From 302c1fe9471ca504fb6d2c5da0d0cb637c0fcd88 Mon Sep 17 00:00:00 2001
From: Alex Johnston <acjohnston@google.com>
Date: Thu, 18 Jun 2020 20:00:51 +0100
Subject: Change behaviour of screen capture disabled

Background
* Historically, when the screen capture disabled
  policy was set on the personal profile, screen
  capture was disabled for the whole device
  (per-device).
* This should be changed to only be disabled in
  the personal profile (per-profile).

Changes
* Renamed DevicePolicyCache methods to setScreenCaptureAllowed
  and isScreenCaptureAllowed
* Added parameter ownerCanAddInternalSystemWindow to
  isScreenCaptureAllowed

Bug: 148453838
Bug: 157035400
Test: atest com.android.server.devicepolicy.DevicePolicyManagerTest
Change-Id: If1bd68f0ec3e88497c5d3b4382977b526b2364ba
---
 core/java/android/app/admin/DevicePolicyCache.java       |  8 +++++---
 .../core/java/com/android/server/wm/ActivityRecord.java  |  5 ++---
 .../android/server/wm/ActivityTaskManagerService.java    |  2 +-
 .../core/java/com/android/server/wm/DisplayContent.java  |  2 +-
 .../java/com/android/server/wm/RootWindowContainer.java  |  4 ++--
 .../java/com/android/server/wm/WindowManagerService.java | 16 ++--------------
 .../core/java/com/android/server/wm/WindowState.java     |  9 +++++++++
 .../java/com/android/server/wm/WindowStateAnimator.java  |  2 +-
 .../server/devicepolicy/DevicePolicyCacheImpl.java       |  8 ++++----
 .../server/devicepolicy/DevicePolicyManagerService.java  |  2 +-
 10 files changed, 28 insertions(+), 30 deletions(-)

diff --git a/core/java/android/app/admin/DevicePolicyCache.java b/core/java/android/app/admin/DevicePolicyCache.java
index 4d9970c2c144..15ff531b445d 100644
--- a/core/java/android/app/admin/DevicePolicyCache.java
+++ b/core/java/android/app/admin/DevicePolicyCache.java
@@ -41,7 +41,8 @@ public abstract class DevicePolicyCache {
     /**
      * See {@link DevicePolicyManager#getScreenCaptureDisabled}
      */
-    public abstract boolean getScreenCaptureDisabled(@UserIdInt int userHandle);
+    public abstract boolean isScreenCaptureAllowed(@UserIdInt int userHandle,
+            boolean ownerCanAddInternalSystemWindow);
 
     /**
      * Caches {@link DevicePolicyManager#getPasswordQuality(android.content.ComponentName)} of the
@@ -56,8 +57,9 @@ public abstract class DevicePolicyCache {
         private static final EmptyDevicePolicyCache INSTANCE = new EmptyDevicePolicyCache();
 
         @Override
-        public boolean getScreenCaptureDisabled(int userHandle) {
-            return false;
+        public boolean isScreenCaptureAllowed(int userHandle,
+                boolean ownerCanAddInternalSystemWindow) {
+            return true;
         }
 
         @Override
diff --git a/services/core/java/com/android/server/wm/ActivityRecord.java b/services/core/java/com/android/server/wm/ActivityRecord.java
index 5668454b7bb6..c5d2905e6112 100644
--- a/services/core/java/com/android/server/wm/ActivityRecord.java
+++ b/services/core/java/com/android/server/wm/ActivityRecord.java
@@ -4341,9 +4341,8 @@ final class ActivityRecord extends WindowToken implements WindowManagerService.A
      *         screenshot.
      */
     boolean shouldUseAppThemeSnapshot() {
-        return mDisablePreviewScreenshots || forAllWindows(w -> {
-                    return mWmService.isSecureLocked(w);
-                }, true /* topToBottom */);
+        return mDisablePreviewScreenshots || forAllWindows(WindowState::isSecureLocked,
+                true /* topToBottom */);
     }
 
