Merge "Switches ADAS allowlist away from string resources" into tm-dev am:...

    private static final int ALLOW_ASSOCIATIONS = 0x080;

    // ALLOW_OVERRIDE_APP_RESTRICTIONS allows to use "allow-in-power-save-except-idle",

    // "allow-in-power-save", "allow-in-data-usage-save","allow-unthrottled-location",

    // and "allow-ignore-location-settings".

    // "allow-ignore-location-settings" and "allow-adas-location-settings".

    private static final int ALLOW_OVERRIDE_APP_RESTRICTIONS = 0x100;

    private static final int ALLOW_IMPLICIT_BROADCASTS = 0x200;

    private static final int ALLOW_VENDOR_APEX = 0x400;

    // without throttling, as read from the configuration files.

    final ArraySet<String> mAllowUnthrottledLocation = new ArraySet<>();

    // These are the packages that are allow-listed to be able to retrieve location when

    // the location state is driver assistance only.

    final ArrayMap<String, ArraySet<String>> mAllowAdasSettings = new ArrayMap<>();

    // These are the packages that are white-listed to be able to retrieve location even when user

    // location settings are off, for emergency purposes, as read from the configuration files.

    final ArrayMap<String, ArraySet<String>> mAllowIgnoreLocationSettings = new ArrayMap<>();

        return mAllowUnthrottledLocation;

    }

    public ArrayMap<String, ArraySet<String>> getAllowAdasLocationSettings() {

        return mAllowAdasSettings;

    }

    public ArrayMap<String, ArraySet<String>> getAllowIgnoreLocationSettings() {

        return mAllowIgnoreLocationSettings;

    }

                        }

                        XmlUtils.skipCurrentTag(parser);

                    } break;

                    case "allow-adas-location-settings" : {

                        if (allowOverrideAppRestrictions) {

                            String pkgname = parser.getAttributeValue(null, "package");

                            String attributionTag = parser.getAttributeValue(null,

                                    "attributionTag");

                            if (pkgname == null) {

                                Slog.w(TAG, "<" + name + "> without package in "

                                        + permFile + " at " + parser.getPositionDescription());

                            } else {

                                ArraySet<String> tags = mAllowAdasSettings.get(pkgname);

                                if (tags == null || !tags.isEmpty()) {

                                    if (tags == null) {

                                        tags = new ArraySet<>(1);

                                        mAllowAdasSettings.put(pkgname, tags);

                                    }

                                    if (!"*".equals(attributionTag)) {

                                        if ("null".equals(attributionTag)) {

                                            attributionTag = null;

                                        }

                                        tags.add(attributionTag);

                                    }

                                }

                            }

                        } else {

                            logNotAllowedInPartition(name, permFile, parser);

                        }

                        XmlUtils.skipCurrentTag(parser);

                    } break;

                    case "allow-ignore-location-settings": {

                        if (allowOverrideAppRestrictions) {

                            String pkgname = parser.getAttributeValue(null, "package");

 */

public final class LocationDeviceConfig {

    /**

     * Package/tag combinations that are allowlisted for ignoring location settings (may retrieve

     * location even when user location settings are off), for advanced driver-assistance systems

     * only.

     *

     * <p>Package/tag combinations are separated by commas (","), and with in each combination is a

     * package name followed by 0 or more attribution tags, separated by semicolons (";"). If a

     * package is followed by 0 attribution tags, this is interpreted the same as the wildcard

     * value. There are two special interpreted values for attribution tags, the wildcard value

     * ("*") which represents all attribution tags, and the null value ("null"), which is converted

     * to the null string (since attribution tags may be null). This format implies that attribution

     * tags which should be on this list may not contain semicolons.

     *

     * <p>Examples of valid entries:

     *

     * <ul>

     *   <li>android

     *   <li>android;*

     *   <li>android;*,com.example.app;null;my_attr

     *   <li>android;*,com.example.app;null;my_attr,com.example.otherapp;my_attr

     * </ul>

     */

    public static final String ADAS_SETTINGS_ALLOWLIST = "adas_settings_allowlist";

    /**

     * Package/tag combinations that are allowedlisted for ignoring location settings (may retrieve

     * location even when user location settings are off, and may ignore throttling, etc), for

     * <p>Examples of valid entries:

     *

     * <ul>

     *     <li>android</li>

     *     <li>android;*</li>

     *     <li>android;*,com.example.app;null;my_attr</li>

     *     <li>android;*,com.example.app;null;my_attr,com.example.otherapp;my_attr</li>

     *   <li>android

     *   <li>android;*

     *   <li>android;*,com.example.app;null;my_attr

     *   <li>android;*,com.example.app;null;my_attr,com.example.otherapp;my_attr

     * </ul>

     */

    public static final String IGNORE_SETTINGS_ALLOWLIST = "ignore_settings_allowlist";

import android.util.Log;

import com.android.internal.annotations.GuardedBy;

import com.android.internal.util.ArrayUtils;

import com.android.internal.util.DumpUtils;

import com.android.internal.util.Preconditions;

import com.android.server.FgThread;

                this::onLocationUserSettingsChanged);

        mInjector.getSettingsHelper().addOnLocationEnabledChangedListener(

                this::onLocationModeChanged);

        mInjector.getSettingsHelper().addAdasAllowlistChangedListener(

                () -> refreshAppOpsRestrictions(UserHandle.USER_ALL)

