/* * Copyright (C) 2012 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.server; import java.io.File; import java.io.FileDescriptor; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.io.PrintWriter; import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; import android.app.ActivityManager; import android.app.ActivityThread; import android.app.AppGlobals; import android.app.AppOpsManager; import android.content.Context; import android.content.pm.ApplicationInfo; import android.content.pm.IPackageManager; import android.content.pm.PackageManager; import android.content.pm.PackageManager.NameNotFoundException; import android.media.AudioAttributes; import android.os.AsyncTask; import android.os.Binder; import android.os.Bundle; import android.os.Handler; import android.os.IBinder; import android.os.Process; import android.os.RemoteException; import android.os.ServiceManager; import android.os.UserHandle; import android.os.storage.MountServiceInternal; import android.util.ArrayMap; import android.util.ArraySet; import android.util.AtomicFile; import android.util.Log; import android.util.Pair; import android.util.Slog; import android.util.SparseArray; import android.util.SparseIntArray; import android.util.TimeUtils; import android.util.Xml; import com.android.internal.app.IAppOpsService; import com.android.internal.app.IAppOpsCallback; import com.android.internal.os.Zygote; import com.android.internal.util.ArrayUtils; import com.android.internal.util.FastXmlSerializer; import com.android.internal.util.XmlUtils; import libcore.util.EmptyArray; import org.xmlpull.v1.XmlPullParser; import org.xmlpull.v1.XmlPullParserException; import org.xmlpull.v1.XmlSerializer; public class AppOpsService extends IAppOpsService.Stub { static final String TAG = "AppOps"; static final boolean DEBUG = false; // Write at most every 30 minutes. static final long WRITE_DELAY = DEBUG ? 1000 : 30*60*1000; Context mContext; final AtomicFile mFile; final Handler mHandler; boolean mWriteScheduled; boolean mFastWriteScheduled; final Runnable mWriteRunner = new Runnable() { public void run() { synchronized (AppOpsService.this) { mWriteScheduled = false; mFastWriteScheduled = false; AsyncTask task = new AsyncTask() { @Override protected Void doInBackground(Void... params) { writeState(); return null; } }; task.executeOnExecutor(AsyncTask.THREAD_POOL_EXECUTOR, (Void[])null); } } }; final SparseArray mUidStates = new SparseArray<>(); private final SparseArray mOpRestrictions = new SparseArray(); private static final class UidState { public final int uid; public ArrayMap pkgOps; public SparseIntArray opModes; public UidState(int uid) { this.uid = uid; } public void clear() { pkgOps = null; opModes = null; } public boolean isDefault() { return (pkgOps == null || pkgOps.isEmpty()) && (opModes == null || opModes.size() <= 0); } } public final static class Ops extends SparseArray { public final String packageName; public final UidState uidState; public final boolean isPrivileged; public Ops(String _packageName, UidState _uidState, boolean _isPrivileged) { packageName = _packageName; uidState = _uidState; isPrivileged = _isPrivileged; } } public final static class Op { public final int uid; public final String packageName; public int proxyUid = -1; public String proxyPackageName; public final int op; public int mode; public int duration; public long time; public long rejectTime; public int nesting; public Op(int _uid, String _packageName, int _op) { uid = _uid; packageName = _packageName; op = _op; mode = AppOpsManager.opToDefaultMode(op); } } final SparseArray> mOpModeWatchers = new SparseArray>(); final ArrayMap> mPackageModeWatchers = new ArrayMap>(); final ArrayMap mModeWatchers = new ArrayMap(); final SparseArray> mAudioRestrictions = new SparseArray>(); public final class Callback implements DeathRecipient { final IAppOpsCallback mCallback; public Callback(IAppOpsCallback callback) { mCallback = callback; try { mCallback.asBinder().linkToDeath(this, 0); } catch (RemoteException e) { } } public void unlinkToDeath() { mCallback.asBinder().unlinkToDeath(this, 0); } @Override public void binderDied() { stopWatchingMode(mCallback); } } final ArrayMap mClients = new ArrayMap(); public final class ClientState extends Binder implements DeathRecipient { final IBinder mAppToken; final int mPid; final ArrayList mStartedOps; public ClientState(IBinder appToken) { mAppToken = appToken; mPid = Binder.getCallingPid(); if (appToken instanceof Binder) { // For local clients, there is no reason to track them. mStartedOps = null; } else { mStartedOps = new ArrayList(); try { mAppToken.linkToDeath(this, 0); } catch (RemoteException e) { } } } @Override public String