Loading core/java/android/app/ApplicationPackageManager.java +1 −1 Original line number Diff line number Diff line Loading @@ -2831,7 +2831,7 @@ public class ApplicationPackageManager extends PackageManager { synchronized (mLock) { if (mArtManager == null) { try { mArtManager = new ArtManager(mPM.getArtManager()); mArtManager = new ArtManager(mContext, mPM.getArtManager()); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } Loading core/java/android/content/pm/dex/ArtManager.java +15 −10 Original line number Diff line number Diff line Loading @@ -16,12 +16,16 @@ package android.content.pm.dex; import static android.Manifest.permission.PACKAGE_USAGE_STATS; import static android.Manifest.permission.READ_RUNTIME_PROFILES; import android.annotation.CallbackExecutor; import android.annotation.IntDef; import android.annotation.NonNull; import android.annotation.Nullable; import android.annotation.RequiresPermission; import android.annotation.SystemApi; import android.content.Context; import android.os.Environment; import android.os.ParcelFileDescriptor; import android.os.RemoteException; Loading Loading @@ -62,13 +66,14 @@ public class ArtManager { @Retention(RetentionPolicy.SOURCE) public @interface ProfileType {} private IArtManager mArtManager; private final Context mContext; private final IArtManager mArtManager; /** * @hide */ public ArtManager(@NonNull IArtManager manager) { public ArtManager(@NonNull Context context, @NonNull IArtManager manager) { mContext = context; mArtManager = manager; } Loading Loading @@ -99,7 +104,7 @@ public class ArtManager { * @param callback the callback which should be used for the result * @param executor the executor which should be used to post the result */ @RequiresPermission(android.Manifest.permission.READ_RUNTIME_PROFILES) @RequiresPermission(allOf = { READ_RUNTIME_PROFILES, PACKAGE_USAGE_STATS }) public void snapshotRuntimeProfile(@ProfileType int profileType, @Nullable String packageName, @Nullable String codePath, @NonNull @CallbackExecutor Executor executor, @NonNull SnapshotRuntimeProfileCallback callback) { Loading @@ -108,9 +113,10 @@ public class ArtManager { SnapshotRuntimeProfileCallbackDelegate delegate = new SnapshotRuntimeProfileCallbackDelegate(callback, executor); try { mArtManager.snapshotRuntimeProfile(profileType, packageName, codePath, delegate); mArtManager.snapshotRuntimeProfile(profileType, packageName, codePath, delegate, mContext.getOpPackageName()); } catch (RemoteException e) { e.rethrowAsRuntimeException(); throw e.rethrowAsRuntimeException(); } } Loading @@ -122,14 +128,13 @@ public class ArtManager { * @param profileType can be either {@link ArtManager#PROFILE_APPS} * or {@link ArtManager#PROFILE_BOOT_IMAGE} */ @RequiresPermission(android.Manifest.permission.READ_RUNTIME_PROFILES) @RequiresPermission(allOf = { READ_RUNTIME_PROFILES, PACKAGE_USAGE_STATS }) public boolean isRuntimeProfilingEnabled(@ProfileType int profileType) { try { return mArtManager.isRuntimeProfilingEnabled(profileType); return mArtManager.isRuntimeProfilingEnabled(profileType, mContext.getOpPackageName()); } catch (RemoteException e) { e.rethrowAsRuntimeException(); throw e.rethrowAsRuntimeException(); } return false; } /** Loading core/java/android/content/pm/dex/IArtManager.aidl +3 −3 Original line number Diff line number Diff line Loading @@ -44,8 +44,8 @@ interface IArtManager { * {@link ArtManager#isRuntimeProfilingEnabled(int)} does not return true for the given * {@code profileType}. */ oneway void snapshotRuntimeProfile(int profileType, in String packageName, in String codePath, in ISnapshotRuntimeProfileCallback callback); void snapshotRuntimeProfile(int profileType, in String packageName, in String codePath, in ISnapshotRuntimeProfileCallback callback, String callingPackage); /** * Returns true if runtime profiles are enabled for the given type, false otherwise. Loading @@ -54,5 +54,5 @@ interface IArtManager { * * @param profileType */ boolean isRuntimeProfilingEnabled(int profileType); boolean isRuntimeProfilingEnabled(int profileType, String callingPackage); } services/core/java/com/android/server/pm/PackageManagerService.java +1 −1 Original line number Diff line number Diff line Loading @@ -2462,7 +2462,7 @@ public class PackageManagerService extends IPackageManager.Stub installer, mInstallLock); mDexManager = new DexManager(this, mPackageDexOptimizer, installer, mInstallLock, dexManagerListener); mArtManagerService = new ArtManagerService(this, installer, mInstallLock); mArtManagerService = new ArtManagerService(mContext, this, installer, mInstallLock); mMoveCallbacks = new MoveCallbacks(FgThread.get().getLooper()); mOnPermissionChangeListeners = new OnPermissionChangeListeners( services/core/java/com/android/server/pm/dex/ArtManagerService.java +49 −35 Original line number Diff line number Diff line Loading @@ -16,8 +16,9 @@ package com.android.server.pm.dex; import android.Manifest; import android.annotation.UserIdInt; import android.app.AppOpsManager; import android.content.Context; import android.content.pm.ApplicationInfo; import android.content.pm.IPackageManager; import android.content.pm.PackageInfo; Loading @@ -38,7 +39,9 @@ import android.os.SystemProperties; import android.os.UserHandle; import android.system.Os; import android.util.ArrayMap; import android.util.Log; import android.util.Slog; import com.android.internal.annotations.GuardedBy; import com.android.internal.os.BackgroundThread; import com.android.internal.util.ArrayUtils; Loading @@ -47,14 +50,17 @@ import com.android.server.LocalServices; import com.android.server.pm.Installer; import com.android.server.pm.Installer.InstallerException; import com.android.server.pm.PackageManagerServiceCompilerMapping; import dalvik.system.DexFile; import dalvik.system.VMRuntime; import java.io.File; import java.io.FileNotFoundException; import libcore.io.IoUtils; import libcore.util.NonNull; import libcore.util.Nullable; import java.io.File; import java.io.FileNotFoundException; /** * A system service that provides access to runtime and compiler artifacts. * Loading @@ -69,9 +75,7 @@ import libcore.util.Nullable; */ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { private static final String TAG = "ArtManagerService"; private static boolean DEBUG = false; private static boolean DEBUG_IGNORE_PERMISSIONS = false; private static final boolean DEBUG = Log.isLoggable(TAG, Log.DEBUG); // Package name used to create the profile directory layout when // taking a snapshot of the boot image profile. Loading @@ -79,6 +83,7 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { // Profile name used for the boot image profile. private static final String BOOT_IMAGE_PROFILE_NAME = "android.prof"; private final Context mContext; private final IPackageManager mPackageManager; private final Object mInstallLock; @GuardedBy("mInstallLock") Loading @@ -90,7 +95,9 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { verifyTronLoggingConstants(); } public ArtManagerService(IPackageManager pm, Installer installer, Object installLock) { public ArtManagerService(Context context, IPackageManager pm, Installer installer, Object installLock) { mContext = context; mPackageManager = pm; mInstaller = installer; mInstallLock = installLock; Loading @@ -99,9 +106,37 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { LocalServices.addService(ArtManagerInternal.class, new ArtManagerInternalImpl()); } private boolean checkPermission(int callingUid, String callingPackage) { // Callers always need this permission mContext.enforceCallingOrSelfPermission( android.Manifest.permission.READ_RUNTIME_PROFILES, TAG); // Callers also need the ability to read usage statistics switch (mContext.getSystemService(AppOpsManager.class) .noteOp(AppOpsManager.OP_GET_USAGE_STATS, callingUid, callingPackage)) { case AppOpsManager.MODE_ALLOWED: return true; case AppOpsManager.MODE_DEFAULT: mContext.enforceCallingOrSelfPermission( android.Manifest.permission.PACKAGE_USAGE_STATS, TAG); return true; default: return false; } } @Override public void snapshotRuntimeProfile(@ProfileType int profileType, @Nullable String packageName, @Nullable String codePath, @NonNull ISnapshotRuntimeProfileCallback callback) { @Nullable String codePath, @NonNull ISnapshotRuntimeProfileCallback