Merge "BG-FGS-start is allowed for companion apps."

author: Hui Yu <huiyu@google.com> 2021-01-12 17:50:39 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2021-01-12 17:50:39 +0000
commit: b898264ff2f58566d02313d1471b2e9bf728c863 (patch)
tree: a952c852720449afe183bacfef79b086a18c8f40
parent: 2cc4d5ece19c89852814912e55b14798db1fcef7 (diff)
parent: 8facd571bb6379aac3a4f06c30e6d6e56f383ccb (diff)
7 files changed, 94 insertions, 32 deletions
diff --git a/core/java/android/app/ActivityManagerInternal.java b/core/java/android/app/ActivityManagerInternal.java
index 6e7bb83b2fcb..db838136867c 100644
--- a/core/java/android/app/ActivityManagerInternal.java
+++ b/core/java/android/app/ActivityManagerInternal.java
@@ -36,6 +36,7 @@ import android.os.WorkSource;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 /**
  * Activity manager local system service interface.
@@ -447,6 +448,22 @@ public abstract class ActivityManagerInternal {
     public abstract void setDeviceOwnerUid(int uid);
 
     /**
+     * Set all associated companion app that belongs to a userId.
+     * @param userId
+     * @param companionAppUids  ActivityManager will take ownership of this Set, the caller
+     *                          shouldn't touch this Set after calling this interface.
+     */
+    public abstract void setCompanionAppUids(int userId, Set<Integer> companionAppUids);
+
+    /**
+     * is the uid an associated companion app of a userId?
+     * @param userId
+     * @param uid
+     * @return
+     */
+    public abstract boolean isAssociatedCompanionApp(int userId, int uid);
+
+    /**
      * Sends a broadcast, assuming the caller to be the system and allowing the inclusion of an
      * approved whitelist of app Ids >= {@link android.os.Process#FIRST_APPLICATION_UID} that the
      * broadcast my be sent to; any app Ids < {@link android.os.Process#FIRST_APPLICATION_UID} are
diff --git a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
index 9d028358561f..728e82900730 100644
--- a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
+++ b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
@@ -33,6 +33,7 @@ import android.annotation.CheckResult;
 import android.annotation.NonNull;
 import android.annotation.Nullable;
 import android.annotation.SuppressLint;
+import android.app.ActivityManagerInternal;
 import android.app.AppOpsManager;
 import android.app.PendingIntent;
 import android.app.role.RoleManager;
@@ -53,6 +54,7 @@ import android.content.pm.FeatureInfo;
 import android.content.pm.PackageInfo;
 import android.content.pm.PackageItemInfo;
 import android.content.pm.PackageManager;
+import android.content.pm.PackageManagerInternal;
 import android.content.pm.UserInfo;
 import android.net.NetworkPolicyManager;
 import android.os.Binder;
@@ -111,7 +113,6 @@ import java.io.PrintWriter;
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.Collections;
-import java.util.HashSet;
 import java.util.List;
 import java.util.Objects;
 import java.util.Set;
@@ -169,6 +170,10 @@ public class CompanionDeviceManagerService extends SystemService implements Bind
     @GuardedBy("mLock")
     private @Nullable SparseArray<Set<Association>> mCachedAssociations = new SparseArray<>();
 
+    ActivityTaskManagerInternal mAtmInternal;
+    ActivityManagerInternal mAmInternal;
+    PackageManagerInternal mPackageManagerInternal;
+
     public CompanionDeviceManagerService(Context context) {
         super(context);
         mImpl = new CompanionDeviceManagerImpl();
@@ -176,6 +181,9 @@ public class CompanionDeviceManagerService extends SystemService implements Bind
         mRoleManager = context.getSystemService(RoleManager.class);
         mAppOpsManager = IAppOpsService.Stub.asInterface(
                 ServiceManager.getService(Context.APP_OPS_SERVICE));
+        mAtmInternal = LocalServices.getService(ActivityTaskManagerInternal.class);
+        mAmInternal = LocalServices.getService(ActivityManagerInternal.class);
+        mPackageManagerInternal = LocalServices.getService(PackageManagerInternal.class);
 
         Intent serviceIntent = new Intent().setComponent(SERVICE_TO_BIND_TO);
         mServiceConnectors = new PerUser<ServiceConnector<ICompanionDeviceDiscoveryService>>() {
@@ -236,15 +244,7 @@ public class CompanionDeviceManagerService extends SystemService implements Bind
         if (associations == null || associations.isEmpty()) {
             return;
         }
-        Set<String> companionAppPackages = new HashSet<>();
-        for (Association association : associations) {
-            companionAppPackages.add(association.getPackageName());
-        }
-        ActivityTaskManagerInternal atmInternal = LocalServices.getService(
-                ActivityTaskManagerInternal.class);
-        if (atmInternal != null) {
-            atmInternal.setCompanionAppPackages(userHandle, companionAppPackages);
-        }
+        updateAtm(userHandle, associations);
 
