summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author Hui Yu <huiyu@google.com> 2020-03-27 00:22:57 -0700
committer Hui Yu <huiyu@google.com> 2020-03-27 12:10:22 -0700
commit77fd819bd008a5495c0a27f96ad068f4b2f2ac6a (patch)
tree50aa42a1e6fae554373d0a82cdc9eef4b3b0a4dd
parent7cfe82b0ba3a964c9a4bf0ba11ed02d27e77762f (diff)
Turn on foregroundServiceType camera/microphone feature in
enforcement mode. Turn on this feature in enforcement mode. For FGS that does not have camera/microphone capability due to missing foregroundServiceType in manifest file, create a WTF log. Bug: 150892326 Test: atest cts/tests/app/src/android/app/cts/ActivityManagerProcessStateTest.java atest cts/tests/app/src/android/app/cts/ActivityManagerApi29Test.java atest cts/tests/app/src/android/app/cts/ActivityManagerFgsBgStartTest.java Change-Id: I934fdacd8baee292fa2c72cafc16c1511c6ba9d0
Diffstat
-rw-r--r--services/core/java/com/android/server/am/ActiveServices.java3
-rw-r--r--services/core/java/com/android/server/am/OomAdjuster.java22
-rw-r--r--services/core/java/com/android/server/appop/AppOpsService.java40
3 files changed, 42 insertions, 23 deletions
diff --git a/services/core/java/com/android/server/am/ActiveServices.java b/services/core/java/com/android/server/am/ActiveServices.java
index b3b14484f2ef..714aae1b70ca 100644
--- a/services/core/java/com/android/server/am/ActiveServices.java
+++ b/services/core/java/com/android/server/am/ActiveServices.java
@@ -4939,7 +4939,8 @@ public final class ActiveServices {
+ r.mRecentCallingPackage
+ "; intent:" + r.intent.getIntent()
+ "] affected while-in-use permission:"
- + AppOpsManager.opToPublicName(op);
+ + AppOpsManager.opToPublicName(op)
+ + "; targetSdkVersion:" + r.appInfo.targetSdkVersion;
Slog.wtf(TAG, msg);
}
}
diff --git a/services/core/java/com/android/server/am/OomAdjuster.java b/services/core/java/com/android/server/am/OomAdjuster.java
index d4a05025499f..1412112651c4 100644
--- a/services/core/java/com/android/server/am/OomAdjuster.java
+++ b/services/core/java/com/android/server/am/OomAdjuster.java
@@ -151,10 +151,14 @@ public final class OomAdjuster {
@EnabledAfter(targetSdkVersion=android.os.Build.VERSION_CODES.Q)
static final long CAMERA_MICROPHONE_CAPABILITY_CHANGE_ID = 136219221L;
- //TODO: remove this when development is done.
- private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_LOCATION = 1 << 31;
- private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_CAMERA = 1 << 30;
- private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE = 1 << 29;
+ // TODO: remove this when development is done.
+ // These are debug flags used between OomAdjuster and AppOpsService to detect and report absence
+ // of the real flags.
+ public static final int DEBUG_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE_Q = 1 << 27;
+ public static final int DEBUG_PROCESS_CAPABILITY_FOREGROUND_CAMERA_Q = 1 << 28;
+ public static final int DEBUG_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE = 1 << 29;
+ public static final int DEBUG_PROCESS_CAPABILITY_FOREGROUND_CAMERA = 1 << 30;
+ public static final int DEBUG_PROCESS_CAPABILITY_FOREGROUND_LOCATION = 1 << 31;
/**
* For some direct access we need to power manager.
@@ -1501,7 +1505,7 @@ public final class OomAdjuster {
//TODO: remove this block when development is done.
capabilityFromFGS |=
(fgsType & FOREGROUND_SERVICE_TYPE_LOCATION)
- != 0 ? TEMP_PROCESS_CAPABILITY_FOREGROUND_LOCATION : 0;
+ != 0 ? DEBUG_PROCESS_CAPABILITY_FOREGROUND_LOCATION : 0;
}
if (s.mAllowWhileInUsePermissionInFgs) {
boolean enabled = false;
@@ -1514,22 +1518,22 @@ public final class OomAdjuster {
capabilityFromFGS |=
(fgsType & FOREGROUND_SERVICE_TYPE_CAMERA)
!= 0 ? PROCESS_CAPABILITY_FOREGROUND_CAMERA
- : TEMP_PROCESS_CAPABILITY_FOREGROUND_CAMERA;
+ : DEBUG_PROCESS_CAPABILITY_FOREGROUND_CAMERA;
capabilityFromFGS |=
(fgsType & FOREGROUND_SERVICE_TYPE_MICROPHONE)
!= 0 ? PROCESS_CAPABILITY_FOREGROUND_MICROPHONE
- : TEMP_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE;
+ : DEBUG_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE;
} else {
// Remove fgsType check and assign PROCESS_CAPABILITY_FOREGROUND_CAMERA
// and MICROPHONE when finish debugging.
