diff options
9 files changed, 59 insertions, 23 deletions
diff --git a/services/core/java/com/android/server/wm/ActivityStarter.java b/services/core/java/com/android/server/wm/ActivityStarter.java index 678a896bddbc..c33a2c179ab7 100644 --- a/services/core/java/com/android/server/wm/ActivityStarter.java +++ b/services/core/java/com/android/server/wm/ActivityStarter.java @@ -989,8 +989,8 @@ class ActivityStarter { if (mSupervisor.mRecentTasks.isCallerRecents(callingUid)) { return false; } - // don't abort if the callingPackage is a device owner - if (mService.getDevicePolicyManager().isDeviceOwnerApp(callingPackage)) { + // don't abort if the callingPackage is the device owner + if (mService.isDeviceOwner(callingPackage)) { return false; } // anything that has fallen through would currently be aborted diff --git a/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java b/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java index 1a5e6a14e733..5a20959dcdbf 100644 --- a/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java +++ b/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java @@ -492,4 +492,9 @@ public abstract class ActivityTaskManagerInternal { /** Returns true if uid has a visible window or its process is in a top state. */ public abstract boolean isUidForeground(int uid); + + /** + * Called by DevicePolicyManagerService to set the package name of the device owner. + */ + public abstract void setDeviceOwnerPackageName(String deviceOwnerPkg); } diff --git a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java index c1c2b57873ee..258819fdece9 100644 --- a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java +++ b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java @@ -151,7 +151,6 @@ import android.app.RemoteAction; import android.app.WaitResult; import android.app.WindowConfiguration; import android.app.admin.DevicePolicyCache; -import android.app.admin.DevicePolicyManager; import android.app.assist.AssistContent; import android.app.assist.AssistStructure; import android.app.usage.UsageStatsManagerInternal; @@ -363,7 +362,6 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub { WindowManagerService mWindowManager; private UserManagerService mUserManager; private AppOpsService mAppOpsService; - private DevicePolicyManager mDpm; /** All active uids in the system. */ private final SparseArray<Integer> mActiveUids = new SparseArray<>(); private final SparseArray<String> mPendingTempWhitelist = new SparseArray<>(); @@ -623,6 +621,8 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub { private FontScaleSettingObserver mFontScaleSettingObserver; + private String mDeviceOwnerPackageName; + private final class FontScaleSettingObserver extends ContentObserver { private final Uri mFontScaleUri = Settings.System.getUriFor(FONT_SCALE); private final Uri mHideErrorDialogsUri = Settings.Global.getUriFor(HIDE_ERROR_DIALOGS); @@ -838,13 +838,6 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub { return mAppOpsService; } - DevicePolicyManager getDevicePolicyManager() { - if (mDpm == null) { - mDpm = mContext.getSystemService(DevicePolicyManager.class); - } - return mDpm; - } - boolean hasUserRestriction(String restriction, int userId) { return getUserManager().hasUserRestriction(restriction, userId); } @@ -5725,6 +5718,17 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub { || mWindowManager.mRoot.isAnyNonToastWindowVisibleForUid(uid); } + boolean isDeviceOwner(String packageName) { + if (packageName == null) { + return false; + } + return packageName.equals(mDeviceOwnerPackageName); + } + + void setDeviceOwnerPackageName(String deviceOwnerPkg) { + mDeviceOwnerPackageName = deviceOwnerPkg; + } + /** * @return whitelist tag for a uid from mPendingTempWhitelist, null if not currently on * the whitelist @@ -7142,5 +7146,12 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub { return ActivityTaskManagerService.this.isUidForeground(uid); } } + + @Override + public void setDeviceOwnerPackageName(String deviceOwnerPkg) { + synchronized (mGlobalLock) { + ActivityTaskManagerService.this.setDeviceOwnerPackageName(deviceOwnerPkg); + } + } } } diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index e30acf71d328..093ac89b97c0 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -247,6 +247,7 @@ import com.android.server.net.NetworkPolicyManagerInternal; import com.android.server.pm.UserRestrictionsUtils; import com.android.server.storage.DeviceStorageMonitorInternal; import