Merge "Stop using policy engine for permission grant state" into udc-dev (2554570b) · Commits · e / os / android_frameworks_base

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+91 −67

Original line number	Diff line number	Diff line
		@@ -160,6 +160,7 @@ import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC;
		import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX;
		import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_SOMETHING;
		import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
		import static android.app.admin.DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT;
		import static android.app.admin.DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED;
		import static android.app.admin.DevicePolicyManager.PERSONAL_APPS_NOT_SUSPENDED;
		import static android.app.admin.DevicePolicyManager.PERSONAL_APPS_SUSPENDED_EXPLICITLY;
		@@ -533,7 +534,6 @@ import java.util.Map;
		import java.util.Objects;
		import java.util.Set;
		import java.util.concurrent.CompletableFuture;
		import java.util.concurrent.ConcurrentHashMap;
		import java.util.concurrent.ExecutionException;
		import java.util.concurrent.Executor;
		import java.util.concurrent.TimeUnit;
		@@ -1186,10 +1186,10 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		// Resume logging if all remaining users are affiliated.
		maybeResumeDeviceWideLoggingLocked();
		}
		}
		if (isPolicyEngineForFinanceFlagEnabled() \|\| isPermissionCheckFlagEnabled()) {
		mDevicePolicyEngine.handleUserRemoved(userHandle);
		}
		}
		} else if (Intent.ACTION_USER_STARTED.equals(action)) {
		sendDeviceOwnerUserCommand(DeviceAdminReceiver.ACTION_USER_STARTED, userHandle);
		synchronized (getLockObject()) {
		@@ -4157,8 +4157,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_REMOVE_ACTIVE_ADMIN);
		enforceUserUnlocked(userHandle);

		ActiveAdmin admin;
		synchronized (getLockObject()) {
		ActiveAdmin admin = getActiveAdminUncheckedLocked(adminReceiver, userHandle);
		admin = getActiveAdminUncheckedLocked(adminReceiver, userHandle);
		if (admin == null) {
		return;
		}
		@@ -4169,16 +4170,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		+ adminReceiver);
		return;
		}

		mInjector.binderWithCleanCallingIdentity(() ->
		removeActiveAdminLocked(adminReceiver, userHandle));
		}
		if (isPolicyEngineForFinanceFlagEnabled() \|\| isPermissionCheckFlagEnabled()) {
		mDevicePolicyEngine.removePoliciesForAdmin(
		EnforcingAdmin.createEnterpriseEnforcingAdmin(
		adminReceiver, userHandle, admin));
		}
		}
		}

