Android security mechanism (2) Android Permission control mechanism, androidpermission
1. Overview
Android is a permission separation system. This is to use the existing permission management mechanism in Linux to assign different uid and gid to each Application, this allows private data and access between different applications (both native and java layers can use this sandbox Mechanism) to achieve isolation. At the same time, Android also expands on this basis and provides the permission mechanism, which is mainly used to subdivide permissions and control access to some specific operations that can be executed by the Application, the per-URI permission mechanism is also provided to provide ad-hoc access to certain data blocks.
2. a Permission of the Android Permission mechanism mainly includes three aspects: Permission name, Permission group, and protection level. A permission group is a set of permissions divided into different functions. Each permission group contains several specific permissions, such as android. permission. SEND_SMS, android. permission. CALL_PHONE, and other cost-related permissions in the COST_MONEY group. Android permission levels are divided into normal, dangerous, signature, signatureOrSystem, system, and development. Different protection levels indicate the authentication method when the program uses this permission. You only need to apply for the normal permission to use dangerous.
Signature requires a signature to grant permissions,
SignatureOrSystem requires a signature or a system-level application (placed in the/system/app directory) to grant permissions,
System-level applications (placed in the/system/app directory) can be granted permissions. Descriptions of system permissions are in frameworks/base/core/res/AndroidManifest. xml.
Package permission information is mainly specified through some tags in AndroidManifest. xml. Such as <permission> label and <permission-group> label <permission-tree>. To apply for a permission for a package, you must use the <use-permission> label to specify the permission.
3. The Permission interface 3.1 provided by Android and the interfaces under CheckPermission are mainly used to check whether a call (or other package or itself) has the permission to access a certain Permission. The pid and uid can be specified in the parameter. If not specified, the framework obtains the uid and pid information of the caller through the Binder and fills in the information. The returned value is PackageManager. PERMISSION_GRANTED or PackageManager. PERMISSION_DENIED.
Public int checkPermission (String permission, int pid, int uid) // check whether a uid and pid have the permission.
Public int checkCallingPermission (String permission) // check whether the caller has the permission. If the caller is the caller, PackageManager. PERMISSION_DENIED is returned.
Public int checkCallingOrSelfPermission (String permission) // check whether the user or other callers have the permission.
The following group is similar to the above one. If the check fails, an exception is thrown and the message is printed.
Public void enforcePermission (String permission, int pid, int uid, String message)
Public void enforceCallingPermission (String permission, String message)
Public void enforceCallingOrSelfPermission (String permission, String message)
3.2. CheckUriPermission adds read or write permissions to the content Uri for a package.
Public void grantUriPermission (String toPackage, Uri uri, int modeFlags)
Public void revokeUriPermission (Uri uri, int modeFlags)
Check whether the package of a pid and uid has the read and write permissions of the uri. The returned value indicates whether the package is granted.
Public int checkUriPermission (Uri uri, int pid, int uid, int modeFlags)
Public int checkCallingUriPermission (Uri uri, int modeFlags)
Public int checkCallingOrSelfUriPermission (Uri uri, int modeFlags)
Public int checkUriPermission (Uri uri, String readPermission, String writePermission, int pid, int uid, int modeFlags)
Check whether the package of a pid and uid has the read and write permissions of the uri. If the package fails, an exception is thrown and the message is printed.
Public void enforceUriPermission (Uri uri, int pid, int uid, int modeFlags, String message)
Public void enforceCallingUriPermission (Uri uri, int modeFlags, String message)
Public void enforceCallingOrSelfUriPermission (Uri uri, int modeFlags, String message)
Public void enforceUriPermission (Uri uri, String readPermission, String writePermission, int pid, int uid, int modeFlags, String message)
Check is performed only. If you do not have the required permissions, an exception is thrown.
4. permission mechanism implementation analysis 4.1 and CheckPermission1. if the input permission name is null, PackageManager. PERMISSION_DENIED is returned.
2. Determine whether the caller uid meets the requirements.
1) if the uid is 0, it indicates the process with the root permission and does not control the permission.
2) If the uid is the uid of the system server process, it indicates that it is system server and does not control permissions.
3) The ActivityManager process itself does not control permissions.
4) if the caller's uid is inconsistent with the req uid passed in by the parameter, PackageManager. PERMISSION_DENIED is returned.
3. If you pass the 2 check, call PackageManagerService. checkUidPermission to determine whether the uid has the relevant permissions. The analysis is as follows.
1) First, it calls getUserIdLP To Go To The PackageManagerService. Setting. mUserIds array and find the uid (that is, package) Permission list based on the uid. Once found, it indicates that you have the corresponding permissions.
2) If not, go to PackageManagerService. mSystemPermissions. This information is read from/system/etc/permissions/platform. xml at startup. Permission corresponding to uid of some system-level applications is recorded here.
3) return results.
4.2. CheckUriPermission1. if the uid is 0, it indicates that it is a root user, and the permission is not controlled.
2. Otherwise, check whether the uid contains the permission in the mGrantedUriPermissions table maintained by ActivityManagerService. If you have the permission, check whether the requested uid has the read or write permission.
5. Summary The Android Security Mechanism Based on UID and GID is described above, which uses Linux permission access control and control file and device access. The Android Permission mechanism mentioned in this article is an important supplement to the Android security mechanism and controls the application's access to system or external interfaces. Later I will talk about the Android signature mechanism and Selinux Android
6. Reference 1. http://dengzhangtao.iteye.com/blog/1990138
2. Renewal