Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e9b40ba9 authored by Hui Yu's avatar Hui Yu
Browse files

Turn on foregroundServiceType camera and microphone feature in 

permissive mode.

Turn on this feature in permissive mode. For FGS that does not have
camera/microphone capability due to missing foregroundServiceType in
manifest file, send a WTF log to sever so we can identify the FGS and
fix it before enforce this feature.

Bug: 150892326
Test: manual test, looking for logcat message.
Change-Id: Id790d7fa16b4877aaf905e7a74c310e5f03c7de1
parent 29c8617d

services/core/java/com/android/server/am/ActiveServices.java

+18 −4
Original line number Diff line number Diff line
@@ -137,6 +137,10 @@ public final class ActiveServices { 


    private static final boolean SHOW_DUNGEON_NOTIFICATION = false;



    //TODO: remove this when development is done.

    private static final int DEBUG_FGS_ALLOW_WHILE_IN_USE = 0;

    private static final int DEBUG_FGS_ENFORCE_TYPE = 1;



    // How long we wait for a service to finish executing.

    static final int SERVICE_TIMEOUT = 20*1000;
@@ -4931,6 +4935,7 @@ public final class ActiveServices { 
                if (!r.isForeground) {

                    continue;

                }

                if (mode == DEBUG_FGS_ALLOW_WHILE_IN_USE) {

                    if (!r.mAllowWhileInUsePermissionInFgs

                            && r.mInfoDenyWhileInUsePermissionInFgs != null) {

                        final String msg = r.mInfoDenyWhileInUsePermissionInFgs
@@ -4938,6 +4943,15 @@ public final class ActiveServices { 
                                + AppOpsManager.opToPublicName(op);

                        Slog.wtf(TAG, msg);

                    }

                } else if (mode == DEBUG_FGS_ENFORCE_TYPE) {

                    final String msg =

                            "FGS Missing foregroundServiceType in manifest file [callingPackage: "

                            + r.mRecentCallingPackage

                            + "; intent:" + r.intent.getIntent()

                            + "] affected while-in-use permission:"

                            + AppOpsManager.opToPublicName(op);

                    Slog.wtf(TAG, msg);

                }

            }

        }

    }

services/core/java/com/android/server/am/OomAdjuster.java

+7 −5
Original line number Diff line number Diff line
@@ -75,7 +75,6 @@ import android.app.ActivityManager; 
import android.app.ApplicationExitInfo;

import android.app.usage.UsageEvents;

import android.compat.annotation.ChangeId;

import android.compat.annotation.Disabled;

import android.compat.annotation.EnabledAfter;

import android.content.Context;

import android.content.pm.ServiceInfo;
@@ -149,12 +148,13 @@ public final class OomAdjuster { 
     * capabilities.

     */

    @ChangeId

    //TODO: change to @EnabledAfter when enforcing the feature.

    @Disabled

    @EnabledAfter(targetSdkVersion=android.os.Build.VERSION_CODES.Q)

    static final long CAMERA_MICROPHONE_CAPABILITY_CHANGE_ID = 136219221L;



    //TODO: remove this when development is done.

    private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_LOCATION = 1 << 31;

    private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_CAMERA = 1 << 30;

    private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE = 1 << 29;



    /**

     * For some direct access we need to power manager.
@@ -1513,10 +1513,12 @@ public final class OomAdjuster { 
                    if (enabled) {

                        capabilityFromFGS |=

                                (fgsType & FOREGROUND_SERVICE_TYPE_CAMERA)

                                        != 0 ? PROCESS_CAPABILITY_FOREGROUND_CAMERA : 0;

                                        != 0 ? PROCESS_CAPABILITY_FOREGROUND_CAMERA

                                        : TEMP_PROCESS_CAPABILITY_FOREGROUND_CAMERA;

                        capabilityFromFGS |=

                                (fgsType & FOREGROUND_SERVICE_TYPE_MICROPHONE)

                                        != 0 ? PROCESS_CAPABILITY_FOREGROUND_MICROPHONE : 0;