toString() { return "ClientState{" + "mAppToken=" + mAppToken + ", " + (mStartedOps != null ? ("pid=" + mPid) : "local") + '}'; } @Override public void binderDied() { synchronized (AppOpsService.this) { for (int i=mStartedOps.size()-1; i>=0; i--) { finishOperationLocked(mStartedOps.get(i)); } mClients.remove(mAppToken); } } } public AppOpsService(File storagePath, Handler handler) { mFile = new AtomicFile(storagePath); mHandler = handler; readState(); } public void publish(Context context) { mContext = context; ServiceManager.addService(Context.APP_OPS_SERVICE, asBinder()); } public void systemReady() { synchronized (this) { boolean changed = false; for (int i = mUidStates.size() - 1; i >= 0; i--) { UidState uidState = mUidStates.valueAt(i); String[] packageNames = getPackagesForUid(uidState.uid); if (ArrayUtils.isEmpty(packageNames)) { uidState.clear(); mUidStates.removeAt(i); changed = true; continue; } ArrayMap pkgs = uidState.pkgOps; if (pkgs == null) { continue; } Iterator it = pkgs.values().iterator(); while (it.hasNext()) { Ops ops = it.next(); int curUid; try { curUid = mContext.getPackageManager().getPackageUid(ops.packageName, UserHandle.getUserId(ops.uidState.uid)); } catch (NameNotFoundException e) { curUid = -1; } if (curUid != ops.uidState.uid) { Slog.i(TAG, "Pruning old package " + ops.packageName + "/" + ops.uidState + ": new uid=" + curUid); it.remove(); changed = true; } } if (uidState.isDefault()) { mUidStates.removeAt(i); } } if (changed) { scheduleFastWriteLocked(); } } MountServiceInternal mountServiceInternal = LocalServices.getService( MountServiceInternal.class); mountServiceInternal.addExternalStoragePolicy( new MountServiceInternal.ExternalStorageMountPolicy() { @Override public int getMountMode(int uid, String packageName) { if (Process.isIsolated(uid)) { return Zygote.MOUNT_EXTERNAL_NONE; } if (noteOperation(AppOpsManager.OP_READ_EXTERNAL_STORAGE, uid, packageName) != AppOpsManager.MODE_ALLOWED) { return Zygote.MOUNT_EXTERNAL_NONE; } if (noteOperation(AppOpsManager.OP_WRITE_EXTERNAL_STORAGE, uid, packageName) != AppOpsManager.MODE_ALLOWED) { return Zygote.MOUNT_EXTERNAL_READ; } return Zygote.MOUNT_EXTERNAL_WRITE; } @Override public boolean hasExternalStorage(int uid, String packageName) { final int mountMode = getMountMode(uid, packageName); return mountMode == Zygote.MOUNT_EXTERNAL_READ || mountMode == Zygote.MOUNT_EXTERNAL_WRITE; } }); } public void packageRemoved(int uid, String packageName) { synchronized (this) { UidState uidState = mUidStates.get(uid); if (uidState == null) { return; } boolean changed = false; // Remove any package state if such. if (uidState.pkgOps != null && uidState.pkgOps.remove(packageName) != null) { changed = true; } // If we just nuked the last package state check if the UID is valid. if (changed && uidState.pkgOps.isEmpty() && getPackagesForUid(uid).length <= 0) { mUidStates.remove(uid); } if (changed) { scheduleFastWriteLocked(); } } } public void uidRemoved(int uid) { synchronized (this) { if (mUidStates.indexOfKey(uid) >= 0) { mUidStates.remove(uid); scheduleFastWriteLocked(); } } } public void shutdown() { Slog.w(TAG, "Writing app ops before shutdown..."); boolean doWrite = false; synchronized (this) { if (mWriteScheduled) { mWriteScheduled = false; doWrite = true; } } if (doWrite) { writeState(); } } private ArrayList collectOps(Ops pkgOps, int[] ops) { ArrayList resOps = null; if (ops == null) { resOps = new ArrayList(); for (int j=0; j(); } resOps.add(new AppOpsManager.OpEntry(curOp.op, curOp.mode, curOp.time, curOp.rejectTime, curOp.duration, curOp.proxyUid, curOp.proxyPackageName)); } } } return resOps; } @Override public List getPackagesForOps(int[] ops) { mContext.enforcePermission(android.Manifest.permission.GET_APP_OPS_STATS, Binder.getCallingPid(), Binder.getCallingUid(), null); ArrayList res = null; synchronized (this) { final int uidStateCount = mUidStates.size(); for (int i = 0; i < uidStateCount; i++) { UidState uidState = mUidStates.valueAt(i); if (uidState.pkgOps == null || uidState.pkgOps.isEmpty()) { continue; } ArrayMap packages = uidState.pkgOps; final int packageCount = packages.size(); for (int j = 0; j < packageCount; j++) { Ops pkgOps = packages.valueAt(j); ArrayList resOps = collectOps(pkgOps, ops); if (resOps != null) { if (res == null) { res = new ArrayList(); } AppOpsManager.PackageOps resPackage = new AppOpsManager.PackageOps( pkgOps.packageName, pkgOps.uidState.uid, resOps); res.add(resPackage); } } } } return res; } @Override public List getOpsForPackage(int uid, String packageName, int[] ops) { mContext.enforcePermission(android.Manifest.permission.GET_APP_OPS_STATS, Binder.getCallingPid(), Binder.getCallingUid(), null); synchronized (this) { Ops pkgOps = getOpsLocked(uid, packageName, false); if (pkgOps == null) { return null; } ArrayList resOps = collectOps(pkgOps, ops); if (resOps == null) { return null; } ArrayList res = new ArrayList(); AppOpsManager.PackageOps resPackage = new AppOpsManager.PackageOps( pkgOps.packageName, pkgOps.uidState.uid, resOps); res.add(resPackage); return res; } } private void pruneOp(Op op, int uid, String packageName) { if (op.time == 0 && op.rejectTime == 0) { Ops ops = getOpsLocked(uid, packageName, false); if (ops != null) { ops.remove(op.op); if (ops.size() <= 0) { UidState uidState = ops.uidState; ArrayMap pkgOps = uidState.pkgOps; if (pkgOps != null) { pkgOps.remove(ops.packageName); if (pkgOps.isEmpty()) { uidState.pkgOps = null; } if (uidState.isDefault()) { mUidStates.remove(uid); } } } } } } @Override public void setUidMode(int code, int uid, int mode) { if (Binder.getCallingPid() != Process.myPid()) { mContext.enforcePermission(android.Manifest.permission.UPDATE_APP_OPS_STATS, Binder.getCallingPid(), Binder.getCallingUid(), null); } verifyIncomingOp(code); code = AppOpsManager.opToSwitch(code); synchronized (this) { final int defaultMode = AppOpsManager.opToDefaultMode(code); UidState uidState = getUidStateLocked(uid, false); if (uidState == null) { if (mode == defaultMode) { return; } uidState = new UidState(uid); uidState.opModes = new SparseIntArray(); uidState.opModes.put(code, mode); mUidStates.put(uid, uidState); scheduleWriteLocked(); } else if (uidState.opModes == null) { if (mode != defaultMode) { uidState.opModes = new SparseIntArray(); uidState.opModes.put(code, mode); scheduleWriteLocked(); } } else { if (uidState.opModes.get(code) == mode) { return; } if (mode == defaultMode) { uidState.opModes.delete(code); if (uidState.opModes.size() <= 0) { uidState.opModes = null; } } else { uidState.opModes.put(code, mode); } scheduleWriteLocked(); } } String[] uidPackageNames = getPackagesForUid(uid); ArrayMap> callbackSpecs = null; ArrayList callbacks = mOpModeWatchers.get(code); if (callbacks != null) { final int callbackCount = callbacks.size(); for (int i = 0; i < callbackCount; i++) { Callback callback = callbacks.get(i); ArraySet changedPackages = new ArraySet<>(); Collections.addAll(changedPackages, uidPackageNames); callbackSpecs = new ArrayMap<>(); callbackSpecs.put(callback, changedPackages); } } for (String uidPackageName : uidPackageNames) { callbacks = mPackageModeWatchers.get(uidPackageName); if (callbacks != null) { if (callbackSpecs == null) { callbackSpecs = new ArrayMap<>(); } final int callbackCount = callbacks.size(); for (int i = 0; i < callbackCount; i++) { Callback callback = callbacks.get(i); ArraySet changedPackages = callbackSpecs.get(callback); if (changedPackages == null) { changedPackages = new ArraySet<>(); callbackSpecs.put(callback, changedPackages); } changedPackages.add(uidPackageName); } } } if (callbackSpecs == null) { return; } // There are components watching for mode changes such as window manager // and location manager which are in our process. The callbacks in these // components may require permissions our remote caller does not have. final long identity = Binder.clearCallingIdentity(); try { for (int i = 0; i < callbackSpecs.size(); i++) { Callback callback = callbackSpecs.keyAt(i); ArraySet reportedPackageNames = callbackSpecs.valueAt(i); try { if (reportedPackageNames == null) { callback.mCallback.opChanged(code, null); } else { final int reportedPackageCount = reportedPackageNames.size(); for (int j = 0; j < reportedPackageCount; j++) { String reportedPackageName = reportedPackageNames.valueAt(j); callback.mCallback.opChanged(code, reportedPackageName); } } } catch (RemoteException e) { Log.w(TAG, "Error dispatching op op change", e); } } } finally { Binder.restoreCallingIdentity(identity); } } @Override public void setMode(int code, int uid, String packageName, int mode) { if (Binder.getCallingPid() != Process.myPid()) { mContext.enforcePermission(android.Manifest.permission.UPDATE_APP_OPS_STATS, Binder.getCallingPid(), Binder.getCallingUid(), null); } verifyIncomingOp(code); ArrayList repCbs = null; code = AppOpsManager.opToSwitch(code); synchronized (this) { UidState uidState = getUidStateLocked(uid, false); Op op = getOpLocked(code, uid, packageName, true); if (op != null) { if (op.mode != mode) { op.mode = mode; ArrayList cbs = mOpModeWatchers.get(code); if (cbs != null) { if (repCbs == null) { repCbs = new ArrayList(); } repCbs.addAll(cbs); } cbs = mPackageModeWatchers.get(packageName); if (cbs != null) { if (repCbs == null) { repCbs = new ArrayList(); } repCbs.addAll(cbs); } if (mode == AppOpsManager.opToDefaultMode(op.op)) { // If going into the default