Loading core/java/android/app/admin/DevicePolicyManager.java +218 −36 Original line number Original line Diff line number Diff line Loading @@ -64,6 +64,7 @@ import android.nfc.NfcAdapter; import android.os.Binder; import android.os.Binder; import android.os.Build; import android.os.Build; import android.os.Bundle; import android.os.Bundle; import android.os.IpcDataCache; import android.os.ParcelFileDescriptor; import android.os.ParcelFileDescriptor; import android.os.Parcelable; import android.os.Parcelable; import android.os.PersistableBundle; import android.os.PersistableBundle; Loading Loading @@ -3781,6 +3782,60 @@ public class DevicePolicyManager { public static final String EXTRA_RESOURCE_IDS = public static final String EXTRA_RESOURCE_IDS = "android.app.extra.RESOURCE_IDS"; "android.app.extra.RESOURCE_IDS"; /** * A convenience class that wraps some IpcDataCache methods. Instantiate it with an * API string. Instances can and should be final static. All instances of this class * use the same key for invalidation. */ private static class BinderApi { private final static String KEY = "DevicePolicyManager"; private final String mApi; BinderApi(String api) { mApi = api; } final String api() { return mApi; } final String key() { return KEY; } final static void invalidate() { IpcDataCache.invalidateCache(IpcDataCache.MODULE_SYSTEM, KEY); } final void disable() { IpcDataCache.disableForCurrentProcess(mApi); } } /** @hide */ public static void invalidateBinderCaches() { BinderApi.invalidate(); } /** * A simple wrapper for binder caches in this class. All caches are created with a * maximum of 8 entries, the SYSTEM module, and a cache name that is the same as the api. */ private static class BinderCache<Q,R> extends IpcDataCache<Q,R> { BinderCache(BinderApi api, IpcDataCache.QueryHandler<Q,R> handler) { super(8, IpcDataCache.MODULE_SYSTEM, api.key(), api.api(), handler); } } /** * Disable all caches in the local process. * @hide */ public static void disableLocalProcessCaches() { disableGetKeyguardDisabledFeaturesCache(); disableHasDeviceOwnerCache(); disableGetProfileOwnerOrDeviceOwnerSupervisionComponentCache(); disableIsOrganizationOwnedDeviceWithManagedProfileCache(); disableGetDeviceOwnerOrganizationNameCache(); disableGetOrganizationNameForUserCache(); disableIsNetworkLoggingEnabled(); } /** @hide */ /** @hide */ @NonNull @NonNull @TestApi @TestApi Loading Loading @@ -8380,18 +8435,58 @@ public class DevicePolicyManager { return getKeyguardDisabledFeatures(admin, myUserId()); return getKeyguardDisabledFeatures(admin, myUserId()); } } /** @hide per-user version */ // A key into the keyguard cache. @UnsupportedAppUsage private static class KeyguardQuery { public int getKeyguardDisabledFeatures(@Nullable ComponentName admin, int userHandle) { private final ComponentName mAdmin; if (mService != null) { private final int mUserHandle; KeyguardQuery(@Nullable ComponentName admin, int userHandle) { mAdmin = admin; mUserHandle = userHandle; } public boolean equals(Object o) { if (o instanceof KeyguardQuery) { KeyguardQuery r = (KeyguardQuery) o; return Objects.equals(mAdmin, r.mAdmin) && mUserHandle == r.mUserHandle; } else { return false; } } public int hashCode() { return ((mAdmin != null) ? mAdmin.hashCode() : 0) * 13 + mUserHandle; } } // The query handler does not cache wildcard user IDs, although they should never // appear in the query. private static final BinderApi sGetKeyguardDisabledFeatures = new BinderApi("getKeyguardDisabledFeatures"); private BinderCache<KeyguardQuery, Integer> mGetKeyGuardDisabledFeaturesCache = new BinderCache<>(sGetKeyguardDisabledFeatures, new IpcDataCache.QueryHandler<KeyguardQuery, Integer>() { @Override public Integer apply(KeyguardQuery query) { try { try { return mService.getKeyguardDisabledFeatures(admin, userHandle, mParentInstance); return mService.getKeyguardDisabledFeatures( query.mAdmin, query.mUserHandle, mParentInstance); } catch (RemoteException e) { } catch (RemoteException e) { throw e.rethrowFromSystemServer(); throw e.rethrowFromSystemServer(); } } }}); /** @hide */ public static void disableGetKeyguardDisabledFeaturesCache() { sGetKeyguardDisabledFeatures.disable(); } } /** @hide per-user version */ @UnsupportedAppUsage public int getKeyguardDisabledFeatures(@Nullable ComponentName admin, int userHandle) { if (mService != null) { return mGetKeyGuardDisabledFeaturesCache.query(new KeyguardQuery(admin, userHandle)); } else { return KEYGUARD_DISABLE_FEATURES_NONE; return KEYGUARD_DISABLE_FEATURES_NONE; } } } /** /** * @hide * @hide Loading Loading @@ -8769,6 +8864,24 @@ public class DevicePolicyManager { return name != null ? name.getPackageName() : null; return name != null ? name.getPackageName() : null; } } private static final BinderApi sHasDeviceOwner = new BinderApi("hasDeviceOwner"); private BinderCache<Void, Boolean> mHasDeviceOwnerCache = new BinderCache<>(sHasDeviceOwner, new IpcDataCache.QueryHandler<Void, Boolean>() { @Override public Boolean apply(Void query) { try { return mService.hasDeviceOwner(); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } }}); /** @hide */ public static void disableHasDeviceOwnerCache() { sHasDeviceOwner.disable(); } /** /** * Called by the system to find out whether the device is managed by a Device Owner. * Called by the system to find out whether the device is managed by a Device Owner. * * Loading @@ -8781,11 +8894,7 @@ public class DevicePolicyManager { @SystemApi @SystemApi @SuppressLint("RequiresPermission") @SuppressLint("RequiresPermission") public boolean isDeviceManaged() { public boolean isDeviceManaged() { try { return mHasDeviceOwnerCache.query(null); return mService.hasDeviceOwner(); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } } /** /** Loading Loading @@ -9147,6 +9256,26 @@ public class DevicePolicyManager { return null; return null; } } private final static BinderApi sGetProfileOwnerOrDeviceOwnerSupervisionComponent = new BinderApi("getProfileOwnerOrDeviceOwnerSupervisionComponent"); private final BinderCache<UserHandle, ComponentName> mGetProfileOwnerOrDeviceOwnerSupervisionComponentCache = new BinderCache(sGetProfileOwnerOrDeviceOwnerSupervisionComponent, new IpcDataCache.QueryHandler<UserHandle, ComponentName>() { @Override public ComponentName apply(UserHandle user) { try { return mService.getProfileOwnerOrDeviceOwnerSupervisionComponent( user); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } }}); /** @hide */ public static void disableGetProfileOwnerOrDeviceOwnerSupervisionComponentCache() { sGetProfileOwnerOrDeviceOwnerSupervisionComponent.disable(); } /** /** * Returns the configured supervision app if it exists and is the device owner or policy owner. * Returns the configured supervision app if it exists and is the device owner or policy owner. * @hide * @hide Loading @@ -9154,11 +9283,7 @@ public class DevicePolicyManager { public @Nullable ComponentName getProfileOwnerOrDeviceOwnerSupervisionComponent( public @Nullable ComponentName getProfileOwnerOrDeviceOwnerSupervisionComponent( @NonNull UserHandle user) { @NonNull UserHandle user) { if (mService != null) { if (mService != null) { try { return mGetProfileOwnerOrDeviceOwnerSupervisionComponentCache.query(user); return mService.getProfileOwnerOrDeviceOwnerSupervisionComponent(user); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } } return null; return null; } } Loading Loading @@ -9204,6 +9329,24 @@ public class DevicePolicyManager { return null; return null; } } private final static BinderApi sIsOrganizationOwnedDeviceWithManagedProfile = new BinderApi("isOrganizationOwnedDeviceWithManagedProfile"); private final BinderCache<Void, Boolean> mIsOrganizationOwnedDeviceWithManagedProfileCache = new BinderCache(sIsOrganizationOwnedDeviceWithManagedProfile, new IpcDataCache.QueryHandler<Void, Boolean>() { @Override public Boolean apply(Void query) { try { return mService.isOrganizationOwnedDeviceWithManagedProfile(); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } }}); /** @hide */ public static void disableIsOrganizationOwnedDeviceWithManagedProfileCache() { sIsOrganizationOwnedDeviceWithManagedProfile.disable(); } /** /** * Apps can use this method to find out if the device was provisioned as * Apps can use this method to find out if the device was provisioned as * organization-owend device with a managed profile. * organization-owend device with a managed profile. Loading @@ -9220,11 +9363,7 @@ public class DevicePolicyManager { public boolean isOrganizationOwnedDeviceWithManagedProfile() { public boolean isOrganizationOwnedDeviceWithManagedProfile() { throwIfParentInstance("isOrganizationOwnedDeviceWithManagedProfile"); throwIfParentInstance("isOrganizationOwnedDeviceWithManagedProfile"); if (mService != null) { if (mService != null) { try { return mIsOrganizationOwnedDeviceWithManagedProfileCache.query(null); return mService.isOrganizationOwnedDeviceWithManagedProfile(); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } } return false; return false; } } Loading Loading @@ -12788,6 +12927,24 @@ public class DevicePolicyManager { } } } } private final static BinderApi sGetDeviceOwnerOrganizationName = new BinderApi("getDeviceOwnerOrganizationName"); private final BinderCache<Void, CharSequence> mGetDeviceOwnerOrganizationNameCache = new BinderCache(sGetDeviceOwnerOrganizationName, new IpcDataCache.QueryHandler<Void, CharSequence>() { @Override public CharSequence apply(Void query) { try { return mService.getDeviceOwnerOrganizationName(); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } }}); /** @hide */ public static void disableGetDeviceOwnerOrganizationNameCache() { sGetDeviceOwnerOrganizationName.disable(); } /** /** * Called by the system to retrieve the name of the organization managing the device. * Called by the system to retrieve the name of the organization managing the device. * * Loading @@ -12800,11 +12957,25 @@ public class DevicePolicyManager { @SystemApi @SystemApi @SuppressLint("RequiresPermission") @SuppressLint("RequiresPermission") public @Nullable CharSequence getDeviceOwnerOrganizationName() { public @Nullable CharSequence getDeviceOwnerOrganizationName() { return mGetDeviceOwnerOrganizationNameCache.query(null); } private final static BinderApi sGetOrganizationNameForUser = new BinderApi("getOrganizationNameForUser"); private final BinderCache<Integer, CharSequence> mGetOrganizationNameForUserCache = new BinderCache(sGetOrganizationNameForUser, new IpcDataCache.QueryHandler<Integer, CharSequence>() { @Override public CharSequence apply(Integer userHandle) { try { try { return mService.getDeviceOwnerOrganizationName(); return mService.getOrganizationNameForUser(userHandle); } catch (RemoteException re) { } catch (RemoteException re) { throw re.rethrowFromSystemServer(); throw re.rethrowFromSystemServer(); } } }}); /** @hide */ public static void disableGetOrganizationNameForUserCache() { sGetOrganizationNameForUser.disable(); } } /** /** Loading @@ -12816,11 +12987,7 @@ public class DevicePolicyManager { * @hide * @hide */ */ public @Nullable CharSequence getOrganizationNameForUser(int userHandle) { public @Nullable CharSequence getOrganizationNameForUser(int userHandle) { try { return mGetOrganizationNameForUserCache.query(userHandle); return mService.getOrganizationNameForUser(userHandle); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } } /** /** Loading Loading @@ -13205,6 +13372,25 @@ public class DevicePolicyManager { } } } } private final static BinderApi sNetworkLoggingApi = new BinderApi("isNetworkLoggingEnabled"); private BinderCache<ComponentName, Boolean> mIsNetworkLoggingEnabledCache = new BinderCache<>(sNetworkLoggingApi, new IpcDataCache.QueryHandler<ComponentName, Boolean>() { @Override public Boolean apply(ComponentName admin) { try { return mService.isNetworkLoggingEnabled( admin, mContext.getPackageName()); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } }}); /** @hide */ public static void disableIsNetworkLoggingEnabled() { sNetworkLoggingApi.disable(); } /** /** * Return whether network logging is enabled by a device owner or profile owner of * Return whether network logging is enabled by a device owner or profile owner of * a managed profile. * a managed profile. Loading @@ -13219,11 +13405,7 @@ public class DevicePolicyManager { */ */ public boolean isNetworkLoggingEnabled(@Nullable ComponentName admin) { public boolean isNetworkLoggingEnabled(@Nullable ComponentName admin) { throwIfParentInstance("isNetworkLoggingEnabled"); throwIfParentInstance("isNetworkLoggingEnabled"); try { return mIsNetworkLoggingEnabledCache.query(admin); return