summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHui Yu <huiyu@google.com>2022-02-09 18:25:59 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>2022-02-09 18:25:59 +0000
commit937036e0bde3021430166f8e791fc781d455675b (patch)
tree6af74f5c6e9fca6ac3fc1109f782209a7bdf2383
parent053326ecdab86508a7c667d0ac04405bd3c2dcf8 (diff)
parent3021dae9b2e8d74a4620f2d6a050a194b753bc19 (diff)
downloadbase-937036e0bde3021430166f8e791fc781d455675b.tar.gz
Merge "Revert "Merge "BG-FGS-start while-in-use permission restriction ..."" into rvc-qpr-dev
Diffstat
-rw-r--r--services/core/java/com/android/server/am/ActiveServices.java102
-rw-r--r--services/core/java/com/android/server/am/ActivityManagerConstants.java20
-rw-r--r--services/core/java/com/android/server/am/ServiceRecord.java6
3 files changed, 22 insertions, 106 deletions
diff --git a/services/core/java/com/android/server/am/ActiveServices.java b/services/core/java/com/android/server/am/ActiveServices.java
index aa38fd1e6fc4..c7391f27bd43 100644
--- a/services/core/java/com/android/server/am/ActiveServices.java
+++ b/services/core/java/com/android/server/am/ActiveServices.java
@@ -734,8 +734,11 @@ public final class ActiveServices {
}
ComponentName cmp = startServiceInnerLocked(smap, service, r, callerFg, addToStarting);
- setFgsRestrictionLocked(callingPackage, callingPid, callingUid, r,
- allowBackgroundActivityStarts);
+ if (!r.mAllowWhileInUsePermissionInFgs) {
+ r.mAllowWhileInUsePermissionInFgs =
+ shouldAllowWhileInUsePermissionInFgsLocked(callingPackage, callingPid,
+ callingUid, service, r, allowBackgroundActivityStarts);
+ }
return cmp;
}
@@ -1408,6 +1411,14 @@ public final class ActiveServices {
+ String.format("0x%08X", manifestType)
+ " in service element of manifest file");
}
+ // If the foreground service is not started from TOP process, do not allow it to
+ // have while-in-use location/camera/microphone access.
+ if (!r.mAllowWhileInUsePermissionInFgs) {
+ Slog.w(TAG,
+ "Foreground service started from background can not have "
+ + "location/camera/microphone access: service "
+ + r.shortInstanceName);
+ }
}
boolean alreadyStartedOp = false;
boolean stopProcStatsOp = false;
@@ -1455,56 +1466,6 @@ public final class ActiveServices {
ignoreForeground = true;
}
- if (!ignoreForeground) {
- if (r.mStartForegroundCount == 0) {
- /*
- If the service was started with startService(), not
- startForegroundService(), and if startForeground() isn't called within
- mFgsStartForegroundTimeoutMs, then we check the state of the app
- (who owns the service, which is the app that called startForeground())
- again. If the app is in the foreground, or in any other cases where
- FGS-starts are allowed, then we still allow the FGS to be started.
- Otherwise, startForeground() would fail.
-
- If the service was started with startForegroundService(), then the service
- must call startForeground() within a timeout anyway, so we don't need this
- check.
- */
- if (!r.fgRequired) {
- final long delayMs = SystemClock.elapsedRealtime() - r.createRealTime;
- if (delayMs > mAm.mConstants.mFgsStartForegroundTimeoutMs) {
- resetFgsRestrictionLocked(r);
- setFgsRestrictionLocked(r.serviceInfo.packageName, r.app.pid,
- r.appInfo.uid, r, false);
- EventLog.writeEvent(0x534e4554, "183147114",
- r.appInfo.uid,
- "call setFgsRestrictionLocked again due to "
- + "startForegroundTimeout");
- }
- }
- } else if (r.mStartForegroundCount >= 1) {
- // The second or later time startForeground() is called after service is
- // started. Check for app state again.
- final long delayMs = SystemClock.elapsedRealtime() -
- r.mLastSetFgsRestrictionTime;
- if (delayMs > mAm.mConstants.mFgsStartForegroundTimeoutMs) {
- setFgsRestrictionLocked(r.serviceInfo.packageName, r.app.pid,
- r.appInfo.uid, r, false);
- EventLog.writeEvent(0x534e4554, "183147114", r.appInfo.uid,
- "call setFgsRestrictionLocked for "
- + (r.mStartForegroundCount + 1) + "th startForeground");
- }
- }
- // If the foreground service is not started from TOP process, do not allow it to
- // have while-in-use location/camera/microphone access.
