Rename SupplementalProcess to SdkSandbox
Bug: 218314884 Bug: 220320098 Test: presubmit Test: atest PackageManagerShellCommandTest Test: atest SdkSandboxPermissionTest Change-Id: I9fb98e0caee75bdaaa35d11d174004505f236799
This commit is contained in:
Nikita Ioffe
parent
d42478e1ca
commit
df5971335b
@ -1377,7 +1377,7 @@ public class BlobStoreManagerService extends SystemService {
|
||||
}
|
||||
|
||||
private boolean isAllowedBlobAccess(int uid, String packageName) {
|
||||
return (!Process.isSupplemental(uid) && !Process.isIsolated(uid)
|
||||
return (!Process.isSdkSandboxUid(uid) && !Process.isIsolated(uid)
|
||||
&& !mPackageManagerInternal.isInstantApp(packageName, UserHandle.getUserId(uid)));
|
||||
}
|
||||
|
||||
|
||||
@ -31857,7 +31857,7 @@ package android.os {
|
||||
method public static final boolean is64Bit();
|
||||
method public static boolean isApplicationUid(int);
|
||||
method public static final boolean isIsolated();
|
||||
method public static final boolean isSupplemental();
|
||||
method public static final boolean isSdkSandbox();
|
||||
method public static final void killProcess(int);
|
||||
method public static final int myPid();
|
||||
method @NonNull public static String myProcessName();
|
||||
|
||||
@ -120,7 +120,7 @@ package android.content.pm {
|
||||
|
||||
public abstract class PackageManager {
|
||||
method @NonNull public String getPermissionControllerPackageName();
|
||||
method @NonNull public String getSupplementalProcessPackageName();
|
||||
method @NonNull public String getSdkSandboxPackageName();
|
||||
field public static final int MATCH_STATIC_SHARED_AND_SDK_LIBRARIES = 67108864; // 0x4000000
|
||||
}
|
||||
|
||||
@ -362,9 +362,9 @@ package android.os {
|
||||
}
|
||||
|
||||
public class Process {
|
||||
method public static final boolean isSupplemental(int);
|
||||
method public static final boolean isSdkSandboxUid(int);
|
||||
method public static final int toAppUid(int);
|
||||
method public static final int toSupplementalUid(int);
|
||||
method public static final int toSdkSandboxUid(int);
|
||||
field public static final int NFC_UID = 1027; // 0x403
|
||||
field public static final int VPN_UID = 1016; // 0x3f8
|
||||
}
|
||||
|
||||
@ -826,9 +826,9 @@ package android.content.pm {
|
||||
method @NonNull public java.util.List<android.content.pm.ApplicationInfo> getInstalledApplicationsAsUser(@NonNull android.content.pm.PackageManager.ApplicationInfoFlags, int);
|
||||
method @Nullable public abstract String[] getNamesForUids(int[]);
|
||||
method @NonNull public String getPermissionControllerPackageName();
|
||||
method @NonNull public String getSdkSandboxPackageName();
|
||||
method @NonNull public abstract String getServicesSystemSharedLibraryPackageName();
|
||||
method @NonNull public abstract String getSharedSystemSharedLibraryPackageName();
|
||||
method @NonNull public String getSupplementalProcessPackageName();
|
||||
method @Nullable public String getSystemTextClassifierPackageName();
|
||||
method @Nullable public String getWellbeingPackageName();
|
||||
method public void holdLock(android.os.IBinder, int);
|
||||
@ -1774,7 +1774,7 @@ package android.os {
|
||||
|
||||
public class Process {
|
||||
method public static final int getThreadScheduler(int) throws java.lang.IllegalArgumentException;
|
||||
method public static final int toSupplementalUid(int);
|
||||
method public static final int toSdkSandboxUid(int);
|
||||
field public static final int FIRST_APP_ZYGOTE_ISOLATED_UID = 90000; // 0x15f90
|
||||
field public static final int FIRST_ISOLATED_UID = 99000; // 0x182b8
|
||||
field public static final int LAST_APP_ZYGOTE_ISOLATED_UID = 98999; // 0x182b7
|
||||
|
||||
@ -867,9 +867,9 @@ public class ApplicationPackageManager extends PackageManager {
|
||||
* @hide
|
||||
*/
|
||||
@Override
|
||||
public String getSupplementalProcessPackageName() {
|
||||
public String getSdkSandboxPackageName() {
|
||||
try {
|
||||
return mPM.getSupplementalProcessPackageName();
|
||||
return mPM.getSdkSandboxPackageName();
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
}
|
||||
|
||||
@ -36,6 +36,7 @@ import android.app.job.JobSchedulerFrameworkInitializer;
|
||||