mService.isNetworkLoggingEnabled(admin, mContext.getPackageName()); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } } /** /** services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +38 −0 Original line number Original line Diff line number Diff line Loading @@ -1798,6 +1798,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { @VisibleForTesting @VisibleForTesting DevicePolicyManagerService(Injector injector) { DevicePolicyManagerService(Injector injector) { DevicePolicyManager.disableGetKeyguardDisabledFeaturesCache(); mInjector = injector; mInjector = injector; mContext = Objects.requireNonNull(injector.mContext); mContext = Objects.requireNonNull(injector.mContext); mHandler = new Handler(Objects.requireNonNull(injector.getMyLooper())); mHandler = new Handler(Objects.requireNonNull(injector.getMyLooper())); Loading Loading @@ -1889,6 +1891,19 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { performPolicyVersionUpgrade(); performPolicyVersionUpgrade(); mDeviceManagementResourcesProvider.load(); mDeviceManagementResourcesProvider.load(); // The binder caches are not enabled until the first invalidation. invalidateBinderCaches(); } /** * Invalidate the binder API caches. The invalidation itself does not require any * locking, but this specific call should be protected by getLockObject() to ensure * that the invalidation is synchronous with cached queries, for those queries that * are served under getLockObject(). */ static void invalidateBinderCaches() { DevicePolicyManager.invalidateBinderCaches(); } } /** /** Loading Loading @@ -3065,6 +3080,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { !mInjector.storageManagerIsFileBasedEncryptionEnabled())) { !mInjector.storageManagerIsFileBasedEncryptionEnabled())) { sendChangedNotification(userHandle); sendChangedNotification(userHandle); } } invalidateBinderCaches(); } } private void sendChangedNotification(int userHandle) { private void sendChangedNotification(int userHandle) { Loading Loading @@ -3386,6 +3402,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (owner != null) { if (owner != null) { mDeviceAdminServiceController.startServiceForOwner( mDeviceAdminServiceController.startServiceForOwner( owner.getPackageName(), userId, actionForLog); owner.getPackageName(), userId, actionForLog); invalidateBinderCaches(); } } } } Loading Loading @@ -8411,6 +8428,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { /** /** * Gets the disabled state for features in keyguard for the given admin, * Gets the disabled state for features in keyguard for the given admin, * or the aggregate of all active admins if who is null. * or the aggregate of all active admins if who is null. * This API is cached: invalidate with invalidateBinderCaches(). */ */ @Override @Override public int getKeyguardDisabledFeatures(ComponentName who, int userHandle, boolean parent) { public int getKeyguardDisabledFeatures(ComponentName who, int userHandle, boolean parent) { Loading Loading @@ -8620,6 +8638,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return true; return true; } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public boolean hasDeviceOwner() { public boolean hasDeviceOwner() { final CallerIdentity caller = getCallerIdentity(); final CallerIdentity caller = getCallerIdentity(); Loading Loading @@ -9395,6 +9416,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { }); }); } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public @Nullable ComponentName getProfileOwnerOrDeviceOwnerSupervisionComponent( public @Nullable ComponentName getProfileOwnerOrDeviceOwnerSupervisionComponent( @NonNull UserHandle userHandle) { @NonNull UserHandle userHandle) { Loading Loading @@ -9460,6 +9484,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return UserHandle.USER_NULL; return UserHandle.USER_NULL; } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public boolean isOrganizationOwnedDeviceWithManagedProfile() { public boolean isOrganizationOwnedDeviceWithManagedProfile() { if (!mHasFeature) { if (!mHasFeature) { Loading Loading @@ -13045,6 +13072,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { @Override @Override public void onChange(boolean selfChange, Uri uri, int userId) { public void onChange(boolean selfChange, Uri uri, int userId) { mConstants = loadConstants(); mConstants = loadConstants(); invalidateBinderCaches(); mInjector.binderWithCleanCallingIdentity(() -> { mInjector.binderWithCleanCallingIdentity(() -> { final Intent intent = new Intent( final Intent intent = new Intent( Loading Loading @@ -13205,6 +13233,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.SEPARATE_PROFILE_CHALLENGE_CHANGED) .createEvent(DevicePolicyEnums.SEPARATE_PROFILE_CHALLENGE_CHANGED) .setBoolean(isSeparateProfileChallengeEnabled(userId)) .setBoolean(isSeparateProfileChallengeEnabled(userId)) .write(); .write(); invalidateBinderCaches(); } } @Override @Override Loading Loading @@ -14628,6 +14657,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public CharSequence getDeviceOwnerOrganizationName() { public CharSequence getDeviceOwnerOrganizationName() { if (!mHasFeature) { if (!mHasFeature) { Loading @@ -14642,6 +14674,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public CharSequence getOrganizationNameForUser(int userHandle) { public CharSequence getOrganizationNameForUser(int userHandle) { if (!mHasFeature) { if (!mHasFeature) { Loading Loading @@ -15727,6 +15762,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { // available after next boot. // available after next boot. } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public boolean isNetworkLoggingEnabled(@Nullable ComponentName admin, public boolean isNetworkLoggingEnabled(@Nullable ComponentName admin, @NonNull String packageName) { @NonNull String packageName) { services/devicepolicy/java/com/android/server/devicepolicy/Owners.java +25 −21 Original line number Original line Diff line number Diff line Loading @@ -217,10 +217,9 @@ class Owners { Slog.w(TAG, String.format("User %d has both DO and PO, which is not supported", Slog.w(TAG, String.format("User %d has both DO and PO, which is not supported", getDeviceOwnerUserId())); getDeviceOwnerUserId())); } } pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityTaskManagerLocked(); pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); for (ArrayMap.Entry<String, List<String>> entry : for (ArrayMap.Entry<String, List<String>> entry : mDeviceOwnerProtectedPackages.entrySet()) { mDeviceOwnerProtectedPackages.entrySet()) { Loading @@ -230,6 +229,21 @@ class Owners { } } } } // Notify interested parties that things have changed. This does not notify the // ActivityTaskManager. private void notifyChangeLocked() { pushToDevicePolicyManager(); pushToPackageManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } private void pushToDevicePolicyManager() { // Not every change here must invalidate the DPM caches, but there is no harm in // invalidating the caches unnecessarily, provided the invalidation is infrequent. DevicePolicyManagerService.invalidateBinderCaches(); } private void pushToPackageManagerLocked() { private void pushToPackageManagerLocked() { final SparseArray<String> po = new SparseArray<>(); final SparseArray<String> po = new SparseArray<>(); for (int i = mProfileOwners.size() - 1; i >= 0; i--) { for (int i = mProfileOwners.size() - 1; i >= 0; i--) { Loading Loading @@ -344,10 +358,8 @@ class Owners { mDeviceOwnerUserId = userId; mDeviceOwnerUserId = userId; mUserManagerInternal.setDeviceManaged(true); mUserManagerInternal.setDeviceManaged(true); pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityTaskManagerLocked(); pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading @@ -364,10 +376,8 @@ class Owners { mDeviceOwnerUserId = UserHandle.USER_NULL; mDeviceOwnerUserId = UserHandle.USER_NULL; mUserManagerInternal.setDeviceManaged(false); mUserManagerInternal.setDeviceManaged(false); pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityTaskManagerLocked(); pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading @@ -378,9 +388,7 @@ class Owners { /* userRestrictionsMigrated =*/ true, /* remoteBugreportUri =*/ null, /* userRestrictionsMigrated =*/ true, /* remoteBugreportUri =*/ null, /* remoteBugreportHash =*/ null, /* isOrganizationOwnedDevice =*/ false)); /* remoteBugreportHash =*/ null, /* isOrganizationOwnedDevice =*/ false)); mUserManagerInternal.setUserManaged(userId, true); mUserManagerInternal.setUserManaged(userId, true); pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading @@ -388,9 +396,7 @@ class Owners { synchronized (mLock) { synchronized (mLock) { mProfileOwners.remove(userId); mProfileOwners.remove(userId); mUserManagerInternal.setUserManaged(userId, false); mUserManagerInternal.setUserManaged(userId, false); pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading @@ -402,9 +408,7 @@ class Owners { ownerInfo.remoteBugreportHash, /* isOrganizationOwnedDevice =*/ ownerInfo.remoteBugreportHash, /* isOrganizationOwnedDevice =*/ ownerInfo.isOrganizationOwnedDevice); ownerInfo.isOrganizationOwnedDevice); mProfileOwners.put(userId, newOwnerInfo); mProfileOwners.put(userId, newOwnerInfo); pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading @@ -430,10 +434,8 @@ class Owners { mDeviceOwnerProtectedPackages.put( mDeviceOwnerProtectedPackages.put( mDeviceOwner.packageName, previousProtectedPackages); mDeviceOwner.packageName, previousProtectedPackages); } } pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityTaskManagerLocked(); pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading Loading @@ -765,6 +767,7 @@ class Owners { if (DEBUG) { if (DEBUG) { Log.d(TAG, "Writing to device owner file"); Log.d(TAG, "Writing to device owner file"); } } pushToDevicePolicyManager(); new DeviceOwnerReadWriter().writeToFileLocked(); new DeviceOwnerReadWriter().writeToFileLocked(); } } } } Loading @@ -774,6 +777,7 @@ class Owners { if (DEBUG) { if (DEBUG) { Log.d(TAG, "Writing to profile owner file for user " + userId); Log.d(TAG, "Writing to profile owner file for user " + userId); } } pushToDevicePolicyManager(); new ProfileOwnerReadWriter(userId).writeToFileLocked(); new ProfileOwnerReadWriter(userId).writeToFileLocked(); } } } } Loading services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceMigrationTest.java +5 −0 Original line number Original line Diff line number Diff line Loading @@ -40,6 +40,7 @@ import android.content.Intent; import android.content.pm.PackageManager; import android.content.pm.PackageManager; import android.os.Build; import android.os.Build; import android.os.Bundle; import android.os.Bundle; import android.os.IpcDataCache; import android.os.UserHandle; import android.os.UserHandle; import android.os.UserManager; import android.os.UserManager; import android.platform.test.annotations.Presubmit; import android.platform.test.annotations.Presubmit; Loading Loading @@ -75,6 +76,10 @@ public class DevicePolicyManagerServiceMigrationTest extends DpmTestBase { @Before @Before public void setUp() throws Exception { public void setUp() throws Exception { // Disable caches in this test process. This must happen early, since some of the // following initialization steps invalidate caches. IpcDataCache.disableForTestMode(); mContext = getContext(); mContext = getContext(); // Make createContextAsUser to work. // Make createContextAsUser to work. Loading services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java +5 −0 Original line number Original line Diff line number Diff line Loading @@ -128,6 +128,7 @@ import android.net.wifi.WifiSsid; import android.os.Build; import android.os.Build; import android.os.Build.VERSION_CODES; import android.os.Build.VERSION_CODES; import android.os.Bundle; import android.os.Bundle; import android.os.IpcDataCache; import android.os.Process; import android.os.Process; import android.os.UserHandle; import android.os.UserHandle; import android.os.UserManager; import android.os.UserManager; Loading Loading @@ -261,6 +262,10 @@ public class DevicePolicyManagerTest extends DpmTestBase { @Before @Before public void setUp() throws Exception { public void setUp() throws Exception { // Disable caches in this test process. This must happen early, since some of the // following initialization steps invalidate caches. IpcDataCache.disableForTestMode(); mContext = getContext(); mContext = getContext(); mServiceContext = mContext; mServiceContext = mContext; mServiceContext.binder.callingUid = DpmMockContext.CALLER_UID; mServiceContext.binder.callingUid = DpmMockContext.CALLER_UID; Loading Loading
