Merge "RESTRICT AUTOMERGE Use chain start token in performOpTransaction" into sc-dev (2791da2e) · Commits · e / os / android_frameworks_base

core/java/android/app/AppOpsManager.java

+13 −9

Original line number	Diff line number	Diff line
		@@ -8888,8 +8888,9 @@ public class AppOpsManager {
		*/
		public int startProxyOpNoThrow(int op, @NonNull AttributionSource attributionSource,
		@Nullable String message, boolean skipProxyOperation) {
		return startProxyOpNoThrow(op, attributionSource, message, skipProxyOperation,
		ATTRIBUTION_FLAGS_NONE, ATTRIBUTION_FLAGS_NONE, ATTRIBUTION_CHAIN_ID_NONE);
		return startProxyOpNoThrow(attributionSource.getToken(), op, attributionSource, message,
		skipProxyOperation, ATTRIBUTION_FLAGS_NONE, ATTRIBUTION_FLAGS_NONE,
		ATTRIBUTION_CHAIN_ID_NONE);
		}

		/**
		@@ -8901,7 +8902,8 @@ public class AppOpsManager {
		*
		* @hide
		*/
		public int startProxyOpNoThrow(int op, @NonNull AttributionSource attributionSource,
		public int startProxyOpNoThrow(@NonNull IBinder clientId, int op,
		@NonNull AttributionSource attributionSource,
		@Nullable String message, boolean skipProxyOperation, @AttributionFlags
		int proxyAttributionFlags, @AttributionFlags int proxiedAttributionFlags,
		int attributionChainId) {
		@@ -8919,7 +8921,7 @@ public class AppOpsManager {
		}
		}

		SyncNotedAppOp syncOp = mService.startProxyOperation(op,
		SyncNotedAppOp syncOp = mService.startProxyOperation(clientId, op,
		attributionSource, false, collectionMode == COLLECT_ASYNC, message,
		shouldCollectMessage, skipProxyOperation, proxyAttributionFlags,
		proxiedAttributionFlags, attributionChainId);
		@@ -9017,9 +9019,10 @@ public class AppOpsManager {
		*/
		public void finishProxyOp(@NonNull String op, int proxiedUid,
		@NonNull String proxiedPackageName, @Nullable String proxiedAttributionTag) {
		finishProxyOp(op, new AttributionSource(mContext.getAttributionSource(),
		IBinder token = mContext.getAttributionSource().getToken();
		finishProxyOp(token, op, new AttributionSource(mContext.getAttributionSource(),
		new AttributionSource(proxiedUid, proxiedPackageName, proxiedAttributionTag,
		mContext.getAttributionSource().getToken())), /skipProxyOperation/ false);
		token)), /skipProxyOperation/ false);
		}

		/**
		@@ -9034,10 +9037,11 @@ public class AppOpsManager {
		*
		* @hide
		*/
		public void finishProxyOp(@NonNull String op, @NonNull AttributionSource attributionSource,
		boolean skipProxyOperation) {
		public void finishProxyOp(@NonNull IBinder clientId, @NonNull String op,
		@NonNull AttributionSource attributionSource, boolean skipProxyOperation) {
		try {
		mService.finishProxyOperation(strOpToOp(op), attributionSource, skipProxyOperation);
		mService.finishProxyOperation(clientId, strOpToOp(op), attributionSource,
		skipProxyOperation);
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}

core/java/android/app/AppOpsManagerInternal.java

+14 −9

Original line number	Diff line number	Diff line
		@@ -26,13 +26,11 @@ import android.util.SparseArray;
		import android.util.SparseIntArray;

		import com.android.internal.app.IAppOpsCallback;
		import com.android.internal.util.function.DecFunction;
		import com.android.internal.util.function.HeptFunction;
		import com.android.internal.util.function.HexFunction;
		import com.android.internal.util.function.QuadFunction;
		import com.android.internal.util.function.QuintConsumer;
		import com.android.internal.util.function.QuintFunction;
		import com.android.internal.util.function.TriFunction;
		import com.android.internal.util.function.UndecFunction;

