Merge "Change camera/microphone AppOps cutoff to... (769f0768) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/am/OomAdjuster.java

+29 −11

Original line number	Diff line number	Diff line
		@@ -33,6 +33,8 @@ import static android.app.ActivityManager.PROCESS_STATE_IMPORTANT_BACKGROUND;
		import static android.app.ActivityManager.PROCESS_STATE_IMPORTANT_FOREGROUND;
		import static android.app.ActivityManager.PROCESS_STATE_LAST_ACTIVITY;
		import static android.app.ActivityManager.PROCESS_STATE_NONEXISTENT;
		import static android.app.ActivityManager.PROCESS_STATE_PERSISTENT;
		import static android.app.ActivityManager.PROCESS_STATE_PERSISTENT_UI;
		import static android.app.ActivityManager.PROCESS_STATE_SERVICE;
		import static android.app.ActivityManager.PROCESS_STATE_TOP;
		import static android.app.ActivityManager.PROCESS_STATE_TRANSIENT_BACKGROUND;
		@@ -1697,13 +1699,13 @@ public final class OomAdjuster {
		if (enabled) {
		if (cr.hasFlag(Context.BIND_INCLUDE_CAPABILITIES)) {
		// TOP process passes all capabilities to the service.
		capability = PROCESS_CAPABILITY_ALL;
		capability \|= PROCESS_CAPABILITY_ALL;
		} else {
		// TOP process passes no capability to the service.
		}
		} else {
		// TOP process passes all capabilities to the service.
		capability = PROCESS_CAPABILITY_ALL;
		capability \|= PROCESS_CAPABILITY_ALL;
		}
		} else if (clientProcState
		<= PROCESS_STATE_FOREGROUND_SERVICE) {
		@@ -2004,17 +2006,9 @@ public final class OomAdjuster {
		// apply capability from FGS.
		if (app.hasForegroundServices()) {
		capability \|= capabilityFromFGS;
		} else if (!ActivityManager.isProcStateBackground(procState)) {
		// procState higher than PROCESS_STATE_BOUND_FOREGROUND_SERVICE implicitly has
		// camera/microphone capability
		//TODO: remove this line when enforcing the feature.
		capability \|= PROCESS_CAPABILITY_ALL_IMPLICIT;
		}

		// TOP process has all capabilities.
		if (procState <= PROCESS_STATE_TOP) {
		capability = PROCESS_CAPABILITY_ALL;
		}
		capability \|= getDefaultCapability(app, procState);

		// Do final modification to adj. Everything we do between here and applying
		// the final setAdj must be done in this function, because we will also use
		@@ -2034,6 +2028,30 @@ public final class OomAdjuster {
		\|\| app.curCapability != prevCapability ;
		}

		private int getDefaultCapability(ProcessRecord app, int procState) {
		switch (procState) {
		case PROCESS_STATE_PERSISTENT:
		case PROCESS_STATE_PERSISTENT_UI:
		case PROCESS_STATE_TOP:
		return PROCESS_CAPABILITY_ALL;
		case PROCESS_STATE_BOUND_TOP:
		return PROCESS_CAPABILITY_ALL_IMPLICIT;
		case PROCESS_STATE_FOREGROUND_SERVICE:
		if (app.hasForegroundServices()) {
		// Capability from FGS are conditional depending on foreground service type in
		// manifest file and the mAllowWhileInUsePermissionInFgs flag.
		return PROCESS_CAPABILITY_NONE;
		} else {
		// process has no FGS, the PROCESS_STATE_FOREGROUND_SERVICE is from client.
		return PROCESS_CAPABILITY_ALL_IMPLICIT;
		}
		case PROCESS_STATE_BOUND_FOREGROUND_SERVICE:
		return PROCESS_CAPABILITY_ALL_IMPLICIT;
		default:
		return PROCESS_CAPABILITY_NONE;
		}
		}

		/**
		* Checks if for the given app and client, there's a cycle that should skip over the client
		* for now or use partial values to evaluate the effect of the client binding.

