/api/current.txt b/core/api/current.txt
index 3c6facc..a5784a0 100644
--- a/core/api/current.txt
+++ b/core/api/current.txt
@@ -32371,7 +32371,7 @@
method public void addData(@NonNull String, @Nullable byte[], int);
method public void addFile(@NonNull String, @NonNull java.io.File, int) throws java.io.IOException;
method public void addText(@NonNull String, @NonNull String);
- method @Nullable @RequiresPermission(allOf={"android.permission.READ_DROPBOX_DATA", android.Manifest.permission.PACKAGE_USAGE_STATS}) public android.os.DropBoxManager.Entry getNextEntry(String, long);
+ method @Nullable @RequiresPermission(allOf={android.Manifest.permission.READ_LOGS, android.Manifest.permission.PACKAGE_USAGE_STATS}) public android.os.DropBoxManager.Entry getNextEntry(String, long);
method public boolean isTagEnabled(String);
field public static final String ACTION_DROPBOX_ENTRY_ADDED = "android.intent.action.DROPBOX_ENTRY_ADDED";
field public static final String EXTRA_DROPPED_COUNT = "android.os.extra.DROPPED_COUNT";
diff --git a/core/java/android/os/DropBoxManager.java b/core/java/android/os/DropBoxManager.java
index 109d6b2..cf35460 100644
--- a/core/java/android/os/DropBoxManager.java
+++ b/core/java/android/os/DropBoxManager.java
@@ -17,7 +17,7 @@
package android.os;
import static android.Manifest.permission.PACKAGE_USAGE_STATS;
-import static android.Manifest.permission.READ_DROPBOX_DATA;
+import static android.Manifest.permission.READ_LOGS;
import android.annotation.BytesLong;
import android.annotation.CurrentTimeMillisLong;
@@ -81,11 +81,9 @@
/**
* Broadcast Action: This is broadcast when a new entry is added in the dropbox.
- * For Android V+ (including V), you must hold the
- * {@link android.Manifest.permission#READ_DROPBOX_DATA} permission in order
- * to receive this broadcast. For Android version earlier than
- * Android V, you must hold {@link android.Manifest.permission#READ_LOGS}.
- * This broadcast can be rate limited for low priority entries
+ * You must hold the {@link android.Manifest.permission#READ_LOGS} permission
+ * in order to receive this broadcast. This broadcast can be rate limited for low priority
+ * entries
*
* <p class="note">This is a protected intent that can only be sent
* by the system.
@@ -384,16 +382,12 @@
/**
* Gets the next entry from the drop box <em>after</em> the specified time.
* You must always call {@link Entry#close()} on the return value!
- * {@link android.Manifest.permission#READ_DROPBOX_DATA} permission is
- * required for Android V or later.
- * {@link android.Manifest.permission#READ_LOGS} permission is
- * required for Android earlier than V.
*
* @param tag of entry to look for, null for all tags
* @param msec time of the last entry seen
* @return the next entry, or null if there are no more entries
*/
- @RequiresPermission(allOf = { READ_DROPBOX_DATA, PACKAGE_USAGE_STATS })
+ @RequiresPermission(allOf = { READ_LOGS, PACKAGE_USAGE_STATS })
public @Nullable Entry getNextEntry(String tag, long msec) {
try {
return mService.getNextEntryWithAttribution(tag, msec, mContext.getOpPackageName(),
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index ba81552..c09f0a3 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -4560,12 +4560,6 @@
<permission android:name="android.permission.SET_DEBUG_APP"
android:protectionLevel="signature|privileged|development" />
- <!-- Allows an application to access the data in Dropbox.
- <p>Not for use by third-party applications.
- @hide -->
- <permission android:name="android.permission.READ_DROPBOX_DATA"
- android:protectionLevel="signature|privileged|development" />
-
<!-- Allows an application to set the maximum number of (not needed)
application processes that can be running.
<p>Not for use by third-party applications. -->
diff --git a/services/core/Android.bp b/services/core/Android.bp
index d8ceef0..d9c2694 100644
--- a/services/core/Android.bp
+++ b/services/core/Android.bp
@@ -182,7 +182,6 @@
"android.hidl.manager-V1.2-java",
"cbor-java",
"display_flags_lib",
- "dropbox_flags_lib",
"icu4j_calendar_astronomer",
"netd-client",
"overlayable_policy_aidl-java",
diff --git a/services/core/java/com/android/server/DropBoxManagerService.java b/services/core/java/com/android/server/DropBoxManagerService.java
index f82a6aa..55069b7 100644
--- a/services/core/java/com/android/server/DropBoxManagerService.java
+++ b/services/core/java/com/android/server/DropBoxManagerService.java
@@ -16,14 +16,10 @@
package com.android.server;
-import android.Manifest;
import android.annotation.Nullable;
import android.app.ActivityManager;
import android.app.AppOpsManager;
import android.app.BroadcastOptions;
-import android.app.compat.CompatChanges;
-import android.compat.annotation.ChangeId;
-import android.compat.annotation.EnabledAfter;
import android.content.BroadcastReceiver;
import android.content.ContentResolver;
import android.content.Context;
@@ -34,7 +30,6 @@
import android.database.ContentObserver;
import android.net.Uri;
import android.os.Binder;
-import android.os.Build;
import android.os.Bundle;
import android.os.BundleMerger;
import android.os.Debug;
@@ -71,7 +66,6 @@
import com.android.internal.util.FrameworkStatsLog;
import com.android.internal.util.ObjectUtils;
import com.android.server.DropBoxManagerInternal.EntrySource;
-import com.android.server.feature.flags.Flags;
import libcore.io.IoUtils;
@@ -95,13 +89,6 @@
* Clients use {@link DropBoxManager} to access this service.