core/java/android/app/admin/DevicePolicyManager.java +218 −36 Original line number Original line Diff line number Diff line Loading @@ -64,6 +64,7 @@ import android.nfc.NfcAdapter; import android.os.Binder; import android.os.Binder; import android.os.Build; import android.os.Build; import android.os.Bundle; import android.os.Bundle; import android.os.IpcDataCache; import android.os.ParcelFileDescriptor; import android.os.ParcelFileDescriptor; import android.os.Parcelable; import android.os.Parcelable; import android.os.PersistableBundle; import android.os.PersistableBundle; Loading Loading @@ -3781,6 +3782,60 @@ public class DevicePolicyManager { public static final String EXTRA_RESOURCE_IDS = public static final String EXTRA_RESOURCE_IDS = "android.app.extra.RESOURCE_IDS"; "android.app.extra.RESOURCE_IDS"; /** * A convenience class that wraps some IpcDataCache methods. Instantiate it with an * API string. Instances can and should be final static. All instances of this class * use the same key for invalidation. */ private static class BinderApi { private final static String KEY = "DevicePolicyManager"; private final String mApi; BinderApi(String api) { mApi = api; } final String api() { return mApi; } final String key() { return KEY; } final static void invalidate() { IpcDataCache.invalidateCache(IpcDataCache.MODULE_SYSTEM, KEY); } final void disable() { IpcDataCache.disableForCurrentProcess(mApi); } } /** @hide */ public static void invalidateBinderCaches() { BinderApi.invalidate(); } /** * A simple wrapper for binder caches in this class. All caches are created with a * maximum of 8 entries, the SYSTEM module, and a cache name that is the same as the api. */ private static class BinderCache<Q,R> extends IpcDataCache<Q,R> { BinderCache(BinderApi api, IpcDataCache.QueryHandler<Q,R> handler) { super(8, IpcDataCache.MODULE_SYSTEM, api.key(), api.api(), handler); } } /** * Disable all caches in the local process. * @hide */ public static void disableLocalProcessCaches() { disableGetKeyguardDisabledFeaturesCache(); disableHasDeviceOwnerCache(); disableGetProfileOwnerOrDeviceOwnerSupervisionComponentCache(); disableIsOrganizationOwnedDeviceWithManagedProfileCache(); disableGetDeviceOwnerOrganizationNameCache(); disableGetOrganizationNameForUserCache(); disableIsNetworkLoggingEnabled(); } /** @hide */ /** @hide */ @NonNull @NonNull @TestApi @TestApi Loading Loading @@ -8380,18 +8435,58 @@ public class DevicePolicyManager { return getKeyguardDisabledFeatures(admin, myUserId()); return getKeyguardDisabledFeatures(admin, myUserId()); } } /** @hide per-user version */ // A key into the keyguard cache. @UnsupportedAppUsage private static class KeyguardQuery { public int getKeyguardDisabledFeatures(@Nullable ComponentName admin, int userHandle) { private final ComponentName mAdmin; if (mService != null) { private final int mUserHandle; KeyguardQuery(@Nullable ComponentName admin, int userHandle) { mAdmin = admin; mUserHandle = userHandle; } public boolean equals(Object o) { if (o instanceof KeyguardQuery) { KeyguardQuery r = (KeyguardQuery) o; return Objects.equals(mAdmin, r.mAdmin) && mUserHandle == r.mUserHandle; } else { return false; } } public int hashCode() { return ((mAdmin != null) ? mAdmin.hashCode() : 0) * 13 + mUserHandle; } } // The query handler does not cache wildcard user IDs, although they should never // appear in the query. private static final BinderApi sGetKeyguardDisabledFeatures = new BinderApi("getKeyguardDisabledFeatures"); private BinderCache<KeyguardQuery, Integer> mGetKeyGuardDisabledFeaturesCache = new BinderCache<>(sGetKeyguardDisabledFeatures, new IpcDataCache.QueryHandler<KeyguardQuery, Integer>() { @Override public Integer apply(KeyguardQuery query) { try { try { return mService.getKeyguardDisabledFeatures(admin, userHandle, mParentInstance); return mService.getKeyguardDisabledFeatures( query.mAdmin, query.mUserHandle, mParentInstance); } catch (RemoteException e) { } catch (RemoteException e) { throw e.rethrowFromSystemServer(); throw e.rethrowFromSystemServer(); } } }}); /** @hide */ public static void disableGetKeyguardDisabledFeaturesCache() { sGetKeyguardDisabledFeatures.disable(); } } /** @hide per-user version */ @UnsupportedAppUsage public int getKeyguardDisabledFeatures(@Nullable ComponentName admin, int userHandle) { if (mService != null) { return mGetKeyGuardDisabledFeaturesCache.query(new KeyguardQuery(admin, userHandle)); } else { return KEYGUARD_DISABLE_FEATURES_NONE; return KEYGUARD_DISABLE_FEATURES_NONE; } } } /** /** * @hide * @hide Loading Loading @@ -8769,6 +8864,24 @@ public class DevicePolicyManager { return name != null ? name.getPackageName() : null; return name != null ? name.getPackageName() : null; } } private static final BinderApi sHasDeviceOwner = new BinderApi("hasDeviceOwner"); private BinderCache<Void, Boolean> mHasDeviceOwnerCache = new BinderCache<>(sHasDeviceOwner, new IpcDataCache.QueryHandler<Void, Boolean>() { @Override public Boolean apply(Void query) { try { return mService.hasDeviceOwner(); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } }}); /** @hide */ public static void disableHasDeviceOwnerCache() { sHasDeviceOwner.disable(); } /** /** * Called by the system to find out whether the device is managed by a Device Owner. * Called by the system to find out whether the device is managed by a Device Owner. * * Loading @@ -8781,11 +8894,7 @@ public class DevicePolicyManager { @SystemApi @SystemApi @SuppressLint("RequiresPermission") @SuppressLint("RequiresPermission") public boolean isDeviceManaged() { public boolean isDeviceManaged() { try { return mHasDeviceOwnerCache.query(null); return mService.hasDeviceOwner(); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } } /** /** Loading Loading @@ -9147,6 +9256,26 @@ public class DevicePolicyManager { return null; return null; } } private final static BinderApi sGetProfileOwnerOrDeviceOwnerSupervisionComponent = new BinderApi("getProfileOwnerOrDeviceOwnerSupervisionComponent"); private final BinderCache<UserHandle, ComponentName> mGetProfileOwnerOrDeviceOwnerSupervisionComponentCache = new BinderCache(sGetProfileOwnerOrDeviceOwnerSupervisionComponent, new IpcDataCache.QueryHandler<UserHandle, ComponentName>() { @Override public ComponentName apply(UserHandle user) { try { return