import android.app.people.PeopleManager;
|
||||
import android.app.prediction.AppPredictionManager;
|
||||
import android.app.role.RoleFrameworkInitializer;
|
||||
import android.app.sdksandbox.SdkSandboxManagerFrameworkInitializer;
|
||||
import android.app.search.SearchUiManager;
|
||||
import android.app.slice.SliceManager;
|
||||
import android.app.smartspace.SmartspaceManager;
|
||||
@ -208,7 +209,6 @@ import android.service.oemlock.OemLockManager;
|
||||
import android.service.persistentdata.IPersistentDataBlockService;
|
||||
import android.service.persistentdata.PersistentDataBlockManager;
|
||||
import android.service.vr.IVrManager;
|
||||
import android.supplementalprocess.SupplementalProcessFrameworkInitializer;
|
||||
import android.telecom.TelecomManager;
|
||||
import android.telephony.MmsManager;
|
||||
import android.telephony.TelephonyFrameworkInitializer;
|
||||
@ -1564,7 +1564,7 @@ public final class SystemServiceRegistry {
|
||||
MediaFrameworkInitializer.registerServiceWrappers();
|
||||
RoleFrameworkInitializer.registerServiceWrappers();
|
||||
SchedulingFrameworkInitializer.registerServiceWrappers();
|
||||
SupplementalProcessFrameworkInitializer.registerServiceWrappers();
|
||||
SdkSandboxManagerFrameworkInitializer.registerServiceWrappers();
|
||||
UwbFrameworkInitializer.registerServiceWrappers();
|
||||
SafetyCenterFrameworkInitializer.registerServiceWrappers();
|
||||
ConnectivityFrameworkInitializerTiramisu.registerServiceWrappers();
|
||||
|
||||
@ -653,7 +653,7 @@ interface IPackageManager {
|
||||
|
||||
@UnsupportedAppUsage(maxTargetSdk = 30, trackingBug = 170729553)
|
||||
String getPermissionControllerPackageName();
|
||||
String getSupplementalProcessPackageName();
|
||||
String getSdkSandboxPackageName();
|
||||
|
||||
ParceledListSlice getInstantApps(int userId);
|
||||
byte[] getInstantAppCookie(String packageName, int userId);
|
||||
|
||||
@ -5772,16 +5772,16 @@ public abstract class PackageManager {
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the package name of the component implementing supplemental process service.
|
||||
* Returns the package name of the component implementing sdk sandbox service.
|
||||
*
|
||||
* @return the package name of the component implementing supplemental process service
|
||||
* @return the package name of the component implementing sdk sandbox service
|
||||
*
|
||||
* @hide
|
||||
*/
|
||||
@NonNull
|
||||
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
|
||||
@TestApi
|
||||
public String getSupplementalProcessPackageName() {
|
||||
public String getSdkSandboxPackageName() {
|
||||
throw new RuntimeException("Not implemented. Must override in a subclass.");
|
||||
}
|
||||
|
||||
|
||||
@ -29,7 +29,6 @@ import android.compat.annotation.ChangeId;
|
||||
import android.compat.annotation.Disabled;
|
||||
import android.compat.annotation.UnsupportedAppUsage;
|
||||
import android.content.Context;
|
||||
import android.content.Intent;
|
||||
import android.content.pm.ApplicationInfo;
|
||||
import android.content.pm.PackageManager;
|
||||
import android.os.storage.StorageManager;
|
||||
@ -1333,7 +1332,7 @@ public class Environment {
|
||||
final Context context = AppGlobals.getInitialApplication();
|
||||
final int uid = context.getApplicationInfo().uid;
|
||||
// Isolated processes and Instant apps are never allowed to be in scoped storage
|
||||
if (Process.isIsolated(uid) || Process.isSupplemental(uid)) {
|
||||
if (Process.isIsolated(uid) || Process.isSdkSandboxUid(uid)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
@ -281,23 +281,23 @@ public class Process {
|
||||
|
||||
/**
|
||||
* Defines the start of a range of UIDs going from this number to
|
||||
* {@link #LAST_SUPPLEMENTAL_UID} that are reserved for assigning to
|
||||
* supplemental processes. There is a 1-1 mapping between a supplemental
|
||||
* {@link #LAST_SDK_SANDBOX_UID} that are reserved for assigning to
|
||||
* sdk sandbox processes. There is a 1-1 mapping between a sdk sandbox
|
||||
* process UID and the app that it belongs to, which can be computed by
|
||||
* subtracting (FIRST_SUPPLEMENTAL_UID - FIRST_APPLICATION_UID) from the
|
||||
* uid of a supplemental process.