         BackgroundThread.getHandler().sendMessageDelayed(
                 obtainMessage(CompanionDeviceManagerService::maybeGrantAutoRevokeExemptions, this),
@@ -727,12 +727,6 @@ public class CompanionDeviceManagerService extends SystemService implements Bind
             final Set<Association> old = getAllAssociations(userId);
             Set<Association> associations = new ArraySet<>(old);
             associations = update.apply(associations);
-
-            Set<String> companionAppPackages = new HashSet<>();
-            for (Association association : associations) {
-                companionAppPackages.add(association.getPackageName());
-            }
-
             if (DEBUG) {
                 Slog.i(LOG_TAG, "Updating associations: " + old + "  -->  " + associations);
             }
@@ -741,9 +735,25 @@ public class CompanionDeviceManagerService extends SystemService implements Bind
                     CompanionDeviceManagerService::persistAssociations,
                     this, associations, userId));
 
-            ActivityTaskManagerInternal atmInternal = LocalServices.getService(
-                    ActivityTaskManagerInternal.class);
-            atmInternal.setCompanionAppPackages(userId, companionAppPackages);
+            updateAtm(userId, associations);
+        }
+    }
+
+    private void updateAtm(int userId, Set<Association> associations) {
+        final Set<Integer> companionAppUids = new ArraySet<>();
+        for (Association association : associations) {
+            final int uid = mPackageManagerInternal.getPackageUid(association.getPackageName(),
+                    0, userId);
+            if (uid >= 0) {
+                companionAppUids.add(uid);
+            }
+        }
+        if (mAtmInternal != null) {
+            mAtmInternal.setCompanionAppUids(userId, companionAppUids);
+        }
+        if (mAmInternal != null) {
+            // Make a copy of companionAppUids and send it to ActivityManager.
+            mAmInternal.setCompanionAppUids(userId, new ArraySet<>(companionAppUids));
         }
     }
 
diff --git a/services/core/java/com/android/server/am/ActiveServices.java b/services/core/java/com/android/server/am/ActiveServices.java
index bb07ee6c37a9..7af328aed8b4 100644
--- a/services/core/java/com/android/server/am/ActiveServices.java
+++ b/services/core/java/com/android/server/am/ActiveServices.java
@@ -170,6 +170,7 @@ public final class ActiveServices {
     public static final int FGS_FEATURE_ALLOWED_BY_PROCESS_RECORD = 19;
     public static final int FGS_FEATURE_ALLOWED_BY_EXEMPTED_PACKAGES = 20;
     public static final int FGS_FEATURE_ALLOWED_BY_ACTIVITY_STARTER = 21;
+    public static final int FGS_FEATURE_ALLOWED_BY_COMPANION_APP = 22;
 
     @IntDef(flag = true, prefix = { "FGS_FEATURE_" }, value = {
             FGS_FEATURE_DENIED,
@@ -192,7 +193,8 @@ public final class ActiveServices {
             FGS_FEATURE_ALLOWED_BY_DEVICE_DEMO_MODE,
             FGS_FEATURE_ALLOWED_BY_PROCESS_RECORD,
             FGS_FEATURE_ALLOWED_BY_EXEMPTED_PACKAGES,
-            FGS_FEATURE_ALLOWED_BY_ACTIVITY_STARTER
+            FGS_FEATURE_ALLOWED_BY_ACTIVITY_STARTER,
+            FGS_FEATURE_ALLOWED_BY_COMPANION_APP
     })
     @Retention(RetentionPolicy.SOURCE)
     public @interface FgsFeatureRetCode {}
@@ -5379,6 +5381,14 @@ public final class ActiveServices {
             }
         }
 
+        if (ret == FGS_FEATURE_DENIED) {
+            final boolean isCompanionApp = mAm.mInternal.isAssociatedCompanionApp(
+                    UserHandle.getUserId(callingUid), callingUid);
+            if (isCompanionApp) {
+                ret = FGS_FEATURE_ALLOWED_BY_COMPANION_APP;
+            }
+        }
+
         final String debugInfo =
                 "[callingPackage: " + callingPackage
                         + "; callingUid: " + callingUid
@@ -5462,6 +5472,8 @@ public final class ActiveServices {
                 return "FGS_FEATURE_ALLOWED_BY_EXEMPTED_PACKAGES";
             case FGS_FEATURE_ALLOWED_BY_ACTIVITY_STARTER:
                 return "ALLOWED_BY_ACTIVITY_STARTER";
+            case FGS_FEATURE_ALLOWED_BY_COMPANION_APP:
+                return "ALLOWED_BY_COMPANION_APP";
             default:
                 return "";
         }
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index c1ab5b6a315e..21b6b557169c 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -573,6 +573,9 @@ public class ActivityManagerService extends IActivityManager.Stub
 
     private int mDeviceOwnerUid = Process.INVALID_UID;
 
