diff options
10 files changed, 67 insertions, 72 deletions
diff --git a/core/java/android/app/admin/DeviceAdminInfo.java b/core/java/android/app/admin/DeviceAdminInfo.java index 7d5d5c162271..986205a346f7 100644 --- a/core/java/android/app/admin/DeviceAdminInfo.java +++ b/core/java/android/app/admin/DeviceAdminInfo.java @@ -16,10 +16,11 @@ package android.app.admin; +import static android.app.admin.flags.Flags.FLAG_HEADLESS_DEVICE_OWNER_SINGLE_USER_ENABLED; + import android.annotation.FlaggedApi; import android.annotation.IntDef; import android.annotation.NonNull; -import android.app.admin.flags.Flags; import android.compat.annotation.UnsupportedAppUsage; import android.content.ComponentName; import android.content.Context; @@ -185,7 +186,7 @@ public final class DeviceAdminInfo implements Parcelable { * <p>This mode only allows a single secondary user on the device blocking the creation of * additional secondary users. */ - @FlaggedApi(Flags.FLAG_HEADLESS_DEVICE_OWNER_SINGLE_USER_ENABLED) + @FlaggedApi(FLAG_HEADLESS_DEVICE_OWNER_SINGLE_USER_ENABLED) public static final int HEADLESS_DEVICE_OWNER_MODE_SINGLE_USER = 2; @IntDef({HEADLESS_DEVICE_OWNER_MODE_UNSUPPORTED, HEADLESS_DEVICE_OWNER_MODE_AFFILIATED, diff --git a/core/java/android/app/admin/DevicePolicyIdentifiers.java b/core/java/android/app/admin/DevicePolicyIdentifiers.java index 3c56aaf33ef3..eeaf0b3706fc 100644 --- a/core/java/android/app/admin/DevicePolicyIdentifiers.java +++ b/core/java/android/app/admin/DevicePolicyIdentifiers.java @@ -16,13 +16,13 @@ package android.app.admin; +import static android.app.admin.flags.Flags.FLAG_POLICY_ENGINE_MIGRATION_V2_ENABLED; import static android.app.admin.flags.Flags.FLAG_SECURITY_LOG_V2_ENABLED; import android.annotation.FlaggedApi; import android.annotation.NonNull; import android.annotation.SystemApi; import android.annotation.TestApi; -import android.app.admin.flags.Flags; import android.os.UserManager; import java.util.Objects; @@ -188,13 +188,13 @@ public final class DevicePolicyIdentifiers { /** * String identifier for {@link DevicePolicyManager#setUsbDataSignalingEnabled}. */ - @FlaggedApi(Flags.FLAG_POLICY_ENGINE_MIGRATION_V2_ENABLED) + @FlaggedApi(FLAG_POLICY_ENGINE_MIGRATION_V2_ENABLED) public static final String USB_DATA_SIGNALING_POLICY = "usbDataSignaling"; /** * String identifier for {@link DevicePolicyManager#setRequiredPasswordComplexity}. */ - @FlaggedApi(Flags.FLAG_POLICY_ENGINE_MIGRATION_V2_ENABLED) + @FlaggedApi(FLAG_POLICY_ENGINE_MIGRATION_V2_ENABLED) public static final String PASSWORD_COMPLEXITY_POLICY = "passwordComplexity"; /** diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java index a6fda9d23aca..083705bca09e 100644 --- a/core/java/android/app/admin/DevicePolicyManager.java +++ b/core/java/android/app/admin/DevicePolicyManager.java @@ -53,8 +53,11 @@ import static android.Manifest.permission.QUERY_ADMIN_POLICY; import static android.Manifest.permission.REQUEST_PASSWORD_COMPLEXITY; import static android.Manifest.permission.SET_TIME; import static android.Manifest.permission.SET_TIME_ZONE; +import static android.app.admin.flags.Flags.FLAG_DEVICE_THEFT_API_ENABLED; import static android.app.admin.flags.Flags.FLAG_ESIM_MANAGEMENT_ENABLED; import static android.app.admin.flags.Flags.FLAG_DEVICE_POLICY_SIZE_TRACKING_ENABLED; +import static android.app.admin.flags.Flags.FLAG_HEADLESS_DEVICE_OWNER_SINGLE_USER_ENABLED; +import static android.app.admin.flags.Flags.FLAG_PERMISSION_MIGRATION_FOR_ZERO_TRUST_API_ENABLED; import static android.app.admin.flags.Flags.FLAG_SECURITY_LOG_V2_ENABLED; import static android.app.admin.flags.Flags.onboardingBugreportV2Enabled; import static