|
||||
* subtracting (FIRST_SDK_SANDBOX_UID - FIRST_APPLICATION_UID) from the
|
||||
* uid of a sdk sandbox process.
|
||||
*
|
||||
* Note that there are no GIDs associated with these processes; storage
|
||||
* attribution for them will be done using project IDs.
|
||||
* @hide
|
||||
*/
|
||||
public static final int FIRST_SUPPLEMENTAL_UID = 20000;
|
||||
public static final int FIRST_SDK_SANDBOX_UID = 20000;
|
||||
|
||||
/**
|
||||
* Last UID that is used for supplemental processes.
|
||||
* Last UID that is used for sdk sandbox processes.
|
||||
* @hide
|
||||
*/
|
||||
public static final int LAST_SUPPLEMENTAL_UID = 29999;
|
||||
public static final int LAST_SDK_SANDBOX_UID = 29999;
|
||||
|
||||
/**
|
||||
* First uid used for fully isolated sandboxed processes spawned from an app zygote
|
||||
@ -901,44 +901,44 @@ public class Process {
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns whether the provided UID belongs to a supplemental process.
|
||||
* Returns whether the provided UID belongs to a SDK sandbox process.
|
||||
*
|
||||
* @hide
|
||||
*/
|
||||
@SystemApi(client = MODULE_LIBRARIES)
|
||||
public static final boolean isSupplemental(int uid) {
|
||||
public static final boolean isSdkSandboxUid(int uid) {
|
||||
uid = UserHandle.getAppId(uid);
|
||||
return (uid >= FIRST_SUPPLEMENTAL_UID && uid <= LAST_SUPPLEMENTAL_UID);
|
||||
return (uid >= FIRST_SDK_SANDBOX_UID && uid <= LAST_SDK_SANDBOX_UID);
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* Returns the app process corresponding to a supplemental process.
|
||||
* Returns the app process corresponding to a sdk sandbox process.
|
||||
*
|
||||
* @hide
|
||||
*/
|
||||
@SystemApi(client = MODULE_LIBRARIES)
|
||||
public static final int toAppUid(int uid) {
|
||||
return uid - (FIRST_SUPPLEMENTAL_UID - FIRST_APPLICATION_UID);
|
||||
return uid - (FIRST_SDK_SANDBOX_UID - FIRST_APPLICATION_UID);
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* Returns the supplemental process corresponding to an app process.
|
||||
* Returns the sdk sandbox process corresponding to an app process.
|
||||
*
|
||||
* @hide
|
||||
*/
|
||||
@SystemApi(client = MODULE_LIBRARIES)
|
||||
@TestApi
|
||||
public static final int toSupplementalUid(int uid) {
|
||||
return uid + (FIRST_SUPPLEMENTAL_UID - FIRST_APPLICATION_UID);
|
||||
public static final int toSdkSandboxUid(int uid) {
|
||||
return uid + (FIRST_SDK_SANDBOX_UID - FIRST_APPLICATION_UID);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns whether the current process is a supplemental process.
|
||||
* Returns whether the current process is a sdk sandbox process.
|
||||
*/
|
||||
public static final boolean isSupplemental() {
|
||||
return isSupplemental(myUid());
|
||||
public static final boolean isSdkSandbox() {
|
||||
return isSdkSandboxUid(myUid());
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -38,7 +38,7 @@ package com.android.server {
|
||||
package com.android.server.am {
|
||||
|
||||
public interface ActivityManagerLocal {
|
||||
method public boolean bindSupplementalProcessService(@NonNull android.content.Intent, @NonNull android.content.ServiceConnection, int, @NonNull String, int) throws android.os.RemoteException;
|
||||
method public boolean bindSdkSandboxService(@NonNull android.content.Intent, @NonNull android.content.ServiceConnection, int, @NonNull String, int) throws android.os.RemoteException;
|
||||
method public boolean canStartForegroundService(int, int, @NonNull String);
|
||||
}
|
||||
|
||||
|
||||
@ -4747,7 +4747,7 @@ class StorageManagerService extends IStorageManager.Stub
|
||||
private int getMountModeInternal(int uid, String packageName) {
|
||||
try {
|
||||
// Get some easy cases out of the way first
|
||||
if (Process.isIsolated(uid) || Process.isSupplemental(uid)) {
|
||||
if (Process.isIsolated(uid) || Process.isSdkSandboxUid(uid)) {
|
||||
return StorageManager.MOUNT_MODE_EXTERNAL_NONE;
