Loading services/core/java/android/content/pm/PackageManagerInternal.java +3 −3 Original line number Diff line number Diff line Loading @@ -382,10 +382,10 @@ public abstract class PackageManagerInternal implements PackageSettingsSnapshotP int deviceOwnerUserId, String deviceOwner, SparseArray<String> profileOwners); /** * Called by DevicePolicyManagerService to set the package names protected by the device * owner. * Called by Owners to set the package names protected by the device owner. */ public abstract void setDeviceOwnerProtectedPackages(List<String> packageNames); public abstract void setDeviceOwnerProtectedPackages( String deviceOwnerPackageName, List<String> packageNames); /** * Returns {@code true} if a given package can't be wiped. Otherwise, returns {@code false}. Loading services/core/java/com/android/server/pm/PackageManagerService.java +4 −2 Original line number Diff line number Diff line Loading @@ -26514,8 +26514,10 @@ public class PackageManagerService extends IPackageManager.Stub } @Override public void setDeviceOwnerProtectedPackages(List<String> packageNames) { mProtectedPackages.setDeviceOwnerProtectedPackages(packageNames); public void setDeviceOwnerProtectedPackages( String deviceOwnerPackageName, List<String> packageNames) { mProtectedPackages.setDeviceOwnerProtectedPackages( deviceOwnerPackageName, packageNames); } @Override services/core/java/com/android/server/pm/ProtectedPackages.java +23 −6 Original line number Diff line number Diff line Loading @@ -20,14 +20,15 @@ import android.annotation.Nullable; import android.annotation.UserIdInt; import android.content.Context; import android.os.UserHandle; import android.util.ArrayMap; import android.util.ArraySet; import android.util.SparseArray; import com.android.internal.R; import com.android.internal.annotations.GuardedBy; import com.android.internal.util.ArrayUtils; import java.util.ArrayList; import java.util.List; import java.util.Set; /** * Manages package names that need special protection. Loading Loading @@ -55,7 +56,7 @@ public class ProtectedPackages { @Nullable @GuardedBy("this") private List<String> mDeviceOwnerProtectedPackages; private final ArrayMap<String, Set<String>> mDeviceOwnerProtectedPackages = new ArrayMap<>(); private final Context mContext; Loading @@ -78,8 +79,14 @@ public class ProtectedPackages { : profileOwnerPackages.clone(); } public synchronized void setDeviceOwnerProtectedPackages(List<String> packageNames) { mDeviceOwnerProtectedPackages = new ArrayList<String>(packageNames); /** Sets the protected packages for the device owner. */ public synchronized void setDeviceOwnerProtectedPackages( String deviceOwnerPackageName, List<String> packageNames) { if (packageNames.isEmpty()) { mDeviceOwnerProtectedPackages.remove(deviceOwnerPackageName); } else { mDeviceOwnerProtectedPackages.put(deviceOwnerPackageName, new ArraySet<>(packageNames)); } } private synchronized boolean hasDeviceOwnerOrProfileOwner(int userId, String packageName) { Loading Loading @@ -118,7 +125,17 @@ public class ProtectedPackages { */ private synchronized boolean isProtectedPackage(String packageName) { return packageName != null && (packageName.equals(mDeviceProvisioningPackage) || ArrayUtils.contains(mDeviceOwnerProtectedPackages, packageName)); || isDeviceOwnerProtectedPackage(packageName)); } /** Returns {@code true} if the given package is a protected package set by any device owner. */ private synchronized boolean isDeviceOwnerProtectedPackage(String packageName) { for (Set<String> protectedPackages : mDeviceOwnerProtectedPackages.values()) { if (protectedPackages.contains(packageName)) { return true; } } return false; } /** Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +30 −20 Original line number Diff line number Diff line Loading @@ -1754,11 +1754,38 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (userHandle == UserHandle.USER_SYSTEM) { mStateCache.setDeviceProvisioned(policy.mUserSetupComplete); } migrateDeviceOwnerProtectedPackagesToOwners(userHandle, policy); } return policy; } } /** * Only used by {@link #getUserData(int)} to migrate <b>existing</b> device owner protected * packages that were stored in {@link DevicePolicyData#mUserControlDisabledPackages} to * {@link Owners} because the device owner protected packages are now stored on a per device * owner basis instead of on a per user basis. * * Any calls to {@link #setUserControlDisabledPackages(ComponentName, List)} would now store * the device owner protected packages in {@link Owners} instead of {@link DevicePolicyData}. * @param userHandle The device owner user * @param policy The policy data of the device owner user */ private void migrateDeviceOwnerProtectedPackagesToOwners( int userHandle, DevicePolicyData policy) { ComponentName deviceOwnerComponent = getOwnerComponent(userHandle); if (isDeviceOwner(deviceOwnerComponent, userHandle) && !policy.mUserControlDisabledPackages.isEmpty()) { mOwners.setDeviceOwnerProtectedPackages( deviceOwnerComponent.getPackageName(), policy.mUserControlDisabledPackages); policy.mUserControlDisabledPackages = new ArrayList<>(); saveSettingsLocked(userHandle); } } /** * Creates and loads the policy data from xml for data that is shared between * various profiles of a user. In contrast to {@link #getUserData(int)} Loading Loading @@ -2863,7 +2890,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { updateMaximumTimeToLockLocked(userHandle); updateLockTaskPackagesLocked(policy.mLockTaskPackages, userHandle); updateLockTaskFeaturesLocked(policy.mLockTaskFeatures, userHandle); updateUserControlDisabledPackagesLocked(policy.mUserControlDisabledPackages); if (policy.mStatusBarDisabled) { setStatusBarDisabledInternal(policy.mStatusBarDisabled, userHandle); } Loading Loading @@ -2907,10 +2933,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } private void updateUserControlDisabledPackagesLocked(List<String> packages) { mInjector.getPackageManagerInternal().setDeviceOwnerProtectedPackages(packages); } private void updateLockTaskFeaturesLocked(int flags, int userId) { long ident = mInjector.binderClearCallingIdentity(); try { Loading Loading @@ -8759,7 +8781,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { updateLockTaskPackagesLocked(policy.mLockTaskPackages, userId); policy.mLockTaskFeatures = DevicePolicyManager.LOCK_TASK_FEATURE_NONE; policy.mUserControlDisabledPackages.clear(); updateUserControlDisabledPackagesLocked(policy.mUserControlDisabledPackages); saveSettingsLocked(userId); try { Loading Loading @@ -16199,14 +16220,14 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { @Override public void setUserControlDisabledPackages(ComponentName who, List<String> packages) { Objects.requireNonNull(who, "ComponentName is null"); Preconditions.checkNotNull(packages, "packages is null"); Objects.requireNonNull(packages, "packages is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe( DevicePolicyManager.OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES); synchronized (getLockObject()) { setUserControlDisabledPackagesLocked(caller.getUserId(), packages); mOwners.setDeviceOwnerProtectedPackages(who.getPackageName(), packages); DevicePolicyEventLogger .createEvent(DevicePolicyEnums.SET_USER_CONTROL_DISABLED_PACKAGES) .setAdmin(who) Loading @@ -16215,15 +16236,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } private void setUserControlDisabledPackagesLocked(int userHandle, List<String> packages) { final DevicePolicyData policy = getUserData(userHandle); policy.mUserControlDisabledPackages = packages; // Store the settings persistently. saveSettingsLocked(userHandle); updateUserControlDisabledPackagesLocked(packages); } @Override public List<String> getUserControlDisabledPackages(ComponentName who) { Objects.requireNonNull(who, "ComponentName is null"); Loading @@ -16232,9 +16244,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization(isDeviceOwner(caller)); synchronized (getLockObject()) { final List<String> packages = getUserData(caller.getUserId()).mUserControlDisabledPackages; return packages == null ? Collections.EMPTY_LIST : packages; return