diff options
| -rw-r--r-- | libs/permission/Android.bp | 7 | ||||
| -rw-r--r-- | libs/permission/AppOpsManager.cpp | 63 | ||||
| -rw-r--r-- | libs/permission/IAppOpsService.cpp | 95 | ||||
| -rw-r--r-- | libs/permission/include/binder/IAppOpsService.h | 30 |
4 files changed, 119 insertions, 76 deletions
diff --git a/libs/permission/Android.bp b/libs/permission/Android.bp index 0eeca5469e..86dcaefd87 100644 --- a/libs/permission/Android.bp +++ b/libs/permission/Android.bp @@ -20,6 +20,12 @@ aidl_interface { ], } +filegroup { + name: "framework-permission-aidl-filegroup", + srcs: ["aidl/android/**/*.aidl"], + path: "aidl", +} + cc_library { name: "libpermission", host_supported: true, @@ -35,6 +41,7 @@ cc_library { "-Werror", ], srcs: [ + ":framework-permission-aidl-filegroup", "AppOpsManager.cpp", "IAppOpsCallback.cpp", "IAppOpsService.cpp", diff --git a/libs/permission/AppOpsManager.cpp b/libs/permission/AppOpsManager.cpp index 695927418d..b407d02087 100644 --- a/libs/permission/AppOpsManager.cpp +++ b/libs/permission/AppOpsManager.cpp @@ -31,6 +31,9 @@ namespace android { +using ::android::String16; +using ::android::String8; + static const sp<IBinder>& getClientId() { static pthread_mutex_t gClientIdMutex = PTHREAD_MUTEX_INITIALIZER; static sp<IBinder> gClientId; @@ -43,6 +46,11 @@ static const sp<IBinder>& getClientId() { return gClientId; } + +static std::string getString(const String16& stringToConvert) { + return std::string(String8(stringToConvert).c_str()); +} + AppOpsManager::AppOpsManager() { } @@ -78,9 +86,14 @@ sp<IAppOpsService> AppOpsManager::getService() int32_t AppOpsManager::checkOp(int32_t op, int32_t uid, const String16& callingPackage) { sp<IAppOpsService> service = getService(); - return service != nullptr - ? service->checkOperation(op, uid, callingPackage) - : AppOpsManager::MODE_IGNORED; + if (service == nullptr) { + return AppOpsManager::MODE_IGNORED; + } + AttributionSourceState attributionSourceState; + attributionSourceState.uid = uid; + attributionSourceState.packageName = getString(callingPackage); + + return service->checkOperationWithState(op, attributionSourceState); } int32_t AppOpsManager::checkAudioOpNoThrow(int32_t op, int32_t usage, int32_t uid, @@ -99,12 +112,18 @@ int32_t AppOpsManager::noteOp(int32_t op, int32_t uid, const String16& callingPa int32_t AppOpsManager::noteOp(int32_t op, int32_t uid, const String16& callingPackage, const std::optional<String16>& attributionTag, const String16& message) { sp<IAppOpsService> service = getService(); - int32_t mode = service != nullptr - ? service->noteOperation(op, uid, callingPackage, attributionTag, - shouldCollectNotes(op), message, uid == AID_SYSTEM) - : AppOpsManager::MODE_IGNORED; + if (service == nullptr) { + return AppOpsManager::MODE_IGNORED; + } + AttributionSourceState attributionSourceState; + attributionSourceState.uid = uid; + attributionSourceState.packageName = getString(callingPackage); + if (attributionTag.has_value()) { + attributionSourceState.attributionTag = getString(attributionTag.value()); + } - return mode; + return service->noteOperationWithState(op, attributionSourceState, + shouldCollectNotes(op), message, uid == AID_SYSTEM); } int32_t AppOpsManager::startOpNoThrow(int32_t op, int32_t uid, const String16& callingPackage, @@ -117,13 +136,18 @@ int32_t AppOpsManager::startOpNoThrow(int32_t op, int32_t uid, const String16& c bool startIfModeDefault, const std::optional<String16>& attributionTag, const String16& message) { sp<IAppOpsService> service = getService(); - int32_t mode = service != nullptr - ? service->startOperation(getClientId(), op, uid, callingPackage, - attributionTag, startIfModeDefault, shouldCollectNotes(op), message, - uid == AID_SYSTEM) - : AppOpsManager::MODE_IGNORED; + if (service == nullptr) { + return AppOpsManager::MODE_IGNORED; + } + AttributionSourceState attributionSourceState; + attributionSourceState.uid = uid; + attributionSourceState.packageName = getString(callingPackage); + if (attributionTag.has_value()) { + attributionSourceState.attributionTag = getString(attributionTag.value()); + } - return mode; + return service->startOperationWithState(getClientId(), op, attributionSourceState, + startIfModeDefault,shouldCollectNotes(op), message, uid == AID_SYSTEM); } void AppOpsManager::finishOp(int32_t op, int32_t uid, const String16& callingPackage) { @@ -133,9 +157,16 @@ void AppOpsManager::finishOp(int32_t op, int32_t uid, const String16& callingPac void AppOpsManager::finishOp(int32_t op, int32_t uid, const String16& callingPackage, const std::optional<String16>& attributionTag) { sp<IAppOpsService> service = getService(); - if (service != nullptr) { - service->finishOperation(getClientId(), op, uid, callingPackage, attributionTag); + if (service == nullptr) { + return; + } + AttributionSourceState attributionSourceState; + attributionSourceState.uid = uid; + attributionSourceState.packageName = getString(callingPackage); + if (attributionTag.has_value()) { + attributionSourceState.attributionTag = getString(attributionTag.value()); } + service->finishOperationWithState(getClientId(), op, attributionSourceState); } void AppOpsManager::startWatchingMode(int32_t op, const String16& packageName, diff --git a/libs/permission/IAppOpsService.cpp b/libs/permission/IAppOpsService.cpp index 7f235a4541..33dd24d728 100644 --- a/libs/permission/IAppOpsService.cpp +++ b/libs/permission/IAppOpsService.cpp @@ -26,6 +26,8 @@ namespace android { +using android::content::AttributionSourceState; + // ---------------------------------------------------------------------- class BpAppOpsService : public BpInterface<IAppOpsService> @@ -36,31 +38,30 @@ public: { } - virtual int32_t checkOperation(int32_t code, int32_t uid, const String16& packageName) { + virtual int32_t checkOperationWithState(int32_t code, + const AttributionSourceState &attributionSourceState) { Parcel data, reply; data.writeInterfaceToken(IAppOpsService::getInterfaceDescriptor()); data.writeInt32(code); - data.writeInt32(uid); - data.writeString16(packageName); - remote()->transact(CHECK_OPERATION_TRANSACTION, data, &reply); + data.writeParcelable(attributionSourceState); + remote()->transact(CHECK_OPERATION_WITH_STATE_TRANSACTION, data, &reply); // fail on exception if (reply.readExceptionCode() != 0) return MODE_ERRORED; return reply.readInt32(); } - virtual int32_t noteOperation(int32_t code, int32_t uid, const String16& packageName, - const std::optional<String16>& attributionTag, bool shouldCollectAsyncNotedOp, - const String16& message, bool shouldCollectMessage) { + virtual int32_t noteOperationWithState(int32_t code, + const AttributionSourceState& attributionSourceState, + bool shouldCollectAsyncNotedOp, const String16& message, + bool shouldCollectMessage) { Parcel data, reply; data.writeInterfaceToken(IAppOpsService::getInterfaceDescriptor()); data.writeInt32(code); - data.writeInt32(uid); - data.writeString16(packageName); - data.writeString16(attributionTag); + data.writeParcelable(attributionSourceState); data.writeBool(shouldCollectAsyncNotedOp); data.writeString16(message); data.writeBool(shouldCollectMessage); - remote()->transact(NOTE_OPERATION_TRANSACTION, data, &reply); + remote()->transact(NOTE_OPERATION_WITH_STATE_TRANSACTION, data, &reply); // fail on exception if (reply.readExceptionCode() != 0) return MODE_ERRORED; // TODO b/184855056: extract to class @@ -69,22 +70,20 @@ public: return reply.readInt32(); } - virtual int32_t startOperation(const sp<IBinder>& token, int32_t code, int32_t uid, - const String16& packageName, const std::optional<String16>& attributionTag, - bool startIfModeDefault, bool shouldCollectAsyncNotedOp, const String16& message, + virtual int32_t startOperationWithState(const sp<IBinder>& token, int32_t code, + const AttributionSourceState& attributionSourceState, bool startIfModeDefault, + bool shouldCollectAsyncNotedOp, const String16& message, bool shouldCollectMessage) { Parcel