capabilityFromFGS |=
(fgsType & FOREGROUND_SERVICE_TYPE_CAMERA)
!= 0 ? PROCESS_CAPABILITY_FOREGROUND_CAMERA
- : TEMP_PROCESS_CAPABILITY_FOREGROUND_CAMERA;
+ : DEBUG_PROCESS_CAPABILITY_FOREGROUND_CAMERA_Q;
capabilityFromFGS |=
(fgsType & FOREGROUND_SERVICE_TYPE_MICROPHONE)
!= 0 ? PROCESS_CAPABILITY_FOREGROUND_MICROPHONE
- : TEMP_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE;
+ : DEBUG_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE_Q;
}
}
}
diff --git a/services/core/java/com/android/server/appop/AppOpsService.java b/services/core/java/com/android/server/appop/AppOpsService.java
index 6613d5f8d57a..8e6ef75078b3 100644
--- a/services/core/java/com/android/server/appop/AppOpsService.java
+++ b/services/core/java/com/android/server/appop/AppOpsService.java
@@ -66,6 +66,11 @@ import static android.content.Intent.EXTRA_REPLACING;
import static android.content.pm.PermissionInfo.PROTECTION_DANGEROUS;
import static android.content.pm.PermissionInfo.PROTECTION_FLAG_APPOP;
+import static com.android.server.am.OomAdjuster.DEBUG_PROCESS_CAPABILITY_FOREGROUND_CAMERA;
+import static com.android.server.am.OomAdjuster.DEBUG_PROCESS_CAPABILITY_FOREGROUND_CAMERA_Q;
+import static com.android.server.am.OomAdjuster.DEBUG_PROCESS_CAPABILITY_FOREGROUND_LOCATION;
+import static com.android.server.am.OomAdjuster.DEBUG_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE;
+import static com.android.server.am.OomAdjuster.DEBUG_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE_Q;
import static com.android.server.appop.AppOpsService.ModeCallback.ALL_OPS;
import static java.lang.Long.max;
@@ -248,9 +253,6 @@ public class AppOpsService extends IAppOpsService.Stub {
private static final int RARELY_USED_PACKAGES_INITIALIZATION_DELAY_MILLIS = 300000;
//TODO: remove this when development is done.
- private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_LOCATION = 1 << 31;
- private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_CAMERA = 1 << 30;
- private static final int TEMP_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE = 1 << 29;
private static final int DEBUG_FGS_ALLOW_WHILE_IN_USE = 0;
private static final int DEBUG_FGS_ENFORCE_TYPE = 1;
@@ -552,7 +554,7 @@ public class AppOpsService extends IAppOpsService.Stub {
if ((capability & PROCESS_CAPABILITY_FOREGROUND_LOCATION) != 0) {
return MODE_ALLOWED;
} else if ((capability
- & TEMP_PROCESS_CAPABILITY_FOREGROUND_LOCATION) != 0) {
+ & DEBUG_PROCESS_CAPABILITY_FOREGROUND_LOCATION) != 0) {
// The FGS has the location capability, but due to FGS BG start
// restriction it lost the capability, use temp location capability
// to mark this case.
@@ -564,11 +566,14 @@ public class AppOpsService extends IAppOpsService.Stub {
case OP_CAMERA:
if ((capability & PROCESS_CAPABILITY_FOREGROUND_CAMERA) != 0) {
return MODE_ALLOWED;
- } else if ((capability & TEMP_PROCESS_CAPABILITY_FOREGROUND_CAMERA)
+ } else if ((capability & DEBUG_PROCESS_CAPABILITY_FOREGROUND_CAMERA_Q)
!= 0) {
- // CHANGE TO MODE_IGNORED when enforce this feature.
maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);
return MODE_ALLOWED;
+ } else if ((capability & DEBUG_PROCESS_CAPABILITY_FOREGROUND_CAMERA)
+ != 0) {
+ maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);
+ return MODE_IGNORED;
} else {
maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ALLOW_WHILE_IN_USE);
return MODE_IGNORED;
@@ -576,11 +581,14 @@ public class AppOpsService extends IAppOpsService.Stub {
case OP_RECORD_AUDIO:
if ((capability & PROCESS_CAPABILITY_FOREGROUND_MICROPHONE) != 0) {
return MODE_ALLOWED;
- } else if ((capability & TEMP_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE)
- != 0) {
- // CHANGE TO MODE_IGNORED when enforce this feature.
+ } else if ((capability
+ & DEBUG_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE_Q) != 0) {
maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);
return MODE_ALLOWED;
+ } else if ((capability
+ & DEBUG_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE) != 0) {
+ maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);
+ return MODE_IGNORED;
} else {
maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ALLOW_WHILE_IN_USE);
return MODE_IGNORED;
@@ -597,10 +605,13 @@ public class AppOpsService extends IAppOpsService.Stub {
case OP_CAMERA:
if ((capability & PROCESS_CAPABILITY_FOREGROUND_CAMERA) != 0) {
return MODE_ALLOWED;
- } else if ((capability & TEMP_PROCESS_CAPABILITY_FOREGROUND_CAMERA) != 0) {
- // CHANGE TO MODE_IGNORED when enforce this feature.
+ } else if ((capability
+ & DEBUG_PROCESS_CAPABILITY_FOREGROUND_CAMERA_Q) != 0) {
maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);
return MODE_ALLOWED;
+ } else if ((capability & DEBUG_PROCESS_CAPABILITY_FOREGROUND_CAMERA) != 0) {
+ maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);
+ return MODE_IGNORED;
} else {
maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ALLOW_WHILE_IN_USE);
return MODE_IGNORED;
@@ -608,11 +619,14 @@ public class AppOpsService extends IAppOpsService.Stub {
case OP_RECORD_AUDIO:
if ((capability & PROCESS_CAPABILITY_FOREGROUND_MICROPHONE) != 0) {
return MODE_ALLOWED;
- } else if ((capability & TEMP_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE)
+ } else if ((capability & DEBUG_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE_Q)
!= 0) {
- // CHANGE TO MODE_IGNORED when enforce this feature.
maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);
return MODE_ALLOWED;
+ } else if ((capability & DEBUG_PROCESS_CAPABILITY_FOREGROUND_MICROPHONE)
+ != 0) {
+ maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ENFORCE_TYPE);
+ return MODE_IGNORED;
} else {
maybeShowWhileInUseDebugToast(op, DEBUG_FGS_ALLOW_WHILE_IN_USE);
return MODE_IGNORED;
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-07 18:27:03 +0000