mOwners.getDeviceOwnerProtectedPackages(who.getPackageName()); } } services/devicepolicy/java/com/android/server/devicepolicy/Owners.java +87 −6 Original line number Diff line number Diff line Loading @@ -62,6 +62,7 @@ import java.io.IOException; import java.io.InputStream; import java.time.LocalDate; import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.Map; import java.util.Objects; Loading Loading @@ -97,10 +98,13 @@ class Owners { // Holds "context" for device-owner, this must not be show up before device-owner. private static final String TAG_DEVICE_OWNER_CONTEXT = "device-owner-context"; private static final String TAG_DEVICE_OWNER_TYPE = "device-owner-type"; private static final String TAG_DEVICE_OWNER_PROTECTED_PACKAGES = "device-owner-protected-packages"; private static final String ATTR_NAME = "name"; private static final String ATTR_PACKAGE = "package"; private static final String ATTR_COMPONENT_NAME = "component"; private static final String ATTR_SIZE = "size"; private static final String ATTR_REMOTE_BUGREPORT_URI = "remoteBugreportUri"; private static final String ATTR_REMOTE_BUGREPORT_HASH = "remoteBugreportHash"; private static final String ATTR_USERID = "userId"; Loading Loading @@ -129,6 +133,8 @@ class Owners { // Device owner type for a managed device. private final ArrayMap<String, Integer> mDeviceOwnerTypes = new ArrayMap<>(); private final ArrayMap<String, List<String>> mDeviceOwnerProtectedPackages = new ArrayMap<>(); private int mDeviceOwnerUserId = UserHandle.USER_NULL; // Internal state for the profile owner packages. Loading Loading @@ -216,6 +222,12 @@ class Owners { pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); for (ArrayMap.Entry<String, List<String>> entry : mDeviceOwnerProtectedPackages.entrySet()) { mPackageManagerInternal.setDeviceOwnerProtectedPackages( entry.getKey(), entry.getValue()); } } } Loading Loading @@ -343,6 +355,12 @@ class Owners { void clearDeviceOwner() { synchronized (mLock) { mDeviceOwnerTypes.remove(mDeviceOwner.packageName); List<String> protectedPackages = mDeviceOwnerProtectedPackages.remove(mDeviceOwner.packageName); if (protectedPackages != null) { mPackageManagerInternal.setDeviceOwnerProtectedPackages( mDeviceOwner.packageName, new ArrayList<>()); } mDeviceOwner = null; mDeviceOwnerUserId = UserHandle.USER_NULL; Loading Loading @@ -394,6 +412,12 @@ class Owners { void transferDeviceOwnership(ComponentName target) { synchronized (mLock) { Integer previousDeviceOwnerType = mDeviceOwnerTypes.remove(mDeviceOwner.packageName); List<String> previousProtectedPackages = mDeviceOwnerProtectedPackages.remove(mDeviceOwner.packageName); if (previousProtectedPackages != null) { mPackageManagerInternal.setDeviceOwnerProtectedPackages( mDeviceOwner.packageName, new ArrayList<>()); } // We don't set a name because it's not used anyway. // See DevicePolicyManagerService#getDeviceOwnerName mDeviceOwner = new OwnerInfo(null, target, Loading @@ -403,6 +427,10 @@ class Owners { if (previousDeviceOwnerType != null) { mDeviceOwnerTypes.put(mDeviceOwner.packageName, previousDeviceOwnerType); } if (previousProtectedPackages != null) { mDeviceOwnerProtectedPackages.put( mDeviceOwner.packageName, previousProtectedPackages); } pushToPackageManagerLocked(); pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); Loading Loading @@ -594,8 +622,10 @@ class Owners { } } /** Sets the indicator that the profile owner manages an organization-owned device, * then write to file. */ /** * Sets the indicator that the profile owner manages an organization-owned device, * then write to file. */ void markProfileOwnerOfOrganizationOwnedDevice(int userId) { synchronized (mLock) { OwnerInfo profileOwner = mProfileOwners.get(userId); Loading Loading @@ -640,6 +670,33 @@ class Owners { } } void setDeviceOwnerProtectedPackages(String packageName, List<String> protectedPackages) { synchronized (mLock) { if (!hasDeviceOwner()) { Slog.e(TAG, "Attempting to set device owner protected packages when there is no " + "device owner"); return; } else if (!mDeviceOwner.packageName.equals(packageName)) { Slog.e(TAG, "Attempting to set device owner