Update ComputerControl Activity policy (7554afbf) · Commits · e / os / android_frameworks_base

core/java/android/companion/virtual/VirtualDeviceManager.java

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -230,6 +230,8 @@ public final class VirtualDeviceManager {
	* @param executor An executor to run the callback on.		* @param executor An executor to run the callback on.
	* @param callback A callback to get notified about the result of this operation.		* @param callback A callback to get notified about the result of this operation.
	*		*
			* @throws IllegalArgumentException when the given params contain invalid information.
			*
	* @hide		* @hide
	*/		*/
	@RequiresPermission(android.Manifest.permission.ACCESS_COMPUTER_CONTROL)		@RequiresPermission(android.Manifest.permission.ACCESS_COMPUTER_CONTROL)

core/java/android/companion/virtual/computercontrol/ComputerControlSessionParams.java

+6 −0

Original line number	Original line	Diff line number	Diff line
	@@ -166,6 +166,12 @@ public final class ComputerControlSessionParams implements Parcelable {

	/**		/**
	* Set the package names of all applications that may be automated during this session.		* Set the package names of all applications that may be automated during this session.
			*
			* <p>All package names specified in the list must meet the following requirements:
			* <ol>
			* <li>The package name has a valid launcher Intent.</li>
			* <li>The package name is not the device permission controller.</li>
			* </ol>
	*/		*/
	@Nullable // TODO(b/437849228): Should be non-null		@Nullable // TODO(b/437849228): Should be non-null
	public Builder setTargetPackageNames(@NonNull List<String> targetPackageNames) {		public Builder setTargetPackageNames(@NonNull List<String> targetPackageNames) {

core/java/android/companion/virtual/flags/flags.aconfig

+0 −10

Original line number	Original line	Diff line number	Diff line
	@@ -266,13 +266,3 @@ flag {
	purpose: PURPOSE_BUGFIX		purpose: PURPOSE_BUGFIX
	}		}
	}		}

	flag {
	name: "computer_control_activity_policy_relaxed"
	namespace: "virtual_devices"
	description: "Implements a relaxed Activity policy for ComputerControl VirtualDevices"
	bug: "437849470"
	metadata {
	purpose: PURPOSE_BUGFIX
	}
	}

libs/computercontrol/src/com/android/extensions/computercontrol/ComputerControlSession.java

+8 −2

Original line number	Original line	Diff line number	Diff line
	@@ -398,7 +398,13 @@ public final class ComputerControlSession implements AutoCloseable {
	}		}

	/**		/**
	* Set all application package names that may be automated during this session.		* Set the package names of all applications that may be automated during this session.
			*
			* <p>All package names specified in the list must meet the following requirements:
			* <ol>
			* <li>The package name has a valid launcher Intent.</li>
			* <li>The package name is not the device permission controller.</li>
			* </ol>
	*/		*/
	@NonNull		@NonNull
	public Builder setTargetPackageNames(@NonNull List<String> targetPackageNames) {		public Builder setTargetPackageNames(@NonNull List<String> targetPackageNames) {

services/companion/java/com/android/server/companion/virtual/computercontrol/ComputerControlSessionImpl.java

+11 −26

Original line number	Original line	Diff line number	Diff line
	@@ -39,7 +39,6 @@ import android.content.ComponentName;
	import android.content.Context;		import android.content.Context;
	import android.content.Intent;		import android.content.Intent;
	import android.content.IntentSender;		import android.content.IntentSender;
	import android.content.pm.ApplicationInfo;
	import android.content.pm.PackageManager;		import android.content.pm.PackageManager;
	import android.hardware.display.DisplayManager;		import android.hardware.display.DisplayManager;
	import android.hardware.display.DisplayManagerGlobal;		import android.hardware.display.DisplayManagerGlobal;
	@@ -211,28 +210,28 @@ final class ComputerControlSessionImpl extends IComputerControlSession.Stub
	}		}
	}		}

			/**
			* This assumes that {@link ComputerControlSessionParams#getTargetPackageNames()} never contains
			* any packageNames that the session owner should never be able to launch. This is validated in
			* {@link ComputerControlSessionProcessor} prior to creating the session.
			*/
	private void applyActivityPolicy() throws RemoteException {		private void applyActivityPolicy() throws RemoteException {
	String permissionControllerPackage = mInjector.getPermissionControllerPackageName();

	List<String> exemptedPackageNames = new ArrayList<>();		List<String> exemptedPackageNames = new ArrayList<>();
	if (Flags.computerControlActivityPolicyStrict()) {		if (Flags.computerControlActivityPolicyStrict()) {
	mVirtualDevice.setDevicePolicy(POLICY_TYPE_ACTIVITY, DEVICE_POLICY_CUSTOM);		mVirtualDevice.setDevicePolicy(POLICY_TYPE_ACTIVITY, DEVICE_POLICY_CUSTOM);

	exemptedPackageNames.addAll(mParams.getTargetPackageNames());		exemptedPackageNames.addAll(mParams.getTargetPackageNames());
	exemptedPackageNames.remove(permissionControllerPackage);
	} else if (Flags.computerControlActivityPolicyRelaxed()) {
	mVirtualDevice.setDevicePolicy(POLICY_TYPE_ACTIVITY, DEVICE_POLICY_CUSTOM);

	exemptedPackageNames.addAll(mParams.getTargetPackageNames());
	exemptedPackageNames.addAll(mInjector.getAllApplicationsWithoutLauncherActivity());
	exemptedPackageNames.remove(permissionControllerPackage);
	} else {		} else {
			// TODO(b/439774796): Remove once v0 API is removed and the flag is rolled out.
			// This legacy policy allows all apps other than PermissionController to be automated.
			String permissionControllerPackage = mInjector.getPermissionControllerPackageName();
	exemptedPackageNames.add(permissionControllerPackage);		exemptedPackageNames.add(permissionControllerPackage);
	}		}
	for (String allowedPackageName : exemptedPackageNames) {		for (int i = 0; i < exemptedPackageNames.size(); i++) {
			String exemptedPackageName = exemptedPackageNames.get(i);
	mVirtualDevice.addActivityPolicyExemption(		mVirtualDevice.addActivityPolicyExemption(
	new ActivityPolicyExemption.Builder()		new ActivityPolicyExemption.Builder()
	.setPackageName(allowedPackageName)		.setPackageName(exemptedPackageName)
	.build());		.build());
	}		}
	}		}
	@@ -407,20 +406,6 @@ final class ComputerControlSessionImpl extends IComputerControlSession.Stub
	return mPackageManager.getPermissionControllerPackageName();		return mPackageManager.getPermissionControllerPackageName();
	}		}

	public List<String> getAllApplicationsWithoutLauncherActivity() {
	List<String> result = new ArrayList<>();
	List<ApplicationInfo> installedApplications =
	mPackageManager.getInstalledApplications(0);
	for (int i = 0; i < installedApplications.size(); i++) {
	ApplicationInfo applicationInfo = installedApplications.get(i);
	if (mPackageManager.getLaunchIntentForPackage(applicationInfo.packageName)
	== null) {
	result.add(applicationInfo.packageName);
	}
	}
	return result;
	}

	public void launchApplicationOnDisplayAsUser(String packageName, int displayId,		public void launchApplicationOnDisplayAsUser(String packageName, int displayId,
	UserHandle user) {		UserHandle user) {
	Intent intent = mPackageManager.getLaunchIntentForPackage(packageName);		Intent intent = mPackageManager.getLaunchIntentForPackage(packageName);