		/**
		@@ -135,6 +133,7 @@ public abstract class AppOpsManagerInternal {
		/**
		* Allows overriding start proxy operation behavior.
		*
		* @param clientId The client calling start, represented by an IBinder
		* @param code The op code to start.
		* @param attributionSource The permission identity of the caller.
		* @param startIfModeDefault Whether to start the op of the mode is default.
		@@ -148,11 +147,12 @@ public abstract class AppOpsManagerInternal {
		* @param superImpl The super implementation.
		* @return The app op note result.
		*/
		SyncNotedAppOp startProxyOperation(int code, @NonNull AttributionSource attributionSource,
		boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp, String message,
		boolean shouldCollectMessage, boolean skipProxyOperation, @AttributionFlags
		int proxyAttributionFlags, @AttributionFlags int proxiedAttributionFlags,
		int attributionChainId, @NonNull DecFunction<Integer, AttributionSource, Boolean,
		SyncNotedAppOp startProxyOperation(@NonNull IBinder clientId, int code,
		@NonNull AttributionSource attributionSource, boolean startIfModeDefault,
		boolean shouldCollectAsyncNotedOp, String message, boolean shouldCollectMessage,
		boolean skipProxyOperation, @AttributionFlags int proxyAttributionFlags,
		@AttributionFlags int proxiedAttributionFlags, int attributionChainId,
		@NonNull UndecFunction<IBinder, Integer, AttributionSource, Boolean,
		Boolean, String, Boolean, Boolean, Integer, Integer, Integer,
		SyncNotedAppOp> superImpl);

		@@ -176,10 +176,15 @@ public abstract class AppOpsManagerInternal {
		*
		* @param code The op code to finish.
		* @param attributionSource The permission identity of the caller.
		* @param skipProxyOperation Whether to skip the proxy in the proxy/proxied operation
		* @param clientId The client calling finishProxyOperation
		* @param superImpl The "standard" implementation to potentially call
		*/
		void finishProxyOperation(int code, @NonNull AttributionSource attributionSource,
		void finishProxyOperation(@NonNull IBinder clientId, int code,
		@NonNull AttributionSource attributionSource,
		boolean skipProxyOperation,
		@NonNull TriFunction<Integer, AttributionSource, Boolean, Void> superImpl);
		@NonNull QuadFunction<IBinder, Integer, AttributionSource, Boolean,
		Void> superImpl);
		}

		/**

core/java/com/android/internal/app/IAppOpsService.aidl

+6 −5

Original line number	Diff line number	Diff line
		@@ -58,11 +58,12 @@ interface IAppOpsService {
		SyncNotedAppOp noteProxyOperation(int code, in AttributionSource attributionSource,
		boolean shouldCollectAsyncNotedOp, String message, boolean shouldCollectMessage,
		boolean skipProxyOperation);
		SyncNotedAppOp startProxyOperation(int code, in AttributionSource attributionSource,
		boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp, String message,
		boolean shouldCollectMessage, boolean skipProxyOperation, int proxyAttributionFlags,
		int proxiedAttributionFlags, int attributionChainId);
		void finishProxyOperation(int code, in AttributionSource attributionSource,
		SyncNotedAppOp startProxyOperation(IBinder clientId, int code,
		in AttributionSource attributionSource, boolean startIfModeDefault,
		boolean shouldCollectAsyncNotedOp, String message, boolean shouldCollectMessage,
		boolean skipProxyOperation, int proxyAttributionFlags, int proxiedAttributionFlags,
		int attributionChainId);
		void finishProxyOperation(IBinder clientId, int code, in AttributionSource attributionSource,
		boolean skipProxyOperation);

		// Remaining methods are only used in Java.