+    // A map userId and all its companion app uids
+    private final Map<Integer, Set<Integer>> mCompanionAppUidsMap = new ArrayMap<>();
+
     final UserController mUserController;
     @VisibleForTesting
     public final PendingIntentController mPendingIntentController;
@@ -16784,6 +16787,22 @@ public class ActivityManagerService extends IActivityManager.Stub
         }
 
         @Override
+        public void setCompanionAppUids(int userId, Set<Integer> companionAppUids) {
+            synchronized (ActivityManagerService.this) {
+                mCompanionAppUidsMap.put(userId, companionAppUids);
+            }
+        }
+
+        @Override
+        public boolean isAssociatedCompanionApp(int userId, int uid) {
+            final Set<Integer> allUids = mCompanionAppUidsMap.get(userId);
+            if (allUids == null) {
+                return false;
+            }
+            return allUids.contains(uid);
+        }
+
+        @Override
         public void addPendingTopUid(int uid, int pid) {
                 mPendingStartActivityUids.add(uid, pid);
         }
diff --git a/services/core/java/com/android/server/am/ProcessRecord.java b/services/core/java/com/android/server/am/ProcessRecord.java
index e90423c2566a..90abc0cb6e03 100644
--- a/services/core/java/com/android/server/am/ProcessRecord.java
+++ b/services/core/java/com/android/server/am/ProcessRecord.java
@@ -2069,6 +2069,13 @@ class ProcessRecord implements WindowProcessListener {
         }
 
         if (!mAllowStartFgs) {
+            if (mService.mInternal != null) {
+                mAllowStartFgs = mService.mInternal.isAssociatedCompanionApp(
+                        UserHandle.getUserId(info.uid), info.uid);
+            }
+        }
+
+        if (!mAllowStartFgs) {
             // uid is on DeviceIdleController's user/system allowlist
             // or AMS's FgsStartTempAllowList.
             mAllowStartFgs = mService.isWhitelistedForFgsStartLocked(info.uid);
diff --git a/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java b/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java
index 9ffedde8e616..762e1f62f886 100644
--- a/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java
+++ b/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java
@@ -563,8 +563,13 @@ public abstract class ActivityTaskManagerInternal {
      */
     public abstract void setDeviceOwnerUid(int uid);
 
-    /** Set all associated companion app that belongs to an userId. */
-    public abstract void setCompanionAppPackages(int userId, Set<String> companionAppPackages);
+    /**
+     * Set all associated companion app that belongs to a userId.
+     * @param userId
+     * @param companionAppUids ActivityTaskManager will take ownership of this Set, the caller
+     *                         shouldn't touch the Set after calling this interface.
+     */
+    public abstract void setCompanionAppUids(int userId, Set<Integer> companionAppUids);
 
     /**
      * @param packageName The package to check
diff --git a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
index 461bbfb978e4..698013cc82ee 100644
--- a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
+++ b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
@@ -6272,17 +6272,9 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
         }
 
         @Override
-        public void setCompanionAppPackages(int userId, Set<String> companionAppPackages) {
-            // Translate package names into UIDs
-            final Set<Integer> result = new HashSet<>();
-            for (String pkg : companionAppPackages) {
-                final int uid = getPackageManagerInternalLocked().getPackageUid(pkg, 0, userId);
-                if (uid >= 0) {
-                    result.add(uid);
-                }
-            }
+        public void setCompanionAppUids(int userId, Set<Integer> companionAppUids) {
             synchronized (mGlobalLock) {
-                mCompanionAppUidsMap.put(userId, result);
+                mCompanionAppUidsMap.put(userId, companionAppUids);
             }
         }
author	Hui Yu <huiyu@google.com>	2021-01-12 17:50:39 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2021-01-12 17:50:39 +0000
commit	b898264ff2f58566d02313d1471b2e9bf728c863 (patch)
tree	a952c852720449afe183bacfef79b086a18c8f40
parent	2cc4d5ece19c89852814912e55b14798db1fcef7 (diff)
parent	8facd571bb6379aac3a4f06c30e6d6e56f383ccb (diff)