protected packages when the provided " + "package name " + packageName + " does not match the device owner package name"); return; } mDeviceOwnerProtectedPackages.put(packageName, protectedPackages); mPackageManagerInternal.setDeviceOwnerProtectedPackages(packageName, protectedPackages); writeDeviceOwner(); } } List<String> getDeviceOwnerProtectedPackages(String packageName) { synchronized (mLock) { return mDeviceOwnerProtectedPackages.containsKey(packageName) ? mDeviceOwnerProtectedPackages.get(packageName) : Collections.emptyList(); } } private boolean readLegacyOwnerFileLocked(File file) { if (!file.exists()) { // Already migrated or the device has no owners. Loading Loading @@ -936,6 +993,21 @@ class Owners { } } if (!mDeviceOwnerProtectedPackages.isEmpty()) { for (ArrayMap.Entry<String, List<String>> entry : mDeviceOwnerProtectedPackages.entrySet()) { List<String> protectedPackages = entry.getValue(); out.startTag(null, TAG_DEVICE_OWNER_PROTECTED_PACKAGES); out.attribute(null, ATTR_PACKAGE, entry.getKey()); out.attributeInt(null, ATTR_SIZE, protectedPackages.size()); for (int i = 0, size = protectedPackages.size(); i < size; i++) { out.attribute(null, ATTR_NAME + i, protectedPackages.get(i)); } out.endTag(null, TAG_DEVICE_OWNER_PROTECTED_PACKAGES); } } if (mSystemUpdatePolicy != null) { out.startTag(null, TAG_SYSTEM_UPDATE_POLICY); mSystemUpdatePolicy.saveToXml(out); Loading Loading @@ -1002,6 +1074,15 @@ class Owners { DEVICE_OWNER_TYPE_DEFAULT); mDeviceOwnerTypes.put(packageName, deviceOwnerType); break; case TAG_DEVICE_OWNER_PROTECTED_PACKAGES: packageName = parser.getAttributeValue(null, ATTR_PACKAGE); int protectedPackagesSize = parser.getAttributeInt(null, ATTR_SIZE, 0); List<String> protectedPackages = new ArrayList<>(); for (int i = 0; i < protectedPackagesSize; i++) { protectedPackages.add(parser.getAttributeValue(null, ATTR_NAME + i)); } mDeviceOwnerProtectedPackages.put(packageName, protectedPackages); break; default: Slog.e(TAG, "Unexpected tag: " + tag); return false; Loading Loading
services/core/java/android/content/pm/PackageManagerInternal.java +3 −3 Original line number Diff line number Diff line Loading @@ -382,10 +382,10 @@ public abstract class PackageManagerInternal implements PackageSettingsSnapshotP int deviceOwnerUserId, String deviceOwner, SparseArray<String> profileOwners); /** * Called by DevicePolicyManagerService to set the package names protected by the device * owner. * Called by Owners to set the package names protected by the device owner. */ public abstract void setDeviceOwnerProtectedPackages(List<String> packageNames); public abstract void setDeviceOwnerProtectedPackages( String deviceOwnerPackageName, List<String> packageNames); /** * Returns {@code true} if a given package can't be wiped. Otherwise, returns {@code false}. Loading
services/core/java/com/android/server/pm/PackageManagerService.java +4 −2 Original line number Diff line number Diff line Loading @@ -26514,8 +26514,10 @@ public class PackageManagerService extends IPackageManager.Stub } @Override public void setDeviceOwnerProtectedPackages(List<String> packageNames) { mProtectedPackages.setDeviceOwnerProtectedPackages(packageNames); public void setDeviceOwnerProtectedPackages( String deviceOwnerPackageName, List<String> packageNames) { mProtectedPackages.setDeviceOwnerProtectedPackages( deviceOwnerPackageName, packageNames); } @Override
services/core/java/com/android/server/pm/ProtectedPackages.java +23 −6 Original line number Diff line number Diff line Loading @@ -20,14 +20,15 @@ import android.annotation.Nullable; import android.annotation.UserIdInt; import android.content.Context; import android.os.UserHandle; import android.util.ArrayMap; import android.util.ArraySet; import android.util.SparseArray; import com.android.internal.R; import com.android.internal.annotations.GuardedBy; import com.android.internal.util.ArrayUtils; import java.util.ArrayList; import java.util.List; import java.util.Set; /** * Manages package names that need special protection. Loading Loading @@ -55,7 +56,7 @@ public class