Merge changes from topics "presubmit-am-18cfee8fd4a246488709515ab35ce4dd",... (9f4d4e73) · Commits · e / os / android_frameworks_base

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+37 −46

Original line number	Original line	Diff line number	Diff line
	@@ -279,7 +279,6 @@ import android.net.wifi.WifiManager;
	import android.os.Binder;		import android.os.Binder;
	import android.os.Build;		import android.os.Build;
	import android.os.Bundle;		import android.os.Bundle;
	import android.os.Environment;
	import android.os.Handler;		import android.os.Handler;
	import android.os.IBinder;		import android.os.IBinder;
	import android.os.Looper;		import android.os.Looper;
	@@ -679,6 +678,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {

	final Context mContext;		final Context mContext;
	final Injector mInjector;		final Injector mInjector;
			final PolicyPathProvider mPathProvider;
	final IPackageManager mIPackageManager;		final IPackageManager mIPackageManager;
	final IPermissionManager mIPermissionManager;		final IPermissionManager mIPermissionManager;
	final UserManager mUserManager;		final UserManager mUserManager;
	@@ -890,7 +890,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	}		}

	@GuardedBy("getLockObject()")		@GuardedBy("getLockObject()")
	final SparseArray<DevicePolicyData> mUserData = new SparseArray<>();		final SparseArray<DevicePolicyData> mUserData;

	@GuardedBy("getLockObject()")		@GuardedBy("getLockObject()")

	@@ -1365,7 +1365,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {

	public final Context mContext;		public final Context mContext;

	private @Nullable DevicePolicySafetyChecker mSafetyChecker;		@Nullable private DevicePolicySafetyChecker mSafetyChecker;

	Injector(Context context) {		Injector(Context context) {
	mContext = context;		mContext = context;
	@@ -1384,12 +1384,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	return mContext.getResources();		return mContext.getResources();
	}		}

	Owners newOwners() {
	return new Owners(getUserManager(), getUserManagerInternal(),
	getPackageManagerInternal(), getActivityTaskManagerInternal(),
	getActivityManagerInternal());
	}

	UserManager getUserManager() {		UserManager getUserManager() {
	return UserManager.get(mContext);		return UserManager.get(mContext);
	}		}
	@@ -1595,10 +1589,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	return UserHandle.getUserId(binderGetCallingUid());		return UserHandle.getUserId(binderGetCallingUid());
	}		}

	File environmentGetUserSystemDirectory(int userId) {
	return Environment.getUserSystemDirectory(userId);
	}

	void powerManagerGoToSleep(long time, int reason, int flags) {		void powerManagerGoToSleep(long time, int reason, int flags) {
	mContext.getSystemService(PowerManager.class).goToSleep(time, reason, flags);		mContext.getSystemService(PowerManager.class).goToSleep(time, reason, flags);
	}		}
	@@ -1641,10 +1631,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	return UserManager.isHeadlessSystemUserMode();		return UserManager.isHeadlessSystemUserMode();
	}		}

	String getDevicePolicyFilePathForSystemUser() {
	return "/data/system/";
	}

	@SuppressWarnings("AndroidFrameworkPendingIntentMutability")		@SuppressWarnings("AndroidFrameworkPendingIntentMutability")
	PendingIntent pendingIntentGetActivityAsUser(Context context, int requestCode,		PendingIntent pendingIntentGetActivityAsUser(Context context, int requestCode,
	@NonNull Intent intent, int flags, Bundle options, UserHandle user) {		@NonNull Intent intent, int flags, Bundle options, UserHandle user) {
	@@ -1777,14 +1763,16 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	* Instantiates the service.		* Instantiates the service.
	*/		*/
	public DevicePolicyManagerService(Context context) {		public DevicePolicyManagerService(Context context) {
	this(new Injector(context.createAttributionContext(ATTRIBUTION_TAG)));		this(new Injector(
			context.createAttributionContext(ATTRIBUTION_TAG)), new PolicyPathProvider() {});
	}		}