services/core/java/com/android/server/appop/AppOpsService.java

+19 −17

Original line number	Diff line number	Diff line
		@@ -29,6 +29,8 @@ import static android.app.AppOpsManager.KEY_BG_STATE_SETTLE_TIME;
		import static android.app.AppOpsManager.KEY_FG_SERVICE_STATE_SETTLE_TIME;
		import static android.app.AppOpsManager.KEY_TOP_STATE_SETTLE_TIME;
		import static android.app.AppOpsManager.MODE_ALLOWED;
		import static android.app.AppOpsManager.MODE_FOREGROUND;
		import static android.app.AppOpsManager.MODE_IGNORED;
		import static android.app.AppOpsManager.NoteOpEvent;
		import static android.app.AppOpsManager.OP_CAMERA;
		import static android.app.AppOpsManager.OP_FLAGS_ALL;
		@@ -515,12 +517,12 @@ public class AppOpsService extends IAppOpsService.Stub {
		}

		int evalMode(int op, int mode) {
		if (mode == AppOpsManager.MODE_FOREGROUND) {
		if (mode == MODE_FOREGROUND) {
		if (appWidgetVisible) {
		return MODE_ALLOWED;
		} else if (state <= UID_STATE_TOP) {
		// process is in foreground.
		return AppOpsManager.MODE_ALLOWED;
		// process is in TOP.
		return MODE_ALLOWED;
		} else if (state <= AppOpsManager.resolveFirstUnrestrictedUidState(op)) {
		// process is in foreground, check its capability.
		switch (op) {
		@@ -529,53 +531,53 @@ public class AppOpsService extends IAppOpsService.Stub {
		case AppOpsManager.OP_MONITOR_LOCATION:
		case AppOpsManager.OP_MONITOR_HIGH_POWER_LOCATION:
		if ((capability & PROCESS_CAPABILITY_FOREGROUND_LOCATION) != 0) {
		return AppOpsManager.MODE_ALLOWED;
		return MODE_ALLOWED;
		} else if ((capability
		& TEMP_PROCESS_CAPABILITY_FOREGROUND_LOCATION) != 0) {
		// The FGS has the location capability, but due to FGS BG start
		// restriction it lost the capability, use temp location capability
		// to mark this case.
		maybeShowWhileInUseDebugToast(op, mode);
		return AppOpsManager.MODE_IGNORED;
		return MODE_IGNORED;
		} else {
		return AppOpsManager.MODE_IGNORED;
		return MODE_IGNORED;
		}
		case OP_CAMERA:
		if ((capability & PROCESS_CAPABILITY_FOREGROUND_CAMERA) != 0) {
		return AppOpsManager.MODE_ALLOWED;
		return MODE_ALLOWED;
		} else {
		maybeShowWhileInUseDebugToast(op, mode);
		return AppOpsManager.MODE_IGNORED;
		return MODE_IGNORED;
		}
		case OP_RECORD_AUDIO:
		if ((capability & PROCESS_CAPABILITY_FOREGROUND_MICROPHONE) != 0) {
		return AppOpsManager.MODE_ALLOWED;
		return MODE_ALLOWED;
		} else {
		maybeShowWhileInUseDebugToast(op, mode);
		return AppOpsManager.MODE_IGNORED;
		return MODE_IGNORED;
		}
		default:
		return AppOpsManager.MODE_ALLOWED;
		return MODE_ALLOWED;
		}
		} else {
		// process is not in foreground.
		return AppOpsManager.MODE_IGNORED;
		return MODE_IGNORED;
		}
		} else if (mode == AppOpsManager.MODE_ALLOWED) {
		} else if (mode == MODE_ALLOWED) {
		switch (op) {
		case OP_CAMERA:
		if ((capability & PROCESS_CAPABILITY_FOREGROUND_CAMERA) != 0) {
		return AppOpsManager.MODE_ALLOWED;
		return MODE_ALLOWED;
		} else {
		maybeShowWhileInUseDebugToast(op, mode);
		return AppOpsManager.MODE_IGNORED;
		return MODE_IGNORED;
		}
		case OP_RECORD_AUDIO:
		if ((capability & PROCESS_CAPABILITY_FOREGROUND_MICROPHONE) != 0) {
		return AppOpsManager.MODE_ALLOWED;
		return MODE_ALLOWED;
		} else {
		maybeShowWhileInUseDebugToast(op, mode);
		return AppOpsManager.MODE_IGNORED;
		return MODE_IGNORED;
		}
		default:
		return MODE_ALLOWED;