mode, prune this op // if there is nothing else interesting in it. pruneOp(op, uid, packageName); } scheduleFastWriteLocked(); } } } if (repCbs != null) { // There are components watching for mode changes such as window manager // and location manager which are in our process. The callbacks in these // components may require permissions our remote caller does not have. final long identity = Binder.clearCallingIdentity(); try { for (int i = 0; i < repCbs.size(); i++) { try { repCbs.get(i).mCallback.opChanged(code, packageName); } catch (RemoteException e) { } } } finally { Binder.restoreCallingIdentity(identity); } } } private static HashMap>> addCallbacks( HashMap>> callbacks, String packageName, int op, ArrayList cbs) { if (cbs == null) { return callbacks; } if (callbacks == null) { callbacks = new HashMap>>(); } boolean duplicate = false; for (int i=0; i> reports = callbacks.get(cb); if (reports == null) { reports = new ArrayList>(); callbacks.put(cb, reports); } else { final int reportCount = reports.size(); for (int j = 0; j < reportCount; j++) { Pair report = reports.get(j); if (report.second == op && report.first.equals(packageName)) { duplicate = true; break; } } } if (!duplicate) { reports.add(new Pair<>(packageName, op)); } } return callbacks; } @Override public void resetAllModes(int reqUserId, String reqPackageName) { final int callingPid = Binder.getCallingPid(); final int callingUid = Binder.getCallingUid(); mContext.enforcePermission(android.Manifest.permission.UPDATE_APP_OPS_STATS, callingPid, callingUid, null); reqUserId = ActivityManager.handleIncomingUser(callingPid, callingUid, reqUserId, true, true, "resetAllModes", null); int reqUid = -1; if (reqPackageName != null) { try { reqUid = AppGlobals.getPackageManager().getPackageUid( reqPackageName, reqUserId); } catch (RemoteException e) { /* ignore - local call */ } } HashMap>> callbacks = null; synchronized (this) { boolean changed = false; for (int i = mUidStates.size() - 1; i >= 0; i--) { UidState uidState = mUidStates.valueAt(i); SparseIntArray opModes = uidState.opModes; if (opModes != null && (uidState.uid == reqUid || reqUid == -1)) { final int uidOpCount = opModes.size(); for (int j = uidOpCount - 1; j >= 0; j--) { final int code = opModes.keyAt(j); if (AppOpsManager.opAllowsReset(code)) { opModes.removeAt(j); if (opModes.size() <= 0) { uidState.opModes = null; } for (String packageName : getPackagesForUid(uidState.uid)) { callbacks = addCallbacks(callbacks, packageName, code, mOpModeWatchers.get(code)); callbacks = addCallbacks(callbacks, packageName, code, mPackageModeWatchers.get(packageName)); } } } } if (uidState.pkgOps == null) { continue; } if (reqUserId != UserHandle.USER_ALL && reqUserId != UserHandle.getUserId(uidState.uid)) { // Skip any ops for a different user continue; } Map packages = uidState.pkgOps; Iterator> it = packages.entrySet().iterator(); while (it.hasNext()) { Map.Entry ent = it.next(); String packageName = ent.getKey(); if (reqPackageName != null && !reqPackageName.equals(packageName)) { // Skip any ops for a different package continue; } Ops pkgOps = ent.getValue(); for (int j=pkgOps.size()-1; j>=0; j--) { Op curOp = pkgOps.valueAt(j); if (AppOpsManager.opAllowsReset(curOp.op) && curOp.mode != AppOpsManager.opToDefaultMode(curOp.op)) { curOp.mode = AppOpsManager.opToDefaultMode(curOp.op); changed = true; callbacks = addCallbacks(callbacks, packageName, curOp.op, mOpModeWatchers.get(curOp.op)); callbacks = addCallbacks(callbacks, packageName, curOp.op, mPackageModeWatchers.get(packageName)); if (curOp.time == 0 && curOp.rejectTime == 0) { pkgOps.removeAt(j); } } } if (pkgOps.size() == 0) { it.remove(); } } if (uidState.isDefault()) { mUidStates.remove(uidState.uid); } } if (changed) { scheduleFastWriteLocked(); } } if (callbacks != null) { for (Map.Entry>> ent : callbacks.entrySet()) { Callback cb = ent.getKey(); ArrayList> reports = ent.getValue(); for (int i=0; i rep = reports.get(i); try { cb.mCallback.opChanged(rep.second, rep.first); } catch (RemoteException e) { } } } } } @Override public void startWatchingMode(int op, String packageName, IAppOpsCallback callback) { synchronized (this) { op = (op != AppOpsManager.OP_NONE) ? AppOpsManager.opToSwitch(op) : op; Callback cb = mModeWatchers.get(callback.asBinder()); if (cb == null) { cb = new Callback(callback); mModeWatchers.put(callback.asBinder(), cb); } if (op != AppOpsManager.OP_NONE) { ArrayList cbs = mOpModeWatchers.get(op); if (cbs == null) { cbs = new ArrayList(); mOpModeWatchers.put(op, cbs); } cbs.add(cb); } if (packageName != null) { ArrayList cbs = mPackageModeWatchers.get(packageName); if (cbs == null) { cbs = new ArrayList(); mPackageModeWatchers.put(packageName, cbs); } cbs.add(cb); } } } @Override