names = mSettingsRegistry.getSettingsNamesLocked(
SETTINGS_TYPE_SYSTEM, callingUserId);
final int nameCount = names.size();
String[] normalizedProjection = normalizeProjection(projection);
MatrixCursor result = new MatrixCursor(normalizedProjection, nameCount);
for (int i = 0; i < nameCount; i++) {
String name = names.get(i);
// Determine the owning user as some profile settings are cloned from the parent.
final int owningUserId = resolveOwningUserIdForSystemSettingLocked(callingUserId,
name);
Setting setting = mSettingsRegistry.getSettingLocked(
SETTINGS_TYPE_SYSTEM, owningUserId, name);
appendSettingToCursor(result, setting);
}
return result;
}
}
private Setting getSystemSetting(String name, int requestingUserId) {
if (DEBUG) {
Slog.v(LOG_TAG, "getSystemSetting(" + name + ", " + requestingUserId + ")");
}
// Resolve the userId on whose behalf the call is made.
final int callingUserId = resolveCallingUserIdEnforcingPermissionsLocked(requestingUserId);
// Determine the owning user as some profile settings are cloned from the parent.
final int owningUserId = resolveOwningUserIdForSystemSettingLocked(callingUserId, name);
// Get the value.
synchronized (mLock) {
return mSettingsRegistry.getSettingLocked(SETTINGS_TYPE_SYSTEM, owningUserId, name);
}
}
private boolean insertSystemSetting(String name, String value, int requestingUserId) {
if (DEBUG) {
Slog.v(LOG_TAG, "insertSystemSetting(" + name + ", " + value + ", "
+ requestingUserId + ")");
}
return mutateSystemSetting(name, value, requestingUserId, MUTATION_OPERATION_INSERT);
}
private boolean deleteSystemSetting(String name, int requestingUserId) {
if (DEBUG) {
Slog.v(LOG_TAG, "deleteSystemSetting(" + name + ", " + requestingUserId + ")");
}
return mutateSystemSetting(name, null, requestingUserId, MUTATION_OPERATION_DELETE);
}
private boolean updateSystemSetting(String name, String value, int requestingUserId) {
if (DEBUG) {
Slog.v(LOG_TAG, "updateSystemSetting(" + name + ", " + value + ", "
+ requestingUserId + ")");
}
return mutateSystemSetting(name, value, requestingUserId, MUTATION_OPERATION_UPDATE);
}
private boolean mutateSystemSetting(String name, String value, int runAsUserId,
int operation) {
if (!hasWriteSecureSettingsPermission()) {
// If the caller doesn't hold WRITE_SECURE_SETTINGS, we verify whether this
// operation is allowed for the calling package through appops.
if (!Settings.checkAndNoteWriteSettingsOperation(getContext(),
Binder.getCallingUid(), getCallingPackage(), true)) {
return false;
}
}
// Resolve the userId on whose behalf the call is made.
final int callingUserId = resolveCallingUserIdEnforcingPermissionsLocked(runAsUserId);
// Enforce what the calling package can mutate the system settings.
enforceRestrictedSystemSettingsMutationForCallingPackage(operation, name, callingUserId);
// Determine the owning user as some profile settings are cloned from the parent.
final int owningUserId = resolveOwningUserIdForSystemSettingLocked(callingUserId, name);
// Only the owning user id can change the setting.
if (owningUserId != callingUserId) {
return false;
}
// Invalidate any relevant cache files
String cacheName = null;
if (Settings.System.RINGTONE.equals(name)) {
cacheName = Settings.System.RINGTONE_CACHE;
} else if (Settings.System.NOTIFICATION_SOUND.equals(name)) {
cacheName = Settings.System.NOTIFICATION_SOUND_CACHE;
} else if (Settings.System.ALARM_ALERT.equals(name)) {
cacheName = Settings.System.ALARM_ALERT_CACHE;
}
if (cacheName != null) {
final File cacheFile = new File(
getRingtoneCacheDir(UserHandle.getCallingUserId()), cacheName);
cacheFile.delete();
}
// Mutate the value.
synchronized (mLock) {
switch (operation) {
case MUTATION_OPERATION_INSERT: {
validateSystemSettingValue(name, value);
return mSettingsRegistry.insertSettingLocked(SETTINGS_TYPE_SYSTEM,
owningUserId, name, value, getCallingPackage(), false);
}
case MUTATION_OPERATION_DELETE: {
return mSettingsRegistry.deleteSettingLocked(SETTINGS_TYPE_SYSTEM,
owningUserId, name, false);
}
case MUTATION_OPERATION_UPDATE: {
validateSystemSettingValue(name, value);
return mSettingsRegistry.updateSettingLocked(SETTINGS_TYPE_SYSTEM,
owningUserId, name, value, getCallingPackage(), false);
}
}
return false;
}
}
private boolean hasWriteSecureSettingsPermission() {
// Write secure settings is a more protected permission. If caller has it we are good.
if (getContext().checkCallingOrSelfPermission(Manifest.permission.WRITE_SECURE_SETTINGS)
== PackageManager.PERMISSION_GRANTED) {
return true;
}
return false;
}
private void validateSystemSettingValue(String name, String value) {
Settings.System.Validator validator = Settings.System.VALIDATORS.get(name);
if (validator != null && !validator.validate(value)) {
throw new IllegalArgumentException("Invalid value: " + value
+ " for setting: " + name);
}
}
private boolean isLocationProvidersAllowedRestricted(String name, int callingUserId,
int owningUserId) {
// Optimization - location providers are restricted only for managed profiles.
if (callingUserId == owningUserId) {
return false;
}
if (Settings.Secure.LOCATION_PROVIDERS_ALLOWED.equals(name)
&& mUserManager.hasUserRestriction(UserManager.DISALLOW_SHARE_LOCATION,
new UserHandle(callingUserId))) {
return true;
}
return false;
}
/**
* Checks whether changing a setting to a value is prohibited by the corresponding user
* restriction.
*
* See also {@link com.android.server.pm.UserRestrictionsUtils#applyUserRestriction(
* Context, int, String, boolean)}, which should be in sync with this method.
