Google is committed to advancing racial equity for Black communities. See how.


The PermissionController module enables updatable privacy policies and UI elements (for example, the policies and UI around granting and managing permissions). This module handles permission-related UI and logic (it was refactored from Package Installer) and roles (allow access for apps for a specific purpose).

Changes in Android 10

The APK handles permission-related UI, logic, and roles to allow access for apps for a specific purpose. It controls the following:

  • Runtime permission granting (including granting to system apps)
  • Runtime permission management (including grouping of permissions)
  • Runtime permission usage tracking (new in Android 10)
  • Roles (new in Android 10)

In Android 9, such permissions were part of In Android 10 and higher, the Package Installer app is split to enable the permissions logic to be updated.

As an updatable Android module, PermissionController:

  • Interacts with the framework only through stable @SystemApi APIs (no @hide API usage).
  • Handles permission-related intents with priority greater than 0.
  • Exposes a mechanism for enabling Android partners to customize theming.
  • Provides services to which the system and apps can bind, including role management, permission revocation, and basic permission information (for Settings).

Format and dependencies

The PermissionController module is delivered as an APK file.