- if (!r.mAllowWhileInUsePermissionInFgs) {
- Slog.w(TAG,
- "Foreground service started from background can not have "
- + "location/camera/microphone access: service "
- + r.shortInstanceName);
- }
- }
-
// Apps under strict background restrictions simply don't get to have foreground
// services, so now that we've enforced the startForegroundService() contract
// we only do the machinery of making the service foreground when the app
@@ -1540,7 +1501,6 @@ public final class ActiveServices {
active.mNumActive++;
}
r.isForeground = true;
- r.mStartForegroundCount++;
if (!stopProcStatsOp) {
ServiceState stracker = r.getTracker();
if (stracker != null) {
@@ -1599,7 +1559,6 @@ public final class ActiveServices {
decActiveForegroundAppLocked(smap, r);
}
r.isForeground = false;
- resetFgsRestrictionLocked(r);
ServiceState stracker = r.getTracker();
if (stracker != null) {
stracker.setForeground(false, mAm.mProcessStats.getMemFactorLocked(),
@@ -2159,7 +2118,12 @@ public final class ActiveServices {
}
}
- setFgsRestrictionLocked(callingPackage, callingPid, callingUid, s, false);
+ if (!s.mAllowWhileInUsePermissionInFgs) {
+ s.mAllowWhileInUsePermissionInFgs =
+ shouldAllowWhileInUsePermissionInFgsLocked(callingPackage,
+ callingPid, callingUid,
+ service, s, false);
+ }
if (s.app != null) {
if ((flags&Context.BIND_TREAT_LIKE_ACTIVITY) != 0) {
@@ -3455,7 +3419,7 @@ public final class ActiveServices {
r.isForeground = false;
r.foregroundId = 0;
r.foregroundNoti = null;
- resetFgsRestrictionLocked(r);
+ r.mAllowWhileInUsePermissionInFgs = false;
// Clear start entries.
r.clearDeliveredStartsLocked();
@@ -4936,7 +4900,7 @@ public final class ActiveServices {
* @return true if allow, false otherwise.
*/
private boolean shouldAllowWhileInUsePermissionInFgsLocked(String callingPackage,
- int callingPid, int callingUid, ServiceRecord r,
+ int callingPid, int callingUid, Intent intent, ServiceRecord r,
boolean allowBackgroundActivityStarts) {
// Is the background FGS start restriction turned on?
if (!mAm.mConstants.mFlagBackgroundFgsStartRestrictionEnabled) {
@@ -5022,29 +4986,7 @@ public final class ActiveServices {
boolean canAllowWhileInUsePermissionInFgsLocked(int callingPid, int callingUid,
String callingPackage) {
return shouldAllowWhileInUsePermissionInFgsLocked(
- callingPackage, callingPid, callingUid, null, false);
+ callingPackage, callingPid, callingUid, null, null, false);
}
- /**
- * In R, mAllowWhileInUsePermissionInFgs is to allow while-in-use permissions in foreground
- * service or not. while-in-use permissions in FGS started from background might be restricted.
- * @param callingPackage caller app's package name.
- * @param callingUid caller app's uid.
- * @param r the service to start.
- * @return true if allow, false otherwise.
- */
- private void setFgsRestrictionLocked(String callingPackage,
- int callingPid, int callingUid, ServiceRecord r,
- boolean allowBackgroundActivityStarts) {
- r.mLastSetFgsRestrictionTime = SystemClock.elapsedRealtime();
- if (!r.mAllowWhileInUsePermissionInFgs) {
- r.mAllowWhileInUsePermissionInFgs = shouldAllowWhileInUsePermissionInFgsLocked(
- callingPackage, callingPid, callingUid, r, allowBackgroundActivityStarts);
- }
- }
-
- private void resetFgsRestrictionLocked(ServiceRecord r) {
- r.mAllowWhileInUsePermissionInFgs = false;
- r.mLastSetFgsRestrictionTime = 0;
- }
}
diff --git a/services/core/java/com/android/server/am/ActivityManagerConstants.java b/services/core/java/com/android/server/am/ActivityManagerConstants.java
index 00d8208ea118..7be843f17863 100644
--- a/services/core/java/com/android/server/am/ActivityManagerConstants.java
+++ b/services/core/java/com/android/server/am/ActivityManagerConstants.java
@@ -88,7 +88,6 @@ final class ActivityManagerConstants extends ContentObserver {
static final String KEY_PROCESS_START_ASYNC = "process_start_async";
static final String KEY_MEMORY_INFO_THROTTLE_TIME = "memory_info_throttle_time";
static final String KEY_TOP_TO_FGS_GRACE_DURATION = "top_to_fgs_grace_duration";
- static final String KEY_FGS_START_FOREGROUND_TIMEOUT = "fgs_start_foreground_timeout";
static final String KEY_PENDINGINTENT_WARNING_THRESHOLD = "pendingintent_warning_threshold";
private static final int DEFAULT_MAX_CACHED_PROCESSES = 32;
@@ -122,7 +121,6 @@ final class ActivityManagerConstants extends ContentObserver {
private static final boolean DEFAULT_PROCESS_START_ASYNC = true;
private static final long DEFAULT_MEMORY_INFO_THROTTLE_TIME = 5*60*1000;
private static final long DEFAULT_TOP_TO_FGS_GRACE_DURATION = 15 * 1000;
- private static final int DEFAULT_FGS_START_FOREGROUND_TIMEOUT_MS = 10 * 1000;
private static final int DEFAULT_PENDINGINTENT_WARNING_THRESHOLD = 2000;
// Flag stored in the DeviceConfig API.
