Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8b1aad62 authored by Svet Ganov's avatar Svet Ganov
Browse files

Pipe start op throught app ops policy and delegate 

bug: 185504196

Test: atest CtsAppOpsTestCases
      atest CtsPermissionTestCases
      atest CtsPermission2TestCases
      atest CtsPermission3TestCases
      atest CtsPermission4TestCases
      atest CtsPermission5TestCases

Change-Id: I5869a3e9719830f59624519f2d54f0765119cf5f
parent a4a7cd06

core/java/android/app/AppOpsManagerInternal.java

+24 −0
Original line number Diff line number Diff line
@@ -26,6 +26,7 @@ import android.util.SparseIntArray; 
import com.android.internal.app.IAppOpsCallback;

import com.android.internal.util.function.HeptFunction;

import com.android.internal.util.function.HexFunction;

import com.android.internal.util.function.NonaFunction;

import com.android.internal.util.function.OctFunction;

import com.android.internal.util.function.QuadFunction;

import com.android.internal.util.function.TriFunction;
@@ -100,9 +101,32 @@ public abstract class AppOpsManagerInternal { 
                @NonNull HexFunction<Integer, AttributionSource, Boolean, String, Boolean,

                        Boolean, SyncNotedAppOp> superImpl);



        /**

         * Allows overriding start operation behavior.

         *

         * @param token The client state.

         * @param code The op code to start.

         * @param uid The UID for which to note.

         * @param packageName The package for which to note. {@code null} for system package.

         * @param attributionTag the attribution tag.

         * @param startIfModeDefault Whether to start the op of the mode is default.

         * @param shouldCollectAsyncNotedOp If an {@link AsyncNotedAppOp} should be collected

         * @param message The message in the async noted op

         * @param shouldCollectMessage whether to collect messages

         * @param superImpl The super implementation.

         * @return The app op note result.

         */

        SyncNotedAppOp startOperation(IBinder token, int code, int uid,

                @Nullable String packageName, @Nullable String attributionTag,

                boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp,

                @Nullable String message, boolean shouldCollectMessage, @NonNull NonaFunction<

                        IBinder, Integer, Integer, String, String, Boolean, Boolean, String,

                        Boolean, SyncNotedAppOp> superImpl);



        /**

         * Allows overriding start proxy operation behavior.

         *

         * @param token The client state.

         * @param code The op code to start.

         * @param attributionSource The permission identity of the caller.

         * @param startIfModeDefault Whether to start the op of the mode is default.

data/etc/privapp-permissions-platform.xml

+1 −0
Original line number Diff line number Diff line
@@ -344,6 +344,7 @@ applications that come with the platform 
        <permission name="android.permission.ACTIVITY_EMBEDDING"/>

        <permission name="android.permission.FORCE_STOP_PACKAGES"/>

        <permission name="android.permission.GET_APP_OPS_STATS"/>

        <permission name="android.permission.WATCH_APPOPS"/>

        <permission name="android.permission.INSTALL_DYNAMIC_SYSTEM"/>

        <permission name="android.permission.INSTALL_LOCATION_PROVIDER"/>

        <permission name="android.permission.INSTALL_PACKAGES"/>

packages/Shell/AndroidManifest.xml

+1 −0
Original line number Diff line number Diff line
@@ -299,6 +299,7 @@ 
    <uses-permission android:name="android.permission.COMPANION_APPROVE_WIFI_CONNECTIONS" />



    <uses-permission android:name="android.permission.MANAGE_APPOPS" />

    <uses-permission android:name="android.permission.WATCH_APPOPS" />



    <!-- Permission required for IncrementalLogCollectionTest -->

    <uses-permission android:name="android.permission.LOADER_USAGE_STATS" />

services/core/java/com/android/server/am/ActivityManagerService.java

+24 −0
Original line number Diff line number Diff line
@@ -346,6 +346,7 @@ import com.android.internal.util.MemInfoReader; 
import com.android.internal.util.Preconditions;

import com.android.internal.util.function.HeptFunction;

import com.android.internal.util.function.HexFunction;

import com.android.internal.util.function.NonaFunction;

import com.android.internal.util.function.OctFunction;

import com.android.internal.util.function.QuadFunction;

import com.android.internal.util.function.TriFunction;
@@ -16736,6 +16737,29 @@ public class ActivityManagerService extends IActivityManager.Stub 
                    message, shouldCollectMessage, skiProxyOperation);

        }









        @Override









        public SyncNotedAppOp startOperation(IBinder token, int code, int uid,









                @Nullable String packageName, @Nullable String attributionTag,









                boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp,









                @Nullable String message, boolean shouldCollectMessage,









                @NonNull NonaFunction<IBinder, Integer, Integer, String, String, Boolean,









                        Boolean, String, Boolean, SyncNotedAppOp> superImpl) {









            if (uid == mTargetUid && isTargetOp(code)) {









                final int shellUid = UserHandle.getUid(UserHandle.getUserId(uid),









                        Process.SHELL_UID);









                final long identity = Binder.clearCallingIdentity();









                try {









                    return superImpl.apply(token, code, shellUid, "com.android.shell",









                            attributionTag, startIfModeDefault, shouldCollectAsyncNotedOp, message,









                            shouldCollectMessage);