services/core/java/com/android/server/am/ActivityManagerService.java

+12 −12

Original line number	Diff line number	Diff line
		@@ -348,12 +348,10 @@ import com.android.internal.util.FastPrintWriter;
		import com.android.internal.util.FrameworkStatsLog;
		import com.android.internal.util.MemInfoReader;
		import com.android.internal.util.Preconditions;
		import com.android.internal.util.function.DecFunction;
		import com.android.internal.util.function.HeptFunction;
		import com.android.internal.util.function.HexFunction;
		import com.android.internal.util.function.QuadFunction;
		import com.android.internal.util.function.QuintFunction;
		import com.android.internal.util.function.TriFunction;
		import com.android.internal.util.function.UndecFunction;
		import com.android.server.AlarmManagerInternal;
		import com.android.server.DeviceIdleInternal;
		@@ -17062,19 +17060,20 @@ public class ActivityManagerService extends IActivityManager.Stub
		}

		@Override
		public SyncNotedAppOp startProxyOperation(int code,
		public SyncNotedAppOp startProxyOperation(@NonNull IBinder clientId, int code,
		@NonNull AttributionSource attributionSource, boolean startIfModeDefault,
		boolean shouldCollectAsyncNotedOp, String message, boolean shouldCollectMessage,
		boolean skipProxyOperation, @AttributionFlags int proxyAttributionFlags,
		@AttributionFlags int proxiedAttributionFlags, int attributionChainId,
		@NonNull DecFunction<Integer, AttributionSource, Boolean, Boolean, String, Boolean,
		Boolean, Integer, Integer, Integer, SyncNotedAppOp> superImpl) {
		@NonNull UndecFunction<IBinder, Integer, AttributionSource,
		Boolean, Boolean, String, Boolean, Boolean, Integer, Integer, Integer,
		SyncNotedAppOp> superImpl) {
		if (attributionSource.getUid() == mTargetUid && isTargetOp(code)) {
		final int shellUid = UserHandle.getUid(UserHandle.getUserId(
		attributionSource.getUid()), Process.SHELL_UID);
		final long identity = Binder.clearCallingIdentity();
		try {
		return superImpl.apply(code, new AttributionSource(shellUid,
		return superImpl.apply(clientId, code, new AttributionSource(shellUid,
		"com.android.shell", attributionSource.getAttributionTag(),
		attributionSource.getToken(), attributionSource.getNext()),
		startIfModeDefault, shouldCollectAsyncNotedOp, message,
		@@ -17084,21 +17083,22 @@ public class ActivityManagerService extends IActivityManager.Stub
		Binder.restoreCallingIdentity(identity);
		}
		}
		return superImpl.apply(code, attributionSource, startIfModeDefault,
		return superImpl.apply(clientId, code, attributionSource, startIfModeDefault,
		shouldCollectAsyncNotedOp, message, shouldCollectMessage, skipProxyOperation,
		proxyAttributionFlags, proxiedAttributionFlags, attributionChainId);
		}

		@Override
		public void finishProxyOperation(int code, @NonNull AttributionSource attributionSource,
		boolean skipProxyOperation, @NonNull TriFunction<Integer, AttributionSource,
		Boolean, Void> superImpl) {
		public void finishProxyOperation(@NonNull IBinder clientId, int code,
		@NonNull AttributionSource attributionSource, boolean skipProxyOperation,
		@NonNull QuadFunction<IBinder, Integer, AttributionSource, Boolean,
		Void> superImpl) {
		if (attributionSource.getUid() == mTargetUid && isTargetOp(code)) {
		final int shellUid = UserHandle.getUid(UserHandle.getUserId(
		attributionSource.getUid()), Process.SHELL_UID);
		final long identity = Binder.clearCallingIdentity();
		try {
		superImpl.apply(code, new AttributionSource(shellUid,
		superImpl.apply(clientId, code, new AttributionSource(shellUid,
		"com.android.shell", attributionSource.getAttributionTag(),
		attributionSource.getToken(), attributionSource.getNext()),
		skipProxyOperation);
		@@ -17106,7 +17106,7 @@ public class ActivityManagerService extends IActivityManager.Stub
		Binder.restoreCallingIdentity(identity);
		}
		}
		superImpl.apply(code, attributionSource, skipProxyOperation);
		superImpl.apply(clientId, code, attributionSource, skipProxyOperation);
		}

		private boolean isTargetOp(int code) {

services/core/java/com/android/server/appop/AppOpsService.java

+29 −32

Original line number	Diff line number	Diff line
		@@ -3839,18 +3839,18 @@ public class AppOpsService extends IAppOpsService.Stub {
		}

