diff options
25 files changed, 512 insertions, 555 deletions
diff --git a/core/java/android/app/ActivityThread.java b/core/java/android/app/ActivityThread.java index eb742faa5835..5e69ec186bdb 100644 --- a/core/java/android/app/ActivityThread.java +++ b/core/java/android/app/ActivityThread.java @@ -7236,6 +7236,8 @@ public final class ActivityThread extends ClientTransactionHandler } } + VMDebug.setUserId(UserHandle.myUserId()); + VMDebug.addApplication(data.appInfo.packageName); // send up app name; do this *before* waiting for debugger Process.setArgV0(data.processName); android.ddm.DdmHandleAppName.setAppName(data.processName, @@ -7758,9 +7760,20 @@ public final class ActivityThread extends ClientTransactionHandler file.getParentFile().mkdirs(); Debug.startMethodTracing(file.toString(), 8 * 1024 * 1024); } + + if (ii.packageName != null) { + VMDebug.addApplication(ii.packageName); + } } private void handleFinishInstrumentationWithoutRestart() { + LoadedApk loadedApk = getApplication().mLoadedApk; + // Only remove instrumentation app if this was not a self-testing app. + if (mInstrumentationPackageName != null && loadedApk != null && !mInstrumentationPackageName + .equals(loadedApk.mPackageName)) { + VMDebug.removeApplication(mInstrumentationPackageName); + } + mInstrumentation.onDestroy(); mInstrumentationPackageName = null; mInstrumentationAppDir = null; @@ -8794,6 +8807,11 @@ public final class ActivityThread extends ClientTransactionHandler return false; } + void addApplication(@NonNull Application app) { + mAllApplications.add(app); + VMDebug.addApplication(app.mLoadedApk.mPackageName); + } + @Override public boolean isInDensityCompatMode() { return mDensityCompatMode; diff --git a/core/java/android/app/LoadedApk.java b/core/java/android/app/LoadedApk.java index 1df8f63aa402..1e45d6fd1674 100644 --- a/core/java/android/app/LoadedApk.java +++ b/core/java/android/app/LoadedApk.java @@ -1478,7 +1478,7 @@ public final class LoadedApk { + " package " + mPackageName + ": " + e.toString(), e); } } - mActivityThread.mAllApplications.add(app); + mActivityThread.addApplication(app); mApplication = app; if (!allowDuplicateInstances) { synchronized (sApplications) { diff --git a/core/java/android/os/Debug.java b/core/java/android/os/Debug.java index a55398ac9752..ef1e6c9405f3 100644 --- a/core/java/android/os/Debug.java +++ b/core/java/android/os/Debug.java @@ -114,6 +114,7 @@ public final class Debug "opengl-tracing", "view-hierarchy", "support_boot_stages", + "app_info", }; /** @@ -1016,14 +1017,14 @@ public final class Debug // send VM_START. System.out.println("Waiting for debugger first packet"); - mWaiting = true; + setWaitingForDebugger(true); while (!isDebuggerConnected()) { try { Thread.sleep(100); } catch (InterruptedException ie) { } } - mWaiting = false; + setWaitingForDebugger(false); System.out.println("Debug.suspendAllAndSentVmStart"); VMDebug.suspendAllAndSendVmStart(); @@ -1049,12 +1050,12 @@ public final class Debug Chunk waitChunk = new Chunk(ChunkHandler.type("WAIT"), data, 0, 1); DdmServer.sendChunk(waitChunk); - mWaiting = true; + setWaitingForDebugger(true); while (!isDebuggerConnected()) { try { Thread.sleep(SPIN_DELAY); } catch (InterruptedException ie) {} } - mWaiting = false; + setWaitingForDebugger(false); System.out.println("Debugger has connected"); @@ -1112,6 +1113,16 @@ public final class Debug } /** + * Set whether the app is waiting for a debugger to connect + * + * @hide + */ + private static void setWaitingForDebugger(boolean waiting) { + mWaiting = waiting; + VMDebug.setWaitingForDebugger(waiting); + } + + /** * Returns an array of strings that identify Framework features. This is * used by DDMS to determine what sorts of operations the Framework can * perform. diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index df6ece48c883..cd8788db4e70 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -41,6 +41,7 @@ import com.android.internal.os.SomeArgs; import com.android.internal.util.Preconditions; import com.android.sdksandbox.flags.Flags; +import dalvik.system.VMDebug; import dalvik.system.VMRuntime; import libcore.io.IoUtils; @@ -1411,6 +1412,7 @@ public class Process { public static void setArgV0(@NonNull String text) { sArgV0 = text; setArgV0Native(text); + VMDebug.setCurrentProcessName(text); } private static native void setArgV0Native(String text); diff --git a/core/java/android/os/ZygoteProcess.java b/core/java/android/os/ZygoteProcess.java index b1ef05a6f00c..6c99bd1272a4 100644 --- a/core/java/android/os/ZygoteProcess.java +++ b/core/java/android/os/ZygoteProcess.java @@ -73,6 +73,9 @@ public class ZygoteProcess { private static final int ZYGOTE_CONNECT_TIMEOUT_MS = 60000; + // How long we wait for an AppZygote to complete pre-loading; this is a pretty conservative + // value that we can probably decrease over time, but we want to be careful here. + public static volatile int sAppZygotePreloadTimeoutMs = 15000; /** * Use a relatively short delay, because for app zygote, this is in the critical path of * service launch. @@ -1100,6 +1103,17 @@ public class ZygoteProcess { } /** + * Updates the timeout used when preloading code in the app-zygote + * + * @param timeoutMs timeout in milliseconds + */ + public static void setAppZygotePreloadTimeout(int timeoutMs) { + Slog.i(LOG_TAG, "Changing app-zygote preload timeout to " + timeoutMs + " ms."); + + sAppZygotePreloadTimeoutMs = timeoutMs; + } + + /** * Instructs the zygote to pre-load the application code for the given Application. * Only the app zygote supports this function. * TODO preloadPackageForAbi() can probably be removed and the callers an use this instead. @@ -1107,25 +1121,35 @@ public class ZygoteProcess { public boolean preloadApp(ApplicationInfo appInfo, String abi) throws ZygoteStartFailedEx, IOException { synchronized (mLock) { + int ret; ZygoteState state = openZygoteSocketIfNeeded(abi); - state.mZygoteOutputWriter.write("2"); - state.mZygoteOutputWriter.newLine(); + int previousSocketTimeout = state.mZygoteSessionSocket.getSoTimeout(); - state.mZygoteOutputWriter.write("--preload-app"); - state.mZygoteOutputWriter.newLine(); + try { + state.mZygoteSessionSocket.setSoTimeout(sAppZygotePreloadTimeoutMs); - // Zygote args needs to be strings, so in order to pass ApplicationInfo, - // write it to a Parcel, and base64 the raw Parcel bytes to the other side. - Parcel parcel = Parcel.obtain(); - appInfo.writeToParcel(parcel, 0 /* flags */); - String encodedParcelData = Base64.getEncoder().encodeToString(parcel.marshall()); - parcel.recycle(); - state.mZygoteOutputWriter.write(encodedParcelData); - state.mZygoteOutputWriter.newLine(); + state.mZygoteOutputWriter.write("2"); + state.mZygoteOutputWriter.newLine(); - state.mZygoteOutputWriter.flush(); + state.mZygoteOutputWriter.write("--preload-app"); + state.mZygoteOutputWriter.newLine(); - return (state.mZygoteInputStream.readInt() == 