        );

        mInjector.getSettingsHelper().addIgnoreSettingsAllowlistChangedListener(

                () -> refreshAppOpsRestrictions(UserHandle.USER_ALL));

        mInjector.getUserInfoHelper().addListener((userId, change) -> {

                throw new IllegalArgumentException(

                        "adas gnss bypass requests are only allowed on the \"gps\" provider");

            }

            if (!ArrayUtils.contains(mContext.getResources().getStringArray(

                    com.android.internal.R.array.config_locationDriverAssistancePackageNames),

                    identity.getPackageName())) {

                throw new SecurityException(

                        "only verified adas packages may use adas gnss bypass requests");

            }

            if (!isLocationProvider) {

                LocationPermissions.enforceCallingOrSelfBypassPermission(mContext);

            }

                throw new IllegalArgumentException(

                        "adas gnss bypass requests are only allowed on the \"gps\" provider");

            }

            if (!ArrayUtils.contains(mContext.getResources().getStringArray(

                    com.android.internal.R.array.config_locationDriverAssistancePackageNames),

                    identity.getPackageName())) {

                throw new SecurityException(

                        "only verified adas packages may use adas gnss bypass requests");

            }

            if (!isLocationProvider) {

                LocationPermissions.enforceCallingOrSelfBypassPermission(mContext);

            }

                }

            }

            builder.add(mInjector.getSettingsHelper().getIgnoreSettingsAllowlist());

            builder.add(mInjector.getSettingsHelper().getAdasAllowlist());

            allowedPackages = builder.build();

        }

    public abstract void removeOnGnssMeasurementsFullTrackingEnabledChangedListener(

            GlobalSettingChangedListener listener);

    /** Retrieve adas allowlist. */

    public abstract PackageTagsList getAdasAllowlist();

    /**

     * Add a listener for changes to the ADAS settings package allowlist. Callbacks occur on an

     * unspecified thread.

     */

    public abstract void addAdasAllowlistChangedListener(GlobalSettingChangedListener listener);

    /**

     * Remove a listener for changes to the ADAS package allowlist.

     */

    public abstract void removeAdasAllowlistChangedListener(GlobalSettingChangedListener listener);

    /**

     * Retrieve the ignore location settings package+tags allowlist setting.

     */

package com.android.server.location.injector;

import static android.location.LocationDeviceConfig.ADAS_SETTINGS_ALLOWLIST;

import static android.location.LocationDeviceConfig.IGNORE_SETTINGS_ALLOWLIST;

import static android.provider.Settings.Global.ENABLE_GNSS_RAW_MEAS_FULL_TRACKING;

import static android.provider.Settings.Global.LOCATION_BACKGROUND_THROTTLE_INTERVAL_MS;

    private final StringListCachedSecureSetting mLocationPackageBlacklist;

    private final StringListCachedSecureSetting mLocationPackageWhitelist;

    private final StringSetCachedGlobalSetting mBackgroundThrottlePackageWhitelist;

    private final PackageTagsListSetting mAdasPackageAllowlist;

    private final PackageTagsListSetting mIgnoreSettingsPackageAllowlist;

    public SystemSettingsHelper(Context context) {

                LOCATION_BACKGROUND_THROTTLE_PACKAGE_WHITELIST,

                () -> SystemConfig.getInstance().getAllowUnthrottledLocation(),

                FgThread.getHandler());

        mAdasPackageAllowlist = new PackageTagsListSetting(

                ADAS_SETTINGS_ALLOWLIST,

                () -> SystemConfig.getInstance().getAllowAdasLocationSettings());

        mIgnoreSettingsPackageAllowlist = new PackageTagsListSetting(

                IGNORE_SETTINGS_ALLOWLIST,

                () -> SystemConfig.getInstance().getAllowIgnoreLocationSettings());

        mGnssMeasurementFullTracking.removeListener(listener);

    }

    @Override

    public PackageTagsList getAdasAllowlist() {

        return mAdasPackageAllowlist.getValue();

    }

    @Override

    public void addAdasAllowlistChangedListener(GlobalSettingChangedListener listener) {

        mAdasPackageAllowlist.addListener(listener);

    }

    @Override

    public void removeAdasAllowlistChangedListener(GlobalSettingChangedListener listener) {

        mAdasPackageAllowlist.removeListener(listener);

    }

    @Override

    public PackageTagsList getIgnoreSettingsAllowlist() {

        return mIgnoreSettingsPackageAllowlist.getValue();

        PackageTagsList ignoreSettingsAllowlist = mIgnoreSettingsPackageAllowlist.getValue();

        if (!ignoreSettingsAllowlist.isEmpty()) {

            ipw.println("Bypass Allow Packages:");

            ipw.println("Emergency Bypass Allow Packages:");

            ipw.increaseIndent();

            ignoreSettingsAllowlist.dump(ipw);

            ipw.decreaseIndent();

        }

        PackageTagsList adasPackageAllowlist = mAdasPackageAllowlist.getValue();

        if (!adasPackageAllowlist.isEmpty()) {

            ipw.println("ADAS Bypass Allow Packages:");

            ipw.increaseIndent();

            adasPackageAllowlist.dump(ipw);

            ipw.decreaseIndent();

        }

    }

    private abstract static class ObservingSetting extends ContentObserver {