callback, String callingPackage) { if (!checkPermission(Binder.getCallingUid(), callingPackage)) { try { callback.onError(ArtManager.SNAPSHOT_FAILED_INTERNAL_ERROR); } catch (RemoteException ignored) { } return; } // Sanity checks on the arguments. Preconditions.checkNotNull(callback); Loading @@ -111,9 +146,8 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { Preconditions.checkStringNotEmpty(packageName); } // Verify that the caller has the right permissions and that the runtime profiling is // enabled. The call to isRuntimePermissions will checkReadRuntimeProfilePermission. if (!isRuntimeProfilingEnabled(profileType)) { // Verify that runtime profiling is enabled. if (!isRuntimeProfilingEnabled(profileType, callingPackage)) { throw new IllegalStateException("Runtime profiling is not enabled for " + profileType); } Loading Loading @@ -231,9 +265,10 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { } @Override public boolean isRuntimeProfilingEnabled(@ProfileType int profileType) { // Verify that the caller has the right permissions. checkReadRuntimeProfilePermission(); public boolean isRuntimeProfilingEnabled(@ProfileType int profileType, String callingPackage) { if (!checkPermission(Binder.getCallingUid(), callingPackage)) { return false; } switch (profileType) { case ArtManager.PROFILE_APPS : Loading Loading @@ -305,27 +340,6 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { }); } /** * Verify that the binder calling uid has {@code android.permission.READ_RUNTIME_PROFILE}. * If not, it throws a {@link SecurityException}. */ private void checkReadRuntimeProfilePermission() { if (DEBUG_IGNORE_PERMISSIONS) { return; } try { int result = mPackageManager.checkUidPermission( Manifest.permission.READ_RUNTIME_PROFILES, Binder.getCallingUid()); if (result != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("You need " + Manifest.permission.READ_RUNTIME_PROFILES + " permission to snapshot profiles."); } } catch (RemoteException e) { // Should not happen. } } /** * Prepare the application profiles. * For all code paths: Loading Loading
core/java/android/app/ApplicationPackageManager.java +1 −1 Original line number Diff line number Diff line Loading @@ -2831,7 +2831,7 @@ public class ApplicationPackageManager extends PackageManager { synchronized (mLock) { if (mArtManager == null) { try { mArtManager = new ArtManager(mPM.getArtManager()); mArtManager = new ArtManager(mContext, mPM.getArtManager()); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } Loading
core/java/android/content/pm/dex/ArtManager.java +15 −10 Original line number Diff line number Diff line Loading @@ -16,12 +16,16 @@ package android.content.pm.dex; import static android.Manifest.permission.PACKAGE_USAGE_STATS; import static android.Manifest.permission.READ_RUNTIME_PROFILES; import android.annotation.CallbackExecutor; import android.annotation.IntDef; import android.annotation.NonNull; import android.annotation.Nullable; import android.annotation.RequiresPermission; import android.annotation.SystemApi; import android.content.Context; import android.os.Environment; import android.os.ParcelFileDescriptor; import android.os.RemoteException; Loading Loading @@ -62,13 +66,14 @@ public class ArtManager { @Retention(RetentionPolicy.SOURCE) public @interface ProfileType {} private IArtManager mArtManager; private final Context mContext; private final IArtManager mArtManager; /** * @hide */ public ArtManager(@NonNull IArtManager manager) { public ArtManager(@NonNull Context context, @NonNull IArtManager manager) { mContext = context; mArtManager = manager; } Loading Loading @@ -99,7 +104,7 @@ public class ArtManager { * @param callback the callback which should be used for the result * @param executor the executor which should be used to post the result */ @RequiresPermission(android.Manifest.permission.READ_RUNTIME_PROFILES) @RequiresPermission(allOf = { READ_RUNTIME_PROFILES, PACKAGE_USAGE_STATS }) public void snapshotRuntimeProfile(@ProfileType int profileType, @Nullable String packageName, @Nullable String codePath, @NonNull @CallbackExecutor Executor executor, @NonNull SnapshotRuntimeProfileCallback