                } finally {









                    Binder.restoreCallingIdentity(identity);









                }









            }









            return superImpl.apply(token, code, uid, packageName, attributionTag,









                    startIfModeDefault, shouldCollectAsyncNotedOp, message, shouldCollectMessage);









        }

















        @Override









        public SyncNotedAppOp startProxyOperation(IBinder token, int code,









                @NonNull AttributionSource attributionSource, boolean startIfModeDefault,

























services/core/java/com/android/server/appop/AppOpsService.java



+46
−5






























Original line number
Diff line number
Diff line







@@ -3509,9 +3509,19 @@ public class AppOpsService extends IAppOpsService.Stub {







    }



















    @Override









    public SyncNotedAppOp startOperation(IBinder clientId, int code, int uid, String packageName,









            String attributionTag, boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp,









    public SyncNotedAppOp startOperation(IBinder token, int code, int uid,









            @Nullable String packageName, @Nullable String attributionTag,









            boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp,









            String message, boolean shouldCollectMessage) {









        return mCheckOpsDelegateDispatcher.startOperation(token, code, uid, packageName,









                attributionTag, startIfModeDefault, shouldCollectAsyncNotedOp, message,









                shouldCollectMessage);









    }



















    private SyncNotedAppOp startOperationImpl(@NonNull IBinder clientId, int code, int uid,









            @Nullable String packageName, @Nullable String attributionTag,









            boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp, @NonNull String message,









            boolean shouldCollectMessage) {









        verifyIncomingUid(uid);









        verifyIncomingOp(code);









        verifyIncomingPackage(packageName, UserHandle.getUserId(uid));








@@ -3535,7 +3545,6 @@ public class AppOpsService extends IAppOpsService.Stub {







        return startOperationUnchecked(clientId, code, uid, packageName, attributionTag,









                Process.INVALID_UID, null, null, OP_FLAG_SELF, startIfModeDefault,









                shouldCollectAsyncNotedOp, message, shouldCollectMessage, false);



















    }



















    @Override








@@ -6973,8 +6982,8 @@ public class AppOpsService extends IAppOpsService.Stub {







        }



















        public SyncNotedAppOp noteProxyOperation(int code, AttributionSource attributionSource,









                boolean shouldCollectAsyncNotedOp, String message, boolean shouldCollectMessage,









                boolean skipProxyOperation) {









                boolean shouldCollectAsyncNotedOp, @Nullable String message,









                boolean shouldCollectMessage, boolean skipProxyOperation) {









            if (mPolicy != null) {









                if (mCheckOpsDelegate != null) {









                    return mPolicy.noteProxyOperation(code, attributionSource,








@@ -7003,6 +7012,38 @@ public class AppOpsService extends IAppOpsService.Stub {







                    AppOpsService.this::noteProxyOperationImpl);









        }



















        public SyncNotedAppOp startOperation(IBinder token, int code, int uid,









                @Nullable String packageName, @NonNull String attributionTag,









                boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp,









                @Nullable String message, boolean shouldCollectMessage) {









            if (mPolicy != null) {









                if (mCheckOpsDelegate != null) {









                    return mPolicy.startOperation(token, code, uid, packageName,









                            attributionTag, startIfModeDefault, shouldCollectAsyncNotedOp, message,









                            shouldCollectMessage, this::startDelegateOperationImpl);









                } else {









                    return mPolicy.startOperation(token, code, uid, packageName, attributionTag,









                            startIfModeDefault, shouldCollectAsyncNotedOp, message,









                            shouldCollectMessage, AppOpsService.this::startOperationImpl);









                }









            } else if (mCheckOpsDelegate != null) {









                return startDelegateOperationImpl(token, code, uid, packageName, attributionTag,









                        startIfModeDefault, shouldCollectAsyncNotedOp, message,









                        shouldCollectMessage);









            }









            return startOperationImpl(token, code, uid, packageName, attributionTag,









                    startIfModeDefault, shouldCollectAsyncNotedOp, message, shouldCollectMessage);









        }



















        private SyncNotedAppOp startDelegateOperationImpl(IBinder token, int code, int uid,









                @Nullable String packageName, @Nullable String attributionTag,









                boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp, String message,









                boolean shouldCollectMessage) {









            return mCheckOpsDelegate.startOperation(token, code, uid, packageName, attributionTag,









                    startIfModeDefault, shouldCollectAsyncNotedOp, message, shouldCollectMessage,









                    AppOpsService.this::startOperationImpl);









        }



















        public SyncNotedAppOp startProxyOperation(IBinder clientId, int code,









                @NonNull AttributionSource attributionSource, boolean startIfModeDefault,









                boolean shouldCollectAsyncNotedOp, String message, boolean shouldCollectMessage,