|
||||
}
|
||||
|
||||
|
||||
@ -2721,7 +2721,7 @@ public final class ActiveServices {
|
||||
|
||||
int bindServiceLocked(IApplicationThread caller, IBinder token, Intent service,
|
||||
String resolvedType, final IServiceConnection connection, int flags,
|
||||
String instanceName, boolean isSupplementalProcessService, int supplementedAppUid,
|
||||
String instanceName, boolean isSdkSandboxService, int sdkSandboxClientAppUid,
|
||||
String callingPackage, final int userId)
|
||||
throws TransactionTooLargeException {
|
||||
if (DEBUG_SERVICE) Slog.v(TAG_SERVICE, "bindService: " + service
|
||||
@ -2807,7 +2807,7 @@ public final class ActiveServices {
|
||||
final boolean allowInstant = (flags & Context.BIND_ALLOW_INSTANT) != 0;
|
||||
|
||||
ServiceLookupResult res = retrieveServiceLocked(service, instanceName,
|
||||
isSupplementalProcessService, supplementedAppUid, resolvedType, callingPackage,
|
||||
isSdkSandboxService, sdkSandboxClientAppUid, resolvedType, callingPackage,
|
||||
callingPid, callingUid, userId, true, callerFg, isBindExternal, allowInstant);
|
||||
if (res == null) {
|
||||
return 0;
|
||||
@ -3234,13 +3234,13 @@ public final class ActiveServices {
|
||||
}
|
||||
|
||||
private ServiceLookupResult retrieveServiceLocked(Intent service,
|
||||
String instanceName, boolean isSupplementalProcessService, int supplementedAppUid,
|
||||
String instanceName, boolean isSdkSandboxService, int sdkSandboxClientAppUid,
|
||||
String resolvedType,
|
||||
String callingPackage, int callingPid, int callingUid, int userId,
|
||||
boolean createIfNeeded, boolean callingFromFg, boolean isBindExternal,
|
||||
boolean allowInstant) {
|
||||
if (isSupplementalProcessService && instanceName == null) {
|
||||
throw new IllegalArgumentException("No instanceName provided for supplemental process");
|
||||
if (isSdkSandboxService && instanceName == null) {
|
||||
throw new IllegalArgumentException("No instanceName provided for sdk sandbox process");
|
||||
}
|
||||
|
||||
ServiceRecord r = null;
|
||||
@ -3319,13 +3319,13 @@ public final class ActiveServices {
|
||||
}
|
||||
if (instanceName != null
|
||||
&& (sInfo.flags & ServiceInfo.FLAG_ISOLATED_PROCESS) == 0
|
||||
&& !isSupplementalProcessService) {
|
||||
&& !isSdkSandboxService) {
|
||||
throw new IllegalArgumentException("Can't use instance name '" + instanceName
|
||||
+ "' with non-isolated non-supplemental service '" + sInfo.name + "'");
|
||||
+ "' with non-isolated non-sdk sandbox service '" + sInfo.name + "'");
|
||||
}
|
||||
if (isSupplementalProcessService
|
||||
if (isSdkSandboxService
|
||||
&& (sInfo.flags & ServiceInfo.FLAG_ISOLATED_PROCESS) != 0) {
|
||||
throw new IllegalArgumentException("Service cannot be both supplemental and "
|
||||
throw new IllegalArgumentException("Service cannot be both sdk sandbox and "
|
||||
+ "isolated");
|
||||
}
|
||||
|
||||
@ -3412,11 +3412,11 @@ public final class ActiveServices {
|
||||
final Intent.FilterComparison filter
|
||||
= new Intent.FilterComparison(service.cloneFilter());
|
||||
final ServiceRestarter res = new ServiceRestarter();
|
||||
String supplementalProcessName = isSupplementalProcessService ? instanceName
|
||||
String sdkSandboxProcessName = isSdkSandboxService ? instanceName
|
||||
: null;
|
||||
r = new ServiceRecord(mAm, className, name, definingPackageName,
|
||||
definingUid, filter, sInfo, callingFromFg, res,
|
||||
supplementalProcessName, supplementedAppUid);
|
||||
sdkSandboxProcessName, sdkSandboxClientAppUid);
|
||||
res.setService(r);
|
||||
smap.mServicesByInstanceName.put(name, r);
|
||||
smap.mServicesByIntent.put(filter, r);
|
||||
@ -4190,9 +4190,9 @@ public final class ActiveServices {
|
||||
if (app == null && !permissionsReviewRequired && !packageFrozen) {
|
||||
// TODO (chriswailes): Change the Zygote policy flags based on if the launch-for-service
|
||||
// was initiated from a notification tap or not.