		@Override
		public SyncNotedAppOp startProxyOperation(int code,
		public SyncNotedAppOp startProxyOperation(@NonNull IBinder clientId, int code,
		@NonNull AttributionSource attributionSource, boolean startIfModeDefault,
		boolean shouldCollectAsyncNotedOp, String message, boolean shouldCollectMessage,
		boolean skipProxyOperation, @AttributionFlags int proxyAttributionFlags,
		@AttributionFlags int proxiedAttributionFlags, int attributionChainId) {
		return mCheckOpsDelegateDispatcher.startProxyOperation(code, attributionSource,
		return mCheckOpsDelegateDispatcher.startProxyOperation(clientId, code, attributionSource,
		startIfModeDefault, shouldCollectAsyncNotedOp, message, shouldCollectMessage,
		skipProxyOperation, proxyAttributionFlags, proxiedAttributionFlags,
		attributionChainId);
		}

		private SyncNotedAppOp startProxyOperationImpl(int code,
		private SyncNotedAppOp startProxyOperationImpl(@NonNull IBinder clientId, int code,
		@NonNull AttributionSource attributionSource,
		boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp, String message,
		boolean shouldCollectMessage, boolean skipProxyOperation, @AttributionFlags
		@@ -3859,11 +3859,9 @@ public class AppOpsService extends IAppOpsService.Stub {
		final int proxyUid = attributionSource.getUid();
		final String proxyPackageName = attributionSource.getPackageName();
		final String proxyAttributionTag = attributionSource.getAttributionTag();
		final IBinder proxyToken = attributionSource.getToken();
		final int proxiedUid = attributionSource.getNextUid();
		final String proxiedPackageName = attributionSource.getNextPackageName();
		final String proxiedAttributionTag = attributionSource.getNextAttributionTag();
		final IBinder proxiedToken = attributionSource.getNextToken();

		verifyIncomingProxyUid(attributionSource);
		verifyIncomingOp(code);
		@@ -3902,7 +3900,7 @@ public class AppOpsService extends IAppOpsService.Stub {

		if (!skipProxyOperation) {
		// Test if the proxied operation will succeed before starting the proxy operation
		final SyncNotedAppOp testProxiedOp = startOperationUnchecked(proxiedToken, code,
		final SyncNotedAppOp testProxiedOp = startOperationUnchecked(clientId, code,
		proxiedUid, resolvedProxiedPackageName, proxiedAttributionTag, proxyUid,
		resolvedProxyPackageName, proxyAttributionTag, proxiedFlags, startIfModeDefault,
		shouldCollectAsyncNotedOp, message, shouldCollectMessage,
		@@ -3914,7 +3912,7 @@ public class AppOpsService extends IAppOpsService.Stub {
		final int proxyFlags = isProxyTrusted ? AppOpsManager.OP_FLAG_TRUSTED_PROXY
		: AppOpsManager.OP_FLAG_UNTRUSTED_PROXY;

		final SyncNotedAppOp proxyAppOp = startOperationUnchecked(proxyToken, code, proxyUid,
		final SyncNotedAppOp proxyAppOp = startOperationUnchecked(clientId, code, proxyUid,
		resolvedProxyPackageName, proxyAttributionTag, Process.INVALID_UID, null, null,
		proxyFlags, startIfModeDefault, !isProxyTrusted, "proxy " + message,
		shouldCollectMessage, proxyAttributionFlags, attributionChainId,
		@@ -3924,7 +3922,7 @@ public class AppOpsService extends IAppOpsService.Stub {
		}
		}

		return startOperationUnchecked(proxiedToken, code, proxiedUid, resolvedProxiedPackageName,
		return startOperationUnchecked(clientId, code, proxiedUid, resolvedProxiedPackageName,
		proxiedAttributionTag, proxyUid, resolvedProxyPackageName, proxyAttributionTag,
		proxiedFlags, startIfModeDefault, shouldCollectAsyncNotedOp, message,
		shouldCollectMessage, proxiedAttributionFlags, attributionChainId,
		@@ -4065,22 +4063,20 @@ public class AppOpsService extends IAppOpsService.Stub {
		}