android.app.admin.flags.Flags.FLAG_IS_MTE_POLICY_ENFORCED; @@ -90,7 +93,6 @@ import android.app.Activity; import android.app.IServiceConnection; import android.app.KeyguardManager; import android.app.admin.SecurityLog.SecurityEvent; -import android.app.admin.flags.Flags; import android.app.compat.CompatChanges; import android.compat.annotation.ChangeId; import android.compat.annotation.EnabledSince; @@ -153,10 +155,10 @@ import com.android.internal.annotations.VisibleForTesting; import com.android.internal.infra.AndroidFuture; import com.android.internal.net.NetworkUtilsInternal; import com.android.internal.os.BackgroundThread; +import com.android.internal.os.Zygote; import com.android.internal.util.ArrayUtils; import com.android.internal.util.Preconditions; import com.android.org.conscrypt.TrustedCertificateStore; -import com.android.internal.os.Zygote; import java.io.ByteArrayInputStream; import java.io.FileNotFoundException; @@ -2879,7 +2881,7 @@ public class DevicePolicyManager { * @hide */ @SystemApi - @FlaggedApi(Flags.FLAG_HEADLESS_DEVICE_OWNER_SINGLE_USER_ENABLED) + @FlaggedApi(FLAG_HEADLESS_DEVICE_OWNER_SINGLE_USER_ENABLED) public static final int STATUS_HEADLESS_ONLY_SYSTEM_USER = 17; /** @@ -13447,7 +13449,7 @@ public class DevicePolicyManager { */ @RequiresPermission(value = MANAGE_DEVICE_POLICY_QUERY_SYSTEM_UPDATES, conditional = true) @SuppressLint("RequiresPermission") - @FlaggedApi(Flags.FLAG_PERMISSION_MIGRATION_FOR_ZERO_TRUST_API_ENABLED) + @FlaggedApi(FLAG_PERMISSION_MIGRATION_FOR_ZERO_TRUST_API_ENABLED) public @Nullable SystemUpdateInfo getPendingSystemUpdate(@Nullable ComponentName admin) { throwIfParentInstance("getPendingSystemUpdate"); try { @@ -16608,7 +16610,7 @@ public class DevicePolicyManager { */ @RequiresPermission(value = MANAGE_DEVICE_POLICY_CERTIFICATES, conditional = true) @SuppressLint("RequiresPermission") - @FlaggedApi(Flags.FLAG_PERMISSION_MIGRATION_FOR_ZERO_TRUST_API_ENABLED) + @FlaggedApi(FLAG_PERMISSION_MIGRATION_FOR_ZERO_TRUST_API_ENABLED) @NonNull public String getEnrollmentSpecificId() { throwIfParentInstance("getEnrollmentSpecificId"); if (mService == null) { @@ -17134,7 +17136,7 @@ public class DevicePolicyManager { */ @SystemApi @RequiresPermission(value = MANAGE_DEVICE_POLICY_THEFT_DETECTION) - @FlaggedApi(Flags.FLAG_DEVICE_THEFT_API_ENABLED) + @FlaggedApi(FLAG_DEVICE_THEFT_API_ENABLED) public boolean isTheftDetectionTriggered() { throwIfParentInstance("isTheftDetectionTriggered"); if (mService == null) { diff --git a/core/java/android/app/admin/SecurityLog.java b/core/java/android/app/admin/SecurityLog.java index ed1b8ca9b5bd..477f2e007b33 100644 --- a/core/java/android/app/admin/SecurityLog.java +++ b/core/java/android/app/admin/SecurityLog.java @@ -16,6 +16,8 @@ package android.app.admin; +import static android.app.admin.flags.Flags.FLAG_BACKUP_SERVICE_SECURITY_LOG_EVENT_ENABLED; + import android.Manifest; import android.annotation.FlaggedApi; import android.annotation.IntDef; @@ -24,7 +26,6 @@ import android.annotation.Nullable; import android.annotation.RequiresPermission; import android.annotation.SystemApi; import android.annotation.TestApi; -import android.app.admin.flags.Flags; import android.compat.annotation.UnsupportedAppUsage; import android.content.ComponentName; import android.os.Build; @@ -610,7 +611,7 @@ public class SecurityLog { * <li> [2] backup service state ({@code Integer}, 1 for enabled, 0 for disabled) * @see DevicePolicyManager#setBackupServiceEnabled(ComponentName, boolean) */ - @FlaggedApi(Flags.FLAG_BACKUP_SERVICE_SECURITY_LOG_EVENT_ENABLED) + @FlaggedApi(FLAG_BACKUP_SERVICE_SECURITY_LOG_EVENT_ENABLED) public static final int