More file-based encryption work. (ba51235e) · Commits · e / os / android_frameworks_base

cmds/am/src/com/android/commands/am/Am.java

+19 −0

Original line number	Diff line number	Diff line
		@@ -65,6 +65,7 @@ import android.util.ArrayMap;
		import android.view.IWindowManager;

		import com.android.internal.os.BaseCommand;
		import com.android.internal.util.HexDump;
		import com.android.internal.util.Preconditions;

		import java.io.BufferedReader;
		@@ -152,6 +153,7 @@ public class Am extends BaseCommand {
		" am to-app-uri [INTENT]\n" +
		" am switch-user <USER_ID>\n" +
		" am start-user <USER_ID>\n" +
		" am unlock-user <USER_ID> [TOKEN_HEX]\n" +
		" am stop-user [-w] <USER_ID>\n" +
		" am stack start <DISPLAY_ID> <INTENT>\n" +
		" am stack movetask <TASK_ID> <STACK_ID> [true\|false]\n" +
		@@ -411,6 +413,8 @@ public class Am extends BaseCommand {
		runSwitchUser();
		} else if (op.equals("start-user")) {
		runStartUserInBackground();
		} else if (op.equals("unlock-user")) {
		runUnlockUser();
		} else if (op.equals("stop-user")) {
		runStopUser();
		} else if (op.equals("stack")) {
		@@ -1086,6 +1090,21 @@ public class Am extends BaseCommand {
		}
		}

		private void runUnlockUser() throws Exception {
		int userId = Integer.parseInt(nextArgRequired());
		String tokenHex = nextArg();
		byte[] token = null;
		if (tokenHex != null) {
		token = HexDump.hexStringToByteArray(tokenHex);
		}
		boolean success = mAm.unlockUser(userId, token);
		if (success) {
		System.out.println("Success: user unlocked");
		} else {
		System.err.println("Error: could not unlock user");
		}
		}

		private static class StopUserCallback extends IStopUserCallback.Stub {
		private boolean mFinished = false;

+24 −0

Original line number	Diff line number	Diff line
		@@ -1962,6 +1962,16 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM
		return true;
		}

		case UNLOCK_USER_TRANSACTION: {
		data.enforceInterface(IActivityManager.descriptor);
		int userId = data.readInt();
		byte[] token = data.createByteArray();
		boolean result = unlockUser(userId, token);
		reply.writeNoException();
		reply.writeInt(result ? 1 : 0);
		return true;
		}

		case STOP_USER_TRANSACTION: {
		data.enforceInterface(IActivityManager.descriptor);
		int userid = data.readInt();
		@@ -5249,6 +5259,20 @@ class ActivityManagerProxy implements IActivityManager
		return result;
		}

		public boolean unlockUser(int userId, byte[] token) throws RemoteException {
		Parcel data = Parcel.obtain();
		Parcel reply = Parcel.obtain();
		data.writeInterfaceToken(IActivityManager.descriptor);
		data.writeInt(userId);
		data.writeByteArray(token);
		mRemote.transact(IActivityManager.UNLOCK_USER_TRANSACTION, data, reply, 0);
		reply.readException();
		boolean result = reply.readInt() != 0;
		reply.recycle();
		data.recycle();
		return result;
		}

		public int stopUser(int userid, IStopUserCallback callback) throws RemoteException {
		Parcel data = Parcel.obtain();
		Parcel reply = Parcel.obtain();

+2 −0

Original line number	Diff line number	Diff line
		@@ -390,6 +390,7 @@ public interface IActivityManager extends IInterface {
		// Multi-user APIs
		public boolean switchUser(int userid) throws RemoteException;
		public boolean startUserInBackground(int userid) throws RemoteException;
		public boolean unlockUser(int userid, byte[] token) throws RemoteException;
		public int stopUser(int userid, IStopUserCallback callback) throws RemoteException;
		public UserInfo getCurrentUser() throws RemoteException;
		public boolean isUserRunning(int userid, int flags) throws RemoteException;
		@@ -904,4 +905,5 @@ public interface IActivityManager extends IInterface {
		int REMOVE_STACK_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION + 348;
		int MOVE_TOP_ACTIVITY_TO_PINNED_STACK_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION + 349;
		int GET_APP_START_MODE_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION + 350;
		int UNLOCK_USER_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION + 351;
		}

+1 −1

Original line number	Diff line number	Diff line
		@@ -982,7 +982,7 @@ public class ApplicationInfo extends PackageItemInfo implements Parcelable {
		.getAbsolutePath();

		if ((privateFlags & PRIVATE_FLAG_FORCE_DEVICE_ENCRYPTED) != 0
		&& SystemProperties.getBoolean(StorageManager.PROP_HAS_FBE, false)) {
		&& StorageManager.isFileBasedEncryptionEnabled()) {
		dataDir = deviceEncryptedDataDir;
		} else {
		dataDir = credentialEncryptedDataDir;

+3 −4

Original line number	Diff line number	Diff line
		@@ -240,16 +240,15 @@ public abstract class PackageManager {
		public static final int GET_ENCRYPTION_UNAWARE_COMPONENTS = 0x00040000;

		/**
		* {@link PackageInfo} flag: return components as if the given user is
		* running with amnesia. This typically limits the component to only those
		* marked as {@link ComponentInfo#encryptionAware}, unless
		* {@link PackageInfo} flag: return components that are marked as
		* {@link ComponentInfo#encryptionAware}, unless
		* {@link #GET_ENCRYPTION_UNAWARE_COMPONENTS} is also specified.
		* <p>
		* This flag is for internal use only.
		*
		* @hide
		*/
		public static final int FLAG_USER_RUNNING_WITH_AMNESIA = 0x00080000;
		public static final int MATCH_ENCRYPTION_AWARE_ONLY = 0x00080000;

		/**
		* Flag for {@link addCrossProfileIntentFilter}: if this flag is set: