Store trusted AttributionSources without token

Storing them with token means that there is a strong reference to the token, preventing the WeakHashMap from properly purging values This CP also includes changeID I5731ceeab5b9d0c72ce0131e2c9ba2f74558218c Bug: 298253183 Test: manual (for WeakHashMap ejection) atest CtsAttributionSourceTestCases (cherry picked from commit ed57878c8e89d136264ed419590a0601bdfa18f6) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c5127b478d0b1e72aa60783fcb4f1f1254d01075) Merged-In: Ie92b76ec83552cebb419318c214057f1ea8455d2 Change-Id: Ie92b76ec83552cebb419318c214057f1ea8455d2
author: Nate Myren <ntmyren@google.com> 2023-08-30 17:07:44 -0700
committer: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> 2023-09-15 21:18:57 +0000
commit: 79aabce061b0e661d3d9c1698f216966a97a574d (patch)
tree: abbfc3ce6ebb39b83a959ce0409f9356af4678f8
parent: 50d69832b421413adea107d412a533f111bd62b9 (diff)
download: base-79aabce061b0e661d3d9c1698f216966a97a574d.tar.gz
2 files changed, 28 insertions, 9 deletions
diff --git a/core/java/android/content/AttributionSource.java b/core/java/android/content/AttributionSource.java
index cd45f4df3d50..b4f4a7efad98 100644
--- a/core/java/android/content/AttributionSource.java
+++ b/core/java/android/content/AttributionSource.java
@@ -212,6 +212,11 @@ public final class AttributionSource implements Parcelable {
     }
 
     /** @hide */
+    public AttributionSource withDefaultToken() {
+        return withToken(sDefaultToken);
+    }
+
+    /** @hide */
     public AttributionSource withPid(int pid) {
         return new AttributionSource(getUid(), pid, getPackageName(), getAttributionTag(),
                 getToken(), mAttributionSourceState.renouncedPermissions, getNext());
@@ -520,16 +525,28 @@ public final class AttributionSource implements Parcelable {
         if (this == o) return true;
         if (o == null || getClass() != o.getClass()) return false;
         AttributionSource that = (AttributionSource) o;
-        return mAttributionSourceState.uid == that.mAttributionSourceState.uid
+        return equalsExceptToken(that) && Objects.equals(
+                mAttributionSourceState.token, that.mAttributionSourceState.token);
+    }
+
+    /**
+     * We store trusted attribution sources without their token (the token is the key to the map)
+     * to avoid having a strong reference to the token. This means, when checking the equality of a
+     * supplied AttributionSource in PermissionManagerService.isTrustedAttributionSource, we want to
+     * compare everything except the token.
+     *
+     * @hide
+     */
+    public boolean equalsExceptToken(@Nullable AttributionSource o) {
+        if (o == null) return false;
+        return mAttributionSourceState.uid == o.mAttributionSourceState.uid
                 && Objects.equals(mAttributionSourceState.packageName,
-                        that.mAttributionSourceState.packageName)
+                o.mAttributionSourceState.packageName)
                 && Objects.equals(mAttributionSourceState.attributionTag,
-                        that.mAttributionSourceState.attributionTag)
-                && Objects.equals(mAttributionSourceState.token,
-                        that.mAttributionSourceState.token)
+                o.mAttributionSourceState.attributionTag)
                 && Arrays.equals(mAttributionSourceState.renouncedPermissions,
-                        that.mAttributionSourceState.renouncedPermissions)
-                && Objects.equals(getNext(), that.getNext());
+                o.mAttributionSourceState.renouncedPermissions)
+                && Objects.equals(getNext(), o.getNext());
     }
 
     @Override
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index 297ad73e054b..c24d5236f4f7 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -1001,7 +1001,9 @@ public class PermissionManagerService extends IPermissionManager.Stub {
             }
 
             synchronized (mLock) {
-                mAttributions.put(source.getToken(), source);
+                // Change the token for the AttributionSource we're storing, so that we don't store
+                // a strong reference to the original token inside the map itself.
+                mAttributions.put(source.getToken(), source.withDefaultToken());
             }
         }
 
@@ -1009,7 +1011,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
             synchronized (mLock) {
                 final AttributionSource cachedSource = mAttributions.get(source.getToken());
                 if (cachedSource != null) {
-                    return cachedSource.equals(source);
+                    return cachedSource.equalsExceptToken(source);
                 }
                 return false;
             }
author	Nate Myren <ntmyren@google.com>	2023-08-30 17:07:44 -0700
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	2023-09-15 21:18:57 +0000
commit	79aabce061b0e661d3d9c1698f216966a97a574d (patch)
tree	abbfc3ce6ebb39b83a959ce0409f9356af4678f8
parent	50d69832b421413adea107d412a533f111bd62b9 (diff)
download	base-79aabce061b0e661d3d9c1698f216966a97a574d.tar.gz