     /**
diff --git a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
index 6dd1ea934497..b695f5ad1a17 100644
--- a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
+++ b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
@@ -3824,7 +3824,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
             }
             userId = activity.mUserId;
         }
-        return !DevicePolicyCache.getInstance().getScreenCaptureDisabled(userId);
+        return DevicePolicyCache.getInstance().isScreenCaptureAllowed(userId, false);
     }
 
     @Override
diff --git a/services/core/java/com/android/server/wm/DisplayContent.java b/services/core/java/com/android/server/wm/DisplayContent.java
index d55883968b56..0b56c8e07b42 100644
--- a/services/core/java/com/android/server/wm/DisplayContent.java
+++ b/services/core/java/com/android/server/wm/DisplayContent.java
@@ -3781,7 +3781,7 @@ class DisplayContent extends WindowContainer<DisplayContent.DisplayChildWindowCo
     }
 
     boolean hasSecureWindowOnScreen() {
-        final WindowState win = getWindow(w -> w.isOnScreen() && mWmService.isSecureLocked(w));
+        final WindowState win = getWindow(w -> w.isOnScreen() && w.isSecureLocked());
         return win != null;
     }
 
diff --git a/services/core/java/com/android/server/wm/RootWindowContainer.java b/services/core/java/com/android/server/wm/RootWindowContainer.java
index 583663c5455f..45a36e562aac 100644
--- a/services/core/java/com/android/server/wm/RootWindowContainer.java
+++ b/services/core/java/com/android/server/wm/RootWindowContainer.java
@@ -662,10 +662,10 @@ class RootWindowContainer extends WindowContainer<DisplayContent>
         }
     }
 
-    void setSecureSurfaceState(int userId, boolean disabled) {
+    void setSecureSurfaceState(int userId) {
         forAllWindows((w) -> {
             if (w.mHasSurface && userId == w.mShowUserId) {
-                w.mWinAnimator.setSecureLocked(disabled);
+                w.mWinAnimator.setSecureLocked(w.isSecureLocked());
             }
         }, true /* traverseTopToBottom */);
     }
diff --git a/services/core/java/com/android/server/wm/WindowManagerService.java b/services/core/java/com/android/server/wm/WindowManagerService.java
index 10d07573f8c6..3d2373ae2468 100644
--- a/services/core/java/com/android/server/wm/WindowManagerService.java
+++ b/services/core/java/com/android/server/wm/WindowManagerService.java
@@ -139,7 +139,6 @@ import android.app.IActivityManager;
 import android.app.IActivityTaskManager;
 import android.app.IAssistDataReceiver;
 import android.app.WindowConfiguration;
-import android.app.admin.DevicePolicyCache;
 import android.content.BroadcastReceiver;
 import android.content.ContentResolver;
 import android.content.Context;
@@ -1881,16 +1880,6 @@ public class WindowManagerService extends IWindowManager.Stub
         }
     }
 
-    boolean isSecureLocked(WindowState w) {
-        if ((w.mAttrs.flags&WindowManager.LayoutParams.FLAG_SECURE) != 0) {
-            return true;
-        }
-        if (DevicePolicyCache.getInstance().getScreenCaptureDisabled(w.mShowUserId)) {
-            return true;
-        }
-        return false;
-    }
-
     /**
      * Set whether screen capture is disabled for all windows of a specific user from
      * the device policy cache.
@@ -1904,8 +1893,7 @@ public class WindowManagerService extends IWindowManager.Stub
 
         synchronized (mGlobalLock) {
             // Update secure surface for all windows belonging to this user.
-            mRoot.setSecureSurfaceState(userId,
-                    DevicePolicyCache.getInstance().getScreenCaptureDisabled(userId));
+            mRoot.setSecureSurfaceState(userId);
         }
     }
 