TAG_BACKUP_SERVICE_TOGGLED = SecurityLogTags.SECURITY_BACKUP_SERVICE_TOGGLED; /** diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java b/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java index 17638fcaba68..dc8cec91001b 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java @@ -21,8 +21,6 @@ import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_NONE; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; import static android.app.admin.WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_ALLOWLIST; import static android.app.admin.WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_DENYLIST; -import static android.app.admin.flags.Flags.dumpsysPolicyEngineMigrationEnabled; -import static android.app.admin.flags.Flags.policyEngineMigrationV2Enabled; import static android.net.NetworkCapabilities.NET_ENTERPRISE_ID_1; import static com.android.server.devicepolicy.DevicePolicyManagerService.LOG_TAG; @@ -41,6 +39,7 @@ import android.app.admin.PackagePolicy; import android.app.admin.PasswordPolicy; import android.app.admin.PreferentialNetworkServiceConfig; import android.app.admin.WifiSsidPolicy; +import android.app.admin.flags.Flags; import android.graphics.Color; import android.net.wifi.WifiSsid; import android.os.Bundle; @@ -1297,7 +1296,7 @@ class ActiveAdmin { pw.print("encryptionRequested="); pw.println(encryptionRequested); - if (!dumpsysPolicyEngineMigrationEnabled()) { + if (!Flags.dumpsysPolicyEngineMigrationEnabled()) { pw.print("disableCamera="); pw.println(disableCamera); @@ -1316,7 +1315,8 @@ class ActiveAdmin { UserRestrictionsUtils.dumpRestrictions(pw, " ", userRestrictions); } - if (!policyEngineMigrationV2Enabled() || !dumpsysPolicyEngineMigrationEnabled()) { + if (!Flags.policyEngineMigrationV2Enabled() + || !Flags.dumpsysPolicyEngineMigrationEnabled()) { pw.print("mUsbDataSignaling="); pw.println(mUsbDataSignalingEnabled); } diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyEngine.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyEngine.java index 3e066f23a520..12f44074a4ad 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyEngine.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyEngine.java @@ -24,7 +24,6 @@ import static android.app.admin.PolicyUpdateResult.RESULT_FAILURE_HARDWARE_LIMIT import static android.app.admin.PolicyUpdateResult.RESULT_FAILURE_STORAGE_LIMIT_REACHED; import static android.app.admin.PolicyUpdateResult.RESULT_POLICY_CLEARED; import static android.app.admin.PolicyUpdateResult.RESULT_POLICY_SET; -import static android.app.admin.flags.Flags.devicePolicySizeTrackingEnabled; import static android.content.pm.UserProperties.INHERIT_DEVICE_POLICY_FROM_PARENT; import android.Manifest; @@ -42,6 +41,7 @@ import android.app.admin.PolicyUpdateReceiver; import android.app.admin.PolicyValue; import android.app.admin.TargetUser; import android.app.admin.UserRestrictionPolicyKey; +import android.app.admin.flags.Flags; import android.content.ComponentName; import android.content.Context; import android.content.Intent; @@ -225,7 +225,7 @@ final class DevicePolicyEngine { synchronized (mLock) { PolicyState<V> localPolicyState = getLocalPolicyStateLocked(policyDefinition, userId); - if (devicePolicySizeTrackingEnabled() && false) { + if (Flags.devicePolicySizeTrackingEnabled() && false) { if (!handleAdminPolicySizeLimit(localPolicyState, enforcingAdmin, value, policyDefinition, userId)) { return; @@ -350,7 +350,7 @@ final class DevicePolicyEngine { } PolicyState<V> localPolicyState = getLocalPolicyStateLocked(policyDefinition, userId); - if (devicePolicySizeTrackingEnabled() && false) { + if (Flags.devicePolicySizeTrackingEnabled() && false) { decreasePolicySizeForAdmin(localPolicyState, enforcingAdmin); } @@ -496,7 +496,7 @@ final class DevicePolicyEngine { synchronized (mLock) { PolicyState<V> globalPolicyState = getGlobalPolicyStateLocked(policyDefinition); - if (devicePolicySizeTrackingEnabled() && false) { + if (Flags.devicePolicySizeTrackingEnabled() && false) { if (!handleAdminPolicySizeLimit(globalPolicyState, enforcingAdmin, value, policyDefinition, UserHandle.USER_ALL)) { return; @@ -568,7 +568,7 @@ final class DevicePolicyEngine { synchronized (mLock) { PolicyState<V> policyState = getGlobalPolicyStateLocked(policyDefinition); - if (devicePolicySizeTrackingEnabled() && false) { + if (Flags.devicePolicySizeTrackingEnabled() && false) { decreasePolicySizeForAdmin(policyState, enforcingAdmin); } @@ -1892,7 +1892,7 @@ final class DevicePolicyEngine { private void writeEnforcingAdminSizeInner(TypedXmlSerializer serializer) throws IOException { - if (devicePolicySizeTrackingEnabled() && false) { + if (Flags.devicePolicySizeTrackingEnabled() && false) { if (mAdminPolicySize != null) { for (int i = 0; i < mAdminPolicySize.size(); i++) { int userId = mAdminPolicySize.keyAt(i); @@ -1916,7 +1916,7 @@ final class DevicePolicyEngine { private void writeMaxPolicySizeInner(TypedXmlSerializer serializer) throws IOException { - if (!devicePolicySizeTrackingEnabled() || true) { + if (!Flags.devicePolicySizeTrackingEnabled() || true) { return; } serializer.startTag(/* namespace= */ null, TAG_MAX_POLICY_SIZE_LIMIT); @@ -2081,7 +2081,7 @@ final class DevicePolicyEngine { private void readMaxPolicySizeInner(TypedXmlPullParser parser) throws XmlPullParserException, IOException { - if (!devicePolicySizeTrackingEnabled() || true) { + if (!Flags.devicePolicySizeTrackingEnabled() || true) { return; } mPolicySizeLimit = parser.getAttributeInt(/* namespace= */ null, ATTR_POLICY_SUM_SIZE); diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 9d84d6fc40b4..cfd90f67d6fc 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -239,14 +239,6 @@ import static android.app.admin.ProvisioningException.ERROR_REMOVE_NON_REQUIRED_ import static android.app.admin.ProvisioningException.ERROR_SETTING_PROFILE_OWNER_FAILED; import static android.app.admin.ProvisioningException.ERROR_SET_DEVICE_OWNER_FAILED; import static android.app.admin.ProvisioningException.ERROR_STARTING_PROFILE_FAILED; -import static android.app.admin.flags.Flags.backupServiceSecurityLogEventEnabled; -import static android.app.admin.flags.Flags.devicePolicySizeTrackingEnabled; -import static android.app.admin.flags.Flags.dumpsysPolicyEngineMigrationEnabled; -import static android.app.admin.flags.Flags.headlessDeviceOwnerSingleUserEnabled; -import static android.app.admin.flags.Flags.permissionMigrationForZeroTrustImplEnabled; -import static android.app.admin.flags.Flags.policyEngineMigrationV2Enabled; -import static android.app.admin.flags.Flags.assistContentUserRestrictionEnabled; -import static android.app.admin.flags.Flags.securityLogV2Enabled; import static android.content.Intent.ACTION_MANAGED_PROFILE_AVAILABLE; import static android.content.Intent.ACTION_MANAGED_PROFILE_UNAVAILABLE; import static android.content.Intent.FLAG_ACTIVITY_NEW_TASK; @@ -360,6 +352,7 @@ import android.app.admin.SystemUpdatePolicy; import android.app.admin.UnsafeStateException; import android.app.admin.UserRestrictionPolicyKey; import android.app.admin.WifiSsidPolicy; +import android.app.admin.flags.Flags; import android.app.backup.IBackupManager; import android.app.compat.CompatChanges; import android.app.role.OnRoleHoldersChangedListener; @@ -513,7 +506,6 @@ import com.android.internal.widget.PasswordValidationError; import