data, reply; data.writeInterfaceToken(IAppOpsService::getInterfaceDescriptor()); data.writeStrongBinder(token); data.writeInt32(code); - data.writeInt32(uid); - data.writeString16(packageName); - data.writeString16(attributionTag); + data.writeParcelable(attributionSourceState); data.writeBool(startIfModeDefault); data.writeBool(shouldCollectAsyncNotedOp); data.writeString16(message); data.writeBool(shouldCollectMessage); - remote()->transact(START_OPERATION_TRANSACTION, data, &reply); + remote()->transact(START_OPERATION_WITH_STATE_TRANSACTION, data, &reply); // fail on exception if (reply.readExceptionCode() != 0) return MODE_ERRORED; // TODO b/184855056: extract to class @@ -93,16 +92,14 @@ public: return reply.readInt32(); } - virtual void finishOperation(const sp<IBinder>& token, int32_t code, int32_t uid, - const String16& packageName, const std::optional<String16>& attributionTag) { + virtual void finishOperationWithState(const sp<IBinder>& token, int32_t code, + const AttributionSourceState& attributionSourceState) { Parcel data, reply; data.writeInterfaceToken(IAppOpsService::getInterfaceDescriptor()); data.writeStrongBinder(token); data.writeInt32(code); - data.writeInt32(uid); - data.writeString16(packageName); - data.writeString16(attributionTag); - remote()->transact(FINISH_OPERATION_TRANSACTION, data, &reply); + data.writeParcelable(attributionSourceState); + remote()->transact(FINISH_OPERATION_WITH_STATE_TRANSACTION, data, &reply); } virtual void startWatchingMode(int32_t op, const String16& packageName, @@ -189,59 +186,65 @@ status_t BnAppOpsService::onTransact( { //printf("AppOpsService received: "); data.print(); switch(code) { - case CHECK_OPERATION_TRANSACTION: { + case CHECK_OPERATION_WITH_STATE_TRANSACTION: { CHECK_INTERFACE(IAppOpsService, data, reply); int32_t code = data.readInt32(); - int32_t uid = data.readInt32(); - String16 packageName = data.readString16(); - int32_t res = checkOperation(code, uid, packageName); + AttributionSourceState attributionSourceState; + status_t status = data.readParcelable(&attributionSourceState); + if (status != NO_ERROR) { + return status; + } + int32_t res = checkOperationWithState(code, attributionSourceState); reply->writeNoException(); reply->writeInt32(res); return NO_ERROR; } break; - case NOTE_OPERATION_TRANSACTION: { + case NOTE_OPERATION_WITH_STATE_TRANSACTION: { CHECK_INTERFACE(IAppOpsService, data, reply); int32_t code = data.readInt32(); - int32_t uid = data.readInt32(); - String16 packageName = data.readString16(); - std::optional<String16> attributionTag; - data.readString16(&attributionTag); + AttributionSourceState attributionSourceState; + status_t status = data.readParcelable(&attributionSourceState); + if (status != NO_ERROR) { + return status; + } bool shouldCollectAsyncNotedOp = data.readBool(); String16 message = data.readString16(); bool shouldCollectMessage = data.readBool(); - int32_t res = noteOperation(code, uid, packageName, attributionTag, + int32_t res = noteOperationWithState(code, attributionSourceState, shouldCollectAsyncNotedOp, message, shouldCollectMessage); reply->writeNoException(); reply->writeInt32(res); return NO_ERROR; } break; - case START_OPERATION_TRANSACTION: { + case START_OPERATION_WITH_STATE_TRANSACTION: { CHECK_INTERFACE(IAppOpsService, data, reply); sp<IBinder> token = data.readStrongBinder(); int32_t code = data.readInt32(); - int32_t uid = data.readInt32(); - String16 packageName = data.readString16(); - std::optional<String16> attributionTag; - data.readString16(&attributionTag); + AttributionSourceState attributionSourceState; + status_t status = data.readParcelable(&attributionSourceState); + if (status != NO_ERROR) { + return status; + } bool startIfModeDefault = data.readBool(); bool shouldCollectAsyncNotedOp = data.readBool(); String16 message = data.readString16(); bool shouldCollectMessage = data.readBool(); - int32_t res = startOperation(token, code, uid, packageName, attributionTag, + int32_t res = startOperationWithState(token, code, attributionSourceState, startIfModeDefault, shouldCollectAsyncNotedOp, message, shouldCollectMessage); reply->writeNoException(); reply->writeInt32(res); return