mService.getProfileOwnerOrDeviceOwnerSupervisionComponent( user); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } }}); /** @hide */ public static void disableGetProfileOwnerOrDeviceOwnerSupervisionComponentCache() { sGetProfileOwnerOrDeviceOwnerSupervisionComponent.disable(); } /** /** * Returns the configured supervision app if it exists and is the device owner or policy owner. * Returns the configured supervision app if it exists and is the device owner or policy owner. * @hide * @hide Loading @@ -9154,11 +9283,7 @@ public class DevicePolicyManager { public @Nullable ComponentName getProfileOwnerOrDeviceOwnerSupervisionComponent( public @Nullable ComponentName getProfileOwnerOrDeviceOwnerSupervisionComponent( @NonNull UserHandle user) { @NonNull UserHandle user) { if (mService != null) { if (mService != null) { try { return mGetProfileOwnerOrDeviceOwnerSupervisionComponentCache.query(user); return mService.getProfileOwnerOrDeviceOwnerSupervisionComponent(user); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } } return null; return null; } } Loading Loading @@ -9204,6 +9329,24 @@ public class DevicePolicyManager { return null; return null; } } private final static BinderApi sIsOrganizationOwnedDeviceWithManagedProfile = new BinderApi("isOrganizationOwnedDeviceWithManagedProfile"); private final BinderCache<Void, Boolean> mIsOrganizationOwnedDeviceWithManagedProfileCache = new BinderCache(sIsOrganizationOwnedDeviceWithManagedProfile, new IpcDataCache.QueryHandler<Void, Boolean>() { @Override public Boolean apply(Void query) { try { return mService.isOrganizationOwnedDeviceWithManagedProfile(); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } }}); /** @hide */ public static void disableIsOrganizationOwnedDeviceWithManagedProfileCache() { sIsOrganizationOwnedDeviceWithManagedProfile.disable(); } /** /** * Apps can use this method to find out if the device was provisioned as * Apps can use this method to find out if the device was provisioned as * organization-owend device with a managed profile. * organization-owend device with a managed profile. Loading @@ -9220,11 +9363,7 @@ public class DevicePolicyManager { public boolean isOrganizationOwnedDeviceWithManagedProfile() { public boolean isOrganizationOwnedDeviceWithManagedProfile() { throwIfParentInstance("isOrganizationOwnedDeviceWithManagedProfile"); throwIfParentInstance("isOrganizationOwnedDeviceWithManagedProfile"); if (mService != null) { if (mService != null) { try { return mIsOrganizationOwnedDeviceWithManagedProfileCache.query(null); return mService.isOrganizationOwnedDeviceWithManagedProfile(); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } } return false; return false; } } Loading Loading @@ -12788,6 +12927,24 @@ public class DevicePolicyManager { } } } } private final static BinderApi sGetDeviceOwnerOrganizationName = new BinderApi("getDeviceOwnerOrganizationName"); private final BinderCache<Void, CharSequence> mGetDeviceOwnerOrganizationNameCache = new BinderCache(sGetDeviceOwnerOrganizationName, new IpcDataCache.QueryHandler<Void, CharSequence>() { @Override public CharSequence apply(Void query) { try { return mService.getDeviceOwnerOrganizationName(); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } }}); /** @hide */ public static void disableGetDeviceOwnerOrganizationNameCache() { sGetDeviceOwnerOrganizationName.disable(); } /** /** * Called by the system to retrieve the name of the organization managing the device. * Called by the system to retrieve the name of the organization managing the device. * * Loading @@ -12800,11 +12957,25 @@ public class DevicePolicyManager { @SystemApi @SystemApi @SuppressLint("RequiresPermission") @SuppressLint("RequiresPermission") public @Nullable CharSequence getDeviceOwnerOrganizationName() { public @Nullable CharSequence getDeviceOwnerOrganizationName() { return mGetDeviceOwnerOrganizationNameCache.query(null); } private final static BinderApi sGetOrganizationNameForUser = new BinderApi("getOrganizationNameForUser"); private final BinderCache<Integer, CharSequence> mGetOrganizationNameForUserCache = new BinderCache(sGetOrganizationNameForUser, new IpcDataCache.QueryHandler<Integer, CharSequence>() { @Override public CharSequence apply(Integer userHandle) { try { try { return mService.getDeviceOwnerOrganizationName(); return mService.getOrganizationNameForUser(userHandle); } catch (RemoteException re) { } catch (RemoteException re) { throw re.rethrowFromSystemServer(); throw re.rethrowFromSystemServer(); } } }}); /** @hide */ public static void disableGetOrganizationNameForUserCache() { sGetOrganizationNameForUser.disable(); } } /** /** Loading @@ -12816,11 +12987,7 @@ public class DevicePolicyManager { * @hide * @hide */ */ public @Nullable CharSequence getOrganizationNameForUser(int userHandle) { public @Nullable CharSequence getOrganizationNameForUser(int userHandle) { try { return mGetOrganizationNameForUserCache.query(userHandle); return mService.getOrganizationNameForUser(userHandle); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } } /** /** Loading Loading @@ -13205,6 +13372,25 @@ public class DevicePolicyManager { } } } } private final static BinderApi sNetworkLoggingApi = new BinderApi("isNetworkLoggingEnabled"); private BinderCache<ComponentName, Boolean> mIsNetworkLoggingEnabledCache = new BinderCache<>(sNetworkLoggingApi, new IpcDataCache.QueryHandler<ComponentName, Boolean>() { @Override public Boolean apply(ComponentName admin) { try { return mService.isNetworkLoggingEnabled( admin, mContext.getPackageName()); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } }}); /** @hide */ public static void disableIsNetworkLoggingEnabled() { sNetworkLoggingApi.disable(); } /** /** * Return whether network logging is enabled by a device owner or profile owner of * Return whether network logging is enabled by a device owner or profile owner of * a managed profile. * a managed profile. Loading @@ -13219,11 +13405,7 @@ public class DevicePolicyManager { */ */ public boolean isNetworkLoggingEnabled(@Nullable ComponentName admin) { public boolean isNetworkLoggingEnabled(@Nullable ComponentName admin) { throwIfParentInstance("isNetworkLoggingEnabled"); throwIfParentInstance("isNetworkLoggingEnabled"); try { return mIsNetworkLoggingEnabledCache.query(admin); return mService.isNetworkLoggingEnabled(admin, mContext.getPackageName()); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } } /** /**