0); + // Zygote args needs to be strings, so in order to pass ApplicationInfo, + // write it to a Parcel, and base64 the raw Parcel bytes to the other side. + Parcel parcel = Parcel.obtain(); + appInfo.writeToParcel(parcel, 0 /* flags */); + String encodedParcelData = Base64.getEncoder().encodeToString(parcel.marshall()); + parcel.recycle(); + state.mZygoteOutputWriter.write(encodedParcelData); + state.mZygoteOutputWriter.newLine(); + + state.mZygoteOutputWriter.flush(); + + ret = state.mZygoteInputStream.readInt(); + } finally { + state.mZygoteSessionSocket.setSoTimeout(previousSocketTimeout); + } + return ret == 0; } } diff --git a/nfc/java/android/nfc/NfcAdapter.java b/nfc/java/android/nfc/NfcAdapter.java index 951702ceef0b..d9fd42fd4f7a 100644 --- a/nfc/java/android/nfc/NfcAdapter.java +++ b/nfc/java/android/nfc/NfcAdapter.java @@ -1150,8 +1150,9 @@ public final class NfcAdapter { } /** - * Pauses polling for a {@code timeoutInMs} millis. If polling must be resumed before timeout, - * use {@link #resumePolling()}. + * Pauses NFC tag reader mode polling for a {@code timeoutInMs} millisecond. + * In case of {@code timeoutInMs} is zero or invalid polling will be stopped indefinitely + * use {@link #resumePolling() to resume the polling. * @hide */ public void pausePolling(int timeoutInMs) { @@ -1210,9 +1211,8 @@ public final class NfcAdapter { } /** - * Resumes default polling for the current device state if polling is paused. Calling - * this while polling is not paused is a no-op. - * + * Resumes default NFC tag reader mode polling for the current device state if polling is + * paused. Calling this while already in polling is a no-op. * @hide */ public void resumePolling() { diff --git a/nfc/java/android/nfc/NfcOemExtension.java b/nfc/java/android/nfc/NfcOemExtension.java index bc410c7b8ba5..905d6f68a8a0 100644 --- a/nfc/java/android/nfc/NfcOemExtension.java +++ b/nfc/java/android/nfc/NfcOemExtension.java @@ -569,8 +569,9 @@ public final class NfcOemExtension { } /** - * Pauses NFC tag reader mode polling for a {@code timeoutInMs} millisecond. If polling must be - * resumed before timeout, use {@link #resumePolling()}. + * Pauses NFC tag reader mode polling for a {@code timeoutInMs} millisecond. + * In case of {@code timeoutInMs} is zero or invalid polling will be stopped indefinitely + * use {@link #resumePolling() to resume the polling. * @param timeoutInMs the pause polling duration in millisecond */ @FlaggedApi(Flags.FLAG_NFC_OEM_EXTENSION) @@ -581,7 +582,7 @@ public final class NfcOemExtension { /** * Resumes default NFC tag reader mode polling for the current device state if polling is - * paused. Calling this while polling is not paused is a no-op. + * paused. Calling this while already in polling is a no-op. */ @FlaggedApi(Flags.FLAG_NFC_OEM_EXTENSION) @RequiresPermission(android.Manifest.permission.WRITE_SECURE_SETTINGS) diff --git a/nfc/java/android/nfc/cardemulation/ApduServiceInfo.java b/nfc/java/android/nfc/cardemulation/ApduServiceInfo.java index 3cf0a4dc4873..5727f9915fa8 100644 --- a/nfc/java/android/nfc/cardemulation/ApduServiceInfo.java +++ b/nfc/java/android/nfc/cardemulation/ApduServiceInfo.java @@ -301,7 +301,7 @@ public final class ApduServiceInfo implements Parcelable { mOffHostName = sa.getString( com.android.internal.R.styleable.OffHostApduService_secureElementName); mShouldDefaultToObserveMode = sa.getBoolean( - R.styleable.HostApduService_shouldDefaultToObserveMode, + R.styleable.OffHostApduService_shouldDefaultToObserveMode, false); if (mOffHostName != null) { if (mOffHostName.equals("eSE")) { diff --git a/packages/SettingsLib/res/values/strings.xml b/packages/SettingsLib/res/values/strings.xml index 363045ec1d83..c440a07bde75 100644 --- a/packages/SettingsLib/res/values/strings.xml +++ b/packages/SettingsLib/res/values/strings.xml @@ -819,6 +819,11 @@ <!-- Summary of checkbox setting that enables the terminal app. [CHAR LIMIT=64] --> <string name="enable_terminal_summary">Enable terminal app that offers local shell access</string> + <!-- Title of checkbox setting that enables the Linux terminal app. [CHAR LIMIT=32] --> + <string name="enable_linux_terminal_title">Linux development environment</string> + <!-- Summary of checkbox setting that enables the Linux terminal app. [CHAR LIMIT=64] --> + <string name="enable_linux_terminal_summary">Run Linux terminal on Android</string> + <!-- HDCP checking title, used for debug purposes only. [CHAR LIMIT=25] --> <string name="hdcp_checking_title">HDCP checking</string> <!-- HDCP checking dialog title, used for debug purposes only. [CHAR LIMIT=25] --> diff --git a/ravenwood/Android.bp b/ravenwood/Android.bp index 8e884bc3484b..d9182010c1cb 100644 --- a/ravenwood/Android.bp +++ b/ravenwood/Android.bp @@ -124,6 +124,7 @@ java_library { ], libs: [ "framework-minus-apex.ravenwood", + "framework-configinfrastructure.ravenwood", "ravenwood-helper-libcore-runtime", ], sdk_version: "core_current", @@ -395,6 +396,9 @@ android_ravenwood_libgroup { "icu4j-icudata-jarjar", "icu4j-icutzdata-jarjar", + // DeviceConfig + "framework-configinfrastructure.ravenwood", + // Provide runtime versions of utils linked in below "junit", "truth", diff --git a/ravenwood/Framework.bp b/ravenwood/Framework.bp index 5cb1479514a3..1bea434f5b49 100644 --- a/ravenwood/Framework.bp +++ b/ravenwood/Framework.bp @@ -290,3 +290,57 @@ java_genrule { "core-icu4j-for-host.ravenwood.jar", ], } + +/////////////////////////////////// +// framework-configinfrastructure +/////////////////////////////////// + +java_genrule { + name: "framework-configinfrastructure.ravenwood-base", + tools: ["hoststubgen"], + cmd: "$(location hoststubgen) " + + "@$(location :ravenwood-standard-options) " + + + "--debug-log $(location framework-configinfrastructure.log) " + + "--stats-file $(location framework-configinfrastructure_stats.csv) " + + "--supported-api-list-file $(location framework-configinfrastructure_apis.csv) " + + "--gen-keep-all-file $(location framework-configinfrastructure_keep_all.txt) " + + "--gen-input-dump-file $(location framework-configinfrastructure_dump.txt) " + + + "--out-impl-jar $(location ravenwood.jar) " + + "--in-jar $(location :framework-configinfrastructure.impl{.jar}) " + + + "--policy-override-file $(location :ravenwood-common-policies) " + + "--policy-override-file $(location :framework-configinfrastructure-ravenwood-policies) ", + srcs: [ + ":framework-configinfrastructure.impl{.jar}", + + ":ravenwood-common-policies", + ":framework-configinfrastructure-ravenwood-policies", + ":ravenwood-standard-options", + ], + out: [ + "ravenwood.jar", + + // Following files are created just as FYI. + "framework-configinfrastructure_keep_all.txt", + "framework-configinfrastructure_dump.txt", + + "framework-configinfrastructure.log", + "framework-configinfrastructure_stats.csv", + "framework-configinfrastructure_apis.csv", + ], + visibility: ["//visibility:private"], +} + +java_genrule { + name: "framework-configinfrastructure.ravenwood", + defaults: ["ravenwood-internal-only-visibility-genrule"], + cmd: "cp $(in) $(out)", + srcs: [ + ":framework-configinfrastructure.ravenwood-base{ravenwood.jar}", + ], + out: [ + "framework-configinfrastructure.ravenwood.jar", + ], +} diff --git a/ravenwood/junit-impl-src/android/platform/test/ravenwood/RavenwoodRuntimeEnvironmentController.java b/ravenwood/junit-impl-src/android/platform/test/ravenwood/RavenwoodRuntimeEnvironmentController.java index 24950e65c174..e2d73d1f1cb5 100644 --- a/ravenwood/junit-impl-src/android/platform/test/ravenwood/RavenwoodRuntimeEnvironmentController.java +++ b/ravenwood/junit-impl-src/android/platform/test/ravenwood/RavenwoodRuntimeEnvironmentController.java @@ -40,6 +40,7 @@ import android.os.HandlerThread; import android.os.Looper; import android.os.ServiceManager; import android.os.SystemProperties; +import android.provider.DeviceConfig_host; import android.system.ErrnoException; import android.system.Os; import android.util.Log; @@ -225,14 +226,9 @@ public class RavenwoodRuntimeEnvironmentController { ActivityManager.init$ravenwood(config.mCurrentUser); - final HandlerThread main; - if (config.mProvideMainThread) { - main = new HandlerThread(MAIN_THREAD_NAME); - main.start(); - Looper.setMainLooperForTest(main.getLooper()); - } else { - main = null; - } + final var main = new HandlerThread(MAIN_THREAD_NAME); + main.start(); + Looper.setMainLooperForTest(main.getLooper()); final boolean isSelfInstrumenting = Objects.equals(config.mTestPackageName, config.mTargetPackageName); @@ -324,10 +320,8 @@ public class RavenwoodRuntimeEnvironmentController { } sMockUiAutomation.dropShellPermissionIdentity(); - if (config.mProvideMainThread) { - Looper.getMainLooper().quit(); - Looper.clearMainLooperForTest(); - } + Looper.getMainLooper().quit(); + Looper.clearMainLooperForTest(); ActivityManager.reset$ravenwood(); @@ -340,6 +334,8 @@ public class RavenwoodRuntimeEnvironmentController { } android.os.Process.reset$ravenwood(); + DeviceConfig_host.reset(); + try { ResourcesManager.setInstance(null); // Better structure needed. } catch (Exception e) { diff --git a/ravenwood/junit-src/android/platform/test/ravenwood/RavenwoodConfig.java b/ravenwood/junit-src/android/platform/test/ravenwood/RavenwoodConfig.java index 446f819ad41b..1f6e11dd5cf2 100644 --- a/ravenwood/junit-src/android/platform/test/ravenwood/RavenwoodConfig.java +++ b/ravenwood/junit-src/android/platform/test/ravenwood/RavenwoodConfig.java @@ -152,7 +152,10 @@ public final class RavenwoodConfig { /** * Configure a "main" thread to be available for the duration of the test, as defined * by {@code Looper.getMainLooper()}. Has no effect on non-Ravenwood environments. + * + * @deprecated */ + @Deprecated public Builder setProvideMainThread(boolean provideMainThread) { mConfig.mProvideMainThread = provideMainThread; return this; diff --git a/ravenwood/junit-src/android/platform/test/ravenwood/RavenwoodRule.java b/ravenwood/junit-src/android/platform/test/ravenwood/RavenwoodRule.java index 4196d8e22610..93a6806ed1f4 100644 --- a/ravenwood/junit-src/android/platform/test/ravenwood/RavenwoodRule.java +++ b/ravenwood/junit-src/android/platform/test/ravenwood/RavenwoodRule.java @@ -139,7 +139,10 @@ public final class RavenwoodRule implements TestRule { /** * Configure a "main" thread to be available for the duration of the test, as defined * by {@code Looper.getMainLooper()}. Has no effect on non-Ravenwood environments. + * + * @deprecated */ + @Deprecated public Builder setProvideMainThread(boolean provideMainThread) { mBuilder.setProvideMainThread(provideMainThread); return this; diff --git a/ravenwood/runtime-helper-src/framework/android/provider/DeviceConfig_host.java b/ravenwood/runtime-helper-src/framework/android/provider/DeviceConfig_host.java new file mode 100644 index 000000000000..9c2188fd377a --- /dev/null +++ b/ravenwood/runtime-helper-src/framework/android/provider/DeviceConfig_host.java @@ -0,0 +1,33 @@ +/* + * Copyright (C) 2024 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.provider; + +public class DeviceConfig_host { + + /** + * Called by Ravenwood runtime to reset all local changes. + */ + public static void reset() { + RavenwoodConfigDataStore.getInstance().clearAll(); + } + + /** + * Called by {@link DeviceConfig#newDataStore()} + */ + public static DeviceConfigDataStore newDataStore() { + return RavenwoodConfigDataStore.getInstance(); + } +} diff --git a/ravenwood/runtime-helper-src/framework/android/provider/RavenwoodConfigDataStore.java b/ravenwood/runtime-helper-src/framework/android/provider/RavenwoodConfigDataStore.java new file mode 100644 index 000000000000..4bc3de79fe6b --- /dev/null +++ b/ravenwood/runtime-helper-src/framework/android/provider/RavenwoodConfigDataStore.java @@ -0,0 +1,253 @@ +/* + * Copyright (C) 2024 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.provider; + +import android.annotation.NonNull; +import android.annotation.Nullable; +import android.content.ContentResolver; +import android.database.ContentObserver; +import android.net.Uri; +import android.os.Handler; +import android.os.Looper; +import android.provider.DeviceConfig.BadConfigException; +import android.provider.DeviceConfig.MonitorCallback; +import android.provider.DeviceConfig.Properties; + +import com.android.internal.annotations.GuardedBy; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.concurrent.Executor; + +/** + * {@link DeviceConfigDataStore} used only on Ravenwood. + * + * TODO(b/368591527) Support monitor callback related features + * TODO(b/368591527) Support "default" related features + */ +final class RavenwoodConfigDataStore implements DeviceConfigDataStore { + private static final RavenwoodConfigDataStore sInstance = new RavenwoodConfigDataStore(); + + private final Object mLock = new Object(); + + @GuardedBy("mLock") + private int mSyncDisabledMode = DeviceConfig.SYNC_DISABLED_MODE_NONE; + + @GuardedBy("mLock") + private final HashMap<String, HashMap<String, String>> mStore = new HashMap<>(); + + private record ObserverInfo(String namespace, ContentObserver observer) { + } + + @GuardedBy("mLock") + private final ArrayList<ObserverInfo> mObservers = new ArrayList<>(); + + static RavenwoodConfigDataStore getInstance() { + return sInstance; + } + + private static void shouldNotBeCalled() { + throw new RuntimeException("shouldNotBeCalled"); + } + + void clearAll() { + synchronized (mLock) { + mSyncDisabledMode = DeviceConfig.SYNC_DISABLED_MODE_NONE; + mStore.clear(); + } + } + + @GuardedBy("mLock") + private HashMap<String, String> getNamespaceLocked(@NonNull String namespace) { + Objects.requireNonNull(namespace); + return mStore.computeIfAbsent(namespace, k -> new HashMap<>()); + } + + /** {@inheritDoc} */ + @NonNull + @Override + public Map<String, String> getAllProperties() { + synchronized (mLock) { + var ret = new HashMap<String, String>(); + + for (var namespaceAndMap : mStore.entrySet()) { + for (var nameAndValue : namespaceAndMap.getValue().entrySet()) { + ret.put(namespaceAndMap.getKey() + "/" + nameAndValue.getKey(), + nameAndValue.getValue()); + } + } + return ret; + } + } + + /** {@inheritDoc} */ + @NonNull + @Override + public Properties getProperties(@NonNull String namespace, @NonNull String... names) { + Objects.requireNonNull(namespace); + + synchronized (mLock) { + var namespaceMap = getNamespaceLocked(namespace); + + if (names.length == 0) { + return new Properties(namespace, Map.copyOf(namespaceMap)); + } else { + var map = new HashMap<String, String>(); + for (var name : names) { + Objects.requireNonNull(name); + map.put(name, namespaceMap.get(name)); + } + return new Properties(namespace, map); + } + } + } + + /** {@inheritDoc} */ + @Override + public boolean setProperties(@NonNull Properties properties) throws BadConfigException { + Objects.requireNonNull(properties); + + synchronized (mLock) { + var namespaceMap = getNamespaceLocked(properties.getNamespace()); + for (var kv : properties.getPropertyValues().entrySet()) { + namespaceMap.put( + Objects.requireNonNull(kv.getKey()), + Objects.requireNonNull(kv.getValue()) + ); + } + notifyObserversLock(properties.getNamespace(), + properties.getKeyset().toArray(new String[0])); + } + return true; + } + + /** {@inheritDoc} */ + @Override + public boolean setProperty(@NonNull String namespace, @NonNull String name, + @Nullable String value, boolean makeDefault) { + Objects.requireNonNull(namespace); + Objects.requireNonNull(name); + + synchronized (mLock) { + var namespaceMap = getNamespaceLocked(namespace); + namespaceMap.put(name, value); + + // makeDefault not supported. + notifyObserversLock(namespace, new String[]{name}); + } + return true; + } + + /** {@inheritDoc} */ + @Override + public boolean deleteProperty(@NonNull String namespace, @NonNull String name) { + Objects.requireNonNull(namespace); + Objects.requireNonNull(name); + + synchronized (mLock) { + var namespaceMap = getNamespaceLocked(namespace); + if (namespaceMap.remove(name) != null) { + notifyObserversLock(namespace, new String[]{name}); + } + } + return true; + } + + /** {@inheritDoc} */ + @Override + public void resetToDefaults(int resetMode, @Nullable String namespace) { + // not supported in DeviceConfig.java + shouldNotBeCalled(); + } + + /** {@inheritDoc} */ + @Override + public void setSyncDisabledMode(int syncDisabledMode) { + synchronized (mLock) { + mSyncDisabledMode = syncDisabledMode; + } + } + + /** {@inheritDoc} */ + @Override + public int getSyncDisabledMode() { + synchronized (mLock) { + return mSyncDisabledMode; + } + } + + /** {@inheritDoc} */ + @Override + public void setMonitorCallback(@NonNull ContentResolver resolver, @NonNull Executor executor, + @NonNull MonitorCallback callback) { + // not supported in DeviceConfig.java + shouldNotBeCalled(); + } + + /** {@inheritDoc} */ + @Override + public void clearMonitorCallback(@NonNull ContentResolver resolver) { + // not supported in DeviceConfig.java + shouldNotBeCalled(); + } + + /** {@inheritDoc} */ + @Override + public void registerContentObserver(@NonNull String namespace, boolean notifyForescendants, + ContentObserver contentObserver) { + synchronized (mLock) { + mObservers.add(new ObserverInfo( + Objects.requireNonNull(namespace), + Objects.requireNonNull(contentObserver) + )); + } + } + + /** {@inheritDoc} */ + @Override + public void unregisterContentObserver(@NonNull ContentObserver contentObserver) { + synchronized (mLock) { + for (int i = mObservers.size() - 1; i >= 0; i--) { + if (mObservers.get(i).observer == contentObserver) { + mObservers.remove(i); + } + } + } + } + + private static final Uri CONTENT_URI = Uri.parse("content://settings/config"); + + @GuardedBy("mLock") + private void notifyObserversLock(@NonNull String namespace, String[] keys) { + var urib = CONTENT_URI.buildUpon().appendPath(namespace); + for (var key : keys) { + urib.appendEncodedPath(key); + } + var uri = urib.build(); + + final var copy = List.copyOf(mObservers); + new Handler(Looper.getMainLooper()).post(() -> { + for (int i = copy.size() - 1; i >= 0; i--) { + if (copy.get(i).namespace.equals(namespace)) { + copy.get(i).observer.dispatchChange(false, uri); + } + } + }); + } +} diff --git a/ravenwood/tests/bivalenttest/Android.bp b/ravenwood/tests/bivalenttest/Android.bp index ac499b966afe..d7f4b3e2955d 100644 --- a/ravenwood/tests/bivalenttest/Android.bp +++ b/ravenwood/tests/bivalenttest/Android.bp @@ -54,34 +54,36 @@ android_ravenwood_test { auto_gen_config: true, } -// TODO(b/371215487): migrate bivalenttest.ravenizer tests to another architecture +android_test { + name: "RavenwoodBivalentTest_device", -// android_test { -// name: "RavenwoodBivalentTest_device", -// -// srcs: [ -// "test/**/*.java", -// ], -// static_libs: [ -// "junit", -// "truth", -// -// "androidx.annotation_annotation", -// "androidx.test.ext.junit", -// "androidx.test.rules", -// -// "junit-params", -// "platform-parametric-runner-lib", -// -// "ravenwood-junit", -// ], -// jni_libs: [ -// "libravenwoodbivalenttest_jni", -// ], -// test_suites: [ -// "device-tests", -// ], -// optimize: { -// enabled: false, -// }, -// } + srcs: [ + "test/**/*.java", + ], + // TODO(b/371215487): migrate bivalenttest.ravenizer tests to another architecture + exclude_srcs: [ + "test/**/ravenizer/*.java", + ], + static_libs: [ + "junit", + "truth", + + "androidx.annotation_annotation", + "androidx.test.ext.junit", + "androidx.test.rules", + + "junit-params", + "platform-parametric-runner-lib", + + "ravenwood-junit", + ], + jni_libs: [ + "libravenwoodbivalenttest_jni", + ], + test_suites: [ + "device-tests", + ], + optimize: { + enabled: false, + }, +} diff --git a/services/Android.bp b/services/Android.bp index a679341f0de5..e8d6630dab68 100644 --- a/services/Android.bp +++ b/services/Android.bp @@ -186,6 +186,11 @@ art_profile_java_defaults { }, } +vintf_fragment { + name: "manifest_services.xml", + src: "manifest_services.xml", +} + // merge all required services into one jar // ============================================================ java_library { @@ -250,7 +255,7 @@ java_library { "service-sdksandbox.stubs.system_server", ], - vintf_fragments: [ + vintf_fragment_modules: [ "manifest_services.xml", ], diff --git a/services/accessibility/OWNERS b/services/accessibility/OWNERS index 0e35a409c82c..4e1175034b5b 100644 --- a/services/accessibility/OWNERS +++ b/services/accessibility/OWNERS @@ -2,10 +2,11 @@ # Android Accessibility Framework owners danielnorman@google.com -aarmaly@google.com chunkulin@google.com fuego@google.com sallyyuen@google.com +yingleiw@google.com +caseyburkhardt@google.com # Android Accessibility members who have OWNERS but should not be sent # day-to-day changes for code review: diff --git a/services/core/java/com/android/server/am/ActivityManagerShellCommand.java b/services/core/java/com/android/server/am/ActivityManagerShellCommand.java index bbd432340e8f..3a3f041c4189 100644 --- a/services/core/java/com/android/server/am/ActivityManagerShellCommand.java +++ b/services/core/java/com/android/server/am/ActivityManagerShellCommand.java @@ -110,6 +110,7 @@ import android.os.SystemClock; import android.os.Trace; import android.os.UserHandle; import android.os.UserManager; +import android.os.ZygoteProcess; import android.text.TextUtils; import android.util.ArrayMap; import android.util.ArraySet; @@ -439,6 +440,8 @@ final class ActivityManagerShellCommand extends ShellCommand { return runSetForegroundServiceDelegate(pw); case "capabilities": return runCapabilities(pw); + case "set-app-zygote-preload-timeout": + return runSetAppZygotePreloadTimeout(pw); default: return handleDefaultCommands(cmd); } @@ -448,6 +451,15 @@ final class ActivityManagerShellCommand extends ShellCommand { return -1; } + int runSetAppZygotePreloadTimeout(PrintWriter pw) throws RemoteException { + final String timeout = getNextArgRequired(); + final int timeoutMs = Integer.parseInt(timeout); + + ZygoteProcess.setAppZygotePreloadTimeout(timeoutMs); + + return 0; + } + int runCapabilities(PrintWriter pw) throws RemoteException { final PrintWriter err = getErrPrintWriter(); boolean outputAsProtobuf = false; @@ -4603,6 +4615,8 @@ final class ActivityManagerShellCommand extends ShellCommand { pw.println(" capabilities [--protobuf]"); pw.println(" Output am supported features (text format). Options are:"); pw.println(" --protobuf: format output using protobuffer"); + pw.println(" set-app-zygote-preload-timeout <TIMEOUT_IN_MS>"); + pw.println(" Set the timeout for preloading code in the app-zygote"); Intent.printIntentArgsHelp(pw, ""); } } diff --git a/services/core/java/com/android/server/am/ProcessList.java b/services/core/java/com/android/server/am/ProcessList.java index a7af80faaf15..554265abf94d 100644 --- a/services/core/java/com/android/server/am/ProcessList.java +++ b/services/core/java/com/android/server/am/ProcessList.java @@ -5146,6 +5146,7 @@ public final class ProcessList { if (ai != null) { if (ai.packageName.equals(app.info.packageName)) { app.info = ai; + app.getWindowProcessController().updateApplicationInfo(ai); PlatformCompatCache.getInstance() .onApplicationInfoChanged(ai); } diff --git a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java index 636854b85ee4..d1576c5cca4f 100644 --- a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java +++ b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java @@ -17,118 +17,63 @@ package com.android.server.integrity; import static android.content.Intent.ACTION_PACKAGE_NEEDS_INTEGRITY_VERIFICATION; -import static android.content.Intent.EXTRA_LONG_VERSION_CODE; -import static android.content.Intent.EXTRA_ORIGINATING_UID; -import static android.content.Intent.EXTRA_PACKAGE_NAME; import static android.content.integrity.AppIntegrityManager.EXTRA_STATUS; import static android.content.integrity.AppIntegrityManager.STATUS_FAILURE; import static android.content.integrity.AppIntegrityManager.STATUS_SUCCESS; -import static android.content.integrity.InstallerAllowedByManifestFormula.INSTALLER_CERTIFICATE_NOT_EVALUATED; import static android.content.integrity.IntegrityUtils.getHexDigest; import static android.content.pm.PackageManager.EXTRA_VERIFICATION_ID; import android.annotation.BinderThread; -import android.annotation.NonNull; -import android.annotation.Nullable; import android.content.BroadcastReceiver; import android.content.Context; import android.content.Intent; import android.content.IntentFilter; import android.content.IntentSender; -import android.content.integrity.AppInstallMetadata; import android.content.integrity.IAppIntegrityManager; import android.content.integrity.Rule; import android.content.pm.PackageInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManagerInternal; import android.content.pm.ParceledListSlice; -import android.content.pm.Signature; -import android.content.pm.SigningDetails; -import android.content.pm.parsing.result.ParseResult; -import android.content.pm.parsing.result.ParseTypeImpl; import android.net.Uri; import android.os.Binder; -import android.os.Bundle; import android.os.Handler; import android.os.HandlerThread; import android.provider.Settings; import android.util.Pair; import android.util.Slog; -import android.util.apk.SourceStampVerificationResult; -import android.util.apk.SourceStampVerifier; import com.android.internal.R; import com.android.internal.annotations.VisibleForTesting; -import com.android.internal.pm.parsing.PackageParser2; -import com.android.internal.pm.pkg.parsing.ParsingPackageUtils; -import com.android.internal.util.ArrayUtils; import com.android.server.LocalServices; -import com.android.server.integrity.model.IntegrityCheckResult; import com.android.server.integrity.model.RuleMetadata; -import com.android.server.pm.PackageManagerServiceUtils; -import com.android.server.pm.parsing.PackageParserUtils; -import java.io.ByteArrayInputStream; import java.io.File; -import java.io.IOException; -import java.io.InputStream; import java.nio.charset.StandardCharsets; import java.nio.file.Files; -import java.nio.file.Path; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; -import java.util.HashMap; -import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; -import java.util.function.Supplier; -import java.util.stream.Collectors; import java.util.stream.Stream; /** Implementation of {@link AppIntegrityManagerService}. */ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { - /** - * This string will be used as the "installer" for formula evaluation when the app's installer - * cannot be determined. - * - * <p>This may happen for various reasons. e.g., the installing app's package name may not match - * its UID. - */ - private static final String UNKNOWN_INSTALLER = ""; - /** - * This string will be used as the "installer" for formula evaluation when the app is being - * installed via ADB. - */ - public static final String ADB_INSTALLER = "adb"; private static final String TAG = "AppIntegrityManagerServiceImpl"; private static final String PACKAGE_MIME_TYPE = "application/vnd.android.package-archive"; - private static final String BASE_APK_FILE = "base.apk"; - private static final String ALLOWED_INSTALLERS_METADATA_NAME = "allowed-installers"; - private static final String ALLOWED_INSTALLER_DELIMITER = ","; - private static final String INSTALLER_PACKAGE_CERT_DELIMITER = "\\|"; public static final boolean DEBUG_INTEGRITY_COMPONENT = false; - private static final Set<String> PACKAGE_INSTALLER = - new HashSet<>( - Arrays.asList( - "com.google.android.packageinstaller", "com.android.packageinstaller")); - // Access to files inside mRulesDir is protected by mRulesLock; private final Context