                                        != 0 ? PROCESS_CAPABILITY_FOREGROUND_MICROPHONE

                                        : TEMP_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE;

                    } else {

                        capabilityFromFGS |= PROCESS_CAPABILITY_FOREGROUND_CAMERA

                                | PROCESS_CAPABILITY_FOREGROUND_MICROPHONE;

services/core/java/com/android/server/appop/AppOpsService.java

+29 −5
Original line number Diff line number Diff line
@@ -238,6 +238,11 @@ public class AppOpsService extends IAppOpsService.Stub { 


    //TODO: remove this when development is done.

    private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_LOCATION = 1 << 31;

    private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_CAMERA = 1 << 30;

    private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE = 1 << 29;

    private static final int DEBUG_FGS_ALLOW_WHILE_IN_USE = 0;

    private static final int DEBUG_FGS_ENFORCE_TYPE = 1;





    final Context mContext;

    final AtomicFile mFile;
@@ -537,7 +542,7 @@ public class AppOpsService extends IAppOpsService.Stub { 
                                // The FGS has the location capability, but due to FGS BG start

                                // restriction it lost the capability, use temp location capability

                                // to mark this case.

                                maybeShowWhileInUseDebugToast(op, mode);

                                maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ALLOW_WHILE_IN_USE);

                                return MODE_IGNORED;

                            } else {

                                return MODE_IGNORED;
@@ -545,15 +550,25 @@ public class AppOpsService extends IAppOpsService.Stub { 
                        case OP_CAMERA:

                            if ((capability & PROCESS_CAPABILITY_FOREGROUND_CAMERA) != 0) {

                                return MODE_ALLOWED;

                            } else if ((capability & TEMP_PROCESS_CAPABILITY_FOREGROUND_CAMERA)

                                    != 0) {

                                // CHANGE TO MODE_IGNORED when enforce this feature.

                                maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);

                                return MODE_ALLOWED;

                            } else {

                                maybeShowWhileInUseDebugToast(op, mode);

                                maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ALLOW_WHILE_IN_USE);

                                return MODE_IGNORED;

                            }

                        case OP_RECORD_AUDIO:

                            if ((capability & PROCESS_CAPABILITY_FOREGROUND_MICROPHONE) != 0) {

                                return MODE_ALLOWED;

                            } else if  ((capability & TEMP_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE)

                                    != 0) {

                                // CHANGE TO MODE_IGNORED when enforce this feature.

                                maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);

                                return MODE_ALLOWED;

                            } else {

                                maybeShowWhileInUseDebugToast(op, mode);

                                maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ALLOW_WHILE_IN_USE);

                                return MODE_IGNORED;

                            }

                        default:
@@ -568,15 +583,24 @@ public class AppOpsService extends IAppOpsService.Stub { 
                    case OP_CAMERA:

                        if ((capability & PROCESS_CAPABILITY_FOREGROUND_CAMERA) != 0) {

                            return MODE_ALLOWED;

                        } else if ((capability & TEMP_PROCESS_CAPABILITY_FOREGROUND_CAMERA) != 0) {

                            // CHANGE TO MODE_IGNORED when enforce this feature.

                            maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);

                            return MODE_ALLOWED;

                        } else {

                            maybeShowWhileInUseDebugToast(op, mode);

                            maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ALLOW_WHILE_IN_USE);

                            return MODE_IGNORED;

                        }

                    case OP_RECORD_AUDIO:

                        if ((capability & PROCESS_CAPABILITY_FOREGROUND_MICROPHONE) != 0) {

                            return MODE_ALLOWED;

                        } else if ((capability & TEMP_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE)

                                != 0) {

                            // CHANGE TO MODE_IGNORED when enforce this feature.

                            maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);

                            return MODE_ALLOWED;

                        } else {

                            maybeShowWhileInUseDebugToast(op, mode);

                            maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ALLOW_WHILE_IN_USE);

                            return MODE_IGNORED;

                        }

                    default: