Move permission-by-UID check earlier

StartPackageManager during boot has a short flurry of binder activity, which is caused by a per-package call to ActivityManager.getService(). ActivityManager.getService() only returns null at this stage in boot, so moving up the root/system UID check to occur before getService() saves some time. Test: build, boot, verify boot time improvement Bug: 383159377 Change-Id: I3f873e09f291c385d6844be87f4c211eab657dbe
author: Kevin Jeon <kevinjeon@google.com> 2024-12-10 20:17:43 -0500
committer: Kevin Jeon <kevinjeon@google.com> 2024-12-13 09:05:03 -0500
commit: ab1a7193a071a5e6fb78bc8d76e1e717f7fc9c37 (patch)
tree: 9dc57bd85e0689ec4555023efc3126f8926a422d
parent: 340592ddbd66874539a0952eda1ecc3d5a30b1e0 (diff)
1 files changed, 6 insertions, 12 deletions
diff --git a/core/java/android/permission/PermissionManager.java b/core/java/android/permission/PermissionManager.java
index 7e51cb020196..306eed3d5f35 100644
--- a/core/java/android/permission/PermissionManager.java
+++ b/core/java/android/permission/PermissionManager.java
@@ -1716,20 +1716,14 @@ public final class PermissionManager {
 
     private static int checkPermissionUncached(@Nullable String permission, int pid, int uid,
             int deviceId) {
+        final int appId = UserHandle.getAppId(uid);
+        if (appId == Process.ROOT_UID || appId == Process.SYSTEM_UID) {
+            return PackageManager.PERMISSION_GRANTED;
+        }
         final IActivityManager am = ActivityManager.getService();
         if (am == null) {
-            // Well this is super awkward; we somehow don't have an active ActivityManager
-            // instance. If we're testing a root or system UID, then they totally have whatever
-            // permission this is.
-            final int appId = UserHandle.getAppId(uid);
-            if (appId == Process.ROOT_UID || appId == Process.SYSTEM_UID) {
-                if (sShouldWarnMissingActivityManager) {
-                    Slog.w(LOG_TAG, "Missing ActivityManager; assuming " + uid + " holds "
-                            + permission);
-                    sShouldWarnMissingActivityManager = false;
-                }
-                return PackageManager.PERMISSION_GRANTED;
-            }
+            // We don't have an active ActivityManager instance and the calling UID is not root or
+            // system, so we don't grant this permission.
             Slog.w(LOG_TAG, "Missing ActivityManager; assuming " + uid + " does not hold "
                     + permission);
             return PackageManager.PERMISSION_DENIED;
author	Kevin Jeon <kevinjeon@google.com>	2024-12-10 20:17:43 -0500
committer	Kevin Jeon <kevinjeon@google.com>	2024-12-13 09:05:03 -0500
commit	ab1a7193a071a5e6fb78bc8d76e1e717f7fc9c37 (patch)
tree	9dc57bd85e0689ec4555023efc3126f8926a422d
parent	340592ddbd66874539a0952eda1ecc3d5a30b1e0 (diff)