public void stopWatchingMode(IAppOpsCallback callback) { synchronized (this) { Callback cb = mModeWatchers.remove(callback.asBinder()); if (cb != null) { cb.unlinkToDeath(); for (int i=mOpModeWatchers.size()-1; i>=0; i--) { ArrayList cbs = mOpModeWatchers.valueAt(i); cbs.remove(cb); if (cbs.size() <= 0) { mOpModeWatchers.removeAt(i); } } for (int i=mPackageModeWatchers.size()-1; i>=0; i--) { ArrayList cbs = mPackageModeWatchers.valueAt(i); cbs.remove(cb); if (cbs.size() <= 0) { mPackageModeWatchers.removeAt(i); } } } } } @Override public IBinder getToken(IBinder clientToken) { synchronized (this) { ClientState cs = mClients.get(clientToken); if (cs == null) { cs = new ClientState(clientToken); mClients.put(clientToken, cs); } return cs; } } @Override public int checkOperation(int code, int uid, String packageName) { verifyIncomingUid(uid); verifyIncomingOp(code); synchronized (this) { if (isOpRestricted(uid, code, packageName)) { return AppOpsManager.MODE_IGNORED; } code = AppOpsManager.opToSwitch(code); UidState uidState = getUidStateLocked(uid, false); if (uidState != null && uidState.opModes != null) { final int uidMode = uidState.opModes.get(code); if (uidMode != AppOpsManager.MODE_ALLOWED) { return uidMode; } } Op op = getOpLocked(code, uid, packageName, false); if (op == null) { return AppOpsManager.opToDefaultMode(code); } return op.mode; } } @Override public int checkAudioOperation(int code, int usage, int uid, String packageName) { synchronized (this) { final int mode = checkRestrictionLocked(code, usage, uid, packageName); if (mode != AppOpsManager.MODE_ALLOWED) { return mode; } } return checkOperation(code, uid, packageName); } private int checkRestrictionLocked(int code, int usage, int uid, String packageName) { final SparseArray usageRestrictions = mAudioRestrictions.get(code); if (usageRestrictions != null) { final Restriction r = usageRestrictions.get(usage); if (r != null && !r.exceptionPackages.contains(packageName)) { return r.mode; } } return AppOpsManager.MODE_ALLOWED; } @Override public void setAudioRestriction(int code, int usage, int uid, int mode, String[] exceptionPackages) { verifyIncomingUid(uid); verifyIncomingOp(code); synchronized (this) { SparseArray usageRestrictions = mAudioRestrictions.get(code); if (usageRestrictions == null) { usageRestrictions = new SparseArray(); mAudioRestrictions.put(code, usageRestrictions); } usageRestrictions.remove(usage); if (mode != AppOpsManager.MODE_ALLOWED) { final Restriction r = new Restriction(); r.mode = mode; if (exceptionPackages != null) { final int N = exceptionPackages.length; r.exceptionPackages = new ArraySet(N); for (int i = 0; i < N; i++) { final String pkg = exceptionPackages[i]; if (pkg != null) { r.exceptionPackages.add(pkg.trim()); } } } usageRestrictions.put(usage, r); } } } @Override public int checkPackage(int uid, String packageName) { synchronized (this) { if (getOpsRawLocked(uid, packageName, true) != null) { return AppOpsManager.MODE_ALLOWED; } else { return AppOpsManager.MODE_ERRORED; } } } @Override public int noteProxyOperation(int code, String proxyPackageName, int proxiedUid, String proxiedPackageName) { verifyIncomingOp(code); final int proxyMode = noteOperationUnchecked(code, Binder.getCallingUid(), proxyPackageName, -1, null); if (proxyMode != AppOpsManager.MODE_ALLOWED || Binder.getCallingUid() == proxiedUid) { return proxyMode; } return noteOperationUnchecked(code, proxiedUid, proxiedPackageName, Binder.getCallingUid(), proxyPackageName); } @Override public int noteOperation(int code, int uid, String packageName) { verifyIncomingUid(uid); verifyIncomingOp(code); return noteOperationUnchecked(code, uid, packageName, 0, null); } private int noteOperationUnchecked(int code, int uid, String packageName, int proxyUid, String proxyPackageName) { synchronized (this) { Ops ops = getOpsLocked(uid, packageName, true); if (ops == null) { if (DEBUG) Log.d(TAG, "noteOperation: no op for code " + code + " uid " + uid + " package " + packageName); return AppOpsManager.MODE_ERRORED; } Op op = getOpLocked(ops, code, true); if (isOpRestricted(uid, code, packageName)) { return AppOpsManager.MODE_IGNORED; } if (op.duration == -1) { Slog.w(TAG, "Noting op not finished: uid " + uid + " pkg " + packageName + " code " + code + " time=" + op.time + " duration=" + op.duration); } op.duration = 0; final int switchCode = AppOpsManager.opToSwitch(code); UidState uidState = ops.uidState; if (uidState.opModes != null) { final int uidMode = uidState.opModes.get(switchCode); if (uidMode != AppOpsManager.MODE_ALLOWED) { if (DEBUG) Log.d(TAG, "noteOperation: reject #" + op.mode + " for code " + switchCode + " (" + code + ") uid " + uid + " package " + packageName); op.rejectTime = System.currentTimeMillis(); return uidMode; } } final Op switchOp = switchCode != code ? getOpLocked(ops, switchCode, true) : op; if (switchOp.mode != AppOpsManager.MODE_ALLOWED) { if (DEBUG) Log.d(TAG, "noteOperation: reject #" + op.mode + " for code " + switchCode + " (" + code + ") uid " + uid + " package " + packageName); op.rejectTime = System.currentTimeMillis(); return switchOp.mode; } if (DEBUG) Log.d(TAG, "noteOperation: allowing code " + code + " uid " + uid + " package " + packageName); op.time = System.currentTimeMillis(); op.rejectTime = 0; op.proxyUid = proxyUid; op.proxyPackageName = proxyPackageName; return AppOpsManager.MODE_ALLOWED; } } @Override public int startOperation(IBinder token, int code, int uid, String packageName) { verifyIncomingUid(uid); verifyIncomingOp(code); ClientState client = (ClientState)token; synchronized (this) { Ops ops = getOpsLocked(uid, packageName, true); if (ops == null) { if (DEBUG) Log.d(TAG, "startOperation: no op for code " + code + " uid " + uid + " package " + packageName); return AppOpsManager.MODE_ERRORED; } Op op = getOpLocked(ops, code, true); if (isOpRestricted(uid, code, packageName)) { return AppOpsManager.MODE_IGNORED; } final int switchCode = AppOpsManager.opToSwitch(code); UidState uidState = ops.uidState; if (uidState.opModes != null) { final int uidMode = uidState.opModes.get(switchCode); if (uidMode != AppOpsManager.MODE_ALLOWED) { if (DEBUG) Log.d(TAG, "noteOperation: reject #" + op.mode + " for code " + switchCode + " (" + code + ") uid " + uid + " package " + packageName); op.rejectTime = System.currentTimeMillis(); return uidMode; } } final Op switchOp = switchCode != code ? getOpLocked(ops, switchCode, true) : op; if (switchOp.mode != AppOpsManager.MODE_ALLOWED) { if (DEBUG) Log.d(TAG, "startOperation: reject #" + op.mode + " for code " + switchCode + " (" + code + ") uid " + uid + " package " + packageName); op.rejectTime = System.currentTimeMillis(); return switchOp.mode; } if (DEBUG) Log.d(TAG, "startOperation: allowing code " + code + " uid " + uid + " package " + packageName); if (op.nesting == 0) { op.time = System.currentTimeMillis(); op.rejectTime = 0; op.duration = -1; } op.nesting++; if (client.mStartedOps != null) { client.mStartedOps.add(op); } return AppOpsManager.MODE_ALLOWED; } } @Override public void finishOperation(IBinder token, int code, int uid, String packageName) { verifyIncomingUid(uid); verifyIncomingOp(code); ClientState client = (ClientState)token; synchronized (this) { Op op = getOpLocked(code, uid, packageName, true); if (op == null) { return; } if (client.mStartedOps != null) { if (!client.mStartedOps.remove(op)) { throw new IllegalStateException("Operation not started: uid" + op.uid + " pkg=" + op.packageName + " op=" + op.op); } } finishOperationLocked(op); } } @Override public int permissionToOpCode(String permission) { return AppOpsManager.permissionToOpCode(permission); } void finishOperationLocked(Op op) { if (op.nesting <= 1) { if (op.nesting == 1) { op.duration = (int)(System.currentTimeMillis() - op.time); op.time += op.duration; } else { Slog.w(TAG, "Finishing op nesting under-run: uid " + op.uid + " pkg " + op.packageName + " code " + op.op + " time=" + op.time + " duration=" + op.duration + " nesting=" + op.nesting); } op.nesting = 0; } else { op.nesting--; } } private void verifyIncomingUid(int uid) { if (uid == Binder.getCallingUid()) { return; } if (Binder.getCallingPid() == Process.myPid()) { return; } mContext.enforcePermission(android.Manifest.permission.UPDATE_APP_OPS_STATS, Binder.getCallingPid(), Binder.getCallingUid(), null); } private void verifyIncomingOp(int op) { if (op >= 0 && op < AppOpsManager._NUM_OP) { return; } throw new IllegalArgumentException("Bad operation #" + op); } private UidState getUidStateLocked(int uid, boolean edit) { UidState uidState = mUidStates.get(uid); if (uidState == null) { if (!edit) { return null; } uidState = new UidState(uid); mUidStates.put(uid, uidState); } return uidState; } private Ops getOpsLocked(int uid, String packageName, boolean edit) { if (uid == 0) { packageName = "root"; } else if (uid == Process.SHELL_UID) { packageName = "com.android.shell"; } return getOpsRawLocked(uid, packageName, edit); } private Ops getOpsRawLocked(int uid, String packageName, boolean edit) { UidState uidState = getUidStateLocked(uid, edit); if (uidState == null) { return null; } if (uidState.pkgOps == null) { if (!edit) { return null; } uidState.pkgOps = new ArrayMap<>(); } Ops ops = uidState.pkgOps.get(packageName); if (ops == null) { if (!edit) { return null; } boolean isPrivileged = false; // This is the first time we have seen