|
||||
if (r.supplemental) {
|
||||
final int uid = Process.toSupplementalUid(r.supplementedAppUid);
|
||||
app = mAm.startSupplementalProcessLocked(procName, r.appInfo, true, intentFlags,
|
||||
if (r.isSdkSandbox) {
|
||||
final int uid = Process.toSdkSandboxUid(r.sdkSandboxClientAppUid);
|
||||
app = mAm.startSdkSandboxProcessLocked(procName, r.appInfo, true, intentFlags,
|
||||
hostingRecord, ZYGOTE_POLICY_FLAG_EMPTY, uid);
|
||||
r.isolationHostProc = app;
|
||||
} else {
|
||||
|
||||
@ -65,15 +65,15 @@ public interface ActivityManagerLocal {
|
||||
void tempAllowWhileInUsePermissionInFgs(int uid, long durationMs);
|
||||
|
||||
/**
|
||||
* Binds to a supplemental process service, creating it if needed. You can through the arguments
|
||||
* Binds to a sdk sandbox service, creating it if needed. You can through the arguments
|
||||
* here have the system bring up multiple concurrent processes hosting their own instance of
|
||||
* that service. The {@code processName} you provide here identifies the different instances.
|
||||
*
|
||||
* @param service Identifies the supplemental process service to connect to. The Intent must
|
||||
* @param service Identifies the sdk sandbox process service to connect to. The Intent must
|
||||
* specify an explicit component name. This value cannot be null.
|
||||
* @param conn Receives information as the service is started and stopped.
|
||||
* This must be a valid ServiceConnection object; it must not be null.
|
||||
* @param userAppUid Uid of the app for which the supplemental process needs to be spawned.
|
||||
* @param clientAppUid Uid of the app for which the sdk sandbox process needs to be spawned.
|
||||
* @param processName Unique identifier for the service instance. Each unique name here will
|
||||
* result in a different service instance being created. Identifiers must only contain
|
||||
* ASCII letters, digits, underscores, and periods.
|
||||
@ -86,7 +86,7 @@ public interface ActivityManagerLocal {
|
||||
* @see Context#bindService(Intent, ServiceConnection, int)
|
||||
*/
|
||||
@SuppressLint("RethrowRemoteException")
|
||||
boolean bindSupplementalProcessService(@NonNull Intent service, @NonNull ServiceConnection conn,
|
||||
int userAppUid, @NonNull String processName, @Context.BindServiceFlags int flags)
|
||||
boolean bindSdkSandboxService(@NonNull Intent service, @NonNull ServiceConnection conn,
|
||||
int clientAppUid, @NonNull String processName, @Context.BindServiceFlags int flags)
|
||||
throws RemoteException;
|
||||
}
|
||||
|
||||
@ -2789,13 +2789,13 @@ public class ActivityManagerService extends IActivityManager.Stub
|
||||
}
|
||||
|
||||
@GuardedBy("this")
|
||||
final ProcessRecord startSupplementalProcessLocked(String processName,
|
||||
final ProcessRecord startSdkSandboxProcessLocked(String processName,
|
||||
ApplicationInfo info, boolean knownToBeDead, int intentFlags,
|
||||
HostingRecord hostingRecord, int zygotePolicyFlags, int supplementalUid) {
|
||||
HostingRecord hostingRecord, int zygotePolicyFlags, int sdkSandboxUid) {
|
||||
return mProcessList.startProcessLocked(processName, info, knownToBeDead, intentFlags,
|
||||
hostingRecord, zygotePolicyFlags, false /* allowWhileBooting */,
|
||||
false /* isolated */, 0 /* isolatedUid */,
|
||||
true /* supplemental */, supplementalUid,
|
||||
true /* isSdkSandbox */, sdkSandboxUid,
|
||||
null /* ABI override */, null /* entryPoint */,
|
||||
null /* entryPointArgs */, null /* crashHandler */);
|
||||
}
|
||||
@ -2807,7 +2807,7 @@ public class ActivityManagerService extends IActivityManager.Stub
|
||||
boolean isolated) {
|
||||
return mProcessList.startProcessLocked(processName, info, knownToBeDead, intentFlags,
|
||||
hostingRecord, zygotePolicyFlags, allowWhileBooting, isolated, 0 /* isolatedUid */,
|
||||
false /* supplemental */, 0 /* supplementalUid */,
|
||||
false /* isSdkSandbox */, 0 /* sdkSandboxClientdAppUid */,
|
||||
null /* ABI override */, null /* entryPoint */,
|
||||
null /* entryPointArgs */, null /* crashHandler */);
|
||||
}
|
||||
@ -12389,7 +12389,7 @@ public class ActivityManagerService extends IActivityManager.Stub
|
||||
|
||||
private int bindServiceInstance(IApplicationThread caller, IBinder token, Intent service,
|
||||
String resolvedType, IServiceConnection connection, int flags, String instanceName,
|
||||