callback) { Loading @@ -108,9 +113,10 @@ public class ArtManager { SnapshotRuntimeProfileCallbackDelegate delegate = new SnapshotRuntimeProfileCallbackDelegate(callback, executor); try { mArtManager.snapshotRuntimeProfile(profileType, packageName, codePath, delegate); mArtManager.snapshotRuntimeProfile(profileType, packageName, codePath, delegate, mContext.getOpPackageName()); } catch (RemoteException e) { e.rethrowAsRuntimeException(); throw e.rethrowAsRuntimeException(); } } Loading @@ -122,14 +128,13 @@ public class ArtManager { * @param profileType can be either {@link ArtManager#PROFILE_APPS} * or {@link ArtManager#PROFILE_BOOT_IMAGE} */ @RequiresPermission(android.Manifest.permission.READ_RUNTIME_PROFILES) @RequiresPermission(allOf = { READ_RUNTIME_PROFILES, PACKAGE_USAGE_STATS }) public boolean isRuntimeProfilingEnabled(@ProfileType int profileType) { try { return mArtManager.isRuntimeProfilingEnabled(profileType); return mArtManager.isRuntimeProfilingEnabled(profileType, mContext.getOpPackageName()); } catch (RemoteException e) { e.rethrowAsRuntimeException(); throw e.rethrowAsRuntimeException(); } return false; } /** Loading
core/java/android/content/pm/dex/IArtManager.aidl +3 −3 Original line number Diff line number Diff line Loading @@ -44,8 +44,8 @@ interface IArtManager { * {@link ArtManager#isRuntimeProfilingEnabled(int)} does not return true for the given * {@code profileType}. */ oneway void snapshotRuntimeProfile(int profileType, in String packageName, in String codePath, in ISnapshotRuntimeProfileCallback callback); void snapshotRuntimeProfile(int profileType, in String packageName, in String codePath, in ISnapshotRuntimeProfileCallback callback, String callingPackage); /** * Returns true if runtime profiles are enabled for the given type, false otherwise. Loading @@ -54,5 +54,5 @@ interface IArtManager { * * @param profileType */ boolean isRuntimeProfilingEnabled(int profileType); boolean isRuntimeProfilingEnabled(int profileType, String callingPackage); }
services/core/java/com/android/server/pm/PackageManagerService.java +1 −1 Original line number Diff line number Diff line Loading @@ -2462,7 +2462,7 @@ public class PackageManagerService extends IPackageManager.Stub installer, mInstallLock); mDexManager = new DexManager(this, mPackageDexOptimizer, installer, mInstallLock, dexManagerListener); mArtManagerService = new ArtManagerService(this, installer, mInstallLock); mArtManagerService = new ArtManagerService(mContext, this, installer, mInstallLock); mMoveCallbacks = new MoveCallbacks(FgThread.get().getLooper()); mOnPermissionChangeListeners = new OnPermissionChangeListeners(
services/core/java/com/android/server/pm/dex/ArtManagerService.java +49 −35 Original line number Diff line number Diff line Loading @@ -16,8 +16,9 @@ package com.android.server.pm.dex; import android.Manifest; import android.annotation.UserIdInt; import android.app.AppOpsManager; import android.content.Context; import android.content.pm.ApplicationInfo; import android.content.pm.IPackageManager; import android.content.pm.PackageInfo; Loading @@ -38,7 +39,9 @@ import android.os.SystemProperties; import android.os.UserHandle; import android.system.Os; import android.util.ArrayMap; import android.util.Log; import android.util.Slog; import com.android.internal.annotations.GuardedBy; import com.android.internal.os.BackgroundThread; import com.android.internal.util.ArrayUtils; Loading @@ -47,14 +50,17 @@ import com.android.server.LocalServices; import com.android.server.pm.Installer; import com.android.server.pm.Installer.InstallerException; import com.android.server.pm.PackageManagerServiceCompilerMapping; import dalvik.system.DexFile; import dalvik.system.VMRuntime; import java.io.File; import java.io.FileNotFoundException; import libcore.io.IoUtils; import libcore.util.NonNull; import libcore.util.Nullable; import java.io.File; import java.io.FileNotFoundException; /** * A system service that provides access to runtime and compiler artifacts. * Loading @@ -69,9 +75,7 @@ import libcore.util.Nullable; */ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { private static final String