		@Override
		public void finishProxyOperation(int code, @NonNull AttributionSource attributionSource,
		boolean skipProxyOperation) {
		mCheckOpsDelegateDispatcher.finishProxyOperation(code, attributionSource,
		public void finishProxyOperation(@NonNull IBinder clientId, int code,
		@NonNull AttributionSource attributionSource, boolean skipProxyOperation) {
		mCheckOpsDelegateDispatcher.finishProxyOperation(clientId, code, attributionSource,
		skipProxyOperation);
		}

		private Void finishProxyOperationImpl(int code, @NonNull AttributionSource attributionSource,
		boolean skipProxyOperation) {
		private Void finishProxyOperationImpl(IBinder clientId, int code,
		@NonNull AttributionSource attributionSource, boolean skipProxyOperation) {
		final int proxyUid = attributionSource.getUid();
		final String proxyPackageName = attributionSource.getPackageName();
		final String proxyAttributionTag = attributionSource.getAttributionTag();
		final IBinder proxyToken = attributionSource.getToken();
		final int proxiedUid = attributionSource.getNextUid();
		final String proxiedPackageName = attributionSource.getNextPackageName();
		final String proxiedAttributionTag = attributionSource.getNextAttributionTag();
		final IBinder proxiedToken = attributionSource.getNextToken();

		skipProxyOperation = skipProxyOperation
		&& isCallerAndAttributionTrusted(attributionSource);
		@@ -4097,7 +4093,7 @@ public class AppOpsService extends IAppOpsService.Stub {
		}

		if (!skipProxyOperation) {
		finishOperationUnchecked(proxyToken, code, proxyUid, resolvedProxyPackageName,
		finishOperationUnchecked(clientId, code, proxyUid, resolvedProxyPackageName,
		proxyAttributionTag);
		}

		@@ -4107,7 +4103,7 @@ public class AppOpsService extends IAppOpsService.Stub {
		return null;
		}

		finishOperationUnchecked(proxiedToken, code, proxiedUid, resolvedProxiedPackageName,
		finishOperationUnchecked(clientId, code, proxiedUid, resolvedProxiedPackageName,
		proxiedAttributionTag);

		return null;
		@@ -7642,42 +7638,42 @@ public class AppOpsService extends IAppOpsService.Stub {
		attributionFlags, attributionChainId, AppOpsService.this::startOperationImpl);
		}