boolean isSupplementalProcessService, int supplementedAppUid, String callingPackage,
|
||||
boolean isSdkSandboxService, int sdkSandboxClientdAppUid, String callingPackage,
|
||||
int userId)
|
||||
throws TransactionTooLargeException {
|
||||
enforceNotIsolatedCaller("bindService");
|
||||
@ -12403,7 +12403,7 @@ public class ActivityManagerService extends IActivityManager.Stub
|
||||
throw new IllegalArgumentException("callingPackage cannot be null");
|
||||
}
|
||||
|
||||
if (isSupplementalProcessService && instanceName == null) {
|
||||
if (isSdkSandboxService && instanceName == null) {
|
||||
throw new IllegalArgumentException("No instance name provided for isolated process");
|
||||
}
|
||||
|
||||
@ -12421,7 +12421,7 @@ public class ActivityManagerService extends IActivityManager.Stub
|
||||
|
||||
synchronized(this) {
|
||||
return mServices.bindServiceLocked(caller, token, service, resolvedType, connection,
|
||||
flags, instanceName, isSupplementalProcessService, supplementedAppUid,
|
||||
flags, instanceName, isSdkSandboxService, sdkSandboxClientdAppUid,
|
||||
callingPackage, userId);
|
||||
}
|
||||
}
|
||||
@ -15998,7 +15998,7 @@ public class ActivityManagerService extends IActivityManager.Stub
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean bindSupplementalProcessService(Intent service, ServiceConnection conn,
|
||||
public boolean bindSdkSandboxService(Intent service, ServiceConnection conn,
|
||||
int userAppUid, String processName, int flags) throws RemoteException {
|
||||
if (service == null) {
|
||||
throw new IllegalArgumentException("intent is null");
|
||||
|
||||
@ -2532,7 +2532,7 @@ public final class ProcessList {
|
||||
ProcessRecord startProcessLocked(String processName, ApplicationInfo info,
|
||||
boolean knownToBeDead, int intentFlags, HostingRecord hostingRecord,
|
||||
int zygotePolicyFlags, boolean allowWhileBooting, boolean isolated, int isolatedUid,
|
||||
boolean supplemental, int supplementalUid,
|
||||
boolean isSdkSandbox, int sdkSandboxUid,
|
||||
String abiOverride, String entryPoint, String[] entryPointArgs, Runnable crashHandler) {
|
||||
long startTime = SystemClock.uptimeMillis();
|
||||
ProcessRecord app;
|
||||
@ -2626,8 +2626,8 @@ public final class ProcessList {
|
||||
|
||||
if (app == null) {
|
||||
checkSlow(startTime, "startProcess: creating new process record");
|
||||
app = newProcessRecordLocked(info, processName, isolated, isolatedUid, supplemental,
|
||||
supplementalUid, hostingRecord);
|
||||
app = newProcessRecordLocked(info, processName, isolated, isolatedUid, isSdkSandbox,
|
||||
sdkSandboxUid, hostingRecord);
|
||||
if (app == null) {
|
||||
Slog.w(TAG, "Failed making new process record for "
|
||||
+ processName + "/" + info.uid + " isolated=" + isolated);
|
||||
@ -3122,13 +3122,13 @@ public final class ProcessList {
|
||||
|
||||
@GuardedBy("mService")
|
||||
ProcessRecord newProcessRecordLocked(ApplicationInfo info, String customProcess,
|
||||
boolean isolated, int isolatedUid, boolean supplemental, int supplementalUid,
|
||||
boolean isolated, int isolatedUid, boolean isSdkSandbox, int sdkSandboxUid,
|
||||
HostingRecord hostingRecord) {
|
||||
String proc = customProcess != null ? customProcess : info.processName;
|
||||
final int userId = UserHandle.getUserId(info.uid);
|
||||
int uid = info.uid;
|
||||
if (supplemental) {
|
||||
uid = supplementalUid;
|
||||
if (isSdkSandbox) {
|
||||
uid = sdkSandboxUid;
|
||||
}
|
||||
if (isolated) {
|
||||
if (isolatedUid == 0) {
|
||||
|
||||
@ -94,8 +94,8 @@ final class ServiceRecord extends Binder implements ComponentName.WithComponentN
|
||||
final boolean exported; // from ServiceInfo.exported
|
||||
final Runnable restarter; // used to schedule retries of starting the service
|
||||
final long createRealTime; // when this service was created
|
||||
final boolean supplemental; // whether this is a supplemental service
|
||||
final int supplementedAppUid; // the app uid for which this supplemental service is running
|
||||
final boolean isSdkSandbox; // whether this is a sdk sandbox service
|
||||
final int sdkSandboxClientAppUid; // the app uid for which this sdk sandbox service is running
|
||||
final ArrayMap<Intent.FilterComparison, IntentBindRecord> bindings
|
||||
= new ArrayMap<Intent.FilterComparison, IntentBindRecord>();
|
||||
// All active bindings to the service.
