Merge tag 'android-security-11.0.0_r54' into staging/lineage-18.1_merge_android-security-11.0.0_r54

     *

     * @hide

     */

    @RequiresPermission(android.Manifest.permission.MANAGE_DEBUGGING)

    public static final String WIRELESS_DEBUG_STATE_CHANGED_ACTION =

            "com.android.server.adb.WIRELESS_DEBUG_STATUS";

     *

     * @hide

     */

    @RequiresPermission(android.Manifest.permission.MANAGE_DEBUGGING)

    public static final String WIRELESS_DEBUG_PAIRED_DEVICES_ACTION =

            "com.android.server.adb.WIRELESS_DEBUG_PAIRED_DEVICES";

     *

     * @hide

     */

    @RequiresPermission(android.Manifest.permission.MANAGE_DEBUGGING)

    public static final String WIRELESS_DEBUG_PAIRING_RESULT_ACTION =

            "com.android.server.adb.WIRELESS_DEBUG_PAIRING_RESULT";

package com.android.internal.app;

import static android.view.WindowManager.LayoutParams.SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS;

import android.content.Context;

import android.content.DialogInterface;

import android.content.Intent;

import android.util.Log;

import android.view.View;

import android.widget.TextView;

import com.android.internal.R;

/**

    protected void onCreate(Bundle savedInstanceState) {

        super.onCreate(savedInstanceState);

        getWindow().addSystemFlags(SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS);

        final Intent intent = getIntent();

        mPackageName = intent.getStringExtra(Intent.EXTRA_PACKAGE_NAME);

        mTarget = intent.getParcelableExtra(Intent.EXTRA_INTENT);

import static com.android.internal.util.dump.DumpUtils.writeStringIfNotNull;

import android.annotation.NonNull;

import android.annotation.TestApi;

import android.app.ActivityManager;

import android.app.Notification;

        mAdbConnectionInfo = new AdbConnectionInfo();

    }

    static void sendBroadcastWithDebugPermission(@NonNull Context context, @NonNull Intent intent,

            @NonNull UserHandle userHandle) {

        context.sendBroadcastAsUser(intent, userHandle,

                android.Manifest.permission.MANAGE_DEBUGGING);

    }

    class PairingThread extends Thread implements NsdManager.RegistrationListener {

        private NsdManager mNsdManager;

        private String mPublicKey;

                    ? AdbManager.WIRELESS_STATUS_CONNECTED

                    : AdbManager.WIRELESS_STATUS_DISCONNECTED);

            intent.putExtra(AdbManager.WIRELESS_DEBUG_PORT_EXTRA, port);

            mContext.sendBroadcastAsUser(intent, UserHandle.ALL);

            AdbDebuggingManager.sendBroadcastWithDebugPermission(mContext, intent, UserHandle.ALL);

        }

        private void onAdbdWifiServerConnected(int port) {

            if (publicKey == null) {

                Intent intent = new Intent(AdbManager.WIRELESS_DEBUG_PAIRING_RESULT_ACTION);

                intent.putExtra(AdbManager.WIRELESS_STATUS_EXTRA, AdbManager.WIRELESS_STATUS_FAIL);

                mContext.sendBroadcastAsUser(intent, UserHandle.ALL);

                AdbDebuggingManager.sendBroadcastWithDebugPermission(mContext, intent,

                        UserHandle.ALL);

            } else {

                Intent intent = new Intent(AdbManager.WIRELESS_DEBUG_PAIRING_RESULT_ACTION);

                intent.putExtra(AdbManager.WIRELESS_STATUS_EXTRA,

                }

                PairDevice device = new PairDevice(fingerprints, hostname, false);

                intent.putExtra(AdbManager.WIRELESS_PAIR_DEVICE_EXTRA, device);

                mContext.sendBroadcastAsUser(intent, UserHandle.ALL);

                AdbDebuggingManager.sendBroadcastWithDebugPermission(mContext, intent,

                        UserHandle.ALL);

                // Add the key into the keystore

                mAdbKeyStore.setLastConnectionTime(publicKey,

                        System.currentTimeMillis());

            intent.putExtra(AdbManager.WIRELESS_STATUS_EXTRA,

                    AdbManager.WIRELESS_STATUS_CONNECTED);

            intent.putExtra(AdbManager.WIRELESS_DEBUG_PORT_EXTRA, port);

            mContext.sendBroadcastAsUser(intent, UserHandle.ALL);

