Loading services/appfunctions/java/com/android/server/appfunctions/AppFunctionManagerService.java +1 −4 Original line number Diff line number Diff line Loading @@ -21,7 +21,6 @@ import android.app.appfunctions.AppFunctionAccessServiceInterface; import android.app.appfunctions.AppFunctionManagerConfiguration; import android.content.Context; import android.content.pm.PackageManagerInternal; import android.permission.flags.Flags; import com.android.server.LocalServices; import com.android.server.SystemService; Loading @@ -47,10 +46,8 @@ public class AppFunctionManagerService extends SystemService { @Override public void onBootPhase(int phase) { if (Flags.appFunctionAccessServiceEnabled()) { mServiceImpl.onBootPhase(phase); } } @Override public void onUserUnlocked(@NonNull TargetUser user) { Loading services/appfunctions/java/com/android/server/appfunctions/AppFunctionManagerServiceImpl.java +54 −28 Original line number Diff line number Diff line Loading @@ -88,10 +88,13 @@ import com.android.server.SystemService.TargetUser; import java.io.FileDescriptor; import java.io.PrintWriter; import java.util.ArrayList; import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Objects; import java.util.Set; import java.util.WeakHashMap; import java.util.concurrent.CompletionException; import java.util.concurrent.Executor; Loading @@ -116,6 +119,12 @@ public class AppFunctionManagerServiceImpl extends IAppFunctionManager.Stub { private final AppFunctionAccessServiceInterface mAppFunctionAccessService; private final Object mAgentAllowlistLock = new Object(); // The main agent allowlist, set by the updatable DeviceConfig System @GuardedBy("mAgentAllowlistLock") private List<SignedPackage> mUpdatableAgentAllowlist = new ArrayList<>(); public AppFunctionManagerServiceImpl( @NonNull Context context, @NonNull PackageManagerInternal packageManagerInternal, @NonNull AppFunctionAccessServiceInterface appFunctionAccessServiceInterface) { Loading Loading @@ -207,21 +216,7 @@ public class AppFunctionManagerServiceImpl extends IAppFunctionManager.Stub { public void onPropertiesChanged(DeviceConfig.Properties properties) { if (Flags.appFunctionAccessServiceEnabled()) { if (properties.getKeyset().contains(ALLOWLISTED_APP_FUNCTIONS_AGENTS)) { final String signaturesString = properties.getString(ALLOWLISTED_APP_FUNCTIONS_AGENTS, ""); Slog.d(TAG, "onPropertiesChanged signatureString " + signaturesString); try { final List<SignedPackage> allowedSignedPackages = SignedPackageParser.parseList(signaturesString); // TODO(b/416661798): Calls new // AppFunctionAccessService#updateAgentAllowlist API to update // the allowlist } catch (Exception e) { Slog.e( TAG, "Cannot parse signature string: " + signaturesString, e); } updateAgentAllowlist(/* readFromDeviceConfig */ true); } } } Loading @@ -239,24 +234,55 @@ public class AppFunctionManagerServiceImpl extends IAppFunctionManager.Stub { * specifically acts on {@link SystemService#PHASE_SYSTEM_SERVICES_READY}. */ public void onBootPhase(int phase) { if (!Flags.appFunctionAccessServiceEnabled()) return; if (phase == SystemService.PHASE_SYSTEM_SERVICES_READY) { updateAgentAllowlist(/* readFromDeviceConfig */ true); DeviceConfig.addOnPropertiesChangedListener( NAMESPACE_MACHINE_LEARNING, BackgroundThread.getExecutor(), mDeviceConfigListener); } } // TODO(b/413093397): Merge allowlist agents from other sources private void updateAgentAllowlist(boolean readFromDeviceConfig) { synchronized (mAgentAllowlistLock) { Set<SignedPackage> oldAgents = new HashSet<>(); oldAgents.addAll(mUpdatableAgentAllowlist); List<SignedPackage> newDeviceConfigAgents; if (readFromDeviceConfig) { newDeviceConfigAgents = readDeviceConfigAgentAllowlist(); if (newDeviceConfigAgents == null) { // If we fail to parse a valid list newDeviceConfigAgents = mUpdatableAgentAllowlist; } } else { newDeviceConfigAgents = mUpdatableAgentAllowlist; } Set<SignedPackage> newAgents = new HashSet<>(); newAgents.addAll(newDeviceConfigAgents); if (oldAgents.equals(newAgents)) { return; } mUpdatableAgentAllowlist = newDeviceConfigAgents; mAppFunctionAccessService.setAgentAllowlist(List.copyOf(newAgents)); } } @Nullable private List<SignedPackage> readDeviceConfigAgentAllowlist() { final String signatureString = DeviceConfig.getString( NAMESPACE_MACHINE_LEARNING, ALLOWLISTED_APP_FUNCTIONS_AGENTS, ""); try { final List<SignedPackage> allowedSignedPackages = SignedPackageParser.parseList(signatureString); // TODO(b/416661798): Similar to the callback, update the allowlist with // AppFunctionAccessService#updateAgentAllowlist API. return SignedPackageParser.parseList(signatureString); } catch (Exception e) { Slog.e(TAG, "Cannot parse signature string: " + signatureString, e); } DeviceConfig.addOnPropertiesChangedListener( NAMESPACE_MACHINE_LEARNING, BackgroundThread.getExecutor(), mDeviceConfigListener); return null; } } Loading Loading