com.android.server.uri.UriGrantsManagerInternal; +import com.android.server.wm.ActivityTaskManagerInternal; import com.google.android.collect.Sets; @@ -1870,7 +1871,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Owners newOwners() { return new Owners(getUserManager(), getUserManagerInternal(), - getPackageManagerInternal()); + getPackageManagerInternal(), getActivityTaskManagerInternal()); } UserManager getUserManager() { @@ -1885,6 +1886,10 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return LocalServices.getService(PackageManagerInternal.class); } + ActivityTaskManagerInternal getActivityTaskManagerInternal() { + return LocalServices.getService(ActivityTaskManagerInternal.class); + } + UsageStatsManagerInternal getUsageStatsManagerInternal() { return LocalServices.getService(UsageStatsManagerInternal.class); } diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java b/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java index ee1c1df3f162..27cd70c9a606 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java @@ -41,6 +41,7 @@ import android.util.Xml; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.util.FastXmlSerializer; import com.android.server.LocalServices; +import com.android.server.wm.ActivityTaskManagerInternal; import libcore.io.IoUtils; @@ -104,6 +105,7 @@ class Owners { private final UserManager mUserManager; private final UserManagerInternal mUserManagerInternal; private final PackageManagerInternal mPackageManagerInternal; + private final ActivityTaskManagerInternal mActivityTaskManagerInternal; private boolean mSystemReady; @@ -129,18 +131,22 @@ class Owners { public Owners(UserManager userManager, UserManagerInternal userManagerInternal, - PackageManagerInternal packageManagerInternal) { - this(userManager, userManagerInternal, packageManagerInternal, new Injector()); + PackageManagerInternal packageManagerInternal, + ActivityTaskManagerInternal activityTaskManagerInternal) { + this(userManager, userManagerInternal, packageManagerInternal, + activityTaskManagerInternal, new Injector()); } @VisibleForTesting Owners(UserManager userManager, UserManagerInternal userManagerInternal, PackageManagerInternal packageManagerInternal, + ActivityTaskManagerInternal activityTaskManagerInternal, Injector injector) { mUserManager = userManager; mUserManagerInternal = userManagerInternal; mPackageManagerInternal = packageManagerInternal; + mActivityTaskManagerInternal = activityTaskManagerInternal; mInjector = injector; } @@ -187,6 +193,7 @@ class Owners { getDeviceOwnerUserId())); } pushToPackageManagerLocked(); + pushToActivityTaskManagerLocked(); pushToAppOpsLocked(); } } @@ -201,6 +208,11 @@ class Owners { po); } + private void pushToActivityTaskManagerLocked() { + mActivityTaskManagerInternal.setDeviceOwnerPackageName(mDeviceOwner != null + ? mDeviceOwner.packageName : null); + } + String getDeviceOwnerPackageName() { synchronized (mLock) { return mDeviceOwner != null ? mDeviceOwner.packageName : null; @@ -275,6 +287,7 @@ class Owners { mUserManagerInternal.setDeviceManaged(true); pushToPackageManagerLocked(); + pushToActivityTaskManagerLocked(); pushToAppOpsLocked(); } } @@ -286,6 +299,7 @@ class Owners { mUserManagerInternal.setDeviceManaged(false); pushToPackageManagerLocked(); + pushToActivityTaskManagerLocked(); pushToAppOpsLocked(); } } @@ -333,6 +347,7 @@ class Owners { mDeviceOwner.remoteBugreportHash, /* canAccessDeviceIds =*/ mDeviceOwner.canAccessDeviceIds); pushToPackageManagerLocked(); + pushToActivityTaskManagerLocked(); pushToAppOpsLocked(); } } diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java index a847b6ab105c..2ce4c54a932b 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java @@ -65,7 +65,8 @@ public class DevicePolicyManagerServiceTestable extends DevicePolicyManagerServi public OwnersTestable(MockSystemServices services) { super(services.userManager, services.userManagerInternal, - services.packageManagerInternal, new MockInjector(services)); + services.packageManagerInternal, services.activityTaskManagerInternal, + new MockInjector(services)); } static class MockInjector extends Injector { diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/MockSystemServices.java b/services/tests/servicestests/src/com/android/server/devicepolicy/MockSystemServices.java index 4724f1cdd324..8f0aeea3dbf8 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/MockSystemServices.