ProtectedPackages { @Nullable @GuardedBy("this") private List<String> mDeviceOwnerProtectedPackages; private final ArrayMap<String, Set<String>> mDeviceOwnerProtectedPackages = new ArrayMap<>(); private final Context mContext; Loading @@ -78,8 +79,14 @@ public class ProtectedPackages { : profileOwnerPackages.clone(); } public synchronized void setDeviceOwnerProtectedPackages(List<String> packageNames) { mDeviceOwnerProtectedPackages = new ArrayList<String>(packageNames); /** Sets the protected packages for the device owner. */ public synchronized void setDeviceOwnerProtectedPackages( String deviceOwnerPackageName, List<String> packageNames) { if (packageNames.isEmpty()) { mDeviceOwnerProtectedPackages.remove(deviceOwnerPackageName); } else { mDeviceOwnerProtectedPackages.put(deviceOwnerPackageName, new ArraySet<>(packageNames)); } } private synchronized boolean hasDeviceOwnerOrProfileOwner(int userId, String packageName) { Loading Loading @@ -118,7 +125,17 @@ public class ProtectedPackages { */ private synchronized boolean isProtectedPackage(String packageName) { return packageName != null && (packageName.equals(mDeviceProvisioningPackage) || ArrayUtils.contains(mDeviceOwnerProtectedPackages, packageName)); || isDeviceOwnerProtectedPackage(packageName)); } /** Returns {@code true} if the given package is a protected package set by any device owner. */ private synchronized boolean isDeviceOwnerProtectedPackage(String packageName) { for (Set<String> protectedPackages : mDeviceOwnerProtectedPackages.values()) { if (protectedPackages.contains(packageName)) { return true; } } return false; } /** Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +30 −20 Original line number Diff line number Diff line Loading @@ -1754,11 +1754,38 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (userHandle == UserHandle.USER_SYSTEM) { mStateCache.setDeviceProvisioned(policy.mUserSetupComplete); } migrateDeviceOwnerProtectedPackagesToOwners(userHandle, policy); } return policy; } } /** * Only used by {@link #getUserData(int)} to migrate <b>existing</b> device owner protected * packages that were stored in {@link DevicePolicyData#mUserControlDisabledPackages} to * {@link Owners} because the device owner protected packages are now stored on a per device * owner basis instead of on a per user basis. * * Any calls to {@link #setUserControlDisabledPackages(ComponentName, List)} would now store * the device owner protected packages in {@link Owners} instead of {@link DevicePolicyData}. * @param userHandle The device owner user * @param policy The policy data of the device owner user */ private void migrateDeviceOwnerProtectedPackagesToOwners( int userHandle, DevicePolicyData policy) { ComponentName deviceOwnerComponent = getOwnerComponent(userHandle); if (isDeviceOwner(deviceOwnerComponent, userHandle) && !policy.mUserControlDisabledPackages.isEmpty()) { mOwners.setDeviceOwnerProtectedPackages( deviceOwnerComponent.getPackageName(), policy.mUserControlDisabledPackages); policy.mUserControlDisabledPackages = new ArrayList<>(); saveSettingsLocked(userHandle); } } /** * Creates and loads the policy data from xml for data that is shared between * various profiles of a user. In contrast to {@link #getUserData(int)} Loading Loading @@ -2863,7 +2890,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { updateMaximumTimeToLockLocked(userHandle); updateLockTaskPackagesLocked(policy.mLockTaskPackages, userHandle); updateLockTaskFeaturesLocked(policy.mLockTaskFeatures, userHandle); updateUserControlDisabledPackagesLocked(policy.mUserControlDisabledPackages); if (policy.mStatusBarDisabled) { setStatusBarDisabledInternal(policy.mStatusBarDisabled, userHandle); } Loading Loading @@ -2907,10 +2933,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } private void updateUserControlDisabledPackagesLocked(List<String> packages) { mInjector.getPackageManagerInternal().setDeviceOwnerProtectedPackages(packages); } private void updateLockTaskFeaturesLocked(int flags, int userId) { long ident = mInjector.binderClearCallingIdentity(); try { Loading Loading @@ -8759,7 +8781,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { updateLockTaskPackagesLocked(policy.mLockTaskPackages, userId); policy.mLockTaskFeatures = DevicePolicyManager.LOCK_TASK_FEATURE_NONE; policy.mUserControlDisabledPackages.clear(); updateUserControlDisabledPackagesLocked(policy.mUserControlDisabledPackages); saveSettingsLocked(userId); try { Loading Loading @@ -16199,14 +16220,14 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { @Override public void setUserControlDisabledPackages(ComponentName who, List<String> packages) { Objects.requireNonNull(who, "ComponentName is null"); Preconditions.checkNotNull(packages, "packages is null"); Objects.requireNonNull(packages, "packages is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe( DevicePolicyManager.OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES); synchronized (getLockObject()) { setUserControlDisabledPackagesLocked(caller.getUserId(), packages); mOwners.setDeviceOwnerProtectedPackages(who.getPackageName(), packages); DevicePolicyEventLogger .createEvent(DevicePolicyEnums.SET_USER_CONTROL_DISABLED_PACKAGES) .setAdmin(who) Loading @@ -16215,15 +16236,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } private void setUserControlDisabledPackagesLocked(int userHandle, List<String> packages) { final DevicePolicyData policy = getUserData(userHandle); policy.mUserControlDisabledPackages = packages; // Store the settings persistently. saveSettingsLocked(userHandle); updateUserControlDisabledPackagesLocked(packages); } @Override public List<String> getUserControlDisabledPackages(ComponentName who) { Objects.requireNonNull(who, "ComponentName is null"); Loading @@ -16232,9 +16244,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization(isDeviceOwner(caller)); synchronized (getLockObject()) { final List<String> packages = getUserData(caller.getUserId()).mUserControlDisabledPackages; return packages == null ? Collections.EMPTY_LIST : packages; return mOwners.getDeviceOwnerProtectedPackages(who.getPackageName()); } }
services/devicepolicy/java/com/android/server/devicepolicy/Owners.java +87 −6 Original line number Diff line number Diff line Loading @@ -62,6 +62,7 @@ import java.io.IOException; import java.io.InputStream; import java.time.LocalDate; import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.Map; import java.util.Objects; Loading Loading @@ -97,10 +98,13 @@ class Owners { // Holds "context" for device-owner, this must not be show up before device-owner. private static final String TAG_DEVICE_OWNER_CONTEXT = "device-owner-context"; private static final String TAG_DEVICE_OWNER_TYPE = "device-owner-type"; private static final String TAG_DEVICE_OWNER_PROTECTED_PACKAGES = "device-owner-protected-packages"; private static final String ATTR_NAME = "name"; private static final String ATTR_PACKAGE = "package"; private static final String ATTR_COMPONENT_NAME = "component"; private static final String ATTR_SIZE = "size"; private static final String ATTR_REMOTE_BUGREPORT_URI = "remoteBugreportUri"; private static final String ATTR_REMOTE_BUGREPORT_HASH = "remoteBugreportHash"; private static final String ATTR_USERID = "userId"; Loading Loading @@ -129,6 +133,8 @@ class Owners { // Device owner type for a managed device. private final ArrayMap<String, Integer> mDeviceOwnerTypes = new ArrayMap<>(); private final ArrayMap<String, List<String>> mDeviceOwnerProtectedPackages = new ArrayMap<>(); private int mDeviceOwnerUserId = UserHandle.USER_NULL; // Internal state for the profile owner packages. Loading Loading @@ -216,6 +222,12 @@ class Owners { pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); pushToAppOpsLocked(); for (ArrayMap.Entry<String, List<String>> entry : mDeviceOwnerProtectedPackages.entrySet()) { mPackageManagerInternal.setDeviceOwnerProtectedPackages( entry.getKey(), entry.getValue()); } } } Loading Loading @@ -343,6 +355,12 @@ class Owners { void clearDeviceOwner() { synchronized (mLock) { mDeviceOwnerTypes.remove(mDeviceOwner.packageName); List<String> protectedPackages = mDeviceOwnerProtectedPackages.remove(mDeviceOwner.packageName); if (protectedPackages != null) { mPackageManagerInternal.setDeviceOwnerProtectedPackages( mDeviceOwner.packageName, new ArrayList<>()); } mDeviceOwner = null; mDeviceOwnerUserId = UserHandle.USER_NULL; Loading Loading @@ -394,6 +412,12 @@ class Owners { void transferDeviceOwnership(ComponentName target) { synchronized (mLock) { Integer previousDeviceOwnerType = mDeviceOwnerTypes.remove(mDeviceOwner.packageName); List<String> previousProtectedPackages = mDeviceOwnerProtectedPackages.remove(mDeviceOwner.packageName); if (previousProtectedPackages != null) { mPackageManagerInternal.setDeviceOwnerProtectedPackages( mDeviceOwner.packageName, new ArrayList<>()); } // We don't set a name because it's not used anyway. // See DevicePolicyManagerService#getDeviceOwnerName mDeviceOwner = new OwnerInfo(null, target, Loading @@ -403,6 +427,10 @@ class Owners { if (previousDeviceOwnerType != null) { mDeviceOwnerTypes.put(mDeviceOwner.packageName, previousDeviceOwnerType); } if (previousProtectedPackages != null) { mDeviceOwnerProtectedPackages.put( mDeviceOwner.packageName, previousProtectedPackages); } pushToPackageManagerLocked(); pushToActivityTaskManagerLocked(); pushToActivityManagerLocked(); Loading Loading @@ -594,8 +622,10 @@ class Owners { } } /** Sets the indicator that the profile owner manages an organization-owned device, * then write to file. */ /** * Sets the indicator that the profile owner manages an organization-owned device, * then write to file. */ void markProfileOwnerOfOrganizationOwnedDevice(int userId) { synchronized (mLock) { OwnerInfo profileOwner = mProfileOwners.get(userId); Loading Loading @@ -640,6 +670,33 @@ class Owners { } } void setDeviceOwnerProtectedPackages(String packageName, List<String> protectedPackages) { synchronized (mLock) { if (!hasDeviceOwner()) { Slog.e(TAG, "Attempting to set device owner protected packages when there is no " + "device owner"); return; } else if (!mDeviceOwner.packageName.equals(packageName)) { Slog.e(TAG, "Attempting to set device owner protected packages when the provided " + "package name " + packageName + " does not match the device owner package name"); return; } mDeviceOwnerProtectedPackages.put(packageName, protectedPackages); mPackageManagerInternal.setDeviceOwnerProtectedPackages(packageName, protectedPackages); writeDeviceOwner(); } } List<String> getDeviceOwnerProtectedPackages(String packageName) { synchronized (mLock) { return mDeviceOwnerProtectedPackages.containsKey(packageName) ? mDeviceOwnerProtectedPackages.get(packageName) : Collections.emptyList(); } } private boolean readLegacyOwnerFileLocked(File file) { if (!file.exists()) { // Already migrated or the device has no owners. Loading Loading @@ -936,6 +993,21 @@ class Owners { } } if (!mDeviceOwnerProtectedPackages.isEmpty()) { for (ArrayMap.Entry<String, List<String>> entry : mDeviceOwnerProtectedPackages.entrySet()) { List<String> protectedPackages = entry.getValue(); out.startTag(null, TAG_DEVICE_OWNER_PROTECTED_PACKAGES); out.attribute(null, ATTR_PACKAGE, entry.getKey()); out.attributeInt(null, ATTR_SIZE, protectedPackages.size()); for (int i = 0, size = protectedPackages.size(); i < size; i++) { out.attribute(null, ATTR_NAME + i, protectedPackages.get(i)); } out.endTag(null, TAG_DEVICE_OWNER_PROTECTED_PACKAGES); } } if (mSystemUpdatePolicy != null) { out.startTag(null, TAG_SYSTEM_UPDATE_POLICY); mSystemUpdatePolicy.saveToXml(out); Loading Loading @@ -1002,6 +1074,15 @@ class Owners { DEVICE_OWNER_TYPE_DEFAULT); mDeviceOwnerTypes.put(packageName, deviceOwnerType); break; case TAG_DEVICE_OWNER_PROTECTED_PACKAGES: packageName = parser.getAttributeValue(null, ATTR_PACKAGE); int protectedPackagesSize = parser.getAttributeInt(null, ATTR_SIZE, 0); List<String> protectedPackages = new ArrayList<>(); for (int i = 0; i < protectedPackagesSize; i++) { protectedPackages.add(parser.getAttributeValue(null, ATTR_NAME + i)); } mDeviceOwnerProtectedPackages.put(packageName, protectedPackages); break; default: Slog.e(TAG, "Unexpected tag: " + tag); return false; Loading