            AdbDebuggingManager.sendBroadcastWithDebugPermission(mContext, intent, UserHandle.ALL);

        }

        private void sendPairedDevicesToUI(Map<String, PairDevice> devices) {

            Intent intent = new Intent(AdbManager.WIRELESS_DEBUG_PAIRED_DEVICES_ACTION);

            // Map is not serializable, so need to downcast

            intent.putExtra(AdbManager.WIRELESS_DEVICES_EXTRA, (HashMap) devices);

            mContext.sendBroadcastAsUser(intent, UserHandle.ALL);

            AdbDebuggingManager.sendBroadcastWithDebugPermission(mContext, intent, UserHandle.ALL);

        }

        private void updateUIPairCode(String code) {

            intent.putExtra(AdbManager.WIRELESS_PAIRING_CODE_EXTRA, code);

            intent.putExtra(AdbManager.WIRELESS_STATUS_EXTRA,

                    AdbManager.WIRELESS_STATUS_PAIRING_CODE);

            mContext.sendBroadcastAsUser(intent, UserHandle.ALL);

            AdbDebuggingManager.sendBroadcastWithDebugPermission(mContext, intent, UserHandle.ALL);

        }

    }

                ? AdbManager.WIRELESS_STATUS_CONNECTED

                : AdbManager.WIRELESS_STATUS_DISCONNECTED);

        intent.putExtra(AdbManager.WIRELESS_DEBUG_PORT_EXTRA, port);

        mContext.sendBroadcastAsUser(intent, UserHandle.ALL);

        AdbDebuggingManager.sendBroadcastWithDebugPermission(mContext, intent, UserHandle.ALL);

        Slog.i(TAG, "sent port broadcast port=" + port);

    }

        }

        ComponentName cmp = startServiceInnerLocked(smap, service, r, callerFg, addToStarting);

        if (!r.mAllowWhileInUsePermissionInFgs) {

            r.mAllowWhileInUsePermissionInFgs =

                    shouldAllowWhileInUsePermissionInFgsLocked(callingPackage, callingPid,

                            callingUid, service, r, allowBackgroundActivityStarts);

        }

        setFgsRestrictionLocked(callingPackage, callingPid, callingUid, r,

                allowBackgroundActivityStarts);

        return cmp;

    }

                        +  String.format("0x%08X", manifestType)

                        + " in service element of manifest file");

                }

                // If the foreground service is not started from TOP process, do not allow it to

                // have while-in-use location/camera/microphone access.

                if (!r.mAllowWhileInUsePermissionInFgs) {

                    Slog.w(TAG,

                            "Foreground service started from background can not have "

                                    + "location/camera/microphone access: service "

                                    + r.shortInstanceName);

                }

            }

            boolean alreadyStartedOp = false;

            boolean stopProcStatsOp = false;

                    ignoreForeground = true;

                }

                if (!ignoreForeground) {

                    if (r.mStartForegroundCount == 0) {

                        /*

                        If the service was started with startService(), not

                        startForegroundService(), and if startForeground() isn't called within

                        mFgsStartForegroundTimeoutMs, then we check the state of the app

                        (who owns the service, which is the app that called startForeground())

                        again. If the app is in the foreground, or in any other cases where

                        FGS-starts are allowed, then we still allow the FGS to be started.

                        Otherwise, startForeground() would fail.

                        If the service was started with startForegroundService(), then the service

                        must call startForeground() within a timeout anyway, so we don't need this

                        check.

                        */

                        if (!r.fgRequired) {

                            final long delayMs = SystemClock.elapsedRealtime() - r.createRealTime;

                            if (delayMs > mAm.mConstants.mFgsStartForegroundTimeoutMs) {

                                resetFgsRestrictionLocked(r);

                                setFgsRestrictionLocked(r.serviceInfo.packageName, r.app.pid,

                                        r.appInfo.uid, r, false);

                                EventLog.writeEvent(0x534e4554, "183147114",

                                        r.appInfo.uid,

                                        "call setFgsRestrictionLocked again due to "

                                                + "startForegroundTimeout");

                            }

                        }

                    } else if (r.mStartForegroundCount >= 1) {

                        // The second or later time startForeground() is called after service is

                        // started. Check for app state again.