com.android.modules.utils.TypedXmlPullParser; import com.android.modules.utils.TypedXmlSerializer; import com.android.net.module.util.ProxyUtils; -import com.android.net.thread.flags.Flags; import com.android.server.AlarmManagerInternal; import com.android.server.LocalManagerRegistry; import com.android.server.LocalServices; @@ -2728,7 +2720,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return; } - if (securityLogV2Enabled()) { + if (Flags.securityLogV2Enabled()) { boolean auditLoggingEnabled = Boolean.TRUE.equals( mDevicePolicyEngine.getResolvedPolicy( PolicyDefinition.AUDIT_LOGGING, UserHandle.USER_ALL)); @@ -3418,7 +3410,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { @GuardedBy("getLockObject()") private void maybeMigrateSecurityLoggingPolicyLocked() { - if (!securityLogV2Enabled() || mOwners.isSecurityLoggingMigrated()) { + if (!Flags.securityLogV2Enabled() || mOwners.isSecurityLoggingMigrated()) { return; } @@ -3522,7 +3514,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } revertTransferOwnershipIfNecessaryLocked(); - if (!policyEngineMigrationV2Enabled()) { + if (!Flags.policyEngineMigrationV2Enabled()) { updateUsbDataSignal(mContext, isUsbDataSignalingEnabledInternalLocked()); } } @@ -11151,7 +11143,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { pw.println(); mStatLogger.dump(pw); pw.println(); - if (dumpsysPolicyEngineMigrationEnabled()) { + if (Flags.dumpsysPolicyEngineMigrationEnabled()) { mDevicePolicyEngine.dump(pw); pw.println(); } @@ -12068,7 +12060,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } if (packageList != null) { - if (!devicePolicySizeTrackingEnabled()) { + if (!Flags.devicePolicySizeTrackingEnabled()) { for (String pkg : packageList) { PolicySizeVerifier.enforceMaxPackageNameLength(pkg); } @@ -12313,7 +12305,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { Preconditions.checkCallAuthorization(isDefaultDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_CREATE_AND_MANAGE_USER); - if (headlessDeviceOwnerSingleUserEnabled()) { + if (Flags.headlessDeviceOwnerSingleUserEnabled()) { // Block this method if the device is in headless main user mode Preconditions.checkCallAuthorization( getHeadlessDeviceOwnerMode() != HEADLESS_DEVICE_OWNER_MODE_SINGLE_USER, @@ -13438,12 +13430,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { UserManager.DISALLOW_SMS, new String[]{MANAGE_DEVICE_POLICY_SMS}); USER_RESTRICTION_PERMISSIONS.put( UserManager.DISALLOW_SYSTEM_ERROR_DIALOGS, new String[]{MANAGE_DEVICE_POLICY_SYSTEM_DIALOGS}); - if (Flags.threadUserRestrictionEnabled()) { + if (com.android.net.thread.flags.Flags.threadUserRestrictionEnabled()) { USER_RESTRICTION_PERMISSIONS.put( UserManager.DISALLOW_THREAD_NETWORK, new String[]{MANAGE_DEVICE_POLICY_THREAD_NETWORK}); } - if (assistContentUserRestrictionEnabled()) { + if (Flags.assistContentUserRestrictionEnabled()) { USER_RESTRICTION_PERMISSIONS.put( UserManager.DISALLOW_ASSIST_CONTENT, new String[]{MANAGE_DEVICE_POLICY_ASSIST_CONTENT}); @@ -13777,7 +13769,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return; } - if (!devicePolicySizeTrackingEnabled()) { + if (!Flags.devicePolicySizeTrackingEnabled()) { PolicySizeVerifier.enforceMaxStringLength(accountType, "account type"); } @@ -14391,7 +14383,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { public void setLockTaskPackages(ComponentName who, String callerPackageName, String[] packages) throws SecurityException { Objects.requireNonNull(packages, "packages is null"); - if (!devicePolicySizeTrackingEnabled()) { + if (!Flags.devicePolicySizeTrackingEnabled()) { for (String pkg : packages) { PolicySizeVerifier.enforceMaxPackageNameLength(pkg); } @@ -15798,7 +15790,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { @Override public void enforceSecurityLoggingPolicy(boolean enabled) { - if (!securityLogV2Enabled()) { + if (!Flags.securityLogV2Enabled()) { return; } Boolean auditLoggingEnabled = mDevicePolicyEngine.getResolvedPolicy( @@ -15808,7 +15800,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { @Override public void enforceAuditLoggingPolicy(boolean enabled) { - if (!securityLogV2Enabled()) { + if (!Flags.securityLogV2Enabled()) { return; } Boolean securityLoggingEnabled = mDevicePolicyEngine.getResolvedPolicy( @@ -16345,7 +16337,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { mContext.sendBroadcastAsUser(intent, UserHandle.of(userId)); } - if (permissionMigrationForZeroTrustImplEnabled()) { + if (Flags.permissionMigrationForZeroTrustImplEnabled()) { final UserHandle user = UserHandle.of(userId); final String roleHolderPackage = getRoleHolderPackageNameOnUser( RoleManager.ROLE_DEVICE_POLICY_MANAGEMENT, userId); @@ -16359,7 +16351,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { @Override public SystemUpdateInfo getPendingSystemUpdate(ComponentName admin, String callerPackage) { - if (permissionMigrationForZeroTrustImplEnabled()) { + if (Flags.permissionMigrationForZeroTrustImplEnabled()) { CallerIdentity caller = getCallerIdentity(admin, callerPackage); enforcePermissions(new String[] {NOTIFY_PENDING_SYSTEM_UPDATE, MANAGE_DEVICE_POLICY_QUERY_SYSTEM_UPDATES}, caller.getPackageName(), @@ -16816,7 +16808,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return STATUS_HEADLESS_SYSTEM_USER_MODE_NOT_SUPPORTED; } - if (headlessDeviceOwnerSingleUserEnabled() && isHeadlessModeSingleUser) { + if (Flags.headlessDeviceOwnerSingleUserEnabled() && isHeadlessModeSingleUser) { ensureSetUpUser = mUserManagerInternal.getMainUserId(); if (ensureSetUpUser == UserHandle.USER_NULL) { return STATUS_HEADLESS_ONLY_SYSTEM_USER; @@ -17723,7 +17715,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } final CallerIdentity caller = getCallerIdentity(who, packageName); - if (securityLogV2Enabled()) { + if (Flags.securityLogV2Enabled()) { EnforcingAdmin admin = enforcePermissionAndGetEnforcingAdmin( who, MANAGE_DEVICE_POLICY_SECURITY_LOGGING, @@ -17783,7 +17775,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return mInjector.securityLogGetLoggingEnabledProperty(); } - if (securityLogV2Enabled()) { + if (Flags.securityLogV2Enabled()) { final EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin( admin, MANAGE_DEVICE_POLICY_SECURITY_LOGGING, @@ -17881,7 +17873,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { final CallerIdentity caller = getCallerIdentity(admin, packageName); - if (securityLogV2Enabled()) { + if (Flags.securityLogV2Enabled()) { EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin( admin, MANAGE_DEVICE_POLICY_SECURITY_LOGGING, @@ -17936,7 +17928,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } final CallerIdentity caller = getCallerIdentity(callingPackage); - if (!securityLogV2Enabled()) { + if (!Flags.securityLogV2Enabled()) { throw new UnsupportedOperationException("Audit log not enabled"); } @@ -17964,7 +17956,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return false; } - if (!securityLogV2Enabled()) { + if (!Flags.securityLogV2Enabled()) { throw new UnsupportedOperationException("Audit log not enabled"); } @@ -18230,7 +18222,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { toggleBackupServiceActive(caller.getUserId(), enabled); - if (backupServiceSecurityLogEventEnabled()) { + if (Flags.backupServiceSecurityLogEventEnabled()) { if (SecurityLog.isLoggingEnabled()) { SecurityLog.writeEvent(SecurityLog.TAG_BACKUP_SERVICE_TOGGLED, caller.getPackageName(), caller.getUserId(), enabled ? 