*
* @return true if the change is prohibited, false if the change is allowed.
*/
private boolean isGlobalOrSecureSettingRestrictedForUser(String setting, int userId,
String value, int callingUid) {
String restriction;
switch (setting) {
case Settings.Secure.LOCATION_MODE:
// Note LOCATION_MODE will be converted into LOCATION_PROVIDERS_ALLOWED
// in android.provider.Settings.Secure.putStringForUser(), so we shouldn't come
// here normally, but we still protect it here from a direct provider write.
if (String.valueOf(Settings.Secure.LOCATION_MODE_OFF).equals(value)) return false;
restriction = UserManager.DISALLOW_SHARE_LOCATION;
break;
case Settings.Secure.LOCATION_PROVIDERS_ALLOWED:
// See SettingsProvider.updateLocationProvidersAllowedLocked. "-" is to disable
// a provider, which should be allowed even if the user restriction is set.
if (value != null && value.startsWith("-")) return false;
restriction = UserManager.DISALLOW_SHARE_LOCATION;
break;
case Settings.Secure.INSTALL_NON_MARKET_APPS:
if ("0".equals(value)) return false;
restriction = UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES;
break;
case Settings.Global.ADB_ENABLED:
if ("0".equals(value)) return false;
restriction = UserManager.DISALLOW_DEBUGGING_FEATURES;
break;
case Settings.Global.PACKAGE_VERIFIER_ENABLE:
case Settings.Global.PACKAGE_VERIFIER_INCLUDE_ADB:
if ("1".equals(value)) return false;
restriction = UserManager.ENSURE_VERIFY_APPS;
break;
case Settings.Global.PREFERRED_NETWORK_MODE:
restriction = UserManager.DISALLOW_CONFIG_MOBILE_NETWORKS;
break;
case Settings.Secure.ALWAYS_ON_VPN_APP:
case Settings.Secure.ALWAYS_ON_VPN_LOCKDOWN:
// Whitelist system uid (ConnectivityService) and root uid to change always-on vpn
if (callingUid == Process.SYSTEM_UID || callingUid == Process.ROOT_UID) {
return false;
}
restriction = UserManager.DISALLOW_CONFIG_VPN;
break;
case Settings.Global.SAFE_BOOT_DISALLOWED:
if ("1".equals(value)) return false;
restriction = UserManager.DISALLOW_SAFE_BOOT;
break;
default:
if (setting != null && setting.startsWith(Settings.Global.DATA_ROAMING)) {
if ("0".equals(value)) return false;
restriction = UserManager.DISALLOW_DATA_ROAMING;
break;
}
return false;
}
return mUserManager.hasUserRestriction(restriction, UserHandle.of(userId));
}
private int resolveOwningUserIdForSecureSettingLocked(int userId, String setting) {
return resolveOwningUserIdLocked(userId, sSecureCloneToManagedSettings, setting);
}
private int resolveOwningUserIdForSystemSettingLocked(int userId, String setting) {
return resolveOwningUserIdLocked(userId, sSystemCloneToManagedSettings, setting);
}
private int resolveOwningUserIdLocked(int userId, Set keys, String name) {
final int parentId = getGroupParentLocked(userId);
if (parentId != userId && keys.contains(name)) {
return parentId;
}
return userId;
}
private void enforceRestrictedSystemSettingsMutationForCallingPackage(int operation,
String name, int userId) {
// System/root/shell can mutate whatever secure settings they want.
final int callingUid = Binder.getCallingUid();
if (callingUid == android.os.Process.SYSTEM_UID
|| callingUid == Process.SHELL_UID
|| callingUid == Process.ROOT_UID) {
return;
}
switch (operation) {
case MUTATION_OPERATION_INSERT:
// Insert updates.
case MUTATION_OPERATION_UPDATE: {
if (Settings.System.PUBLIC_SETTINGS.contains(name)) {
return;
}
// The calling package is already verified.
PackageInfo packageInfo = getCallingPackageInfoOrThrow(userId);
// Privileged apps can do whatever they want.
if ((packageInfo.applicationInfo.privateFlags
& ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) != 0) {
return;
}
warnOrThrowForUndesiredSecureSettingsMutationForTargetSdk(
packageInfo.applicationInfo.targetSdkVersion, name);
} break;
case MUTATION_OPERATION_DELETE: {
if (Settings.System.PUBLIC_SETTINGS.contains(name)
|| Settings.System.PRIVATE_SETTINGS.contains(name)) {
throw new IllegalArgumentException("You cannot delete system defined"
+ " secure settings.");
}
// The calling package is already verified.
PackageInfo packageInfo = getCallingPackageInfoOrThrow(userId);
// Privileged apps can do whatever they want.
if ((packageInfo.applicationInfo.privateFlags &
ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) != 0) {
return;
}
warnOrThrowForUndesiredSecureSettingsMutationForTargetSdk(
packageInfo.applicationInfo.targetSdkVersion, name);
} break;
}
}
private PackageInfo getCallingPackageInfoOrThrow(int userId) {
try {
PackageInfo packageInfo = mPackageManager.getPackageInfo(
getCallingPackage(), 0, userId);
if (packageInfo != null) {
return packageInfo;
}
} catch (RemoteException e) {
/* ignore */
}
throw new IllegalStateException("Calling package doesn't exist");
}
private int getGroupParentLocked(int userId) {
// Most frequent use case.
if (userId == UserHandle.USER_SYSTEM) {
return userId;
}
// We are in the same process with the user manager and the returned
// user info is a cached instance, so just look up instead of cache.
final long identity = Binder.clearCallingIdentity();
try {
// Just a lookup and not reentrant, so holding a lock is fine.
UserInfo userInfo = mUserManager.getProfileParent(userId);
return (userInfo != null) ? userInfo.id : userId;
} finally {
Binder.restoreCallingIdentity(identity);
}
}
private void enforceWritePermission(String permission) {
if (getContext().checkCallingOrSelfPermission(permission)
!= PackageManager.PERMISSION_GRANTED) {
throw new SecurityException("Permission denial: writing to settings requires:"
+ permission);
}
}
/*
* Used to parse changes to the value of Settings.Secure.LOCATION_PROVIDERS_ALLOWED.
* This setting contains a list of the currently enabled location providers.
* But helper functions in android.providers.Settings can enable or disable
* a single provider by using a "+" or "-" prefix before the provider name.
*
* See also {@link #isGlobalOrSecureSettingRestrictedForUser()}. If DISALLOW_SHARE_LOCATION
* is set, the said method will only allow values with the "-" prefix.
*
* @returns whether the enabled location providers changed.
*/
private boolean updateLocationProvidersAllowedLocked(String value, int owningUserId,
boolean forceNotify) {
if (TextUtils.isEmpty(value)) {
return false;
}
final char prefix = value.charAt(0);
if (prefix != '+' && prefix != '-') {
if (forceNotify) {
final int key = makeKey(SETTINGS_TYPE_SECURE, owningUserId);
mSettingsRegistry.notifyForSettingsChange(key,
Settings.Secure.LOCATION_PROVIDERS_ALLOWED);
}
return false;
}
// skip prefix
value = value.substring(1);
Setting settingValue = getSecureSetting(
Settings.Secure.LOCATION_PROVIDERS_ALLOWED, owningUserId);
String oldProviders = (settingValue != null) ? settingValue.getValue() : "";
int index = oldProviders.indexOf(value);
int end = index + value.length();
// check for commas to avoid matching on partial string
if (index > 0 && oldProviders.charAt(index - 1) != ',') {
index = -1;
}
// check for commas to avoid matching on partial string
if (end < oldProviders.length() && oldProviders.charAt(end) != ',') {
index = -1;
}
String newProviders;
if (prefix == '+' && index < 0) {
// append the provider to the list if not present
if (oldProviders.length() == 0) {
newProviders = value;
} else {
newProviders = oldProviders + ',' + value;
}
} else if (prefix == '-' && index >= 0) {
// remove the provider from the list if present
// remove leading or trailing comma
if (index > 0) {
index--;
} else if (end < oldProviders.length()) {
end++;
}
newProviders = oldProviders.substring(0, index);
if (end < oldProviders.length()) {
newProviders += oldProviders.substring(end);
}
} else {
// nothing changed, so no need to update the database
if (forceNotify) {
final int key = makeKey(SETTINGS_TYPE_SECURE, owningUserId);
mSettingsRegistry.notifyForSettingsChange(key,
Settings.Secure.LOCATION_PROVIDERS_ALLOWED);
}
return false;
}
return mSettingsRegistry.insertSettingLocked(SETTINGS_TYPE_SECURE,
owningUserId, Settings.Secure.LOCATION_PROVIDERS_ALLOWED, newProviders,
getCallingPackage(), forceNotify);
}
private static void warnOrThrowForUndesiredSecureSettingsMutationForTargetSdk(
int targetSdkVersion, String name) {
// If the app targets Lollipop MR1 or older SDK we warn, otherwise crash.
if (targetSdkVersion <= Build.VERSION_CODES.LOLLIPOP_MR1) {
if (Settings.System.PRIVATE_SETTINGS.contains(name)) {
Slog.w(LOG_TAG, "You shouldn't not change private system settings."
+ " This will soon become an error.");
} else {
Slog.w(LOG_TAG, "You shouldn't keep your settings in the secure settings."
+ " This will soon become an error.");
}
} else {
if (Settings.System.PRIVATE_SETTINGS.contains(name)) {
throw new IllegalArgumentException("You cannot change private secure settings.");
} else {
throw new IllegalArgumentException("You cannot keep your settings in"
+ " the secure settings.");
}
}
}
private static int resolveCallingUserIdEnforcingPermissionsLocked(int requestingUserId) {
if (requestingUserId == UserHandle.getCallingUserId()) {
return requestingUserId;
}
return ActivityManager.handleIncomingUser(Binder.getCallingPid(),
Binder.getCallingUid(), requestingUserId, false, true,
"get/set setting for user", null);
}
private Bundle packageValueForCallResult(Setting setting,
boolean trackingGeneration) {
if (!trackingGeneration) {
if (setting.isNull()) {
return NULL_SETTING_BUNDLE;
}
return Bundle.forPair(Settings.NameValueTable.VALUE, setting.getValue());
}
Bundle result = new Bundle();
result.putString(Settings.NameValueTable.VALUE,
!setting.isNull() ? setting.getValue() : null);
mSettingsRegistry.mGenerationRegistry.addGenerationData(result, setting.getkey());
return result;
}
private static int getRequestingUserId(Bundle args) {
final int callingUserId = UserHandle.getCallingUserId();
return (args != null) ? args.getInt(Settings.CALL_METHOD_USER_KEY, callingUserId)
: callingUserId;
}
private boolean isTrackingGeneration(Bundle args) {
return args != null && args.containsKey(Settings.CALL_METHOD_TRACK_GENERATION_KEY);
}
private static String getSettingValue(Bundle args) {
return (args != null) ? args.getString(Settings.NameValueTable.VALUE) : null;
}
private static String getValidTableOrThrow(Uri uri) {
if (uri.getPathSegments().size() > 0) {
String table = uri.getPathSegments().get(0);
if (DatabaseHelper.isValidTable(table)) {
return table;
}
throw new IllegalArgumentException("Bad root path: " + table);
}
throw new IllegalArgumentException("Invalid URI:" + uri);
}
private static MatrixCursor packageSettingForQuery(Setting setting, String[] projection) {
if (setting.isNull()) {
return new MatrixCursor(projection, 0);
}
MatrixCursor cursor = new MatrixCursor(projection, 1);
appendSettingToCursor(cursor, setting);
return cursor;
}
private static String[] normalizeProjection(String[] projection) {
if (projection == null) {
return ALL_COLUMNS;
}
final int columnCount = projection.length;
for (int i = 0; i < columnCount; i++) {
String column = projection[i];
if (!ArrayUtils.contains(ALL_COLUMNS, column)) {
throw new IllegalArgumentException("Invalid column: " + column);
}
}
return projection;
}
private static void appendSettingToCursor(MatrixCursor cursor, Setting setting) {
if (setting.isNull()) {
return;
}
final int columnCount = cursor.getColumnCount();
String[] values = new String[columnCount];
for (int i = 0; i < columnCount; i++) {
String column = cursor.getColumnName(i);
switch (column) {
case Settings.NameValueTable._ID: {
values[i] = setting.getId();
} break;
case Settings.NameValueTable.NAME: {
values[i] = setting.getName();
} break;
case Settings.NameValueTable.VALUE: {
values[i] = setting.getValue();
} break;
}
}
cursor.addRow(values);
}
private static boolean isKeyValid(String key) {
return !(TextUtils.isEmpty(key) || SettingsState.isBinary(key));
}
private static final class Arguments {
private static final Pattern WHERE_PATTERN_WITH_PARAM_NO_BRACKETS =
Pattern.compile("[\\s]*name[\\s]*=[\\s]*\\?[\\s]*");
private static final Pattern WHERE_PATTERN_WITH_PARAM_IN_BRACKETS =
Pattern.compile("[\\s]*\\([\\s]*name[\\s]*=[\\s]*\\?[\\s]*\\)[\\s]*");
private static final Pattern WHERE_PATTERN_NO_PARAM_IN_BRACKETS =
Pattern.compile("[\\s]*\\([\\s]*name[\\s]*=[\\s]*['\"].*['\"][\\s]*\\)[\\s]*");
private static final Pattern WHERE_PATTERN_NO_PARAM_NO_BRACKETS =
Pattern.compile("[\\s]*name[\\s]*=[\\s]*['\"].*['\"][\\s]*");
public final String table;
public final String name;
public Arguments(Uri uri, String where, String[] whereArgs, boolean supportAll) {
final int segmentSize = uri.getPathSegments().size();
switch (segmentSize) {
case 1: {
if (where != null
&& (WHERE_PATTERN_WITH_PARAM_NO_BRACKETS.matcher(where).matches()
|| WHERE_PATTERN_WITH_PARAM_IN_BRACKETS.matcher(where).matches())
&& whereArgs.length == 1) {
name = whereArgs[0];
table = computeTableForSetting(uri, name);
return;
} else if (where != null
&& (WHERE_PATTERN_NO_PARAM_NO_BRACKETS.matcher(where).matches()
|| WHERE_PATTERN_NO_PARAM_IN_BRACKETS.matcher(where).matches())) {
final int startIndex = Math.max(where.indexOf("'"),
where.indexOf("\"")) + 1;
final int endIndex = Math.max(where.lastIndexOf("'"),
where.lastIndexOf("\""));
name = where.substring(startIndex, endIndex);
table = computeTableForSetting(uri, name);
return;
} else if (supportAll && where == null && whereArgs == null) {
name = null;
table = computeTableForSetting(uri, null);
return;
}
} break;
case 2: {
if (where == null && whereArgs == null) {
name = uri.getPathSegments().get(1);
table = computeTableForSetting(uri, name);
return;
}
} break;
}
EventLogTags.writeUnsupportedSettingsQuery(
uri.toSafeString(), where, Arrays.toString(whereArgs));
String message = String.format( "Supported SQL:\n"
+ " uri content://some_table/some_property with null where and where args\n"
+ " uri content://some_table with query name=? and single name as arg\n"
+ " uri content://some_table with query name=some_name and null args\n"
+ " but got - uri:%1s, where:%2s whereArgs:%3s", uri, where,
Arrays.toString(whereArgs));
throw new IllegalArgumentException(message);
}
private static String computeTableForSetting(Uri uri, String name) {
String table = getValidTableOrThrow(uri);
if (name != null) {
if (sSystemMovedToSecureSettings.contains(name)) {
table = TABLE_SECURE;
}
if (sSystemMovedToGlobalSettings.contains(name)) {
table = TABLE_GLOBAL;
}
if (sSecureMovedToGlobalSettings.contains(name)) {
table = TABLE_GLOBAL;
}
if (sGlobalMovedToSecureSettings.contains(name)) {
table = TABLE_SECURE;
}
}
return table;
}
}
final class SettingsRegistry {
private static final String DROPBOX_TAG_USERLOG = "restricted_profile_ssaid";
private static final String SETTINGS_FILE_GLOBAL = "settings_global.xml";
private static final String SETTINGS_FILE_SYSTEM = "settings_system.xml";
private static final String SETTINGS_FILE_SECURE = "settings_secure.xml";
private final SparseArray mSettingsStates = new SparseArray<>();
private GenerationRegistry mGenerationRegistry;
private final Handler mHandler;
private final BackupManager mBackupManager;
public SettingsRegistry() {
mHandler = new MyHandler(getContext().getMainLooper());
mGenerationRegistry = new GenerationRegistry(mLock);
mBackupManager = new BackupManager(getContext());
migrateAllLegacySettingsIfNeeded();
}
public List getSettingsNamesLocked(int type, int userId) {
final int key = makeKey(type, userId);
SettingsState settingsState = peekSettingsStateLocked(key);
return settingsState.getSettingNamesLocked();
}
public SettingsState getSettingsLocked(int type, int userId) {
final int key = makeKey(type, userId);
return peekSettingsStateLocked(key);
}
public void ensureSettingsForUserLocked(int userId) {
// Migrate the setting for this user if needed.
migrateLegacySettingsForUserIfNeededLocked(userId);
// Ensure global settings loaded if owner.
if (userId == UserHandle.USER_SYSTEM) {
final int globalKey = makeKey(SETTINGS_TYPE_GLOBAL, UserHandle.USER_SYSTEM);
ensureSettingsStateLocked(globalKey);
}
// Ensure secure settings loaded.
final int secureKey = makeKey(SETTINGS_TYPE_SECURE, userId);
ensureSettingsStateLocked(secureKey);
// Make sure the secure settings have an Android id set.
