Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 57ad21ba authored by Pavel Grafov's avatar Pavel Grafov Committed by Android (Google) Code Review
Browse files

Merge "Ensure user can't block bg usage for protected pkg" into main

parents b52b9337 47c1efbd

apex/jobscheduler/service/java/com/android/server/usage/AppStandbyController.java

+3 −0
Original line number Original line Diff line number Diff line
@@ -1989,6 +1989,9 @@ public class AppStandbyController 
                mAdminProtectedPackages.put(userId, packageNames);

                mAdminProtectedPackages.put(userId, packageNames);

            }

            }

        }

        }

        if (android.app.admin.flags.Flags.disallowUserControlBgUsageFix()) {

            postCheckIdleStates(userId);

        }

    }

    }





    @Override

    @Override

core/java/android/app/admin/flags/flags.aconfig

+10 −0
Original line number Original line Diff line number Diff line
@@ -205,6 +205,16 @@ flag { 
  }

  }

}

}





flag {

  name: "disallow_user_control_bg_usage_fix"

  namespace: "enterprise"

  description: "Make DPM.setUserControlDisabledPackages() ensure background usage is allowed"

  bug: "326031059"

  metadata {

    purpose: PURPOSE_BUGFIX

  }

}



flag {

flag {

  name: "esim_management_ux_enabled"

  name: "esim_management_ux_enabled"

  namespace: "enterprise"

  namespace: "enterprise"

packages/SettingsLib/src/com/android/settingslib/fuelgauge/PowerAllowlistBackend.java

+9 −0
Original line number Original line Diff line number Diff line
@@ -26,6 +26,7 @@ import android.content.pm.PackageManager; 
import android.os.IDeviceIdleController;

import android.os.IDeviceIdleController;

import android.os.RemoteException;

import android.os.RemoteException;

import android.os.ServiceManager;

import android.os.ServiceManager;

import android.os.UserHandle;

import android.provider.DeviceConfig;

import android.provider.DeviceConfig;

import android.telecom.DefaultDialerManager;

import android.telecom.DefaultDialerManager;

import android.text.TextUtils;

import android.text.TextUtils;
@@ -121,6 +122,14 @@ public class PowerAllowlistBackend { 
            return true;

            return true;

        }

        }





        if (android.app.admin.flags.Flags.disallowUserControlBgUsageFix()) {

            // App is subject to DevicePolicyManager.setUserControlDisabledPackages() policy.

            final int userId = UserHandle.getUserId(uid);

            if (mAppContext.getPackageManager().isPackageStateProtected(pkg, userId)) {

                return true;

            }

        }



        return false;

        return false;

    }

    }

services/devicepolicy/java/com/android/server/devicepolicy/PolicyDefinition.java

+1 −2
Original line number Original line Diff line number Diff line
@@ -163,8 +163,7 @@ final class PolicyDefinition<V> { 
                    new NoArgsPolicyKey(

                    new NoArgsPolicyKey(

                            DevicePolicyIdentifiers.USER_CONTROL_DISABLED_PACKAGES_POLICY),

                            DevicePolicyIdentifiers.USER_CONTROL_DISABLED_PACKAGES_POLICY),

                    new StringSetUnion(),

                    new StringSetUnion(),

                    (Set<String> value, Context context, Integer userId, PolicyKey policyKey) ->

                    PolicyEnforcerCallbacks::setUserControlDisabledPackages,

                            PolicyEnforcerCallbacks.setUserControlDisabledPackages(value, userId),

                    new StringSetPolicySerializer());

                    new StringSetPolicySerializer());





    // This is saved in the static map sPolicyDefinitions so that we're able to reconstruct the

    // This is saved in the static map sPolicyDefinitions so that we're able to reconstruct the

services/devicepolicy/java/com/android/server/devicepolicy/PolicyEnforcerCallbacks.java

+25 −6
Original line number Original line Diff line number Diff line
@@ -20,6 +20,7 @@ import android.annotation.NonNull; 
import android.annotation.Nullable;

import android.annotation.Nullable;

import android.annotation.UserIdInt;

import android.annotation.UserIdInt;

import android.app.AppGlobals;

import android.app.AppGlobals;

import android.app.AppOpsManager;

import android.app.admin.DevicePolicyCache;

import android.app.admin.DevicePolicyCache;

import android.app.admin.DevicePolicyManager;

import android.app.admin.DevicePolicyManager;

import android.app.admin.DevicePolicyManagerInternal;

import android.app.admin.DevicePolicyManagerInternal;
@@ -29,6 +30,7 @@ import android.app.admin.PackagePermissionPolicyKey; 
import android.app.admin.PackagePolicyKey;

import android.app.admin.PackagePolicyKey;

import android.app.admin.PolicyKey;

import android.app.admin.PolicyKey;

import android.app.admin.UserRestrictionPolicyKey;

import android.app.admin.UserRestrictionPolicyKey;

import android.app.admin.flags.Flags;

import android.app.usage.UsageStatsManagerInternal;

import android.app.usage.UsageStatsManagerInternal;

import android.content.ComponentName;

import android.content.ComponentName;

import android.content.Context;

import android.content.Context;
@@ -37,6 +39,7 @@ import android.content.pm.IPackageManager; 
import android.content.pm.PackageManager;

import android.content.pm.PackageManager;

import android.content.pm.PackageManagerInternal;

import android.content.pm.PackageManagerInternal;

import android.os.Binder;

import android.os.Binder;

import android.os.Process;

import android.os.RemoteException;

import android.os.RemoteException;

import android.os.ServiceManager;

import android.os.ServiceManager;

import android.os.UserHandle;

import android.os.UserHandle;
@@ -183,15 +186,31 @@ final class PolicyEnforcerCallbacks { 
    }

    }





    static boolean setUserControlDisabledPackages(

    static boolean setUserControlDisabledPackages(

            @Nullable Set<String> packages, int userId) {

            @Nullable Set<String> packages, Context context, int userId, PolicyKey policyKey) {

        Binder.withCleanCallingIdentity(() -> {

        Binder.withCleanCallingIdentity(() -> {

            LocalServices.getService(PackageManagerInternal.class)

            PackageManagerInternal pmi =

                    .setOwnerProtectedPackages(

                    LocalServices.getService(PackageManagerInternal.class);

                            userId,

            pmi.setOwnerProtectedPackages(userId,

                    packages == null ? null : packages.stream().toList());

                    packages == null ? null : packages.stream().toList());

            LocalServices.getService(UsageStatsManagerInternal.class)

            LocalServices.getService(UsageStatsManagerInternal.class)

                    .setAdminProtectedPackages(

                    .setAdminProtectedPackages(

                            packages == null ? null : new ArraySet<>(packages), userId);

                            packages == null ? null : new ArraySet<>(packages), userId);



            if (Flags.disallowUserControlBgUsageFix()) {

                if (packages == null) {

                    return;

                }

                final AppOpsManager appOpsManager = context.getSystemService(AppOpsManager.class);

                for (var pkg : packages) {

                    final var appInfo = pmi.getApplicationInfo(pkg,

                            PackageManager.MATCH_DIRECT_BOOT_AWARE

                                    | PackageManager.MATCH_DIRECT_BOOT_UNAWARE,

                            Process.myUid(), userId);

                    if (appInfo != null) {

                        DevicePolicyManagerService.setBgUsageAppOp(appOpsManager, appInfo);

                    }

                }

            }

        });

        });

        return true;

        return true;

    }

    }