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +38 −0 Original line number Original line Diff line number Diff line Loading @@ -1798,6 +1798,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { @VisibleForTesting @VisibleForTesting DevicePolicyManagerService(Injector injector) { DevicePolicyManagerService(Injector injector) { DevicePolicyManager.disableGetKeyguardDisabledFeaturesCache(); mInjector = injector; mInjector = injector; mContext = Objects.requireNonNull(injector.mContext); mContext = Objects.requireNonNull(injector.mContext); mHandler = new Handler(Objects.requireNonNull(injector.getMyLooper())); mHandler = new Handler(Objects.requireNonNull(injector.getMyLooper())); Loading Loading @@ -1889,6 +1891,19 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { performPolicyVersionUpgrade(); performPolicyVersionUpgrade(); mDeviceManagementResourcesProvider.load(); mDeviceManagementResourcesProvider.load(); // The binder caches are not enabled until the first invalidation. invalidateBinderCaches(); } /** * Invalidate the binder API caches. The invalidation itself does not require any * locking, but this specific call should be protected by getLockObject() to ensure * that the invalidation is synchronous with cached queries, for those queries that * are served under getLockObject(). */ static void invalidateBinderCaches() { DevicePolicyManager.invalidateBinderCaches(); } } /** /** Loading Loading @@ -3065,6 +3080,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { !mInjector.storageManagerIsFileBasedEncryptionEnabled())) { !mInjector.storageManagerIsFileBasedEncryptionEnabled())) { sendChangedNotification(userHandle); sendChangedNotification(userHandle); } } invalidateBinderCaches(); } } private void sendChangedNotification(int userHandle) { private void sendChangedNotification(int userHandle) { Loading Loading @@ -3386,6 +3402,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (owner != null) { if (owner != null) { mDeviceAdminServiceController.startServiceForOwner( mDeviceAdminServiceController.startServiceForOwner( owner.getPackageName(), userId, actionForLog); owner.getPackageName(), userId, actionForLog); invalidateBinderCaches(); } } } } Loading Loading @@ -8411,6 +8428,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { /** /** * Gets the disabled state for features in keyguard for the given admin, * Gets the disabled state for features in keyguard for the given admin, * or the aggregate of all active admins if who is null. * or the aggregate of all active admins if who is null. * This API is cached: invalidate with invalidateBinderCaches(). */ */ @Override @Override public int getKeyguardDisabledFeatures(ComponentName who, int userHandle, boolean parent) { public int getKeyguardDisabledFeatures(ComponentName who, int userHandle, boolean parent) { Loading Loading @@ -8620,6 +8638,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return true; return true; } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public boolean hasDeviceOwner() { public boolean hasDeviceOwner() { final CallerIdentity caller = getCallerIdentity(); final CallerIdentity caller = getCallerIdentity(); Loading Loading @@ -9395,6 +9416,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { }); }); } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public @Nullable ComponentName getProfileOwnerOrDeviceOwnerSupervisionComponent( public @Nullable ComponentName getProfileOwnerOrDeviceOwnerSupervisionComponent( @NonNull UserHandle userHandle) { @NonNull UserHandle userHandle) { Loading Loading @@ -9460,6 +9484,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return UserHandle.USER_NULL; return UserHandle.USER_NULL; } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public boolean isOrganizationOwnedDeviceWithManagedProfile() { public boolean isOrganizationOwnedDeviceWithManagedProfile() { if (!mHasFeature) { if (!mHasFeature) { Loading Loading @@ -13045,6 +13072,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { @Override @Override public void onChange(boolean selfChange, Uri uri, int userId) { public void onChange(boolean selfChange, Uri uri, int userId) { mConstants = loadConstants(); mConstants = loadConstants(); invalidateBinderCaches(); mInjector.binderWithCleanCallingIdentity(() -> { mInjector.binderWithCleanCallingIdentity(() -> { final Intent intent = new Intent( final Intent intent = new Intent( Loading Loading @@ -13205,6 +13233,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.SEPARATE_PROFILE_CHALLENGE_CHANGED) .createEvent(DevicePolicyEnums.SEPARATE_PROFILE_CHALLENGE_CHANGED) .setBoolean(isSeparateProfileChallengeEnabled(userId)) .setBoolean(isSeparateProfileChallengeEnabled(userId)) .write(); .write(); invalidateBinderCaches(); } } @Override @Override Loading Loading @@ -14628,6 +14657,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public CharSequence getDeviceOwnerOrganizationName() { public CharSequence getDeviceOwnerOrganizationName() { if (!mHasFeature) { if (!mHasFeature) { Loading @@ -14642,6 +14674,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public CharSequence getOrganizationNameForUser(int userHandle) { public CharSequence getOrganizationNameForUser(int userHandle) { if (!mHasFeature) { if (!mHasFeature) { Loading Loading @@ -15727,6 +15762,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { // available after next boot. // available after next boot. } } /** * This API is cached: invalidate with invalidateBinderCaches(). */ @Override @Override public boolean isNetworkLoggingEnabled(@Nullable ComponentName admin, public boolean isNetworkLoggingEnabled(@Nullable ComponentName admin, @NonNull String packageName) { @NonNull String packageName) {