@@ -2255,7 +2243,7 @@ public class WindowManagerService extends IWindowManager.Stub
                     && (win.mAttrs.flags & FLAG_SHOW_WALLPAPER) != 0;
             wallpaperMayMove |= (flagChanges & FLAG_SHOW_WALLPAPER) != 0;
             if ((flagChanges & FLAG_SECURE) != 0 && winAnimator.mSurfaceController != null) {
-                winAnimator.mSurfaceController.setSecure(isSecureLocked(win));
+                winAnimator.mSurfaceController.setSecure(win.isSecureLocked());
             }
 
             win.mRelayoutCalled = true;
diff --git a/services/core/java/com/android/server/wm/WindowState.java b/services/core/java/com/android/server/wm/WindowState.java
index 3532edf302c4..6f439ae1ef53 100644
--- a/services/core/java/com/android/server/wm/WindowState.java
+++ b/services/core/java/com/android/server/wm/WindowState.java
@@ -176,6 +176,7 @@ import static com.android.server.wm.WindowStateProto.WINDOW_FRAMES;
 import android.annotation.CallSuper;
 import android.annotation.Nullable;
 import android.app.AppOpsManager;
+import android.app.admin.DevicePolicyCache;
 import android.content.Context;
 import android.content.res.Configuration;
 import android.graphics.Matrix;
@@ -1744,6 +1745,14 @@ class WindowState extends WindowContainer<WindowState> implements WindowManagerP
                && mActivityRecord.getActivityType() == ACTIVITY_TYPE_DREAM;
     }
 
+    boolean isSecureLocked() {
+        if ((mAttrs.flags & WindowManager.LayoutParams.FLAG_SECURE) != 0) {
+            return true;
+        }
+        return !DevicePolicyCache.getInstance().isScreenCaptureAllowed(mShowUserId,
+                mOwnerCanAddInternalSystemWindow);
+    }
+
     /**
      * Whether this window's drawn state might affect the drawn states of the app token.
      *
diff --git a/services/core/java/com/android/server/wm/WindowStateAnimator.java b/services/core/java/com/android/server/wm/WindowStateAnimator.java
index 8115ac8c6bef..508d2d477067 100644
--- a/services/core/java/com/android/server/wm/WindowStateAnimator.java
+++ b/services/core/java/com/android/server/wm/WindowStateAnimator.java
@@ -476,7 +476,7 @@ class WindowStateAnimator {
         int flags = SurfaceControl.HIDDEN;
         final WindowManager.LayoutParams attrs = w.mAttrs;
 
-        if (mService.isSecureLocked(w)) {
+        if (w.isSecureLocked()) {
             flags |= SurfaceControl.SECURE;
         }
 
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyCacheImpl.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyCacheImpl.java
index f3a693550b38..d616ed30772a 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyCacheImpl.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyCacheImpl.java
@@ -51,15 +51,15 @@ public class DevicePolicyCacheImpl extends DevicePolicyCache {
     }
 
     @Override
-    public boolean getScreenCaptureDisabled(int userHandle) {
+    public boolean isScreenCaptureAllowed(int userHandle, boolean ownerCanAddInternalSystemWindow) {
         synchronized (mLock) {
-            return mScreenCaptureDisabled.get(userHandle);
+            return !mScreenCaptureDisabled.get(userHandle) || ownerCanAddInternalSystemWindow;
         }
     }
 
-    public void setScreenCaptureDisabled(int userHandle, boolean disabled) {
+    public void setScreenCaptureAllowed(int userHandle, boolean allowed) {
         synchronized (mLock) {
-            mScreenCaptureDisabled.put(userHandle, disabled);
+            mScreenCaptureDisabled.put(userHandle, !allowed);
         }
     }
 
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 401649a2e522..c6b93d6ca4f4 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -7990,7 +7990,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
     }
 
     private void updateScreenCaptureDisabled(int userHandle, boolean disabled) {
-        mPolicyCache.setScreenCaptureDisabled(userHandle, disabled);
+        mPolicyCache.setScreenCaptureAllowed(userHandle, !disabled);
         mHandler.post(() -> {
             try {
                 mInjector.getIWindowManager().refreshScreenCaptureDisabled(userHandle);
-- 
cgit v1.2.3-59-g8ed1b