		public SyncNotedAppOp startProxyOperation(int code,
		public SyncNotedAppOp startProxyOperation(@NonNull IBinder clientId, int code,
		@NonNull AttributionSource attributionSource, boolean startIfModeDefault,
		boolean shouldCollectAsyncNotedOp, String message, boolean shouldCollectMessage,
		boolean skipProxyOperation, @AttributionFlags int proxyAttributionFlags,
		@AttributionFlags int proxiedAttributionFlags, int attributionChainId) {
		if (mPolicy != null) {
		if (mCheckOpsDelegate != null) {
		return mPolicy.startProxyOperation(code, attributionSource,
		return mPolicy.startProxyOperation(clientId, code, attributionSource,
		startIfModeDefault, shouldCollectAsyncNotedOp, message,
		shouldCollectMessage, skipProxyOperation, proxyAttributionFlags,
		proxiedAttributionFlags, attributionChainId,
		this::startDelegateProxyOperationImpl);
		} else {
		return mPolicy.startProxyOperation(code, attributionSource,
		return mPolicy.startProxyOperation(clientId, code, attributionSource,
		startIfModeDefault, shouldCollectAsyncNotedOp, message,
		shouldCollectMessage, skipProxyOperation, proxyAttributionFlags,
		proxiedAttributionFlags, attributionChainId,
		AppOpsService.this::startProxyOperationImpl);
		}
		} else if (mCheckOpsDelegate != null) {
		return startDelegateProxyOperationImpl(code, attributionSource,
		return startDelegateProxyOperationImpl(clientId, code, attributionSource,
		startIfModeDefault, shouldCollectAsyncNotedOp, message,
		shouldCollectMessage, skipProxyOperation, proxyAttributionFlags,
		proxiedAttributionFlags, attributionChainId);
		}
		return startProxyOperationImpl(code, attributionSource, startIfModeDefault,
		return startProxyOperationImpl(clientId, code, attributionSource, startIfModeDefault,
		shouldCollectAsyncNotedOp, message, shouldCollectMessage, skipProxyOperation,
		proxyAttributionFlags, proxiedAttributionFlags, attributionChainId);
		}

		private SyncNotedAppOp startDelegateProxyOperationImpl(int code,
		private SyncNotedAppOp startDelegateProxyOperationImpl(@NonNull IBinder clientId, int code,
		@NonNull AttributionSource attributionSource, boolean startIfModeDefault,
		boolean shouldCollectAsyncNotedOp, String message, boolean shouldCollectMessage,
		boolean skipProxyOperation, @AttributionFlags int proxyAttributionFlags,
		@AttributionFlags int proxiedAttributionFlsgs, int attributionChainId) {
		return mCheckOpsDelegate.startProxyOperation(code, attributionSource,
		return mCheckOpsDelegate.startProxyOperation(clientId, code, attributionSource,
		startIfModeDefault, shouldCollectAsyncNotedOp, message, shouldCollectMessage,
		skipProxyOperation, proxyAttributionFlags, proxiedAttributionFlsgs,
		attributionChainId, AppOpsService.this::startProxyOperationImpl);
		@@ -7706,27 +7702,28 @@ public class AppOpsService extends IAppOpsService.Stub {
		AppOpsService.this::finishOperationImpl);
		}

		public void finishProxyOperation(int code,
		public void finishProxyOperation(@NonNull IBinder clientId, int code,
		@NonNull AttributionSource attributionSource, boolean skipProxyOperation) {
		if (mPolicy != null) {
		if (mCheckOpsDelegate != null) {
		mPolicy.finishProxyOperation(code, attributionSource,
		mPolicy.finishProxyOperation(clientId, code, attributionSource,
		skipProxyOperation, this::finishDelegateProxyOperationImpl);
		} else {
		mPolicy.finishProxyOperation(code, attributionSource,
		mPolicy.finishProxyOperation(clientId, code, attributionSource,
		skipProxyOperation, AppOpsService.this::finishProxyOperationImpl);
		}
		} else if (mCheckOpsDelegate != null) {
		finishDelegateProxyOperationImpl(code, attributionSource, skipProxyOperation);
		finishDelegateProxyOperationImpl(clientId, code, attributionSource,
		skipProxyOperation);
		} else {
		finishProxyOperationImpl(code, attributionSource, skipProxyOperation);
		finishProxyOperationImpl(clientId, code, attributionSource, skipProxyOperation);
		}
		}

		private Void finishDelegateProxyOperationImpl(int code,
		private Void finishDelegateProxyOperationImpl(@NonNull IBinder clientId, int code,
		@NonNull AttributionSource attributionSource, boolean skipProxyOperation) {
		mCheckOpsDelegate.finishProxyOperation(code, attributionSource, skipProxyOperation,
		AppOpsService.this::finishProxyOperationImpl);
		mCheckOpsDelegate.finishProxyOperation(clientId, code, attributionSource,
		skipProxyOperation, AppOpsService.this::finishProxyOperationImpl);
		return null;
		}
		}