	@VisibleForTesting		@VisibleForTesting
	DevicePolicyManagerService(Injector injector) {		DevicePolicyManagerService(Injector injector, PolicyPathProvider pathProvider) {
	DevicePolicyManager.disableLocalCaches();		DevicePolicyManager.disableLocalCaches();

	mInjector = injector;		mInjector = injector;
			mPathProvider = pathProvider;
	mContext = Objects.requireNonNull(injector.mContext);		mContext = Objects.requireNonNull(injector.mContext);
	mHandler = new Handler(Objects.requireNonNull(injector.getMyLooper()));		mHandler = new Handler(Objects.requireNonNull(injector.getMyLooper()));

	@@ -1792,8 +1780,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	mConstantsObserver.register();		mConstantsObserver.register();
	mConstants = loadConstants();		mConstants = loadConstants();

	mOwners = Objects.requireNonNull(injector.newOwners());

	mUserManager = Objects.requireNonNull(injector.getUserManager());		mUserManager = Objects.requireNonNull(injector.getUserManager());
	mUserManagerInternal = Objects.requireNonNull(injector.getUserManagerInternal());		mUserManagerInternal = Objects.requireNonNull(injector.getUserManagerInternal());
	mUsageStatsManagerInternal = Objects.requireNonNull(		mUsageStatsManagerInternal = Objects.requireNonNull(
	@@ -1831,12 +1817,23 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {

	// "Lite" interface is available even when the device doesn't have the feature		// "Lite" interface is available even when the device doesn't have the feature
	LocalServices.addService(DevicePolicyManagerLiteInternal.class, mLocalService);		LocalServices.addService(DevicePolicyManagerLiteInternal.class, mLocalService);

			// Policy version upgrade must not depend on either mOwners or mUserData, so they are
			// initialized only after performing the upgrade.
			if (mHasFeature) {
			performPolicyVersionUpgrade();
			}
			mUserData = new SparseArray<>();
			mOwners = makeOwners(injector, pathProvider);

	if (!mHasFeature) {		if (!mHasFeature) {
	// Skip the rest of the initialization		// Skip the rest of the initialization
	mSetupContentObserver = null;		mSetupContentObserver = null;
	return;		return;
	}		}

			loadOwners();

	IntentFilter filter = new IntentFilter();		IntentFilter filter = new IntentFilter();
	filter.addAction(Intent.ACTION_BOOT_COMPLETED);		filter.addAction(Intent.ACTION_BOOT_COMPLETED);
	filter.addAction(ACTION_EXPIRED_PASSWORD_NOTIFICATION);		filter.addAction(ACTION_EXPIRED_PASSWORD_NOTIFICATION);
	@@ -1872,16 +1869,19 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	new RestrictionsListener(mContext, mUserManagerInternal, this));		new RestrictionsListener(mContext, mUserManagerInternal, this));
	mUserManagerInternal.addUserLifecycleListener(new UserLifecycleListener());		mUserManagerInternal.addUserLifecycleListener(new UserLifecycleListener());

	loadOwners();

	performPolicyVersionUpgrade();

	mDeviceManagementResourcesProvider.load();		mDeviceManagementResourcesProvider.load();

	// The binder caches are not enabled until the first invalidation.		// The binder caches are not enabled until the first invalidation.
	invalidateBinderCaches();		invalidateBinderCaches();
	}		}

			private Owners makeOwners(Injector injector, PolicyPathProvider pathProvider) {
			return new Owners(injector.getUserManager(), injector.getUserManagerInternal(),
			injector.getPackageManagerInternal(),
			injector.getActivityTaskManagerInternal(),
			injector.getActivityManagerInternal(), pathProvider);
			}

	/**		/**
	* Invalidate the binder API caches. The invalidation itself does not require any		* Invalidate the binder API caches. The invalidation itself does not require any
	* locking, but this specific call should be protected by getLockObject() to ensure		* locking, but this specific call should be protected by getLockObject() to ensure
	@@ -1975,8 +1975,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	mUserData.remove(userHandle);		mUserData.remove(userHandle);
	}		}

