无法在android中添加新的组权限 [英] Not able to add new group permission in android

问题描述

我正在尝试在 Android 中添加新的组权限，但它在我的应用程序中没有生效(新的 CTS 测试).以下是变化:

I'm trying to add a new group permission in Android but it is not taking effect in my application (new CTS test). Below are the changes :

test@test-ubuntu:~/android_aosp/system/core$ git diff
diff --git a/include/private/android_filesystem_config.h b/include/private/android_filesystem_config.h
index d2193b7..7725126 100644
--- a/include/private/android_filesystem_config.h
+++ b/include/private/android_filesystem_config.h
@@ -77,6 +77,7 @@
#define AID_SDCARD_ALL    1035  /* access all users external storage */
#define AID_LOGD          1036  /* log daemon */
#define AID_SHARED_RELRO  1037  /* creator of shared GNU RELRO files */
+#define AID_XYZ           1038  /* files which XYZ needs to access */

#define AID_SHELL         2000  /* adb and debug shell user */
#define AID_CACHE         2001  /* cache access */
@@ -189,6 +190,7 @@ static const struct android_id_info android_ids[] = {
     { "sdcard_all",    AID_SDCARD_ALL, },
     { "logd",          AID_LOGD, },
     { "shared_relro",  AID_SHARED_RELRO, },
+    { "xyz",           AID_XYZ, },

     { "shell",         AID_SHELL, },
     { "cache",         AID_CACHE, },
test@test-ubuntu:~/android_aosp/system/core$
test@test-ubuntu:~/android_aosp/system/core$ cd ../../frameworks/base/
test@test-ubuntu:~/android_aosp/frameworks/base$
test@test-ubuntu:~/android_aosp/frameworks/base$
test@test-ubuntu:~/android_aosp/frameworks/base$ git diff
diff --git a/data/etc/platform.xml b/data/etc/platform.xml
index d3d7559..2e5d8c24 100644
--- a/data/etc/platform.xml
+++ b/data/etc/platform.xml
@@ -109,6 +109,10 @@
         <group gid="media" />
     </permission>

+    <permission name="android.permission.XYZ" >
+        <group gid="xyz" />
+    </permission>
+
     <!-- ================================================================== -->
     <!-- ================================================================== -->
     <!-- ================================================================== -->
test@test-ubuntu:~/android_aosp/frameworks/base$
test@test-ubuntu:~/android_aosp/frameworks/base$ cd ../../cts/tests/tests/newCtsTest/
test@test-ubuntu:~/android_aosp/cts/tests/tests/newCtsTest$
test@test-ubuntu:~/android_aosp/cts/tests/tests/newCtsTest$ git diff .
diff --git a/tests/tests/newCtsTest/AndroidManifest.xml b/tests/tests/newCtsTest/AndroidManifest.xml
index 52a0332..9dc3b1b 100755
--- a/tests/tests/newCtsTest/AndroidManifest.xml
+++ b/tests/tests/newCtsTest/AndroidManifest.xml
@@ -19,6 +19,8 @@
     package="android.newCtsTest.cts">

     <uses-permission android:name="android.permission.DISABLE_KEYGUARD" />
+    <uses-permission android:name="android.permission.XYZ" />
+
     <application>
         <uses-library android:name="android.test.runner" />
         <activity android:name="android.newCtsTest.SampleDeviceActivity" >
test@test-ubuntu:~/android_aosp/cts/tests/tests/newCtsTest$

以下是我试图从应用程序写入但它不起作用的文件:

Following is the file that I'm trying to write to from the application but it is not working :

root@board:/ # ls -l /sys/class/leds/led1/brightness
-rw-rw-r-- system   xyz          4096 2018-03-29 10:49 brightness
root@board:/ #

请注意上述文件的权限是 664.如果我将其更改为 666，它可以工作，因此代码本身没有任何问题，但不知何故组权限不适用于应用程序

Note the permission for above file is 664. If I change it to 666 it works so the code itself doesn't have any issues, but somehow the group permission isn't applied to the application

推荐答案

我能够解决问题.必须在 frameworks/base/core/res/AndroidManifest.xml 中进行其他更改:

I was able to solve the problem. Additional change has to be made in frameworks/base/core/res/AndroidManifest.xml :

test@test-ubuntu:~/android_aosp/frameworks/base$ git diff core/res/AndroidManifest.xml
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 4b1c534..a4ba0b5 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -1054,6 +1054,12 @@
     <permission android:name="android.permission.BLUETOOTH_STACK"
         android:protectionLevel="signature" />

+    <!-- Allows applications to access files in xyz group.
+         <p>Protection level: normal
+    -->
+    <permission android:name="android.permission.XYZ"
+        android:protectionLevel="normal" />
+
     <!-- Allows applications to perform I/O operations over NFC.
          <p>Protection level: normal
     -->

之后需要执行make update-api然后重新构建完整的Android

After that need to execute make update-api and then build the full Android again

这篇关于无法在android中添加新的组权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！