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/MockSystemServices.java @@ -64,6 +64,7 @@ import android.view.IWindowManager; import com.android.internal.util.test.FakeSettingsProvider; import com.android.internal.widget.LockPatternUtils; import com.android.server.net.NetworkPolicyManagerInternal; +import com.android.server.wm.ActivityTaskManagerInternal; import java.io.File; import java.io.IOException; @@ -94,6 +95,7 @@ public class MockSystemServices { public final IActivityManager iactivityManager; public final IActivityTaskManager iactivityTaskManager; public ActivityManagerInternal activityManagerInternal; + public ActivityTaskManagerInternal activityTaskManagerInternal; public final IPackageManager ipackageManager; public final IBackupManager ibackupManager; public final IAudioService iaudioService; @@ -133,6 +135,7 @@ public class MockSystemServices { iactivityManager = mock(IActivityManager.class); iactivityTaskManager = mock(IActivityTaskManager.class); activityManagerInternal = mock(ActivityManagerInternal.class); + activityTaskManagerInternal = mock(ActivityTaskManagerInternal.class); ipackageManager = mock(IPackageManager.class); ibackupManager = mock(IBackupManager.class); iaudioService = mock(IAudioService.class); diff --git a/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java b/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java index 60f1ae26f5dd..392b0106c8e5 100644 --- a/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java +++ b/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java @@ -61,7 +61,6 @@ import static org.mockito.ArgumentMatchers.eq; import android.app.ActivityOptions; import android.app.IApplicationThread; -import android.app.admin.DevicePolicyManager; import android.content.ComponentName; import android.content.Intent; import android.content.pm.ActivityInfo; @@ -643,7 +642,7 @@ public class ActivityStarterTests extends ActivityTestsBase { UNIMPORTANT_UID2, false, PROCESS_STATE_TOP + 1, false, false, false, true, false); runAndVerifyBackgroundActivityStartsSubtest( - "disallowed_callingPackageIsDeviceOwner_notAborted", false, + "disallowed_callingPackageNameIsDeviceOwner_notAborted", false, UNIMPORTANT_UID, false, PROCESS_STATE_TOP + 1, UNIMPORTANT_UID2, false, PROCESS_STATE_TOP + 1, false, false, false, false, true); @@ -655,7 +654,7 @@ public class ActivityStarterTests extends ActivityTestsBase { boolean hasForegroundActivities, boolean callerIsRecents, boolean callerIsTempWhitelisted, boolean callerIsInstrumentingWithBackgroundActivityStartPrivileges, - boolean isCallingPackageDeviceOwner) { + boolean isCallingPackageNameDeviceOwner) { // window visibility doReturn(callingUidHasVisibleWindow).when(mService.mWindowManager.mRoot) .isAnyNonToastWindowVisibleForUid(callingUid); @@ -681,9 +680,8 @@ public class ActivityStarterTests extends ActivityTestsBase { // caller is instrumenting with background activity starts privileges callerApp.setInstrumenting(callerIsInstrumentingWithBackgroundActivityStartPrivileges, callerIsInstrumentingWithBackgroundActivityStartPrivileges); - // caller is device owner - DevicePolicyManager dpmMock = mService.getDevicePolicyManager(); - doReturn(isCallingPackageDeviceOwner).when(dpmMock).isDeviceOwnerApp(any()); + // calling package name is whitelisted + doReturn(isCallingPackageNameDeviceOwner).when(mService).isDeviceOwner(any()); final ActivityOptions options = spy(ActivityOptions.makeBasic()); ActivityStarter starter = prepareStarter(FLAG_ACTIVITY_NEW_TASK) diff --git a/services/tests/wmtests/src/com/android/server/wm/ActivityTestsBase.java b/services/tests/wmtests/src/com/android/server/wm/ActivityTestsBase.java index 21a4e8417bab..abc0bd64c0e0 100644 --- a/services/tests/wmtests/src/com/android/server/wm/ActivityTestsBase.java +++ b/services/tests/wmtests/src/com/android/server/wm/ActivityTestsBase.java @@ -42,7 +42,6 @@ import static com.android.server.wm.ActivityStackSupervisor.ON_TOP; import android.app.ActivityManagerInternal; import android.app.ActivityOptions; import android.app.IApplicationThread; -import android.app.admin.DevicePolicyManager; import android.content.ComponentName; import android.content.Context; import android.content.Intent; @@ -437,7 +436,6 @@ class ActivityTestsBase { spyOn(getLifecycleManager()); spyOn(getLockTaskController()); doReturn(mock(IPackageManager.class)).when(this).getPackageManager(); - doReturn(mock(DevicePolicyManager.class)).when(this).getDevicePolicyManager(); // allow background activity starts by default doReturn(true).when(this).isBackgroundActivityStartsEnabled(); doNothing().when(this).updateCpuStats(); |