SettingsState secureSettings = getSettingsLocked(SETTINGS_TYPE_SECURE, userId);
ensureSecureSettingAndroidIdSetLocked(secureSettings);
// Ensure system settings loaded.
final int systemKey = makeKey(SETTINGS_TYPE_SYSTEM, userId);
ensureSettingsStateLocked(systemKey);
// Upgrade the settings to the latest version.
UpgradeController upgrader = new UpgradeController(userId);
upgrader.upgradeIfNeededLocked();
}
private void ensureSettingsStateLocked(int key) {
if (mSettingsStates.get(key) == null) {
final int maxBytesPerPackage = getMaxBytesPerPackageForType(getTypeFromKey(key));
SettingsState settingsState = new SettingsState(mLock, getSettingsFile(key), key,
maxBytesPerPackage, mHandlerThread.getLooper());
mSettingsStates.put(key, settingsState);
}
}
public void removeUserStateLocked(int userId, boolean permanently) {
// We always keep the global settings in memory.
// Nuke system settings.
final int systemKey = makeKey(SETTINGS_TYPE_SYSTEM, userId);
final SettingsState systemSettingsState = mSettingsStates.get(systemKey);
if (systemSettingsState != null) {
if (permanently) {
mSettingsStates.remove(systemKey);
systemSettingsState.destroyLocked(null);
} else {
systemSettingsState.destroyLocked(new Runnable() {
@Override
public void run() {
mSettingsStates.remove(systemKey);
}
});
}
}
// Nuke secure settings.
final int secureKey = makeKey(SETTINGS_TYPE_SECURE, userId);
final SettingsState secureSettingsState = mSettingsStates.get(secureKey);
if (secureSettingsState != null) {
if (permanently) {
mSettingsStates.remove(secureKey);
secureSettingsState.destroyLocked(null);
} else {
secureSettingsState.destroyLocked(new Runnable() {
@Override
public void run() {
mSettingsStates.remove(secureKey);
}
});
}
}
// Nuke generation tracking data
mGenerationRegistry.onUserRemoved(userId);
}
public boolean insertSettingLocked(int type, int userId, String name, String value,
String packageName, boolean forceNotify) {
final int key = makeKey(type, userId);
SettingsState settingsState = peekSettingsStateLocked(key);
final boolean success = settingsState.insertSettingLocked(name, value, packageName);
if (forceNotify || success) {
notifyForSettingsChange(key, name);
}
return success;
}
public boolean deleteSettingLocked(int type, int userId, String name, boolean forceNotify) {
final int key = makeKey(type, userId);
SettingsState settingsState = peekSettingsStateLocked(key);
final boolean success = settingsState.deleteSettingLocked(name);
if (forceNotify || success) {
notifyForSettingsChange(key, name);
}
return success;
}
public Setting getSettingLocked(int type, int userId, String name) {
final int key = makeKey(type, userId);
SettingsState settingsState = peekSettingsStateLocked(key);
return settingsState.getSettingLocked(name);
}
public boolean updateSettingLocked(int type, int userId, String name, String value,
String packageName, boolean forceNotify) {
final int key = makeKey(type, userId);
SettingsState settingsState = peekSettingsStateLocked(key);
final boolean success = settingsState.updateSettingLocked(name, value, packageName);
if (forceNotify || success) {
notifyForSettingsChange(key, name);
}
return success;
}
public void onPackageRemovedLocked(String packageName, int userId) {
// Global and secure settings are signature protected. Apps signed
// by the platform certificate are generally not uninstalled and
// the main exception is tests. We trust components signed
// by the platform certificate and do not do a clean up after them.
final int systemKey = makeKey(SETTINGS_TYPE_SYSTEM, userId);
SettingsState systemSettings = mSettingsStates.get(systemKey);
if (systemSettings != null) {
systemSettings.onPackageRemovedLocked(packageName);
}
}
private SettingsState peekSettingsStateLocked(int key) {
SettingsState settingsState = mSettingsStates.get(key);
if (settingsState != null) {
return settingsState;
}
ensureSettingsForUserLocked(getUserIdFromKey(key));
return mSettingsStates.get(key);
}
private void migrateAllLegacySettingsIfNeeded() {
synchronized (mLock) {
final int key = makeKey(SETTINGS_TYPE_GLOBAL, UserHandle.USER_SYSTEM);
File globalFile = getSettingsFile(key);
if (globalFile.exists()) {
return;
}
final long identity = Binder.clearCallingIdentity();
try {
List users = mUserManager.getUsers(true);
final int userCount = users.size();
for (int i = 0; i < userCount; i++) {
final int userId = users.get(i).id;
DatabaseHelper dbHelper = new DatabaseHelper(getContext(), userId);
SQLiteDatabase database = dbHelper.getWritableDatabase();
migrateLegacySettingsForUserLocked(dbHelper, database, userId);
// Upgrade to the latest version.
UpgradeController upgrader = new UpgradeController(userId);
upgrader.upgradeIfNeededLocked();
// Drop from memory if not a running user.
if (!mUserManager.isUserRunning(new UserHandle(userId))) {
removeUserStateLocked(userId, false);
}
}
} finally {
Binder.restoreCallingIdentity(identity);
}
}
}
private void migrateLegacySettingsForUserIfNeededLocked(int userId) {
// Every user has secure settings and if no file we need to migrate.
final int secureKey = makeKey(SETTINGS_TYPE_SECURE, userId);
File secureFile = getSettingsFile(secureKey);
if (secureFile.exists()) {
return;
}
DatabaseHelper dbHelper = new DatabaseHelper(getContext(), userId);
SQLiteDatabase database = dbHelper.getWritableDatabase();
migrateLegacySettingsForUserLocked(dbHelper, database, userId);
}
private void migrateLegacySettingsForUserLocked(DatabaseHelper dbHelper,
SQLiteDatabase database, int userId) {
// Move over the system settings.
final int systemKey = makeKey(SETTINGS_TYPE_SYSTEM, userId);
ensureSettingsStateLocked(systemKey);
SettingsState systemSettings = mSettingsStates.get(systemKey);
migrateLegacySettingsLocked(systemSettings, database, TABLE_SYSTEM);
systemSettings.persistSyncLocked();
// Move over the secure settings.