                        final long delayMs = SystemClock.elapsedRealtime() -

                                r.mLastSetFgsRestrictionTime;

                        if (delayMs > mAm.mConstants.mFgsStartForegroundTimeoutMs) {

                            setFgsRestrictionLocked(r.serviceInfo.packageName, r.app.pid,

                                    r.appInfo.uid, r, false);

                            EventLog.writeEvent(0x534e4554, "183147114", r.appInfo.uid,

                                    "call setFgsRestrictionLocked for "

                                            + (r.mStartForegroundCount + 1) + "th startForeground");

                        }

                    }

                    // If the foreground service is not started from TOP process, do not allow it to

                    // have while-in-use location/camera/microphone access.

                    if (!r.mAllowWhileInUsePermissionInFgs) {

                        Slog.w(TAG,

                                "Foreground service started from background can not have "

                                        + "location/camera/microphone access: service "

                                        + r.shortInstanceName);

                    }

                }

                // Apps under strict background restrictions simply don't get to have foreground

                // services, so now that we've enforced the startForegroundService() contract

                // we only do the machinery of making the service foreground when the app

                            active.mNumActive++;

                        }

                        r.isForeground = true;

                        r.mStartForegroundCount++;

                        if (!stopProcStatsOp) {

                            ServiceState stracker = r.getTracker();

                            if (stracker != null) {

                    decActiveForegroundAppLocked(smap, r);

                }

                r.isForeground = false;

                resetFgsRestrictionLocked(r);

                ServiceState stracker = r.getTracker();

                if (stracker != null) {

                    stracker.setForeground(false, mAm.mProcessStats.getMemFactorLocked(),

                }

            }

            if (!s.mAllowWhileInUsePermissionInFgs) {

                s.mAllowWhileInUsePermissionInFgs =

                        shouldAllowWhileInUsePermissionInFgsLocked(callingPackage,

                                callingPid, callingUid,

                                service, s, false);

            }

            setFgsRestrictionLocked(callingPackage, callingPid, callingUid, s, false);

            if (s.app != null) {

                if ((flags&Context.BIND_TREAT_LIKE_ACTIVITY) != 0) {

        r.isForeground = false;

        r.foregroundId = 0;

        r.foregroundNoti = null;

        r.mAllowWhileInUsePermissionInFgs = false;

        resetFgsRestrictionLocked(r);

        // Clear start entries.

        r.clearDeliveredStartsLocked();

     * @return true if allow, false otherwise.

     */

    private boolean shouldAllowWhileInUsePermissionInFgsLocked(String callingPackage,

            int callingPid, int callingUid, Intent intent, ServiceRecord r,

            int callingPid, int callingUid, ServiceRecord r,

            boolean allowBackgroundActivityStarts) {

        // Is the background FGS start restriction turned on?

        if (!mAm.mConstants.mFlagBackgroundFgsStartRestrictionEnabled) {

        }

        return false;

    }

    boolean canAllowWhileInUsePermissionInFgsLocked(int callingPid, int callingUid,

            String callingPackage) {

        return shouldAllowWhileInUsePermissionInFgsLocked(

                callingPackage, callingPid, callingUid, null, false);

    }

    /**

     * In R, mAllowWhileInUsePermissionInFgs is to allow while-in-use permissions in foreground

     *  service or not. while-in-use permissions in FGS started from background might be restricted.

     * @param callingPackage caller app's package name.

     * @param callingUid caller app's uid.

     * @param r the service to start.

     * @return true if allow, false otherwise.

     */

    private void setFgsRestrictionLocked(String callingPackage,

            int callingPid, int callingUid, ServiceRecord r,

            boolean allowBackgroundActivityStarts) {

        r.mLastSetFgsRestrictionTime = SystemClock.elapsedRealtime();

        if (!r.mAllowWhileInUsePermissionInFgs) {

            r.mAllowWhileInUsePermissionInFgs = shouldAllowWhileInUsePermissionInFgsLocked(

                    callingPackage, callingPid, callingUid, r, allowBackgroundActivityStarts);

        }

    }

    private void resetFgsRestrictionLocked(ServiceRecord r) {

        r.mAllowWhileInUsePermissionInFgs = false;

        r.mLastSetFgsRestrictionTime = 0;

    }

}