mContext; private final Handler mHandler; private final PackageManagerInternal mPackageManagerInternal; - private final Supplier<PackageParser2> mParserSupplier; private final IntegrityFileManager mIntegrityFileManager; /** Create an instance of {@link AppIntegrityManagerServiceImpl}. */ @@ -139,7 +84,6 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { return new AppIntegrityManagerServiceImpl( context, LocalServices.getService(PackageManagerInternal.class), - PackageParserUtils::forParsingFileWithDefaults, IntegrityFileManager.getInstance(), handlerThread.getThreadHandler()); } @@ -148,12 +92,10 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { AppIntegrityManagerServiceImpl( Context context, PackageManagerInternal packageManagerInternal, - Supplier<PackageParser2> parserSupplier, IntegrityFileManager integrityFileManager, Handler handler) { mContext = context; mPackageManagerInternal = packageManagerInternal; - mParserSupplier = parserSupplier; mIntegrityFileManager = integrityFileManager; mHandler = handler; @@ -263,148 +205,8 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { private void handleIntegrityVerification(Intent intent) { int verificationId = intent.getIntExtra(EXTRA_VERIFICATION_ID, -1); - - try { - if (DEBUG_INTEGRITY_COMPONENT) { - Slog.d(TAG, "Received integrity verification intent " + intent.toString()); - Slog.d(TAG, "Extras " + intent.getExtras()); - } - - String installerPackageName = getInstallerPackageName(intent); - - // Skip integrity verification if the verifier is doing the install. - if (!integrityCheckIncludesRuleProvider() && isRuleProvider(installerPackageName)) { - if (DEBUG_INTEGRITY_COMPONENT) { - Slog.i(TAG, "Verifier doing the install. Skipping integrity check."); - } - mPackageManagerInternal.setIntegrityVerificationResult( - verificationId, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); - return; - } - - String packageName = intent.getStringExtra(EXTRA_PACKAGE_NAME); - - Pair<SigningDetails, Bundle> packageSigningAndMetadata = - getPackageSigningAndMetadata(intent.getData()); - if (packageSigningAndMetadata == null) { - Slog.w(TAG, "Cannot parse package " + packageName); - // We can't parse the package. - mPackageManagerInternal.setIntegrityVerificationResult( - verificationId, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); - return; - } - - var signingDetails = packageSigningAndMetadata.first; - List<String> appCertificates = getCertificateFingerprint(packageName, signingDetails); - List<String> appCertificateLineage = getCertificateLineage(packageName, signingDetails); - List<String> installerCertificates = - getInstallerCertificateFingerprint(installerPackageName); - - AppInstallMetadata.Builder builder = new AppInstallMetadata.Builder(); - - builder.setPackageName(getPackageNameNormalized(packageName)); - builder.setAppCertificates(appCertificates); - builder.setAppCertificateLineage(appCertificateLineage); - builder.setVersionCode(intent.getLongExtra(EXTRA_LONG_VERSION_CODE, -1)); - builder.setInstallerName(getPackageNameNormalized(installerPackageName)); - builder.setInstallerCertificates(installerCertificates); - builder.setIsPreInstalled(isSystemApp(packageName)); - - Map<String, String> allowedInstallers = - getAllowedInstallers(packageSigningAndMetadata.second); - builder.setAllowedInstallersAndCert(allowedInstallers); - extractSourceStamp(intent.getData(), builder); - - AppInstallMetadata appInstallMetadata = builder.build(); - - if (DEBUG_INTEGRITY_COMPONENT) { - Slog.i( - TAG, - "To be verified: " - + appInstallMetadata - + " installers " - + allowedInstallers); - } - IntegrityCheckResult result = IntegrityCheckResult.allow(); - if (!result.getMatchedRules().isEmpty() || DEBUG_INTEGRITY_COMPONENT) { - Slog.i( - TAG, - String.format( - "Integrity check of %s result: %s due to %s", - packageName, result.getEffect(), result.getMatchedRules())); - } - - mPackageManagerInternal.setIntegrityVerificationResult( - verificationId, - result.getEffect() == IntegrityCheckResult.Effect.ALLOW - ? PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW - : PackageManagerInternal.INTEGRITY_VERIFICATION_REJECT); - } catch (IllegalArgumentException e) { - // This exception indicates something is wrong with the input passed by package manager. - // e.g., someone trying to trick the system. We block installs in this case. - Slog.e(TAG, "Invalid input to integrity verification", e); - mPackageManagerInternal.setIntegrityVerificationResult( - verificationId, PackageManagerInternal.INTEGRITY_VERIFICATION_REJECT); - } catch (Exception e) { - // Other exceptions indicate an error within the integrity component implementation and - // we allow them. - Slog.e(TAG, "Error handling integrity verification", e); - mPackageManagerInternal.setIntegrityVerificationResult( - verificationId, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); - } - } - - /** - * Verify the UID and return the installer package name. - * - * @return the package name of the installer, or null if it cannot be determined or it is - * installed via adb. - */ - @Nullable - private String getInstallerPackageName(Intent intent) { - String installer = - intent.getStringExtra(PackageManager.EXTRA_VERIFICATION_INSTALLER_PACKAGE); - if (PackageManagerServiceUtils.isInstalledByAdb(installer)) { - return ADB_INSTALLER; - } - int installerUid = intent.getIntExtra(PackageManager.EXTRA_VERIFICATION_INSTALLER_UID, -1); - if (installerUid < 0) { - Slog.e( - TAG, - "Installer cannot be determined: installer: " - + installer - + " installer UID: " - + installerUid); - return UNKNOWN_INSTALLER; - } - - // Verify that the installer UID actually contains the package. Note that comparing UIDs - // is not safe since context's uid can change in different settings; e.g. Android Auto. - if (!getPackageListForUid(installerUid).contains(installer)) { - return UNKNOWN_INSTALLER; - } - - // At this time we can trust "installer". - - // A common way for apps to install packages is to send an intent to PackageInstaller. In - // that case, the installer will always show up as PackageInstaller which is not what we - // want. - if (PACKAGE_INSTALLER.contains(installer)) { - int originatingUid = intent.getIntExtra(EXTRA_ORIGINATING_UID, -1); - if (originatingUid < 0) { - Slog.e(TAG, "Installer is package installer but originating UID not found."); - return UNKNOWN_INSTALLER; - } - List<String> installerPackages = getPackageListForUid(originatingUid); - if (installerPackages.isEmpty()) { - Slog.e(TAG, "No package found associated with originating UID " + originatingUid); - return UNKNOWN_INSTALLER; - } - // In the case of multiple package sharing a UID, we just return the first one. - return installerPackages.get(0); - } - - return installer; + mPackageManagerInternal.setIntegrityVerificationResult( + verificationId, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); } /** We will use