this package name under this uid, // so let's make sure it is valid. if (uid != 0) { final long ident = Binder.clearCallingIdentity(); try { int pkgUid = -1; try { ApplicationInfo appInfo = ActivityThread.getPackageManager() .getApplicationInfo(packageName, 0, UserHandle.getUserId(uid)); if (appInfo != null) { pkgUid = appInfo.uid; isPrivileged = (appInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) != 0; } else { if ("media".equals(packageName)) { pkgUid = Process.MEDIA_UID; isPrivileged = false; } } } catch (RemoteException e) { Slog.w(TAG, "Could not contact PackageManager", e); } if (pkgUid != uid) { // Oops! The package name is not valid for the uid they are calling // under. Abort. Slog.w(TAG, "Bad call: specified package " + packageName + " under uid " + uid + " but it is really " + pkgUid); return null; } } finally { Binder.restoreCallingIdentity(ident); } } ops = new Ops(packageName, uidState, isPrivileged); uidState.pkgOps.put(packageName, ops); } return ops; } private void scheduleWriteLocked() { if (!mWriteScheduled) { mWriteScheduled = true; mHandler.postDelayed(mWriteRunner, WRITE_DELAY); } } private void scheduleFastWriteLocked() { if (!mFastWriteScheduled) { mWriteScheduled = true; mFastWriteScheduled = true; mHandler.removeCallbacks(mWriteRunner); mHandler.postDelayed(mWriteRunner, 10*1000); } } private Op getOpLocked(int code, int uid, String packageName, boolean edit) { Ops ops = getOpsLocked(uid, packageName, edit); if (ops == null) { return null; } return getOpLocked(ops, code, edit); } private Op getOpLocked(Ops ops, int code, boolean edit) { Op op = ops.get(code); if (op == null) { if (!edit) { return null; } op = new Op(ops.uidState.uid, ops.packageName, code); ops.put(code, op); } if (edit) { scheduleWriteLocked(); } return op; } private boolean isOpRestricted(int uid, int code, String packageName) { int userHandle = UserHandle.getUserId(uid); boolean[] opRestrictions = mOpRestrictions.get(userHandle); if ((opRestrictions != null) && opRestrictions[code]) { if (AppOpsManager.opAllowSystemBypassRestriction(code)) { synchronized (this) { Ops ops = getOpsLocked(uid, packageName, true); if ((ops != null) && ops.isPrivileged) { return false; } } } return true; } return false; } void readState() { synchronized (mFile) { synchronized (this) { FileInputStream stream; try { stream = mFile.openRead(); } catch (FileNotFoundException e) { Slog.i(TAG, "No existing app ops " + mFile.getBaseFile() + "; starting empty"); return; } boolean success = false; mUidStates.clear(); try { XmlPullParser parser = Xml.newPullParser(); parser.setInput(stream, StandardCharsets.UTF_8.name()); int type; while ((type = parser.next()) != XmlPullParser.START_TAG && type != XmlPullParser.END_DOCUMENT) { ; } if (type != XmlPullParser.START_TAG) { throw new IllegalStateException("no start tag found"); } int outerDepth = parser.getDepth(); while ((type = parser.next()) != XmlPullParser.END_DOCUMENT && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) { continue; } String tagName = parser.getName(); if (tagName.equals("pkg")) { readPackage(parser); } else if (tagName.equals("uid")) { readUidOps(parser); } else { Slog.w(TAG, "Unknown element under : " + parser.getName()); XmlUtils.skipCurrentTag(parser); } } success = true; } catch (IllegalStateException e) { Slog.w(TAG, "Failed parsing " + e); } catch (NullPointerException e) { Slog.w(TAG, "Failed parsing " + e); } catch (NumberFormatException e) { Slog.w(TAG, "Failed parsing " + e); } catch (XmlPullParserException e) { Slog.w(TAG, "Failed parsing " + e); } catch (IOException e) { Slog.w(TAG, "Failed parsing " + e); } catch (IndexOutOfBoundsException e) { Slog.w(TAG, "Failed parsing " + e); } finally { if (!success) { mUidStates.clear(); } try { stream.close(); } catch (IOException e) { } } } } } void readUidOps(XmlPullParser parser) throws NumberFormatException, XmlPullParserException, IOException { final int uid = Integer.parseInt(parser.getAttributeValue(null, "n")); int outerDepth = parser.getDepth(); int type; while ((type = parser.next()) != XmlPullParser.END_DOCUMENT && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) { continue; } String tagName = parser.getName(); if (tagName.equals("op")) { final int code = Integer.parseInt(parser.getAttributeValue(null, "n")); final int mode = Integer.parseInt(parser.getAttributeValue(null, "m")); UidState uidState = getUidStateLocked(uid, true); if (uidState.opModes == null) { uidState.opModes = new SparseIntArray(); } uidState.opModes.put(code, mode); } else { Slog.w(TAG, "Unknown element under : " + parser.getName()); XmlUtils.skipCurrentTag(parser); } } } void readPackage(XmlPullParser parser) throws