Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 785d618b authored by Victor Hsieh's avatar Victor Hsieh
Browse files

Allow only selected priv apps to run OOB 

- Add pm.dexopt.priv-apps-oob-list to allow selecting specific packages
  to run OOB, in a comma-separated string of package names. When set to
  "ALL" (default), all priv apps will run in OOB.
- Add a global config priv_app_oob_list to persist the state for
  experiment.
- Also make background dexopt to respect the config.

Test: 0. Reset previous OOB settings.
      1. settings put global priv_app_oob_list \
         com.google.android.gms,com.android.vending
      2. cmd package compile -m speed -f com.google.android.gms (then
         com.android.vending, com.google.android.googlequicksearchbox)
      3. dumpsys package dexopt
         # .vending and .gms are "verify", .googlequicksearchbox is
         # "speed".
Test: settings put global priv_app_oob_list 'ALL'  # see the same result
Test: settings delete global priv_app_oob_list  # see the same result
Test: atest SettingsBackupTest
Bug: 30972906
Bug: 63920015
Change-Id: Iba47b4763a026cdc94939db0a743822278917269
parent 8ea760c8

core/java/android/provider/Settings.java

+8 −0
Original line number Diff line number Diff line
@@ -8901,6 +8901,14 @@ public final class Settings { 
         */

        public static final String PRIV_APP_OOB_ENABLED = "priv_app_oob_enabled";













        /**













         * Comma separated list of privileged package names, which will be running out-of-box APK.













         * Default: "ALL"













         *













         * @hide













         */













        public static final String PRIV_APP_OOB_LIST = "priv_app_oob_list";



























        /**















         * The interval in milliseconds at which location requests will be throttled when they are















         * coming from the background.

































core/tests/coretests/src/android/provider/SettingsBackupTest.java



+1
−0




























Original line number
Diff line number
Diff line








@@ -355,6 +355,7 @@ public class SettingsBackupTest {













                    Settings.Global.POWER_MANAGER_CONSTANTS,















                    Settings.Global.PREFERRED_NETWORK_MODE,















                    Settings.Global.PRIV_APP_OOB_ENABLED,













                    Settings.Global.PRIV_APP_OOB_LIST,















                    Settings.Global.PROVISIONING_APN_ALARM_DELAY_IN_MS,















                    Settings.Global.RADIO_BLUETOOTH,















                    Settings.Global.RADIO_CELL,

































services/core/java/com/android/server/am/ActivityManagerService.java



+2
−1




























Original line number
Diff line number
Diff line








@@ -466,6 +466,7 @@ import com.android.server.firewall.IntentFirewall;













import com.android.server.job.JobSchedulerInternal;















import com.android.server.pm.Installer;















import com.android.server.pm.Installer.InstallerException;













import com.android.server.pm.dex.DexManager;















import com.android.server.utils.PriorityDump;















import com.android.server.vr.VrManagerInternal;















import com.android.server.wm.PinnedStackWindowController;










@@ -4282,7 +4283,7 @@ public class ActivityManagerService extends IActivityManager.Stub













            }





























            if (app.info.isPrivilegedApp() &&













                    SystemProperties.getBoolean("pm.dexopt.priv-apps-oob", false)) {













                    DexManager.isPackageSelectedToRunOob(app.pkgList.keySet())) {















                runtimeFlags |= Zygote.ONLY_USE_SYSTEM_OAT_FILES;















            }







































services/core/java/com/android/server/pm/PackageDexOptimizer.java



+4
−4




























Original line number
Diff line number
Diff line








@@ -34,6 +34,7 @@ import android.util.Slog;













import com.android.internal.annotations.GuardedBy;















import com.android.internal.util.IndentingPrintWriter;















import com.android.server.pm.Installer.InstallerException;













import com.android.server.pm.dex.DexManager;















import com.android.server.pm.dex.DexoptOptions;















import com.android.server.pm.dex.DexoptUtils;















import com.android.server.pm.dex.PackageDexUsage;