		private boolean canSetPasswordQualityOnParent(String packageName, final CallerIdentity caller) {
		return !mInjector.isChangeEnabled(
		@@ -16661,8 +16661,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		enforcePermissionGrantStateOnFinancedDevice(packageName, permission);
		}
		}
		EnforcingAdmin enforcingAdmin;
		if (isPermissionCheckFlagEnabled()) {
		EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
		enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
		admin,
		MANAGE_DEVICE_POLICY_RUNTIME_PERMISSIONS,
		callerPackage,
		@@ -16686,17 +16687,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		callback.sendResult(null);
		return;
		}
		// TODO(b/266924257): decide how to handle the internal state if the package doesn't
		// exist, or the permission isn't requested by the app, because we could end up with
		// inconsistent state between the policy engine and package manager. Also a package
		// might get removed or has it's permission updated after we've set the policy.
		mDevicePolicyEngine.setLocalPolicy(
		PolicyDefinition.PERMISSION_GRANT(packageName, permission),
		enforcingAdmin,
		new IntegerPolicyValue(grantState),
		caller.getUserId());
		// TODO: update javadoc to reflect that callback no longer return success/failure
		callback.sendResult(Bundle.EMPTY);
		} else {
		Preconditions.checkCallAuthorization((caller.hasAdminComponent()
		&& (isProfileOwner(caller) \|\| isDefaultDeviceOwner(caller)
		@@ -16720,6 +16710,47 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		callback.sendResult(null);
		return;
		}
		} catch (SecurityException e) {
		Slogf.e(LOG_TAG, "Could not set permission grant state", e);
		callback.sendResult(null);
		} finally {
		mInjector.binderRestoreCallingIdentity(ident);
		}
		}
		}
		// TODO(b/278710449): enable when we stop policy enforecer callback from blocking the main
		// thread
		if (false) {
		// TODO(b/266924257): decide how to handle the internal state if the package doesn't
		// exist, or the permission isn't requested by the app, because we could end up with
		// inconsistent state between the policy engine and package manager. Also a package
		// might get removed or has it's permission updated after we've set the policy.
		if (grantState == PERMISSION_GRANT_STATE_DEFAULT) {
		mDevicePolicyEngine.removeLocalPolicy(
		PolicyDefinition.PERMISSION_GRANT(packageName, permission),
		enforcingAdmin,
		caller.getUserId());
		} else {
		mDevicePolicyEngine.setLocalPolicy(
		PolicyDefinition.PERMISSION_GRANT(packageName, permission),
		enforcingAdmin,
		new IntegerPolicyValue(grantState),
		caller.getUserId());
		}
		int newState = mInjector.binderWithCleanCallingIdentity(() ->
		getPermissionGrantStateForUser(
		packageName, permission, caller, caller.getUserId()));
		if (newState == grantState) {
		callback.sendResult(Bundle.EMPTY);
		} else {
		callback.sendResult(null);
		}
		} else {
		synchronized (getLockObject()) {
		long ident = mInjector.binderClearCallingIdentity();
		try {
		boolean isPostQAdmin = getTargetSdk(caller.getPackageName(), caller.getUserId())
		>= android.os.Build.VERSION_CODES.Q;
		if (grantState == PERMISSION_GRANT_STATE_GRANTED
		\|\| grantState == DevicePolicyManager.PERMISSION_GRANT_STATE_DENIED
		\|\| grantState == DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT) {
		@@ -16736,17 +16767,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		callback.sendResult(null);
		return;
		}

		DevicePolicyEventLogger
		.createEvent(DevicePolicyEnums
		.SET_PERMISSION_GRANT_STATE)
		.setAdmin(caller.getPackageName())
		.setStrings(permission)
		.setInt(grantState)
		.setBoolean(
		/* isDelegate */ isCallerDelegate(caller))
		.write();

		callback.sendResult(Bundle.EMPTY);
		});
		}
		@@ -16759,6 +16779,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}
		}
		}
		DevicePolicyEventLogger.createEvent(DevicePolicyEnums.SET_PERMISSION_GRANT_STATE)
		.setAdmin(caller.getPackageName())
		.setStrings(permission)
		.setInt(grantState)
		.setBoolean(/* isDelegate */ isCallerDelegate(caller))
		.write();
		}

		private static final List<String> SENSOR_PERMISSIONS = new ArrayList<>();
		@@ -16822,10 +16848,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		if (isFinancedDeviceOwner(caller)) {
		enforcePermissionGrantStateOnFinancedDevice(packageName, permission);
		}
		return mInjector.binderWithCleanCallingIdentity(() -> {
		return getPermissionGrantStateForUser(
		packageName, permission, caller, caller.getUserId());
		});
		return mInjector.binderWithCleanCallingIdentity(() -> getPermissionGrantStateForUser(
		packageName, permission, caller, caller.getUserId()));
		}
		}

services/devicepolicy/java/com/android/server/devicepolicy/PolicyEnforcerCallbacks.java

+1 −0

Original line number	Diff line number	Diff line
		@@ -84,6 +84,7 @@ final class PolicyEnforcerCallbacks {
		? DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT
		: grantState;

		// TODO(b/278710449): stop blocking in the main thread
		BlockingCallback callback = new BlockingCallback();
		// TODO: remove canAdminGrantSensorPermissions once we expose a new method in
		// permissionController that doesn't need it.