	File policyFile = new File(mInjector.environmentGetUserSystemDirectory(userHandle),		File policyFile =
	DEVICE_POLICIES_XML);		new File(mPathProvider.getUserSystemDirectory(userHandle), DEVICE_POLICIES_XML);
	policyFile.delete();		policyFile.delete();
	Slogf.i(LOG_TAG, "Removed device policy file " + policyFile.getAbsolutePath());		Slogf.i(LOG_TAG, "Removed device policy file " + policyFile.getAbsolutePath());
	}		}
	@@ -2879,8 +2879,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {

	private File getPolicyFileDirectory(@UserIdInt int userId) {		private File getPolicyFileDirectory(@UserIdInt int userId) {
	return userId == UserHandle.USER_SYSTEM		return userId == UserHandle.USER_SYSTEM
	? new File(mInjector.getDevicePolicyFilePathForSystemUser())		? mPathProvider.getDataSystemDirectory()
	: mInjector.environmentGetUserSystemDirectory(userId);		: mPathProvider.getUserSystemDirectory(userId);
	}		}

	private JournaledFile makeJournaledFile(@UserIdInt int userId, String fileName) {		private JournaledFile makeJournaledFile(@UserIdInt int userId, String fileName) {
	@@ -3087,13 +3087,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	updateUsbDataSignal();		updateUsbDataSignal();
	}		}

			// TODO(b/230841522) Make it static.
	private class DpmsUpgradeDataProvider implements PolicyUpgraderDataProvider {		private class DpmsUpgradeDataProvider implements PolicyUpgraderDataProvider {
	@Override
	public boolean isDeviceOwner(int userId, ComponentName who) {
	return mOwners.isDeviceOwnerUserId(userId)
	&& mOwners.getDeviceOwnerComponent().equals(who);
	}

	@Override		@Override
	public boolean storageManagerIsFileBasedEncryptionEnabled() {		public boolean storageManagerIsFileBasedEncryptionEnabled() {
	return mInjector.storageManagerIsFileBasedEncryptionEnabled();		return mInjector.storageManagerIsFileBasedEncryptionEnabled();
	@@ -3109,15 +3104,10 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	return DevicePolicyManagerService.this.makeJournaledFile(userId, POLICIES_VERSION_XML);		return DevicePolicyManagerService.this.makeJournaledFile(userId, POLICIES_VERSION_XML);
	}		}

	@Override
	public ComponentName getOwnerComponent(int userId) {
	return DevicePolicyManagerService.this.getOwnerComponent(userId);
	}

	@Override		@Override
	public Function<ComponentName, DeviceAdminInfo> getAdminInfoSupplier(int userId) {		public Function<ComponentName, DeviceAdminInfo> getAdminInfoSupplier(int userId) {
	return component -> findAdmin(component, userId, /* throwForMissingPermission= */		return component ->
	false);		findAdmin(component, userId, /* throwForMissingPermission= */ false);
	}		}

	@Override		@Override
	@@ -3128,7 +3118,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	}		}

	private void performPolicyVersionUpgrade() {		private void performPolicyVersionUpgrade() {
	PolicyVersionUpgrader upgrader = new PolicyVersionUpgrader(new DpmsUpgradeDataProvider());		PolicyVersionUpgrader upgrader = new PolicyVersionUpgrader(
			new DpmsUpgradeDataProvider(), mPathProvider);
	upgrader.upgradePolicy(DPMS_VERSION);		upgrader.upgradePolicy(DPMS_VERSION);
	}		}

	@@ -16280,7 +16271,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	synchronized (getLockObject()) {		synchronized (getLockObject()) {
	final int callingUserId = caller.getUserId();		final int callingUserId = caller.getUserId();
	final File bundleFile = new File(		final File bundleFile = new File(
	mInjector.environmentGetUserSystemDirectory(callingUserId),		mPathProvider.getUserSystemDirectory(callingUserId),
	TRANSFER_OWNERSHIP_PARAMETERS_XML);		TRANSFER_OWNERSHIP_PARAMETERS_XML);
	if (!bundleFile.exists()) {		if (!bundleFile.exists()) {
	return null;		return null;
	@@ -16474,7 +16465,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	@VisibleForTesting		@VisibleForTesting
	void saveTransferOwnershipBundleLocked(PersistableBundle bundle, int userId) {		void saveTransferOwnershipBundleLocked(PersistableBundle bundle, int userId) {
	final File parametersFile = new File(		final File parametersFile = new File(
	mInjector.environmentGetUserSystemDirectory(userId),		mPathProvider.getUserSystemDirectory(userId),
	TRANSFER_OWNERSHIP_PARAMETERS_XML);		TRANSFER_OWNERSHIP_PARAMETERS_XML);
	final AtomicFile atomicFile = new AtomicFile(parametersFile);		final AtomicFile atomicFile = new AtomicFile(parametersFile);
	FileOutputStream stream = null;		FileOutputStream stream = null;
	@@ -16496,7 +16487,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
	}		}