@@ -495,9 +496,8 @@ public class PackageDexOptimizer {













            boolean isUsedByOtherApps) {















        int flags = info.flags;















        boolean vmSafeMode = (flags & ApplicationInfo.FLAG_VM_SAFE_MODE) != 0;













        // When pm.dexopt.priv-apps-oob is true, we only verify privileged apps.













        if (info.isPrivilegedApp() &&













            SystemProperties.getBoolean("pm.dexopt.priv-apps-oob", false)) {













        // When a priv app is configured to run out of box, only verify it.













        if (info.isPrivilegedApp() && DexManager.isPackageSelectedToRunOob(info.packageName)) {















            return "verify";















        }















        if (vmSafeMode) {

































services/core/java/com/android/server/pm/PackageManagerService.java



+3
−25




























Original line number
Diff line number
Diff line








@@ -578,8 +578,6 @@ public class PackageManagerService extends IPackageManager.Stub



























    private static final String PRODUCT_OVERLAY_DIR = "/product/overlay";



























    private static final String PROPERTY_NAME_PM_DEXOPT_PRIV_APPS_OOB = "pm.dexopt.priv-apps-oob";



























    /** Canonical intent used to identify what counts as a "web browser" app */















    private static final Intent sBrowserIntent;















    static {










@@ -2459,7 +2457,7 @@ public class PackageManagerService extends IPackageManager.Stub













                "*dexopt*");















        DexManager.Listener dexManagerListener = DexLogger.getListener(this,















                installer, mInstallLock);













        mDexManager = new DexManager(this, mPackageDexOptimizer, installer, mInstallLock,













        mDexManager = new DexManager(mContext, this, mPackageDexOptimizer, installer, mInstallLock,















                dexManagerListener);















        mArtManagerService = new ArtManagerService(mContext, this, installer, mInstallLock);















        mMoveCallbacks = new MoveCallbacks(FgThread.get().getLooper());










@@ -10428,11 +10426,7 @@ public class PackageManagerService extends IPackageManager.Stub













                Log.d(TAG, "Scanning package " + pkg.packageName);















        }



























        if (Build.IS_DEBUGGABLE &&













                pkg.isPrivileged() &&













                SystemProperties.getBoolean(PROPERTY_NAME_PM_DEXOPT_PRIV_APPS_OOB, false)) {













            PackageManagerServiceUtils.logPackageHasUncompressedCode(pkg);













        }













        DexManager.maybeLogUnexpectedPackageDetails(pkg);





























        // Initialize package source and resource directories















        final File scanFile = new File(pkg.codePath);










@@ -21023,23 +21017,6 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());













                        .getUriFor(Secure.INSTANT_APPS_ENABLED), false, co, UserHandle.USER_SYSTEM);















        co.onChange(true);



























        // This observer provides an one directional mapping from Global.PRIV_APP_OOB_ENABLED to













        // pm.dexopt.priv-apps-oob property. This is only for experiment and should be removed once













        // it is done.













        ContentObserver privAppOobObserver = new ContentObserver(mHandler) {













            @Override













            public void onChange(boolean selfChange) {













                int oobEnabled = Global.getInt(resolver, Global.PRIV_APP_OOB_ENABLED, 0);













                SystemProperties.set(PROPERTY_NAME_PM_DEXOPT_PRIV_APPS_OOB,













                        oobEnabled == 1 ? "true" : "false");













            }













        };













        mContext.getContentResolver().registerContentObserver(













                Global.getUriFor(Global.PRIV_APP_OOB_ENABLED), false, privAppOobObserver,













                UserHandle.USER_SYSTEM);













        // At boot, restore the value from the setting, which persists across reboot.













        privAppOobObserver.onChange(true);



























        // Disable any carrier apps. We do this very early in boot to prevent the apps from being















        // disabled after already being started.















        CarrierAppUtils.disableCarrierAppsUntilPrivileged(mContext.getOpPackageName(), this,










@@ -21128,6 +21105,7 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());













        storage.registerListener(mStorageListener);





























        mInstallerService.systemReady();













        mDexManager.systemReady();















        mPackageDexOptimizer.systemReady();





























        StorageManagerInternal StorageManagerInternal = LocalServices.getService(