*/
public final class DropBoxManagerService extends SystemService {
- /**
- * For Android U and earlier versions, apps can continue to use the READ_LOGS permission,
- * but for all subsequent versions, the READ_DROPBOX_DATA permission must be used.
- */
- @ChangeId
- @EnabledAfter(targetSdkVersion = Build.VERSION_CODES.UPSIDE_DOWN_CAKE)
- private static final long ENFORCE_READ_DROPBOX_DATA = 296060945L;
private static final String TAG = "DropBoxManagerService";
private static final int DEFAULT_AGE_SECONDS = 3 * 86400;
private static final int DEFAULT_MAX_FILES = 1000;
@@ -122,6 +109,7 @@
// Tags that we should drop by default.
private static final List<String> DISABLED_BY_DEFAULT_TAGS =
List.of("data_app_wtf", "system_app_wtf", "system_server_wtf");
+
// TODO: This implementation currently uses one file per entry, which is
// inefficient for smallish entries -- consider using a single queue file
// per tag (or even globally) instead.
@@ -303,21 +291,8 @@
if (!DropBoxManagerService.this.mBooted) {
intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY);
}
- if (Flags.enableReadDropboxPermission()) {
- BroadcastOptions unbundledOptions = (options == null)
- ? BroadcastOptions.makeBasic() : BroadcastOptions.fromBundle(options);
-
- unbundledOptions.setRequireCompatChange(ENFORCE_READ_DROPBOX_DATA, true);
- getContext().sendBroadcastAsUser(intent, UserHandle.ALL,
- Manifest.permission.READ_DROPBOX_DATA, unbundledOptions.toBundle());
-
- unbundledOptions.setRequireCompatChange(ENFORCE_READ_DROPBOX_DATA, false);
- getContext().sendBroadcastAsUser(intent, UserHandle.ALL,
- Manifest.permission.READ_LOGS, unbundledOptions.toBundle());
- } else {
- getContext().sendBroadcastAsUser(intent, UserHandle.ALL,
- android.Manifest.permission.READ_LOGS, options);
- }
+ getContext().sendBroadcastAsUser(intent, UserHandle.ALL,
+ android.Manifest.permission.READ_LOGS, options);
}
private Intent createIntent(String tag, long time) {
@@ -597,16 +572,9 @@
return true;
}
-
- String permission = Manifest.permission.READ_LOGS;
- if (Flags.enableReadDropboxPermission()
- && CompatChanges.isChangeEnabled(ENFORCE_READ_DROPBOX_DATA, callingUid)) {
- permission = Manifest.permission.READ_DROPBOX_DATA;
- }
-
// Callers always need this permission
- getContext().enforceCallingOrSelfPermission(permission, TAG);
-
+ getContext().enforceCallingOrSelfPermission(
+ android.Manifest.permission.READ_LOGS, TAG);
// Callers also need the ability to read usage statistics
switch (getContext().getSystemService(AppOpsManager.class).noteOp(
diff --git a/services/core/java/com/android/server/feature/Android.bp b/services/core/java/com/android/server/feature/Android.bp
deleted file mode 100644
index 067288d..0000000
--- a/services/core/java/com/android/server/feature/Android.bp
+++ /dev/null
@@ -1,12 +0,0 @@
-aconfig_declarations {
- name: "dropbox_flags",
- package: "com.android.server.feature.flags",
- srcs: [
- "dropbox_flags.aconfig",
- ],
-}
-
-java_aconfig_library {
- name: "dropbox_flags_lib",
- aconfig_declarations: "dropbox_flags",
-}
diff --git a/services/core/java/com/android/server/feature/dropbox_flags.aconfig b/services/core/java/com/android/server/feature/dropbox_flags.aconfig
deleted file mode 100644
index fee4bf3..0000000
--- a/services/core/java/com/android/server/feature/dropbox_flags.aconfig
+++ /dev/null
@@ -1,8 +0,0 @@
-package: "com.android.server.feature.flags"
-
-flag{
- name: "enable_read_dropbox_permission"
- namespace: "preload_safety"
- description: "Feature flag for permission to Read dropbox data"
- bug: "287512663"
-}
\ No newline at end of file