NO_ERROR; } break; - case FINISH_OPERATION_TRANSACTION: { + case FINISH_OPERATION_WITH_STATE_TRANSACTION: { CHECK_INTERFACE(IAppOpsService, data, reply); sp<IBinder> token = data.readStrongBinder(); int32_t code = data.readInt32(); - int32_t uid = data.readInt32(); - String16 packageName = data.readString16(); - std::optional<String16> attributionTag; - data.readString16(&attributionTag); - finishOperation(token, code, uid, packageName, attributionTag); + AttributionSourceState attributionSourceState; + status_t status = data.readParcelable(&attributionSourceState); + if (status != NO_ERROR) { + return status; + } + finishOperationWithState(token, code, attributionSourceState); reply->writeNoException(); return NO_ERROR; } break; diff --git a/libs/permission/include/binder/IAppOpsService.h b/libs/permission/include/binder/IAppOpsService.h index 918fcdbce1..a5fdc54f28 100644 --- a/libs/permission/include/binder/IAppOpsService.h +++ b/libs/permission/include/binder/IAppOpsService.h @@ -16,6 +16,7 @@ #pragma once +#include <android/content/AttributionSourceState.h> #include <binder/IAppOpsCallback.h> #include <binder/IInterface.h> @@ -27,23 +28,24 @@ namespace android { +using android::content::AttributionSourceState; + // ---------------------------------------------------------------------- class IAppOpsService : public IInterface { public: DECLARE_META_INTERFACE(AppOpsService) - - virtual int32_t checkOperation(int32_t code, int32_t uid, const String16& packageName) = 0; - virtual int32_t noteOperation(int32_t code, int32_t uid, const String16& packageName, - const std::optional<String16>& attributionTag, bool shouldCollectAsyncNotedOp, + virtual int32_t checkOperationWithState(int32_t code, + const AttributionSourceState& attributionSourceState) = 0; + virtual int32_t noteOperationWithState(int32_t code, + const AttributionSourceState& attributionSourceState, bool shouldCollectAsyncNotedOp, const String16& message, bool shouldCollectMessage) = 0; - virtual int32_t startOperation(const sp<IBinder>& token, int32_t code, int32_t uid, - const String16& packageName, const std::optional<String16>& attributionTag, - bool startIfModeDefault, bool shouldCollectAsyncNotedOp, const String16& message, - bool shouldCollectMessage) = 0; - virtual void finishOperation(const sp<IBinder>& token, int32_t code, int32_t uid, - const String16& packageName, const std::optional<String16>& attributionTag) = 0; + virtual int32_t startOperationWithState(const sp<IBinder>& token, int32_t code, + const AttributionSourceState& attributionSourceState, bool startIfModeDefault, + bool shouldCollectAsyncNotedOp, const String16& message, bool shouldCollectMessage) = 0; + virtual void finishOperationWithState(const sp<IBinder>& token, int32_t code, + const AttributionSourceState& attributionSourceState) = 0; virtual void startWatchingMode(int32_t op, const String16& packageName, const sp<IAppOpsCallback>& callback) = 0; virtual void stopWatchingMode(const sp<IAppOpsCallback>& callback) = 0; @@ -56,10 +58,10 @@ public: int32_t flags, const sp<IAppOpsCallback>& callback) = 0; enum { - CHECK_OPERATION_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION, - NOTE_OPERATION_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+1, - START_OPERATION_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+2, - FINISH_OPERATION_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+3, + CHECK_OPERATION_WITH_STATE_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+50, + NOTE_OPERATION_WITH_STATE_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+52, + START_OPERATION_WITH_STATE_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+53, + FINISH_OPERATION_WITH_STATE_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+54, START_WATCHING_MODE_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+4, STOP_WATCHING_MODE_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+5, PERMISSION_TO_OP_CODE_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+6, |