Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 57ad21ba authored by Pavel Grafov's avatar Pavel Grafov Committed by Android (Google) Code Review
Browse files

Merge "Ensure user can't block bg usage for protected pkg" into main

parents b52b9337 47c1efbd

apex/jobscheduler/service/java/com/android/server/usage/AppStandbyController.java

+3 −0
Original line number Diff line number Diff line
@@ -1989,6 +1989,9 @@ public class AppStandbyController 
                mAdminProtectedPackages.put(userId, packageNames);

            }

        }

        if (android.app.admin.flags.Flags.disallowUserControlBgUsageFix()) {

            postCheckIdleStates(userId);

        }

    }



    @Override

core/java/android/app/admin/flags/flags.aconfig

+10 −0
Original line number Diff line number Diff line
@@ -205,6 +205,16 @@ flag { 
  }

}



flag {

  name: "disallow_user_control_bg_usage_fix"

  namespace: "enterprise"

  description: "Make DPM.setUserControlDisabledPackages() ensure background usage is allowed"

  bug: "326031059"

  metadata {

    purpose: PURPOSE_BUGFIX

  }

}



flag {

  name: "esim_management_ux_enabled"

  namespace: "enterprise"

packages/SettingsLib/src/com/android/settingslib/fuelgauge/PowerAllowlistBackend.java

+9 −0
Original line number Diff line number Diff line
@@ -26,6 +26,7 @@ import android.content.pm.PackageManager; 
import android.os.IDeviceIdleController;

import android.os.RemoteException;

import android.os.ServiceManager;

import android.os.UserHandle;

import android.provider.DeviceConfig;

import android.telecom.DefaultDialerManager;

import android.text.TextUtils;
@@ -121,6 +122,14 @@ public class PowerAllowlistBackend { 
            return true;

        }



        if (android.app.admin.flags.Flags.disallowUserControlBgUsageFix()) {

            // App is subject to DevicePolicyManager.setUserControlDisabledPackages() policy.

            final int userId = UserHandle.getUserId(uid);

            if (mAppContext.getPackageManager().isPackageStateProtected(pkg, userId)) {

                return true;

            }

        }



        return false;

    }

services/devicepolicy/java/com/android/server/devicepolicy/PolicyDefinition.java

+1 −2
Original line number Diff line number Diff line
@@ -163,8 +163,7 @@ final class PolicyDefinition<V> { 
                    new NoArgsPolicyKey(

                            DevicePolicyIdentifiers.USER_CONTROL_DISABLED_PACKAGES_POLICY),

                    new StringSetUnion(),

                    (Set<String> value, Context context, Integer userId, PolicyKey policyKey) ->

                            PolicyEnforcerCallbacks.setUserControlDisabledPackages(value, userId),

                    PolicyEnforcerCallbacks::setUserControlDisabledPackages,

                    new StringSetPolicySerializer());



    // This is saved in the static map sPolicyDefinitions so that we're able to reconstruct the

services/devicepolicy/java/com/android/server/devicepolicy/PolicyEnforcerCallbacks.java

+25 −6
Original line number Diff line number Diff line
@@ -20,6 +20,7 @@ import android.annotation.NonNull; 
import android.annotation.Nullable;

import android.annotation.UserIdInt;

import android.app.AppGlobals;

import android.app.AppOpsManager;

import android.app.admin.DevicePolicyCache;

import android.app.admin.DevicePolicyManager;

import android.app.admin.DevicePolicyManagerInternal;
@@ -29,6 +30,7 @@ import android.app.admin.PackagePermissionPolicyKey; 
import android.app.admin.PackagePolicyKey;

import android.app.admin.PolicyKey;

import android.app.admin.UserRestrictionPolicyKey;

import android.app.admin.flags.Flags;

import android.app.usage.UsageStatsManagerInternal;

import android.content.ComponentName;

import android.content.Context;
@@ -37,6 +39,7 @@ import android.content.pm.IPackageManager; 
import android.content.pm.PackageManager;

import android.content.pm.PackageManagerInternal;

import android.os.Binder;

import android.os.Process;

import android.os.RemoteException;

import android.os.ServiceManager;

import android.os.UserHandle;
@@ -183,15 +186,31 @@ final class PolicyEnforcerCallbacks { 
    }



    static boolean setUserControlDisabledPackages(

            @Nullable Set<String> packages, int userId) {

            @Nullable Set<String> packages, Context context, int userId, PolicyKey policyKey) {

        Binder.withCleanCallingIdentity(() -> {

            LocalServices.getService(PackageManagerInternal.class)

                    .setOwnerProtectedPackages(

                            userId,

            PackageManagerInternal pmi =

                    LocalServices.getService(PackageManagerInternal.class);

            pmi.setOwnerProtectedPackages(userId,

                    packages == null ? null : packages.stream().toList());

            LocalServices.getService(UsageStatsManagerInternal.class)

                    .setAdminProtectedPackages(

                            packages == null ? null : new ArraySet<>(packages), userId);



            if (Flags.disallowUserControlBgUsageFix()) {

                if (packages == null) {

                    return;

                }

                final AppOpsManager appOpsManager = context.getSystemService(AppOpsManager.class);

                for (var pkg : packages) {

                    final var appInfo = pmi.getApplicationInfo(pkg,

                            PackageManager.MATCH_DIRECT_BOOT_AWARE

                                    | PackageManager.MATCH_DIRECT_BOOT_UNAWARE,

                            Process.myUid(), userId);

                    if (appInfo != null) {

                        DevicePolicyManagerService.setBgUsageAppOp(appOpsManager, appInfo);

                    }

                }

            }

        });

        return true;

    }