NumberFormatException, XmlPullParserException, IOException { String pkgName = parser.getAttributeValue(null, "n"); int outerDepth = parser.getDepth(); int type; while ((type = parser.next()) != XmlPullParser.END_DOCUMENT && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) { continue; } String tagName = parser.getName(); if (tagName.equals("uid")) { readUid(parser, pkgName); } else { Slog.w(TAG, "Unknown element under : " + parser.getName()); XmlUtils.skipCurrentTag(parser); } } } void readUid(XmlPullParser parser, String pkgName) throws NumberFormatException, XmlPullParserException, IOException { int uid = Integer.parseInt(parser.getAttributeValue(null, "n")); String isPrivilegedString = parser.getAttributeValue(null, "p"); boolean isPrivileged = false; if (isPrivilegedString == null) { try { IPackageManager packageManager = ActivityThread.getPackageManager(); if (packageManager != null) { ApplicationInfo appInfo = ActivityThread.getPackageManager() .getApplicationInfo(pkgName, 0, UserHandle.getUserId(uid)); if (appInfo != null) { isPrivileged = (appInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) != 0; } } else { // Could not load data, don't add to cache so it will be loaded later. return; } } catch (RemoteException e) { Slog.w(TAG, "Could not contact PackageManager", e); } } else { isPrivileged = Boolean.parseBoolean(isPrivilegedString); } int outerDepth = parser.getDepth(); int type; while ((type = parser.next()) != XmlPullParser.END_DOCUMENT && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) { continue; } String tagName = parser.getName(); if (tagName.equals("op")) { Op op = new Op(uid, pkgName, Integer.parseInt(parser.getAttributeValue(null, "n"))); String mode = parser.getAttributeValue(null, "m"); if (mode != null) { op.mode = Integer.parseInt(mode); } String time = parser.getAttributeValue(null, "t"); if (time != null) { op.time = Long.parseLong(time); } time = parser.getAttributeValue(null, "r"); if (time != null) { op.rejectTime = Long.parseLong(time); } String dur = parser.getAttributeValue(null, "d"); if (dur != null) { op.duration = Integer.parseInt(dur); } String proxyUid = parser.getAttributeValue(null, "pu"); if (proxyUid != null) { op.proxyUid = Integer.parseInt(proxyUid); } String proxyPackageName = parser.getAttributeValue(null, "pp"); if (proxyPackageName != null) { op.proxyPackageName = proxyPackageName; } UidState uidState = getUidStateLocked(uid, true); if (uidState.pkgOps == null) { uidState.pkgOps = new ArrayMap<>(); } Ops ops = uidState.pkgOps.get(pkgName); if (ops == null) { ops = new Ops(pkgName, uidState, isPrivileged); uidState.pkgOps.put(pkgName, ops); } ops.put(op.op, op); } else { Slog.w(TAG, "Unknown element under : " + parser.getName()); XmlUtils.skipCurrentTag(parser); } } } void writeState() { synchronized (mFile) { List allOps = getPackagesForOps(null); FileOutputStream stream; try { stream = mFile.startWrite(); } catch (IOException e) { Slog.w(TAG, "Failed to write state: " + e); return; } try { XmlSerializer out = new FastXmlSerializer(); out.setOutput(stream, StandardCharsets.UTF_8.name()); out.startDocument(null, true); out.startTag(null, "app-ops"); final int uidStateCount = mUidStates.size(); for (int i = 0; i < uidStateCount; i++) { UidState uidState = mUidStates.valueAt(i); if (uidState.opModes != null && uidState.opModes.size() > 0) { out.startTag(null, "uid"); out.attribute(null, "n", Integer.toString(uidState.uid)); SparseIntArray uidOpModes = uidState.opModes; final int opCount = uidOpModes.size(); for (int j = 0; j < opCount; j++) { final int op = uidOpModes.keyAt(j); final int mode = uidOpModes.valueAt(j); out.startTag(null, "op"); out.attribute(null, "n", Integer.toString(op)); out.attribute(null, "m", Integer.toString(mode)); out.endTag(null, "op"); } out.endTag(null, "uid"); } } if (allOps != null) { String lastPkg = null; for (int i=0; i ops = pkg.getOps(); for (int j=0; j 0 && arg.charAt(0) == '-'){ pw.println("Unknown option: " + arg); return; } else { pw.println("Unknown command: " + arg); return; } } } synchronized (this) { pw.println("Current AppOps Service state:"); final long now = System.currentTimeMillis(); boolean needSep = false; if (mOpModeWatchers.size() > 0) { needSep = true; pw.println(" Op mode watchers:"); for (int i=0; i callbacks = mOpModeWatchers.valueAt(i); for (int j=0; j 0) { needSep = true; pw.println(" Package mode watchers:"); for (int i=0; i callbacks = mPackageModeWatchers.valueAt(i); for (int j=0; j 0) { needSep = true; pw.println(" All mode watchers:"); for (int i=0; i "); pw.println(mModeWatchers.valueAt(i)); } } if (mClients.size() > 0) { needSep = true; pw.println(" Clients:"); for (int i=0; i 0) { pw.println(" Started ops:"); for (int j=0; j