|
||||
@ -105,7 +105,7 @@ final class ServiceRecord extends Binder implements ComponentName.WithComponentN
|
||||
|
||||
ProcessRecord app; // where this service is running or null.
|
||||
ProcessRecord isolationHostProc; // process which we've started for this service (used for
|
||||
// isolated and supplemental processes)
|
||||
// isolated and sdk sandbox processes)
|
||||
ServiceState tracker; // tracking service execution, may be null
|
||||
ServiceState restartTracker; // tracking service restart
|
||||
boolean allowlistManager; // any bindings to this service have BIND_ALLOW_WHITELIST_MANAGEMENT?
|
||||
@ -579,7 +579,7 @@ final class ServiceRecord extends Binder implements ComponentName.WithComponentN
|
||||
ServiceRecord(ActivityManagerService ams, ComponentName name,
|
||||
ComponentName instanceName, String definingPackageName, int definingUid,
|
||||
Intent.FilterComparison intent, ServiceInfo sInfo, boolean callerIsFg,
|
||||
Runnable restarter, String supplementalProcessName, int supplementedAppUid) {
|
||||
Runnable restarter, String sdkSandboxProcessName, int sdkSandboxClientAppUid) {
|
||||
this.ams = ams;
|
||||
this.name = name;
|
||||
this.instanceName = instanceName;
|
||||
@ -590,12 +590,12 @@ final class ServiceRecord extends Binder implements ComponentName.WithComponentN
|
||||
serviceInfo = sInfo;
|
||||
appInfo = sInfo.applicationInfo;
|
||||
packageName = sInfo.applicationInfo.packageName;
|
||||
supplemental = supplementalProcessName != null;
|
||||
this.supplementedAppUid = supplementedAppUid;
|
||||
isSdkSandbox = sdkSandboxProcessName != null;
|
||||
this.sdkSandboxClientAppUid = sdkSandboxClientAppUid;
|
||||
if ((sInfo.flags & ServiceInfo.FLAG_ISOLATED_PROCESS) != 0) {
|
||||
processName = sInfo.processName + ":" + instanceName.getClassName();
|
||||
} else if (supplementalProcessName != null) {
|
||||
processName = supplementalProcessName;
|
||||
} else if (sdkSandboxProcessName != null) {
|
||||
processName = sdkSandboxProcessName;
|
||||
} else {
|
||||
processName = sInfo.processName;
|
||||
}
|
||||
|
||||
@ -113,7 +113,6 @@ import android.content.pm.PackageManager;
|
||||
import android.content.pm.PackageManagerInternal;
|
||||
import android.content.pm.PermissionInfo;
|
||||
import android.content.pm.UserInfo;
|
||||
import com.android.server.pm.pkg.component.ParsedAttribution;
|
||||
import android.database.ContentObserver;
|
||||
import android.hardware.camera2.CameraDevice.CAMERA_AUDIO_RESTRICTION;
|
||||
import android.net.Uri;
|
||||
@ -178,6 +177,7 @@ import com.android.server.SystemServerInitThreadPool;
|
||||
import com.android.server.SystemServiceManager;
|
||||
import com.android.server.pm.PackageList;
|
||||
import com.android.server.pm.parsing.pkg.AndroidPackage;
|
||||
import com.android.server.pm.pkg.component.ParsedAttribution;
|
||||
|
||||
import dalvik.annotation.optimization.NeverCompile;
|
||||
|
||||
@ -4551,15 +4551,16 @@ public class AppOpsService extends IAppOpsService.Stub {
|
||||
return new PackageVerificationResult(null,
|
||||
/* isAttributionTagValid */ true);
|
||||
}
|
||||
if (Process.isSupplemental(uid)) {
|
||||
// Supplemental processes run in their own UID range, but their associated
|
||||
// UID for checks should always be the UID of the supplemental package.
|
||||
if (Process.isSdkSandboxUid(uid)) {
|
||||
// SDK sandbox processes run in their own UID range, but their associated
|
||||
// UID for checks should always be the UID of the package implementing SDK sandbox
|
||||
// service.
|
||||
// TODO: We will need to modify the callers of this function instead, so
|
||||
// modifications and checks against the app ops state are done with the
|
||||
// correct UID.
