Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 169cb3b4 authored by Mathew Inwood's avatar Mathew Inwood
Browse files

Hidden API blacklisting killswitch. 

Just support "*" for now, meaning disable all API blacklisting for all
apps.

Test: Manually verified by:
- installing test app that accesses hidden API
- manually blacklist the API
- $ adb shell settings put global hidden_api_blacklist_exemptions \\*

Change-Id: I9a41a104742c9aaaf3a753e7b0f3a1106e37d4d3
parent d8be2394

core/java/android/provider/Settings.java

+8 −0
Original line number Diff line number Diff line
@@ -11390,6 +11390,14 @@ public final class Settings { 
        public static final String AUTOFILL_COMPAT_ALLOWED_PACKAGES =

                "autofill_compat_allowed_packages";



        /**

         * Exemptions to the hidden API blacklist.

         *

         * @hide

         */

        public static final String HIDDEN_API_BLACKLIST_EXEMPTIONS =

                "hidden_api_blacklist_exemptions";



        /**

         * Settings to backup. This is here so that it's in the same place as the settings

         * keys and easy to update.

core/proto/android/providers/settings.proto

+2 −1
Original line number Diff line number Diff line
@@ -399,6 +399,7 @@ message GlobalSettingsProto { 
    optional SettingProto euicc_factory_reset_timeout_millis = 333 [ (android.privacy).dest = DEST_AUTOMATIC ];

    optional SettingProto storage_settings_clobber_threshold = 334 [ (android.privacy).dest = DEST_AUTOMATIC ];

    optional SettingProto chained_battery_attribution_enabled = 353 [ (android.privacy).dest = DEST_AUTOMATIC ];

    optional SettingProto hidden_api_blacklist_exemptions = 355 [ (android.privacy).dest = DEST_AUTOMATIC ];

    // Subscription to be used for voice call on a multi sim device. The

    // supported values are 0 = SUB1, 1 = SUB2 and etc.

    optional SettingProto multi_sim_voice_call_subscription = 276 [ (android.privacy).dest = DEST_AUTOMATIC ];
@@ -430,7 +431,7 @@ message GlobalSettingsProto { 


    // Please insert fields in the same order as in

    // frameworks/base/core/java/android/provider/Settings.java.

    // Next tag = 355;

    // Next tag = 356;

}



message SecureSettingsProto {

core/tests/coretests/src/android/provider/SettingsBackupTest.java

+2 −1
Original line number Diff line number Diff line
@@ -452,7 +452,8 @@ public class SettingsBackupTest { 
                    Settings.Global.ZEN_MODE_RINGER_LEVEL,

                    Settings.Global.ZRAM_ENABLED,

                    Settings.Global.OVERRIDE_SETTINGS_PROVIDER_RESTORE_ANY_VERSION,

                    Settings.Global.CHAINED_BATTERY_ATTRIBUTION_ENABLED);

                    Settings.Global.CHAINED_BATTERY_ATTRIBUTION_ENABLED,

                    Settings.Global.HIDDEN_API_BLACKLIST_EXEMPTIONS);



    private static final Set<String> BACKUP_BLACKLISTED_SECURE_SETTINGS =

             newHashSet(

packages/SettingsProvider/src/com/android/providers/settings/SettingsProtoDumpUtil.java

+3 −0
Original line number Diff line number Diff line
@@ -1054,6 +1054,9 @@ class SettingsProtoDumpUtil { 
        dumpSetting(s, p,

                Global.CHAINED_BATTERY_ATTRIBUTION_ENABLED,

                GlobalSettingsProto.CHAINED_BATTERY_ATTRIBUTION_ENABLED);

        dumpSetting(s, p,

                Global.HIDDEN_API_BLACKLIST_EXEMPTIONS,

                GlobalSettingsProto.HIDDEN_API_BLACKLIST_EXEMPTIONS);

        dumpSetting(s, p,

                Settings.Global.MULTI_SIM_VOICE_CALL_SUBSCRIPTION,

                GlobalSettingsProto.MULTI_SIM_VOICE_CALL_SUBSCRIPTION);

services/core/java/com/android/server/am/ActivityManagerService.java

+46 −5
Original line number Diff line number Diff line
@@ -38,7 +38,6 @@ import static android.app.ActivityManagerInternal.ASSIST_KEY_STRUCTURE; 
import static android.app.ActivityThread.PROC_START_SEQ_IDENT;

import static android.app.AppOpsManager.OP_ASSIST_STRUCTURE;