1 : 0); @@ -20951,7 +20943,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { final CallerIdentity caller = getCallerIdentity(callerPackage); - if (permissionMigrationForZeroTrustImplEnabled()) { + if (Flags.permissionMigrationForZeroTrustImplEnabled()) { enforcePermission(MANAGE_DEVICE_POLICY_CERTIFICATES, caller.getPackageName()); } else { Preconditions.checkCallAuthorization( @@ -21555,7 +21547,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { setTimeAndTimezone(provisioningParams.getTimeZone(), provisioningParams.getLocalTime()); setLocale(provisioningParams.getLocale()); - int deviceOwnerUserId = headlessDeviceOwnerSingleUserEnabled() + int deviceOwnerUserId = Flags.headlessDeviceOwnerSingleUserEnabled() && getHeadlessDeviceOwnerMode() == HEADLESS_DEVICE_OWNER_MODE_SINGLE_USER ? mUserManagerInternal.getMainUserId() : UserHandle.USER_SYSTEM; @@ -21932,7 +21924,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { Objects.requireNonNull(packageName, "Admin package name must be provided"); final CallerIdentity caller = getCallerIdentity(packageName); - if (!policyEngineMigrationV2Enabled()) { + if (!Flags.policyEngineMigrationV2Enabled()) { Preconditions.checkCallAuthorization( isDefaultDeviceOwner(caller) || isProfileOwnerOfOrganizationOwnedDevice(caller), "USB data signaling can only be controlled by a device owner or " @@ -21942,7 +21934,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } synchronized (getLockObject()) { - if (policyEngineMigrationV2Enabled()) { + if (Flags.policyEngineMigrationV2Enabled()) { EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin( /* admin= */ null, MANAGE_DEVICE_POLICY_USB_DATA_SIGNALLING, caller.getPackageName(), @@ -21982,7 +21974,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { @Override public boolean isUsbDataSignalingEnabled(String packageName) { final CallerIdentity caller = getCallerIdentity(packageName); - if (policyEngineMigrationV2Enabled()) { + if (Flags.policyEngineMigrationV2Enabled()) { Boolean enabled = mDevicePolicyEngine.getResolvedPolicy( PolicyDefinition.USB_DATA_SIGNALING, caller.getUserId()); @@ -24235,7 +24227,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { @Override public void setMaxPolicyStorageLimit(String callerPackageName, int storageLimit) { - if (!devicePolicySizeTrackingEnabled() || true) { + if (!Flags.devicePolicySizeTrackingEnabled() || true) { return; } CallerIdentity caller = getCallerIdentity(callerPackageName); @@ -24247,7 +24239,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { @Override public int getMaxPolicyStorageLimit(String callerPackageName) { - if (!devicePolicySizeTrackingEnabled() || true) { + if (!Flags.devicePolicySizeTrackingEnabled() || true) { return -1; } CallerIdentity caller = getCallerIdentity(callerPackageName); diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/OwnersData.java b/services/devicepolicy/java/com/android/server/devicepolicy/OwnersData.java index d9fef10ee41b..9d73ed0070c8 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/OwnersData.