Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5c195ee2 authored by Victor Hsieh's avatar Victor Hsieh Committed by android-build-merger
Browse files

Merge "Allow only selected priv apps to run OOB" into pi-dev 

am: 792d36c1

Change-Id: Iad80a321e1b76f19935a23290594a36fd057840c
parents 05d1841f 792d36c1

core/java/android/provider/Settings.java

+8 −0
Original line number Diff line number Diff line
@@ -8909,6 +8909,14 @@ public final class Settings { 
         */

        public static final String PRIV_APP_OOB_ENABLED = "priv_app_oob_enabled";













        /**













         * Comma separated list of privileged package names, which will be running out-of-box APK.













         * Default: "ALL"













         *













         * @hide













         */













        public static final String PRIV_APP_OOB_LIST = "priv_app_oob_list";



























        /**















         * The interval in milliseconds at which location requests will be throttled when they are















         * coming from the background.

































core/tests/coretests/src/android/provider/SettingsBackupTest.java



+1
−0






























Original line number
Diff line number
Diff line








@@ -358,6 +358,7 @@ public class SettingsBackupTest {













                    Settings.Global.POWER_MANAGER_CONSTANTS,















                    Settings.Global.PREFERRED_NETWORK_MODE,















                    Settings.Global.PRIV_APP_OOB_ENABLED,













                    Settings.Global.PRIV_APP_OOB_LIST,















                    Settings.Global.PROVISIONING_APN_ALARM_DELAY_IN_MS,















                    Settings.Global.RADIO_BLUETOOTH,















                    Settings.Global.RADIO_CELL,

































services/core/java/com/android/server/am/ActivityManagerService.java



+2
−1






























Original line number
Diff line number
Diff line








@@ -466,6 +466,7 @@ import com.android.server.firewall.IntentFirewall;













import com.android.server.job.JobSchedulerInternal;















import com.android.server.pm.Installer;















import com.android.server.pm.Installer.InstallerException;













import com.android.server.pm.dex.DexManager;















import com.android.server.utils.PriorityDump;















import com.android.server.vr.VrManagerInternal;















import com.android.server.wm.PinnedStackWindowController;










@@ -4311,7 +4312,7 @@ public class ActivityManagerService extends IActivityManager.Stub













            }





























            if (app.info.isPrivilegedApp() &&













                    SystemProperties.getBoolean("pm.dexopt.priv-apps-oob", false)) {













                    DexManager.isPackageSelectedToRunOob(app.pkgList.keySet())) {















                runtimeFlags |= Zygote.ONLY_USE_SYSTEM_OAT_FILES;















            }







































services/core/java/com/android/server/pm/PackageDexOptimizer.java



+4
−4






























Original line number
Diff line number
Diff line








@@ -34,6 +34,7 @@ import android.util.Slog;













import com.android.internal.annotations.GuardedBy;















import com.android.internal.util.IndentingPrintWriter;















import com.android.server.pm.Installer.InstallerException;













import com.android.server.pm.dex.DexManager;















import com.android.server.pm.dex.DexoptOptions;















import com.android.server.pm.dex.DexoptUtils;















import com.android.server.pm.dex.PackageDexUsage;










@@ -495,9 +496,8 @@ public class PackageDexOptimizer {













            boolean isUsedByOtherApps) {















        int flags = info.flags;















        boolean vmSafeMode = (flags & ApplicationInfo.FLAG_VM_SAFE_MODE) != 0;













        // When pm.dexopt.priv-apps-oob is true, we only verify privileged apps.













        if (info.isPrivilegedApp() &&













            SystemProperties.getBoolean("pm.dexopt.priv-apps-oob", false)) {













        // When a priv app is configured to run out of box, only verify it.













        if (info.isPrivilegedApp() && DexManager.isPackageSelectedToRunOob(info.packageName)) {















            return "verify";















        }















        if (vmSafeMode) {

































services/core/java/com/android/server/pm/PackageManagerService.java



+3
−25






























Original line number
Diff line number
Diff line








@@ -578,8 +578,6 @@ public class PackageManagerService extends IPackageManager.Stub



























    private static final String PRODUCT_OVERLAY_DIR = "/product/overlay";



























    private static final String PROPERTY_NAME_PM_DEXOPT_PRIV_APPS_OOB = "pm.dexopt.priv-apps-oob";



























    /** Canonical intent used to identify what counts as a "web browser" app */















    private static final Intent sBrowserIntent;















    static {










@@ -2459,7 +2457,7 @@ public class PackageManagerService extends IPackageManager.Stub













                "*dexopt*");















        DexManager.Listener dexManagerListener = DexLogger.getListener(this,















                installer, mInstallLock);













        mDexManager = new DexManager(this, mPackageDexOptimizer, installer, mInstallLock,













        mDexManager = new DexManager(mContext, this, mPackageDexOptimizer, installer, mInstallLock,















                dexManagerListener);















        mArtManagerService = new ArtManagerService(mContext, this, installer, mInstallLock);















        mMoveCallbacks = new MoveCallbacks(FgThread.get().getLooper());










@@ -10428,11 +10426,7 @@ public class PackageManagerService extends IPackageManager.Stub













                Log.d(TAG, "Scanning package " + pkg.packageName);















        }



























        if (Build.IS_DEBUGGABLE &&













                pkg.isPrivileged() &&













                SystemProperties.getBoolean(PROPERTY_NAME_PM_DEXOPT_PRIV_APPS_OOB, false)) {













            PackageManagerServiceUtils.logPackageHasUncompressedCode(pkg);













        }













        DexManager.maybeLogUnexpectedPackageDetails(pkg);





























        // Initialize package source and resource directories















        final File scanFile = new File(pkg.codePath);










@@ -21038,23 +21032,6 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());













                        .getUriFor(Secure.INSTANT_APPS_ENABLED), false, co, UserHandle.USER_SYSTEM);















        co.onChange(true);



























        // This observer provides an one directional mapping from Global.PRIV_APP_OOB_ENABLED to













        // pm.dexopt.priv-apps-oob property. This is only for experiment and should be removed once













        // it is done.













        ContentObserver privAppOobObserver = new ContentObserver(mHandler) {













            @Override













            public void onChange(boolean selfChange) {













                int oobEnabled = Global.getInt(resolver, Global.PRIV_APP_OOB_ENABLED, 0);













                SystemProperties.set(PROPERTY_NAME_PM_DEXOPT_PRIV_APPS_OOB,













                        oobEnabled == 1 ? "true" : "false");













            }













        };













        mContext.getContentResolver().registerContentObserver(













                Global.getUriFor(Global.PRIV_APP_OOB_ENABLED), false, privAppOobObserver,













                UserHandle.USER_SYSTEM);













        // At boot, restore the value from the setting, which persists across reboot.













        privAppOobObserver.onChange(true);



























        // Disable any carrier apps. We do this very early in boot to prevent the apps from being















        // disabled after already being started.















        CarrierAppUtils.disableCarrierAppsUntilPrivileged(mContext.getOpPackageName(), this,










@@ -21143,6 +21120,7 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());













        storage.registerListener(mStorageListener);





























        mInstallerService.systemReady();













        mDexManager.systemReady();















        mPackageDexOptimizer.systemReady();





























        StorageManagerInternal StorageManagerInternal = LocalServices.getService(