import static android.app.AppOpsManager.OP_NONE;

import static android.app.WindowConfiguration.ACTIVITY_TYPE_HOME;

import static android.app.WindowConfiguration.ACTIVITY_TYPE_STANDARD;

import static android.app.WindowConfiguration.ACTIVITY_TYPE_UNDEFINED;

import static android.app.WindowConfiguration.WINDOWING_MODE_FREEFORM;
@@ -454,7 +453,6 @@ import com.android.server.pm.Installer.InstallerException; 
import com.android.server.utils.PriorityDump;

import com.android.server.vr.VrManagerInternal;

import com.android.server.wm.PinnedStackWindowController;

import com.android.server.wm.RecentsAnimationController;

import com.android.server.wm.WindowManagerService;















import dalvik.system.VMRuntime;










@@ -1908,6 +1906,9 @@ public class ActivityManagerService extends IActivityManager.Stub



























    final ActivityManagerConstants mConstants;



























    // Encapsulates the global setting "hidden_api_blacklist_exemptions"













    final HiddenApiBlacklist mHiddenApiBlacklist;



























    PackageManagerInternal mPackageManagerInt;





























    // VoiceInteraction session ID that changes for each new request except when










@@ -2825,6 +2826,42 @@ public class ActivityManagerService extends IActivityManager.Stub













        }















    }



























    /**













     * Encapsulates the globla setting "hidden_api_blacklist_exemptions", including tracking the













     * latest value via a content observer.













     */













    static class HiddenApiBlacklist extends ContentObserver {

























        private final Context mContext;













        private boolean mBlacklistDisabled;

























        public HiddenApiBlacklist(Handler handler, Context context) {













            super(handler);













            mContext = context;













        }

























        public void registerObserver() {













            mContext.getContentResolver().registerContentObserver(













                    Settings.Global.getUriFor(Settings.Global.HIDDEN_API_BLACKLIST_EXEMPTIONS),













                    false,













                    this);













            update();













        }

























        private void update() {













            mBlacklistDisabled = "*".equals(Settings.Global.getString(mContext.getContentResolver(),













                    Settings.Global.HIDDEN_API_BLACKLIST_EXEMPTIONS));













        }

























        boolean isDisabled() {













            return mBlacklistDisabled;













        }

























        public void onChange(boolean selfChange) {













            update();













        }













    }



























    @VisibleForTesting















    public ActivityManagerService(Injector injector) {















        mInjector = injector;










@@ -2859,6 +2896,7 @@ public class ActivityManagerService extends IActivityManager.Stub













        mLifecycleManager = null;















        mProcStartHandlerThread = null;















        mProcStartHandler = null;













        mHiddenApiBlacklist = null;















    }





























    // Note: This method is invoked on the main thread but may need to attach various










@@ -3002,6 +3040,8 @@ public class ActivityManagerService extends IActivityManager.Stub













            }















        };



























        mHiddenApiBlacklist = new HiddenApiBlacklist(mHandler, mContext);



























        Watchdog.getInstance().addMonitor(this);















        Watchdog.getInstance().addThread(mHandler);
























@@ -4090,9 +4130,9 @@ public class ActivityManagerService extends IActivityManager.Stub













                runtimeFlags |= Zygote.ONLY_USE_SYSTEM_OAT_FILES;















            }



























            if (!app.info.isAllowedToUseHiddenApi()) {













                // This app is not allowed to use undocumented and private APIs.













                // Set up its runtime with the appropriate flag.













            if (!app.info.isAllowedToUseHiddenApi() && !mHiddenApiBlacklist.isDisabled()) {













                // This app is not allowed to use undocumented and private APIs, or blacklisting is













                // enabled. Set up its runtime with the appropriate flag.















                runtimeFlags |= Zygote.ENABLE_HIDDEN_API_CHECKS;















            }
























@@ -14578,6 +14618,7 @@ public class ActivityManagerService extends IActivityManager.Stub













                NETWORK_ACCESS_TIMEOUT_MS, NETWORK_ACCESS_TIMEOUT_DEFAULT_MS);















        final boolean supportsLeanbackOnly =















                mContext.getPackageManager().hasSystemFeature(FEATURE_LEANBACK_ONLY);













        mHiddenApiBlacklist.registerObserver();





























        // Transfer any global setting for forcing RTL layout, into a System Property















        SystemProperties.set(DEVELOPMENT_FORCE_RTL, forceRtl ? "1":"0");