@@ -275,12 +273,6 @@ final class ActivityManagerConstants extends ContentObserver {
// this long.
public long TOP_TO_FGS_GRACE_DURATION = DEFAULT_TOP_TO_FGS_GRACE_DURATION;
- /**
- * When service started from background, before the timeout it can be promoted to FGS by calling
- * Service.startForeground().
- */
- volatile long mFgsStartForegroundTimeoutMs = DEFAULT_FGS_START_FOREGROUND_TIMEOUT_MS;
-
// Indicates whether the activity starts logging is enabled.
// Controlled by Settings.Global.ACTIVITY_STARTS_LOGGING_ENABLED
volatile boolean mFlagActivityStartsLoggingEnabled;
@@ -429,9 +421,6 @@ final class ActivityManagerConstants extends ContentObserver {
case KEY_MIN_ASSOC_LOG_DURATION:
updateMinAssocLogDuration();
break;
- case KEY_FGS_START_FOREGROUND_TIMEOUT:
- updateFgsStartForegroundTimeout();
- break;
default:
break;
}
@@ -708,13 +697,6 @@ final class ActivityManagerConstants extends ContentObserver {
/* defaultValue */ DEFAULT_MIN_ASSOC_LOG_DURATION);
}
- private void updateFgsStartForegroundTimeout() {
- mFgsStartForegroundTimeoutMs = DeviceConfig.getLong(
- DeviceConfig.NAMESPACE_ACTIVITY_MANAGER,
- KEY_FGS_START_FOREGROUND_TIMEOUT,
- DEFAULT_FGS_START_FOREGROUND_TIMEOUT_MS);
- }
-
void dump(PrintWriter pw) {
pw.println("ACTIVITY MANAGER SETTINGS (dumpsys activity settings) "
+ Settings.Global.ACTIVITY_MANAGER_CONSTANTS + ":");
@@ -787,8 +769,6 @@ final class ActivityManagerConstants extends ContentObserver {
pw.println(Arrays.toString(IMPERCEPTIBLE_KILL_EXEMPT_PACKAGES.toArray()));
pw.print(" "); pw.print(KEY_MIN_ASSOC_LOG_DURATION); pw.print("=");
pw.println(MIN_ASSOC_LOG_DURATION);
- pw.print(" "); pw.print(KEY_FGS_START_FOREGROUND_TIMEOUT); pw.print("=");
- pw.println(mFgsStartForegroundTimeoutMs);
pw.println();
if (mOverrideMaxCachedProcesses >= 0) {
diff --git a/services/core/java/com/android/server/am/ServiceRecord.java b/services/core/java/com/android/server/am/ServiceRecord.java
index 0e628289a09f..1b65dbac2294 100644
--- a/services/core/java/com/android/server/am/ServiceRecord.java
+++ b/services/core/java/com/android/server/am/ServiceRecord.java
@@ -142,10 +142,6 @@ final class ServiceRecord extends Binder implements ComponentName.WithComponentN
// allow while-in-use permissions in foreground service or not.
// while-in-use permissions in FGS started from background might be restricted.
boolean mAllowWhileInUsePermissionInFgs;
- // The number of times Service.startForeground() is called;
- int mStartForegroundCount;
- // Last time mAllowWhileInUsePermissionInFgs is set.
- long mLastSetFgsRestrictionTime;
// the most recent package that start/bind this service.
String mRecentCallingPackage;
@@ -410,8 +406,6 @@ final class ServiceRecord extends Binder implements ComponentName.WithComponentN
}
pw.print(prefix); pw.print("allowWhileInUsePermissionInFgs=");
pw.println(mAllowWhileInUsePermissionInFgs);
- pw.print(prefix); pw.print("startForegroundCount=");
- pw.println(mStartForegroundCount);
pw.print(prefix); pw.print("recentCallingPackage=");
pw.println(mRecentCallingPackage);
if (delayed) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 21:15:20 +0000