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/OwnersData.java @@ -16,11 +16,11 @@ package com.android.server.devicepolicy; import static android.app.admin.DevicePolicyManager.DEVICE_OWNER_TYPE_DEFAULT; -import static android.app.admin.flags.Flags.securityLogV2Enabled; import android.annotation.Nullable; import android.app.admin.SystemUpdateInfo; import android.app.admin.SystemUpdatePolicy; +import android.app.admin.flags.Flags; import android.content.ComponentName; import android.os.UserHandle; import android.util.ArrayMap; @@ -400,7 +400,7 @@ class OwnersData { out.startTag(null, TAG_POLICY_ENGINE_MIGRATION); out.attributeBoolean(null, ATTR_MIGRATED_TO_POLICY_ENGINE, mMigratedToPolicyEngine); - if (securityLogV2Enabled()) { + if (Flags.securityLogV2Enabled()) { out.attributeBoolean(null, ATTR_SECURITY_LOG_MIGRATED, mSecurityLoggingMigrated); } out.endTag(null, TAG_POLICY_ENGINE_MIGRATION); @@ -463,7 +463,7 @@ class OwnersData { case TAG_POLICY_ENGINE_MIGRATION: mMigratedToPolicyEngine = parser.getAttributeBoolean( null, ATTR_MIGRATED_TO_POLICY_ENGINE, false); - mSecurityLoggingMigrated = securityLogV2Enabled() + mSecurityLoggingMigrated = Flags.securityLogV2Enabled() && parser.getAttributeBoolean(null, ATTR_SECURITY_LOG_MIGRATED, false); break; default: diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/PersonalAppsSuspensionHelper.java b/services/devicepolicy/java/com/android/server/devicepolicy/PersonalAppsSuspensionHelper.java index e8c5658ca941..8cb511e8727c 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/PersonalAppsSuspensionHelper.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/PersonalAppsSuspensionHelper.java @@ -17,11 +17,11 @@ package com.android.server.devicepolicy; import static android.accessibilityservice.AccessibilityServiceInfo.FEEDBACK_ALL_MASK; -import static android.app.admin.flags.Flags.defaultSmsPersonalAppSuspensionFixEnabled; import android.accessibilityservice.AccessibilityServiceInfo; import android.annotation.Nullable; import android.annotation.UserIdInt; +import android.app.admin.flags.Flags; import android.content.ComponentName; import android.content.Context; import android.content.Intent; @@ -206,7 +206,7 @@ public final class PersonalAppsSuspensionHelper { private String getDefaultSmsPackage() { //TODO(b/319449037): Unflag the following change. - if (defaultSmsPersonalAppSuspensionFixEnabled()) { + if (Flags.defaultSmsPersonalAppSuspensionFixEnabled()) { return SmsApplication.getDefaultSmsApplicationAsUser( mContext, /*updateIfNeeded=*/ false, mContext.getUser()) .getPackageName(); diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/SecurityLogMonitor.java b/services/devicepolicy/java/com/android/server/devicepolicy/SecurityLogMonitor.java index b6ab4c759166..c582a462db81 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/SecurityLogMonitor.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/SecurityLogMonitor.java @@ -16,8 +16,6 @@ package com.android.server.devicepolicy; -import static android.app.admin.flags.Flags.securityLogV2Enabled; - import static java.util.concurrent.TimeUnit.MILLISECONDS; import static java.util.concurrent.TimeUnit.NANOSECONDS; @@ -25,6 +23,7 @@ import android.app.admin.DeviceAdminReceiver; import android.app.admin.IAuditLogEventsCallback; import android.app.admin.SecurityLog; import android.app.admin.SecurityLog.SecurityEvent; +import android.app.admin.flags.Flags; import android.os.Handler; import android.os.IBinder; import android.os.Process; @@ -468,11 +467,11 @@ class SecurityLogMonitor implements Runnable { assignLogId(event); } - if (!securityLogV2Enabled() || mLegacyLogEnabled) { + if (!Flags.securityLogV2Enabled() || mLegacyLogEnabled) { addToLegacyBufferLocked(dedupedLogs); } - if (securityLogV2Enabled() && mAuditLogEnabled) { + if (Flags.securityLogV2Enabled() && mAuditLogEnabled) { addAuditLogEventsLocked(dedupedLogs); } } @@ -549,7 +548,7 @@ class SecurityLogMonitor implements Runnable { saveLastEvents(newLogs); newLogs.clear(); - if (!securityLogV2Enabled() || mLegacyLogEnabled) { + if (!Flags.securityLogV2Enabled() || mLegacyLogEnabled) { notifyDeviceOwnerOrProfileOwnerIfNeeded(force); } } catch (IOException e) { |