// Do this after System settings, since this is the first thing we check when deciding
// to skip over migration from db to xml for a secondary user.
final int secureKey = makeKey(SETTINGS_TYPE_SECURE, userId);
ensureSettingsStateLocked(secureKey);
SettingsState secureSettings = mSettingsStates.get(secureKey);
migrateLegacySettingsLocked(secureSettings, database, TABLE_SECURE);
ensureSecureSettingAndroidIdSetLocked(secureSettings);
secureSettings.persistSyncLocked();
// Move over the global settings if owner.
// Do this last, since this is the first thing we check when deciding
// to skip over migration from db to xml for owner user.
if (userId == UserHandle.USER_SYSTEM) {
final int globalKey = makeKey(SETTINGS_TYPE_GLOBAL, userId);
ensureSettingsStateLocked(globalKey);
SettingsState globalSettings = mSettingsStates.get(globalKey);
migrateLegacySettingsLocked(globalSettings, database, TABLE_GLOBAL);
globalSettings.persistSyncLocked();
}
// Drop the database as now all is moved and persisted.
if (DROP_DATABASE_ON_MIGRATION) {
dbHelper.dropDatabase();
} else {
dbHelper.backupDatabase();
}
}
private void migrateLegacySettingsLocked(SettingsState settingsState,
SQLiteDatabase database, String table) {
SQLiteQueryBuilder queryBuilder = new SQLiteQueryBuilder();
queryBuilder.setTables(table);
Cursor cursor = queryBuilder.query(database, ALL_COLUMNS,
null, null, null, null, null);
if (cursor == null) {
return;
}
try {
if (!cursor.moveToFirst()) {
return;
}
final int nameColumnIdx = cursor.getColumnIndex(Settings.NameValueTable.NAME);
final int valueColumnIdx = cursor.getColumnIndex(Settings.NameValueTable.VALUE);
settingsState.setVersionLocked(database.getVersion());
while (!cursor.isAfterLast()) {
String name = cursor.getString(nameColumnIdx);
String value = cursor.getString(valueColumnIdx);
settingsState.insertSettingLocked(name, value,
SettingsState.SYSTEM_PACKAGE_NAME);
cursor.moveToNext();
}
} finally {
cursor.close();
}
}
private void ensureSecureSettingAndroidIdSetLocked(SettingsState secureSettings) {
Setting value = secureSettings.getSettingLocked(Settings.Secure.ANDROID_ID);
if (!value.isNull()) {
return;
}
final int userId = getUserIdFromKey(secureSettings.mKey);
final UserInfo user;
final long identity = Binder.clearCallingIdentity();
try {
user = mUserManager.getUserInfo(userId);
} finally {
Binder.restoreCallingIdentity(identity);
}
if (user == null) {
// Can happen due to races when deleting users - treat as benign.
return;
}
String androidId = Long.toHexString(new SecureRandom().nextLong());
secureSettings.insertSettingLocked(Settings.Secure.ANDROID_ID, androidId,
SettingsState.SYSTEM_PACKAGE_NAME);
Slog.d(LOG_TAG, "Generated and saved new ANDROID_ID [" + androidId
+ "] for user " + userId);
// Write a drop box entry if it's a restricted profile
if (user.isRestricted()) {
DropBoxManager dbm = (DropBoxManager) getContext().getSystemService(
Context.DROPBOX_SERVICE);
if (dbm != null && dbm.isTagEnabled(DROPBOX_TAG_USERLOG)) {
dbm.addText(DROPBOX_TAG_USERLOG, System.currentTimeMillis()
+ "," + DROPBOX_TAG_USERLOG + "," + androidId + "\n");
}
}
}
private void notifyForSettingsChange(int key, String name) {
final int userId = getUserIdFromKey(key);
Uri uri = getNotificationUriFor(key, name);
mGenerationRegistry.incrementGeneration(key);
mHandler.obtainMessage(MyHandler.MSG_NOTIFY_URI_CHANGED,
userId, 0, uri).sendToTarget();
if (isSecureSettingsKey(key)) {
maybeNotifyProfiles(getTypeFromKey(key), userId, uri, name,
sSecureCloneToManagedSettings);
} else if (isSystemSettingsKey(key)) {
maybeNotifyProfiles(getTypeFromKey(key), userId, uri, name,
sSystemCloneToManagedSettings);
}
mHandler.obtainMessage(MyHandler.MSG_NOTIFY_DATA_CHANGED).sendToTarget();
}
private void maybeNotifyProfiles(int type, int userId, Uri uri, String name,
Set keysCloned) {
if (keysCloned.contains(name)) {
for (int profileId : mUserManager.getProfileIdsWithDisabled(userId)) {
// the notification for userId has already been sent.