TAG = "ArtManagerService"; private static boolean DEBUG = false; private static boolean DEBUG_IGNORE_PERMISSIONS = false; private static final boolean DEBUG = Log.isLoggable(TAG, Log.DEBUG); // Package name used to create the profile directory layout when // taking a snapshot of the boot image profile. Loading @@ -79,6 +83,7 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { // Profile name used for the boot image profile. private static final String BOOT_IMAGE_PROFILE_NAME = "android.prof"; private final Context mContext; private final IPackageManager mPackageManager; private final Object mInstallLock; @GuardedBy("mInstallLock") Loading @@ -90,7 +95,9 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { verifyTronLoggingConstants(); } public ArtManagerService(IPackageManager pm, Installer installer, Object installLock) { public ArtManagerService(Context context, IPackageManager pm, Installer installer, Object installLock) { mContext = context; mPackageManager = pm; mInstaller = installer; mInstallLock = installLock; Loading @@ -99,9 +106,37 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { LocalServices.addService(ArtManagerInternal.class, new ArtManagerInternalImpl()); } private boolean checkPermission(int callingUid, String callingPackage) { // Callers always need this permission mContext.enforceCallingOrSelfPermission( android.Manifest.permission.READ_RUNTIME_PROFILES, TAG); // Callers also need the ability to read usage statistics switch (mContext.getSystemService(AppOpsManager.class) .noteOp(AppOpsManager.OP_GET_USAGE_STATS, callingUid, callingPackage)) { case AppOpsManager.MODE_ALLOWED: return true; case AppOpsManager.MODE_DEFAULT: mContext.enforceCallingOrSelfPermission( android.Manifest.permission.PACKAGE_USAGE_STATS, TAG); return true; default: return false; } } @Override public void snapshotRuntimeProfile(@ProfileType int profileType, @Nullable String packageName, @Nullable String codePath, @NonNull ISnapshotRuntimeProfileCallback callback) { @Nullable String codePath, @NonNull ISnapshotRuntimeProfileCallback callback, String callingPackage) { if (!checkPermission(Binder.getCallingUid(), callingPackage)) { try { callback.onError(ArtManager.SNAPSHOT_FAILED_INTERNAL_ERROR); } catch (RemoteException ignored) { } return; } // Sanity checks on the arguments. Preconditions.checkNotNull(callback); Loading @@ -111,9 +146,8 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { Preconditions.checkStringNotEmpty(packageName); } // Verify that the caller has the right permissions and that the runtime profiling is // enabled. The call to isRuntimePermissions will checkReadRuntimeProfilePermission. if (!isRuntimeProfilingEnabled(profileType)) { // Verify that runtime profiling is enabled. if (!isRuntimeProfilingEnabled(profileType, callingPackage)) { throw new IllegalStateException("Runtime profiling is not enabled for " + profileType); } Loading Loading @@ -231,9 +265,10 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { } @Override public boolean isRuntimeProfilingEnabled(@ProfileType int profileType) { // Verify that the caller has the right permissions. checkReadRuntimeProfilePermission(); public boolean isRuntimeProfilingEnabled(@ProfileType int profileType, String callingPackage) { if (!checkPermission(Binder.getCallingUid(), callingPackage)) { return false; } switch (profileType) { case ArtManager.PROFILE_APPS : Loading Loading @@ -305,27 +340,6 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub { }); } /** * Verify that the binder calling uid has {@code android.permission.READ_RUNTIME_PROFILE}. * If not, it throws a {@link SecurityException}. */ private void checkReadRuntimeProfilePermission() { if (DEBUG_IGNORE_PERMISSIONS) { return; } try { int result = mPackageManager.checkUidPermission( Manifest.permission.READ_RUNTIME_PROFILES, Binder.getCallingUid()); if (result != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("You need " + Manifest.permission.READ_RUNTIME_PROFILES + " permission to snapshot profiles."); } } catch (RemoteException e) { // Should not happen. } } /** * Prepare the application profiles. * For all code paths: Loading