services/devicepolicy/java/com/android/server/devicepolicy/Owners.java +25 −21 Original line number Original line Diff line number Diff line Loading @@ -217,10 +217,9 @@ class Owners { Slog.w(TAG, String.format("User %d has both DO and PO, which is not supported", Slog.w(TAG, String.format("User %d has both DO and PO, which is not supported", getDeviceOwnerUserId())); getDeviceOwnerUserId())); } } pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityTaskManagerLocked(); pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); for (ArrayMap.Entry<String, List<String>> entry : for (ArrayMap.Entry<String, List<String>> entry : mDeviceOwnerProtectedPackages.entrySet()) { mDeviceOwnerProtectedPackages.entrySet()) { Loading @@ -230,6 +229,21 @@ class Owners { } } } } // Notify interested parties that things have changed. This does not notify the // ActivityTaskManager. private void notifyChangeLocked() { pushToDevicePolicyManager(); pushToPackageManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } private void pushToDevicePolicyManager() { // Not every change here must invalidate the DPM caches, but there is no harm in // invalidating the caches unnecessarily, provided the invalidation is infrequent. DevicePolicyManagerService.invalidateBinderCaches(); } private void pushToPackageManagerLocked() { private void pushToPackageManagerLocked() { final SparseArray<String> po = new SparseArray<>(); final SparseArray<String> po = new SparseArray<>(); for (int i = mProfileOwners.size() - 1; i >= 0; i--) { for (int i = mProfileOwners.size() - 1; i >= 0; i--) { Loading Loading @@ -344,10 +358,8 @@ class Owners { mDeviceOwnerUserId = userId; mDeviceOwnerUserId = userId; mUserManagerInternal.setDeviceManaged(true); mUserManagerInternal.setDeviceManaged(true); pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityTaskManagerLocked(); pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading @@ -364,10 +376,8 @@ class Owners { mDeviceOwnerUserId = UserHandle.USER_NULL; mDeviceOwnerUserId = UserHandle.USER_NULL; mUserManagerInternal.setDeviceManaged(false); mUserManagerInternal.setDeviceManaged(false); pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityTaskManagerLocked(); pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading @@ -378,9 +388,7 @@ class Owners { /* userRestrictionsMigrated =*/ true, /* remoteBugreportUri =*/ null, /* userRestrictionsMigrated =*/ true, /* remoteBugreportUri =*/ null, /* remoteBugreportHash =*/ null, /* isOrganizationOwnedDevice =*/ false)); /* remoteBugreportHash =*/ null, /* isOrganizationOwnedDevice =*/ false)); mUserManagerInternal.setUserManaged(userId, true); mUserManagerInternal.setUserManaged(userId, true); pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading @@ -388,9 +396,7 @@ class Owners { synchronized (mLock) { synchronized (mLock) { mProfileOwners.remove(userId); mProfileOwners.remove(userId); mUserManagerInternal.setUserManaged(userId, false); mUserManagerInternal.setUserManaged(userId, false); pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading @@ -402,9 +408,7 @@ class Owners { ownerInfo.remoteBugreportHash, /* isOrganizationOwnedDevice =*/ ownerInfo.remoteBugreportHash, /* isOrganizationOwnedDevice =*/ ownerInfo.isOrganizationOwnedDevice); ownerInfo.isOrganizationOwnedDevice); mProfileOwners.put(userId, newOwnerInfo); mProfileOwners.put(userId, newOwnerInfo); pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading @@ -430,10 +434,8 @@ class Owners { mDeviceOwnerProtectedPackages.put( mDeviceOwnerProtectedPackages.put( mDeviceOwner.packageName, previousProtectedPackages); mDeviceOwner.packageName, previousProtectedPackages); } } pushToPackageManagerLocked(); notifyChangeLocked(); pushToActivityTaskManagerLocked(); pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); } } } } Loading Loading @@ -765,6 +767,7 @@ class Owners { if (DEBUG) { if (DEBUG) { Log.d(TAG, "Writing to device owner file"); Log.d(TAG, "Writing to device owner file"); } } pushToDevicePolicyManager(); new DeviceOwnerReadWriter().writeToFileLocked(); new DeviceOwnerReadWriter().writeToFileLocked(); } } } } Loading @@ -774,6 +777,7 @@ class Owners { if (DEBUG) { if (DEBUG) { Log.d(TAG, "Writing to profile owner file for user " + userId); Log.d(TAG, "Writing to profile owner file for user " + userId); } } pushToDevicePolicyManager(); new ProfileOwnerReadWriter(userId).writeToFileLocked(); new ProfileOwnerReadWriter(userId).writeToFileLocked(); } } } } Loading
services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceMigrationTest.java +5 −0 Original line number Original line Diff line number Diff line Loading @@ -40,6 +40,7 @@ import android.content.Intent; import android.content.pm.PackageManager; import android.content.pm.PackageManager; import android.os.Build; import android.os.Build; import android.os.Bundle; import android.os.Bundle; import android.os.IpcDataCache; import android.os.UserHandle; import android.os.UserHandle; import android.os.UserManager; import android.os.UserManager; import android.platform.test.annotations.Presubmit; import android.platform.test.annotations.Presubmit; Loading Loading @@ -75,6 +76,10 @@ public class DevicePolicyManagerServiceMigrationTest extends DpmTestBase { @Before @Before public void setUp() throws Exception { public void setUp() throws Exception { // Disable caches in this test process. This must happen early, since some of the // following initialization steps invalidate caches. IpcDataCache.disableForTestMode(); mContext = getContext(); mContext = getContext(); // Make createContextAsUser to work. // Make createContextAsUser to work. Loading
services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java +5 −0 Original line number Original line Diff line number Diff line Loading @@ -128,6 +128,7 @@ import android.net.wifi.WifiSsid; import android.os.Build; import android.os.Build; import android.os.Build.VERSION_CODES; import android.os.Build.VERSION_CODES; import android.os.Bundle; import android.os.Bundle; import android.os.IpcDataCache; import android.os.Process; import android.os.Process; import android.os.UserHandle; import android.os.UserHandle; import android.os.UserManager; import android.os.UserManager; Loading Loading @@ -261,6 +262,10 @@ public class DevicePolicyManagerTest extends DpmTestBase { @Before @Before public void setUp() throws Exception { public void setUp() throws Exception { // Disable caches in this test process. This must happen early, since some of the // following initialization steps invalidate caches. IpcDataCache.disableForTestMode(); mContext = getContext(); mContext = getContext(); mServiceContext = mContext; mServiceContext = mContext; mServiceContext.binder.callingUid = DpmMockContext.CALLER_UID; mServiceContext.binder.callingUid = DpmMockContext.CALLER_UID; Loading