if (profileId != userId) {
mHandler.obtainMessage(MyHandler.MSG_NOTIFY_URI_CHANGED,
profileId, 0, uri).sendToTarget();
final int key = makeKey(type, profileId);
mGenerationRegistry.incrementGeneration(key);
mHandler.obtainMessage(MyHandler.MSG_NOTIFY_DATA_CHANGED).sendToTarget();
}
}
}
}
private boolean isGlobalSettingsKey(int key) {
return getTypeFromKey(key) == SETTINGS_TYPE_GLOBAL;
}
private boolean isSystemSettingsKey(int key) {
return getTypeFromKey(key) == SETTINGS_TYPE_SYSTEM;
}
private boolean isSecureSettingsKey(int key) {
return getTypeFromKey(key) == SETTINGS_TYPE_SECURE;
}
private File getSettingsFile(int key) {
if (isGlobalSettingsKey(key)) {
final int userId = getUserIdFromKey(key);
return new File(Environment.getUserSystemDirectory(userId),
SETTINGS_FILE_GLOBAL);
} else if (isSystemSettingsKey(key)) {
final int userId = getUserIdFromKey(key);
return new File(Environment.getUserSystemDirectory(userId),
SETTINGS_FILE_SYSTEM);
} else if (isSecureSettingsKey(key)) {
final int userId = getUserIdFromKey(key);
return new File(Environment.getUserSystemDirectory(userId),
SETTINGS_FILE_SECURE);
} else {
throw new IllegalArgumentException("Invalid settings key:" + key);
}
}
private Uri getNotificationUriFor(int key, String name) {
if (isGlobalSettingsKey(key)) {
return (name != null) ? Uri.withAppendedPath(Settings.Global.CONTENT_URI, name)
: Settings.Global.CONTENT_URI;
} else if (isSecureSettingsKey(key)) {
return (name != null) ? Uri.withAppendedPath(Settings.Secure.CONTENT_URI, name)
: Settings.Secure.CONTENT_URI;
} else if (isSystemSettingsKey(key)) {
return (name != null) ? Uri.withAppendedPath(Settings.System.CONTENT_URI, name)
: Settings.System.CONTENT_URI;
} else {
throw new IllegalArgumentException("Invalid settings key:" + key);
}
}
private int getMaxBytesPerPackageForType(int type) {
switch (type) {
case SETTINGS_TYPE_GLOBAL:
case SETTINGS_TYPE_SECURE: {
return SettingsState.MAX_BYTES_PER_APP_PACKAGE_UNLIMITED;
}
default: {
return SettingsState.MAX_BYTES_PER_APP_PACKAGE_LIMITED;
}
}
}
private final class MyHandler extends Handler {
private static final int MSG_NOTIFY_URI_CHANGED = 1;
private static final int MSG_NOTIFY_DATA_CHANGED = 2;
public MyHandler(Looper looper) {
super(looper);
}
@Override
public void handleMessage(Message msg) {
switch (msg.what) {
case MSG_NOTIFY_URI_CHANGED: {
final int userId = msg.arg1;
Uri uri = (Uri) msg.obj;
getContext().getContentResolver().notifyChange(uri, null, true, userId);
if (DEBUG) {
Slog.v(LOG_TAG, "Notifying for " + userId + ": " + uri);
}
} break;
case MSG_NOTIFY_DATA_CHANGED: {
mBackupManager.dataChanged();
} break;
}
}
}
private final class UpgradeController {
private static final int SETTINGS_VERSION = 127;
private final int mUserId;
public UpgradeController(int userId) {
mUserId = userId;
}
public void upgradeIfNeededLocked() {
// The version of all settings for a user is the same (all users have secure).
SettingsState secureSettings = getSettingsLocked(
SETTINGS_TYPE_SECURE, mUserId);
// Try an update from the current state.
final int oldVersion = secureSettings.getVersionLocked();
final int newVersion = SETTINGS_VERSION;
// If up do date - done.
if (oldVersion == newVersion) {
return;
}
// Try to upgrade.
final int curVersion = onUpgradeLocked(mUserId, oldVersion, newVersion);
// If upgrade failed start from scratch and upgrade.
if (curVersion != newVersion) {
// Drop state we have for this user.
removeUserStateLocked(mUserId, true);
// Recreate the database.
DatabaseHelper dbHelper = new DatabaseHelper(getContext(), mUserId);
SQLiteDatabase database = dbHelper.getWritableDatabase();
dbHelper.recreateDatabase(database, newVersion, curVersion, oldVersion);
// Migrate the settings for this user.
migrateLegacySettingsForUserLocked(dbHelper, database, mUserId);
// Now upgrade should work fine.
onUpgradeLocked(mUserId, oldVersion, newVersion);
}
// Set the global settings version if owner.
if (mUserId == UserHandle.USER_SYSTEM) {
SettingsState globalSettings = getSettingsLocked(
SETTINGS_TYPE_GLOBAL, mUserId);
globalSettings.setVersionLocked(newVersion);
}
// Set the secure settings version.
secureSettings.setVersionLocked(newVersion);
// Set the system settings version.
SettingsState systemSettings = getSettingsLocked(
SETTINGS_TYPE_SYSTEM, mUserId);
systemSettings.setVersionLocked(newVersion);
}
private SettingsState getGlobalSettingsLocked() {
return getSettingsLocked(SETTINGS_TYPE_GLOBAL, UserHandle.USER_SYSTEM);
}
private SettingsState getSecureSettingsLocked(int userId) {
return getSettingsLocked(SETTINGS_TYPE_SECURE, userId);
}
private SettingsState getSystemSettingsLocked(int userId) {
return getSettingsLocked(SETTINGS_TYPE_SYSTEM, userId);
}
/**
* You must perform all necessary mutations to bring the settings
* for this user from the old to the new version. When you add a new
* upgrade step you *must* update SETTINGS_VERSION.
*
* This is an example of moving a setting from secure to global.
*
* // v119: Example settings changes.
* if (currentVersion == 118) {
* if (userId == UserHandle.USER_OWNER) {
* // Remove from the secure settings.
* SettingsState secureSettings = getSecureSettingsLocked(userId);
* String name = "example_setting_to_move";
* String value = secureSettings.getSetting(name);
* secureSettings.deleteSetting(name);
*
* // Add to the global settings.
* SettingsState globalSettings = getGlobalSettingsLocked();
* globalSettings.insertSetting(name, value, SettingsState.SYSTEM_PACKAGE_NAME);
* }
*
* // Update the current version.