the SHA256 digest of a package name if it is more than 32 bytes long. */ @@ -422,264 +224,6 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { } } - private List<String> getInstallerCertificateFingerprint(String installer) { - if (installer.equals(ADB_INSTALLER) || installer.equals(UNKNOWN_INSTALLER)) { - return Collections.emptyList(); - } - var installerPkg = mPackageManagerInternal.getPackage(installer); - if (installerPkg == null) { - Slog.w(TAG, "Installer package " + installer + " not found."); - return Collections.emptyList(); - } - return getCertificateFingerprint(installerPkg.getPackageName(), - installerPkg.getSigningDetails()); - } - - private List<String> getCertificateFingerprint(@NonNull String packageName, - @NonNull SigningDetails signingDetails) { - ArrayList<String> certificateFingerprints = new ArrayList(); - for (Signature signature : getSignatures(packageName, signingDetails)) { - certificateFingerprints.add(getFingerprint(signature)); - } - return certificateFingerprints; - } - - private List<String> getCertificateLineage(@NonNull String packageName, - @NonNull SigningDetails signingDetails) { - ArrayList<String> certificateLineage = new ArrayList(); - for (Signature signature : getSignatureLineage(packageName, signingDetails)) { - certificateLineage.add(getFingerprint(signature)); - } - return certificateLineage; - } - - /** Get the allowed installers and their associated certificate hashes from <meta-data> tag. */ - private Map<String, String> getAllowedInstallers(@Nullable Bundle metaData) { - Map<String, String> packageCertMap = new HashMap<>(); - if (metaData != null) { - String allowedInstallers = metaData.getString(ALLOWED_INSTALLERS_METADATA_NAME); - if (allowedInstallers != null) { - // parse the metadata for certs. - String[] installerCertPairs = allowedInstallers.split(ALLOWED_INSTALLER_DELIMITER); - for (String packageCertPair : installerCertPairs) { - String[] packageAndCert = - packageCertPair.split(INSTALLER_PACKAGE_CERT_DELIMITER); - if (packageAndCert.length == 2) { - String packageName = getPackageNameNormalized(packageAndCert[0]); - String cert = packageAndCert[1]; - packageCertMap.put(packageName, cert); - } else if (packageAndCert.length == 1) { - packageCertMap.put( - getPackageNameNormalized(packageAndCert[0]), - INSTALLER_CERTIFICATE_NOT_EVALUATED); - } - } - } - } - - return packageCertMap; - } - - /** Extract the source stamp embedded in the APK, if present. */ - private void extractSourceStamp(Uri dataUri, AppInstallMetadata.Builder appInstallMetadata) { - File installationPath = getInstallationPath(dataUri); - if (installationPath == null) { - throw new IllegalArgumentException("Installation path is null, package not found"); - } - - SourceStampVerificationResult sourceStampVerificationResult; - if (installationPath.isDirectory()) { - try (Stream<Path> filesList = Files.list(installationPath.toPath())) { - List<String> apkFiles = - filesList - .map(path -> path.toAbsolutePath().toString()) - .filter(str -> str.endsWith(".apk")) - .collect(Collectors.toList()); - sourceStampVerificationResult = SourceStampVerifier.verify(apkFiles); - } catch (IOException e) { - throw new IllegalArgumentException("Could not read APK directory"); - } - } else { - sourceStampVerificationResult = - SourceStampVerifier.verify(installationPath.getAbsolutePath()); - } - - appInstallMetadata.setIsStampPresent(sourceStampVerificationResult.isPresent()); - appInstallMetadata.setIsStampVerified(sourceStampVerificationResult.isVerified()); - // A verified stamp is set to be trusted. - appInstallMetadata.setIsStampTrusted(sourceStampVerificationResult.isVerified()); - if (sourceStampVerificationResult.isVerified()) { - X509Certificate sourceStampCertificate = - (X509Certificate) sourceStampVerificationResult.getCertificate(); - // Sets source stamp certificate digest. - try { - MessageDigest digest = MessageDigest.getInstance("SHA-256"); - byte[] certificateDigest = digest.digest(sourceStampCertificate.getEncoded()); - appInstallMetadata.setStampCertificateHash(getHexDigest(certificateDigest)); - } catch (NoSuchAlgorithmException | CertificateEncodingException e) { - throw new IllegalArgumentException( - "Error computing source stamp certificate digest", e); - } - } - } - - private static Signature[] getSignatures(@NonNull String packageName, - @NonNull SigningDetails signingDetails) { - Signature[] signatures = signingDetails.getSignatures(); - if (signatures == null || signatures.length < 1) { - throw new IllegalArgumentException("Package signature not found in " + packageName); - } - - // We are only interested in evaluating the active signatures. - return signatures; - } - - private static Signature[] getSignatureLineage(@NonNull String packageName, - @NonNull SigningDetails signingDetails) { - // Obtain the active signatures of the package. - Signature[] signatureLineage = getSignatures(packageName, signingDetails); - - var pastSignatures = signingDetails.getPastSigningCertificates(); - // Obtain the past signatures of the package. - if (signatureLineage.length == 1 && !ArrayUtils.isEmpty(pastSignatures)) { - // Merge the signatures and return. - Signature[] allSignatures = - new Signature[signatureLineage.length + pastSignatures.length]; - int i; - for (i = 0; i < signatureLineage.length; i++) { - allSignatures[i] = signatureLineage[i]; - } - for (int j = 0; j < pastSignatures.length; j++) { - allSignatures[i] = pastSignatures[j]; - i++; - } - signatureLineage = allSignatures; - } - - return signatureLineage; - } - - private static String getFingerprint(Signature cert) { - InputStream input = new ByteArrayInputStream(cert.toByteArray()); - - CertificateFactory factory; - try { - factory = CertificateFactory.getInstance("X509"); - } catch (CertificateException e) { - throw new RuntimeException("Error getting CertificateFactory", e); - } - X509Certificate certificate = null; - try { - if (factory != null) { - certificate = (X509Certificate) factory.generateCertificate(input); - } - } catch (CertificateException e) { - throw new RuntimeException("Error getting X509Certificate", e); - } - - if (certificate == null) { - throw new RuntimeException("X509 Certificate not found"); - } - - try { - MessageDigest digest = MessageDigest.getInstance("SHA-256"); - byte[] publicKey = digest.digest(certificate.getEncoded()); - return getHexDigest(publicKey); - } catch (NoSuchAlgorithmException | CertificateEncodingException e) { - throw new IllegalArgumentException("Error error computing fingerprint", e); - } - } - - @Nullable - private Pair<SigningDetails, Bundle> getPackageSigningAndMetadata(Uri dataUri) { - File installationPath = getInstallationPath(dataUri); - if (installationPath == null) { - throw new IllegalArgumentException("Installation path is null, package not found"); - } - - try (PackageParser2 parser = mParserSupplier.get()) { - var pkg = parser.parsePackage(installationPath, 0, false); - // APK signatures is already verified elsewhere in PackageManager. We do not need to - // verify it again since it could cause a timeout for large APKs. - final ParseTypeImpl input = ParseTypeImpl.forDefaultParsing(); - final ParseResult<SigningDetails> result = ParsingPackageUtils.getSigningDetails( - input, pkg, /* skipVerify= */ true); - if (result.isError()) { - Slog.w(TAG, result.getErrorMessage(), result.getException()); - return null; - } - return Pair.create(result.getResult(), pkg.getMetaData()); - } catch (Exception e) { - Slog.w(TAG, "Exception reading " + dataUri, e); - return null; - } - } - - private PackageInfo getMultiApkInfo(File multiApkDirectory) { - // The base apk will normally be called base.apk - File baseFile = new File(multiApkDirectory, BASE_APK_FILE); - PackageInfo basePackageInfo = - mContext.getPackageManager() - .getPackageArchiveInfo( - baseFile.getAbsolutePath(), - PackageManager.GET_SIGNING_CERTIFICATES - | PackageManager.GET_META_DATA); - - if (basePackageInfo == null) { - for (File apkFile : multiApkDirectory.listFiles()) { - if (apkFile.isDirectory()) { - continue; - } - - // If we didn't find a base.apk, then try to parse each apk until we find the one - // that succeeds. - try { - basePackageInfo = - mContext.getPackageManager() - .getPackageArchiveInfo( - apkFile.getAbsolutePath(), - PackageManager.GET_SIGNING_CERTIFICATES - | PackageManager.GET_META_DATA); - } catch (Exception e) { - // Some of the splits may not contain a valid android manifest. It is an - // expected exception. We still log it nonetheless but we should keep looking. - Slog.w(TAG, "Exception reading " + apkFile, e); - } - if (basePackageInfo != null) { - Slog.i(TAG, "Found package info from " + apkFile); - break; - } - } - } - - if (basePackageInfo == null) { - throw new IllegalArgumentException( - "Base package info cannot be found from installation directory"); - } - - return basePackageInfo; - } - - private File getInstallationPath(Uri dataUri) { - if (dataUri == null) { - throw new IllegalArgumentException("Null data uri"); - } - - String scheme = dataUri.getScheme(); - if (!"file".equalsIgnoreCase(scheme)) { - throw new IllegalArgumentException("Unsupported scheme for " + dataUri); - } - - File installationPath = new File(dataUri.getPath()); - if (!installationPath.exists()) { - throw new IllegalArgumentException("Cannot find file for " + dataUri); - } - if (!installationPath.canRead()) { - throw new IllegalArgumentException("Cannot read file for " + dataUri); - } - return installationPath; - } - private String getCallerPackageNameOrThrow(int callingUid) { String callerPackageName = getCallingRulePusherPackageName(callingUid); if (callerPackageName == null) { @@ -715,15 +259,6 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { return allowedCallingPackages.isEmpty() ? null : allowedCallingPackages.get(0); } - private boolean isRuleProvider(String installerPackageName) { - for (String ruleProvider : getAllowedRuleProviderSystemApps()) { - if (ruleProvider.matches(installerPackageName)) { - return true; - } - } - return false; - } - private List<String> getAllowedRuleProviderSystemApps() { List<String> integrityRuleProviders = Arrays.asList( @@ -751,14 +286,6 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { } } - private boolean integrityCheckIncludesRuleProvider() { - return Settings.Global.getInt( - mContext.getContentResolver(), - Settings.Global.INTEGRITY_CHECK_INCLUDES_RULE_PROVIDER, - 0) - == 1; - } - private List<String> getPackageListForUid(int uid) { try { return Arrays.asList(mContext.getPackageManager().getPackagesForUid(uid)); diff --git a/services/core/java/com/android/server/wm/Task.java b/services/core/java/com/android/server/wm/Task.java index 7b270842b3c5..cbf6c5a02ae3 100644 --- a/services/core/java/com/android/server/wm/Task.java +++ b/services/core/java/com/android/server/wm/Task.java @@ -5807,9 +5807,9 @@ class Task extends TaskFragment { } private boolean canMoveTaskToBack(Task task) { - // Checks whether a task is a child of this task because it can be reparetned when + // Checks whether a task is a child of this task because it can be reparented when // transition is deferred. - if (task != this && task.getParent() != this) { + if (task != this && !task.isDescendantOf(this)) { return false; } diff --git a/services/core/java/com/android/server/wm/WindowProcessController.java b/services/core/java/com/android/server/wm/WindowProcessController.java index 5e9fdd8128e1..a64bab1a5fcb 100644 --- a/services/core/java/com/android/server/wm/WindowProcessController.java +++ b/services/core/java/com/android/server/wm/WindowProcessController.java @@ -122,7 +122,7 @@ public class WindowProcessController extends ConfigurationContainer<Configuratio private int mRapidActivityLaunchCount; // all about the first app in the process - final ApplicationInfo mInfo; + volatile ApplicationInfo mInfo; final String mName; final int mUid; @@ -1789,12 +1789,17 @@ public class WindowProcessController extends ConfigurationContainer<Configuratio Configuration overrideConfig = new Configuration(r.getRequestedOverrideConfiguration()); overrideConfig.assetsSeq = assetSeq; r.onRequestedOverrideConfigurationChanged(overrideConfig); + r.updateApplicationInfo(mInfo); if (r.isVisibleRequested()) { r.ensureActivityConfiguration(); } } } + public void updateApplicationInfo(ApplicationInfo aInfo) { + mInfo = aInfo; + } + /** * This is called for sending {@link android.app.servertransaction.LaunchActivityItem}. * The caller must call {@link #setLastReportedConfiguration} if the delivered configuration diff --git a/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java b/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java index d1f6c2f9f1f0..9c6412b81b34 100644 --- a/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java +++ b/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java @@ -67,10 +67,8 @@ import android.provider.Settings; import androidx.test.InstrumentationRegistry; import com.android.internal.R; -import com.android.internal.pm.parsing.PackageParser2; import com.android.server.compat.PlatformCompat; import com.android.server.integrity.model.IntegrityCheckResult; -import com.android.server.pm.parsing.TestPackageParser2; import com.android.server.testutils.TestUtils; import org.junit.After; @@ -140,8 +138,6 @@ public class AppIntegrityManagerServiceImplTest { @Mock IntegrityFileManager mIntegrityFileManager; @Mock Handler mHandler; - private Supplier<PackageParser2> mParserSupplier = TestPackageParser2::new; - private final Context mRealContext = InstrumentationRegistry.getTargetContext(); private PackageManager mSpyPackageManager; @@ -173,7 +169,6 @@ public class AppIntegrityManagerServiceImplTest { new AppIntegrityManagerServiceImpl( mMockContext, mPackageManagerInternal, - mParserSupplier, mIntegrityFileManager, mHandler); |