services/appfunctions/java/com/android/server/appfunctions/AppFunctionManagerService.java +1 −4 Original line number Diff line number Diff line Loading @@ -21,7 +21,6 @@ import android.app.appfunctions.AppFunctionAccessServiceInterface; import android.app.appfunctions.AppFunctionManagerConfiguration; import android.content.Context; import android.content.pm.PackageManagerInternal; import android.permission.flags.Flags; import com.android.server.LocalServices; import com.android.server.SystemService; Loading @@ -47,10 +46,8 @@ public class AppFunctionManagerService extends SystemService { @Override public void onBootPhase(int phase) { if (Flags.appFunctionAccessServiceEnabled()) { mServiceImpl.onBootPhase(phase); } } @Override public void onUserUnlocked(@NonNull TargetUser user) { Loading
services/appfunctions/java/com/android/server/appfunctions/AppFunctionManagerServiceImpl.java +54 −28 Original line number Diff line number Diff line Loading @@ -88,10 +88,13 @@ import com.android.server.SystemService.TargetUser; import java.io.FileDescriptor; import java.io.PrintWriter; import java.util.ArrayList; import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Objects; import java.util.Set; import java.util.WeakHashMap; import java.util.concurrent.CompletionException; import java.util.concurrent.Executor; Loading @@ -116,6 +119,12 @@ public class AppFunctionManagerServiceImpl extends IAppFunctionManager.Stub { private final AppFunctionAccessServiceInterface mAppFunctionAccessService; private final Object mAgentAllowlistLock = new Object(); // The main agent allowlist, set by the updatable DeviceConfig System @GuardedBy("mAgentAllowlistLock") private List<SignedPackage> mUpdatableAgentAllowlist = new ArrayList<>(); public AppFunctionManagerServiceImpl( @NonNull Context context, @NonNull PackageManagerInternal packageManagerInternal, @NonNull AppFunctionAccessServiceInterface appFunctionAccessServiceInterface) { Loading Loading @@ -207,21 +216,7 @@ public class AppFunctionManagerServiceImpl extends IAppFunctionManager.Stub { public void onPropertiesChanged(DeviceConfig.Properties properties) { if (Flags.appFunctionAccessServiceEnabled()) { if (properties.getKeyset().contains(ALLOWLISTED_APP_FUNCTIONS_AGENTS)) { final String signaturesString = properties.getString(ALLOWLISTED_APP_FUNCTIONS_AGENTS, ""); Slog.d(TAG, "onPropertiesChanged signatureString " + signaturesString); try { final List<SignedPackage> allowedSignedPackages = SignedPackageParser.parseList(signaturesString); // TODO(b/416661798): Calls new // AppFunctionAccessService#updateAgentAllowlist API to update // the allowlist } catch (Exception e) { Slog.e( TAG, "Cannot parse signature string: " + signaturesString, e); } updateAgentAllowlist(/* readFromDeviceConfig */ true); } } } Loading @@ -239,24 +234,55 @@ public class AppFunctionManagerServiceImpl extends IAppFunctionManager.Stub { * specifically acts on {@link SystemService#PHASE_SYSTEM_SERVICES_READY}. */ public void onBootPhase(int phase) { if (!Flags.appFunctionAccessServiceEnabled()) return; if (phase == SystemService.PHASE_SYSTEM_SERVICES_READY) { updateAgentAllowlist(/* readFromDeviceConfig */ true); DeviceConfig.addOnPropertiesChangedListener( NAMESPACE_MACHINE_LEARNING, BackgroundThread.getExecutor(), mDeviceConfigListener); } } // TODO(b/413093397): Merge allowlist agents from other sources private void updateAgentAllowlist(boolean readFromDeviceConfig) { synchronized (mAgentAllowlistLock) { Set<SignedPackage> oldAgents = new HashSet<>(); oldAgents.addAll(mUpdatableAgentAllowlist); List<SignedPackage> newDeviceConfigAgents; if (readFromDeviceConfig) { newDeviceConfigAgents = readDeviceConfigAgentAllowlist(); if (newDeviceConfigAgents == null) { // If we fail to parse a valid list newDeviceConfigAgents = mUpdatableAgentAllowlist; } } else { newDeviceConfigAgents = mUpdatableAgentAllowlist; } Set<SignedPackage> newAgents = new HashSet<>(); newAgents.addAll(newDeviceConfigAgents); if (oldAgents.equals(newAgents)) { return; } mUpdatableAgentAllowlist = newDeviceConfigAgents; mAppFunctionAccessService.setAgentAllowlist(List.copyOf(newAgents)); } } @Nullable private List<SignedPackage> readDeviceConfigAgentAllowlist() { final String signatureString = DeviceConfig.getString( NAMESPACE_MACHINE_LEARNING, ALLOWLISTED_APP_FUNCTIONS_AGENTS, ""); try { final List<SignedPackage> allowedSignedPackages = SignedPackageParser.parseList(signatureString); // TODO(b/416661798): Similar to the callback, update the allowlist with // AppFunctionAccessService#updateAgentAllowlist API. return SignedPackageParser.parseList(signatureString); } catch (Exception e) { Slog.e(TAG, "Cannot parse signature string: " + signatureString, e); } DeviceConfig.addOnPropertiesChangedListener( NAMESPACE_MACHINE_LEARNING, BackgroundThread.getExecutor(), mDeviceConfigListener); return null; } } Loading