* currentVersion = 119;
* }
*/
private int onUpgradeLocked(int userId, int oldVersion, int newVersion) {
if (DEBUG) {
Slog.w(LOG_TAG, "Upgrading settings for user: " + userId + " from version: "
+ oldVersion + " to version: " + newVersion);
}
int currentVersion = oldVersion;
// v119: Reset zen + ringer mode.
if (currentVersion == 118) {
if (userId == UserHandle.USER_SYSTEM) {
final SettingsState globalSettings = getGlobalSettingsLocked();
globalSettings.updateSettingLocked(Settings.Global.ZEN_MODE,
Integer.toString(Settings.Global.ZEN_MODE_OFF),
SettingsState.SYSTEM_PACKAGE_NAME);
globalSettings.updateSettingLocked(Settings.Global.MODE_RINGER,
Integer.toString(AudioManager.RINGER_MODE_NORMAL),
SettingsState.SYSTEM_PACKAGE_NAME);
}
currentVersion = 119;
}
// v120: Add double tap to wake setting.
if (currentVersion == 119) {
SettingsState secureSettings = getSecureSettingsLocked(userId);
secureSettings.insertSettingLocked(Settings.Secure.DOUBLE_TAP_TO_WAKE,
getContext().getResources().getBoolean(
R.bool.def_double_tap_to_wake) ? "1" : "0",
SettingsState.SYSTEM_PACKAGE_NAME);
currentVersion = 120;
}
if (currentVersion == 120) {
// Before 121, we used a different string encoding logic. We just bump the
// version here; SettingsState knows how to handle pre-version 120 files.
currentVersion = 121;
}
if (currentVersion == 121) {
// Version 122: allow OEMs to set a default payment component in resources.
// Note that we only write the default if no default has been set;
// if there is, we just leave the default at whatever it currently is.
final SettingsState secureSettings = getSecureSettingsLocked(userId);
String defaultComponent = (getContext().getResources().getString(
R.string.def_nfc_payment_component));
Setting currentSetting = secureSettings.getSettingLocked(
Settings.Secure.NFC_PAYMENT_DEFAULT_COMPONENT);
if (defaultComponent != null && !defaultComponent.isEmpty() &&
currentSetting.isNull()) {
secureSettings.insertSettingLocked(
Settings.Secure.NFC_PAYMENT_DEFAULT_COMPONENT,
defaultComponent,
SettingsState.SYSTEM_PACKAGE_NAME);
}
currentVersion = 122;
}
if (currentVersion == 122) {
// Version 123: Adding a default value for the ability to add a user from
// the lock screen.
if (userId == UserHandle.USER_SYSTEM) {
final SettingsState globalSettings = getGlobalSettingsLocked();
Setting currentSetting = globalSettings.getSettingLocked(
Settings.Global.ADD_USERS_WHEN_LOCKED);
if (currentSetting.isNull()) {
globalSettings.insertSettingLocked(
Settings.Global.ADD_USERS_WHEN_LOCKED,
getContext().getResources().getBoolean(
R.bool.def_add_users_from_lockscreen) ? "1" : "0",
SettingsState.SYSTEM_PACKAGE_NAME);
}
}
currentVersion = 123;
}
if (currentVersion == 123) {
final SettingsState globalSettings = getGlobalSettingsLocked();
String defaultDisabledProfiles = (getContext().getResources().getString(
R.string.def_bluetooth_disabled_profiles));
globalSettings.insertSettingLocked(Settings.Global.BLUETOOTH_DISABLED_PROFILES,
defaultDisabledProfiles, SettingsState.SYSTEM_PACKAGE_NAME);
currentVersion = 124;
}
if (currentVersion == 124) {
// Version 124: allow OEMs to set a default value for whether IME should be
// shown when a physical keyboard is connected.
final SettingsState secureSettings = getSecureSettingsLocked(userId);
Setting currentSetting = secureSettings.getSettingLocked(
Settings.Secure.SHOW_IME_WITH_HARD_KEYBOARD);
if (currentSetting.isNull()) {
secureSettings.insertSettingLocked(
Settings.Secure.SHOW_IME_WITH_HARD_KEYBOARD,
getContext().getResources().getBoolean(
R.bool.def_show_ime_with_hard_keyboard) ? "1" : "0",
SettingsState.SYSTEM_PACKAGE_NAME);
}
currentVersion = 125;
}
if (currentVersion == 125) {
// Version 125: Allow OEMs to set the default VR service.
final SettingsState secureSettings = getSecureSettingsLocked(userId);
Setting currentSetting = secureSettings.getSettingLocked(
Settings.Secure.ENABLED_VR_LISTENERS);
if (currentSetting.isNull()) {
ArraySet l =
SystemConfig.getInstance().getDefaultVrComponents();
if (l != null && !l.isEmpty()) {
StringBuilder b = new StringBuilder();
boolean start = true;
for (ComponentName c : l) {
if (!start) {
b.append(':');
}
b.append(c.flattenToString());
start = false;
}
secureSettings.insertSettingLocked(
Settings.Secure.ENABLED_VR_LISTENERS, b.toString(),
SettingsState.SYSTEM_PACKAGE_NAME);
}
}
currentVersion = 126;
}
if (currentVersion == 126) {
// Version 126: copy the primary values of LOCK_SCREEN_SHOW_NOTIFICATIONS and
// LOCK_SCREEN_ALLOW_PRIVATE_NOTIFICATIONS into managed profile.
if (mUserManager.isManagedProfile(userId)) {
final SettingsState systemSecureSettings =
getSecureSettingsLocked(UserHandle.USER_SYSTEM);
final Setting showNotifications = systemSecureSettings.getSettingLocked(
Settings.Secure.LOCK_SCREEN_SHOW_NOTIFICATIONS);
if (!showNotifications.isNull()) {
final SettingsState secureSettings = getSecureSettingsLocked(userId);
secureSettings.insertSettingLocked(
Settings.Secure.LOCK_SCREEN_SHOW_NOTIFICATIONS,
showNotifications.getValue(),
SettingsState.SYSTEM_PACKAGE_NAME);
}
final Setting allowPrivate = systemSecureSettings.getSettingLocked(
Settings.Secure.LOCK_SCREEN_ALLOW_PRIVATE_NOTIFICATIONS);
if (!allowPrivate.isNull()) {
final SettingsState secureSettings = getSecureSettingsLocked(userId);
secureSettings.insertSettingLocked(
Settings.Secure.LOCK_SCREEN_ALLOW_PRIVATE_NOTIFICATIONS,
allowPrivate.getValue(),
SettingsState.SYSTEM_PACKAGE_NAME);
}
}
currentVersion = 127;
}
// vXXX: Add new settings above this point.
// Return the current version.
return currentVersion;
}
}
}
}