	void deleteTransferOwnershipBundleLocked(int userId) {		void deleteTransferOwnershipBundleLocked(int userId) {
	final File parametersFile = new File(mInjector.environmentGetUserSystemDirectory(userId),		final File parametersFile = new File(mPathProvider.getUserSystemDirectory(userId),
	TRANSFER_OWNERSHIP_PARAMETERS_XML);		TRANSFER_OWNERSHIP_PARAMETERS_XML);
	parametersFile.delete();		parametersFile.delete();
	}		}

services/devicepolicy/java/com/android/server/devicepolicy/Owners.java

+156 −654

File changed.

Preview size limit exceeded, changes collapsed.

services/devicepolicy/java/com/android/server/devicepolicy/OwnersData.java

0 → 100644

+579 −0

File added.

Preview size limit exceeded, changes collapsed.

services/devicepolicy/java/com/android/server/devicepolicy/PolicyPathProvider.java

0 → 100644

+42 −0

Original line number	Original line	Diff line number	Diff line
			/*
			* Copyright (C) 2022 The Android Open Source Project
			*
			* Licensed under the Apache License, Version 2.0 (the "License");
			* you may not use this file except in compliance with the License.
			* You may obtain a copy of the License at
			*
			* http://www.apache.org/licenses/LICENSE-2.0
			*
			* Unless required by applicable law or agreed to in writing, software
			* distributed under the License is distributed on an "AS IS" BASIS,
			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			* See the License for the specific language governing permissions and
			* limitations under the License.
			*/

			package com.android.server.devicepolicy;

			import android.os.Environment;

			import java.io.File;

			/**
			* Interface providing directories for various DPMS files.
			*/
			public interface PolicyPathProvider {
			/**
			* Returns policy data directory for system user, typically /data/system
			* Used for SYSTEM_USER policies, device owner file and policy version file.
			*/
			default File getDataSystemDirectory() {
			return Environment.getDataSystemDirectory();
			}

			/**
			* Returns policy data directory for a given user, typically /data/system/users/$userId
			* Used for non-system user policies and profile owner files.
			*/
			default File getUserSystemDirectory(int userId) {
			return Environment.getUserSystemDirectory(userId);
			}
			}

services/devicepolicy/java/com/android/server/devicepolicy/PolicyUpgraderDataProvider.java

+0 −12

Original line number	Original line	Diff line number	Diff line
	@@ -16,7 +16,6 @@

	package com.android.server.devicepolicy;		package com.android.server.devicepolicy;

	import android.annotation.Nullable;
	import android.app.admin.DeviceAdminInfo;		import android.app.admin.DeviceAdminInfo;
	import android.content.ComponentName;		import android.content.ComponentName;

	@@ -29,12 +28,6 @@ import java.util.function.Function;
	* to go through the upgrade process.		* to go through the upgrade process.
	*/		*/
	public interface PolicyUpgraderDataProvider {		public interface PolicyUpgraderDataProvider {
	/**
	* Returns true if the provided {@code userId} is a device owner. May affect some policy
	* defaults.
	*/
	boolean isDeviceOwner(int userId, ComponentName who);

	/**		/**
	* Returns true if the storage manager indicates file-based encryption is enabled.		* Returns true if the storage manager indicates file-based encryption is enabled.
	*/		*/
	@@ -50,11 +43,6 @@ public interface PolicyUpgraderDataProvider {
	*/		*/
	JournaledFile makePoliciesVersionJournaledFile(int userId);		JournaledFile makePoliciesVersionJournaledFile(int userId);

	/**
	* Returns the {@code ComponentName} of the owner component for a user.
	*/
	@Nullable ComponentName getOwnerComponent(int userId);

	/**		/**
	* Returns a function which provides the component name and device admin info for a given		* Returns a function which provides the component name and device admin info for a given
	* user.		* user.