|
||||
try {
|
||||
final PackageManager pm = mContext.getPackageManager();
|
||||
final String supplementalPackageName = pm.getSupplementalProcessPackageName();
|
||||
final String supplementalPackageName = pm.getSdkSandboxPackageName();
|
||||
if (Objects.equals(packageName, supplementalPackageName)) {
|
||||
int supplementalAppId = pm.getPackageUid(supplementalPackageName,
|
||||
PackageManager.PackageInfoFlags.of(0));
|
||||
|
||||
@ -2161,8 +2161,8 @@ public class ComputerEngine implements Computer {
|
||||
private String[] getPackagesForUidInternal(int uid, int callingUid) {
|
||||
final boolean isCallerInstantApp = getInstantAppPackageName(callingUid) != null;
|
||||
final int userId = UserHandle.getUserId(uid);
|
||||
if (Process.isSupplemental(uid)) {
|
||||
uid = getSupplementalProcessUid();
|
||||
if (Process.isSdkSandboxUid(uid)) {
|
||||
uid = getBaseSdkSandboxUid();
|
||||
}
|
||||
final int appId = UserHandle.getAppId(uid);
|
||||
return getPackagesForUidInternalBody(callingUid, userId, appId, isCallerInstantApp);
|
||||
@ -2401,9 +2401,9 @@ public class ComputerEngine implements Computer {
|
||||
}
|
||||
|
||||
public final boolean isCallerSameApp(String packageName, int uid) {
|
||||
if (Process.isSupplemental(uid)) {
|
||||
if (Process.isSdkSandboxUid(uid)) {
|
||||
return (packageName != null
|
||||
&& packageName.equals(mService.getSupplementalProcessPackageName()));
|
||||
&& packageName.equals(mService.getSdkSandboxPackageName()));
|
||||
}
|
||||
AndroidPackage pkg = mPackages.get(packageName);
|
||||
return pkg != null
|
||||
@ -4326,8 +4326,8 @@ public class ComputerEngine implements Computer {
|
||||
if (getInstantAppPackageName(callingUid) != null) {
|
||||
return null;
|
||||
}
|
||||
if (Process.isSupplemental(uid)) {
|
||||
uid = getSupplementalProcessUid();
|
||||
if (Process.isSdkSandboxUid(uid)) {
|
||||
uid = getBaseSdkSandboxUid();
|
||||
}
|
||||
final int callingUserId = UserHandle.getUserId(callingUid);
|
||||
final int appId = UserHandle.getAppId(uid);
|
||||
@ -4362,8 +4362,8 @@ public class ComputerEngine implements Computer {
|
||||
final String[] names = new String[uids.length];
|
||||
for (int i = uids.length - 1; i >= 0; i--) {
|
||||
int uid = uids[i];
|
||||
if (Process.isSupplemental(uid)) {
|
||||
uid = getSupplementalProcessUid();
|
||||
if (Process.isSdkSandboxUid(uid)) {
|
||||
uid = getBaseSdkSandboxUid();
|
||||
}
|
||||
final int appId = UserHandle.getAppId(uid);
|
||||
final Object obj = mSettings.getSettingBase(appId);
|
||||
@ -4411,8 +4411,8 @@ public class ComputerEngine implements Computer {
|
||||
if (getInstantAppPackageName(callingUid) != null) {
|
||||
return 0;
|
||||
}
|
||||
if (Process.isSupplemental(uid)) {
|
||||
uid = getSupplementalProcessUid();
|
||||
if (Process.isSdkSandboxUid(uid)) {
|
||||
uid = getBaseSdkSandboxUid();
|
||||
}
|
||||
final int callingUserId = UserHandle.getUserId(callingUid);
|
||||
final int appId = UserHandle.getAppId(uid);
|
||||
@ -4439,8 +4439,8 @@ public class ComputerEngine implements Computer {
|
||||
if (getInstantAppPackageName(callingUid) != null) {
|
||||
return 0;
|
||||
}
|
||||
if (Process.isSupplemental(uid)) {
|
||||
uid = getSupplementalProcessUid();
|
||||
if (Process.isSdkSandboxUid(uid)) {
|
||||
uid = getBaseSdkSandboxUid();
|
||||
}
|
||||
final int callingUserId = UserHandle.getUserId(callingUid);
|
||||
final int appId = UserHandle.getAppId(uid);
|
||||
@ -4466,8 +4466,8 @@ public class ComputerEngine implements Computer {
|
||||
if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
|
||||
return false;
|
||||
}
|
||||
if (Process.isSupplemental(uid)) {
|
||||
uid = getSupplementalProcessUid();
|
||||
if (Process.isSdkSandboxUid(uid)) {
|
||||
uid = getBaseSdkSandboxUid();
|
||||
}
|
||||
final int appId = UserHandle.getAppId(uid);
|
||||
final Object obj = mSettings.getSettingBase(appId);
|
||||
@ -5597,8 +5597,8 @@ public class ComputerEngine implements Computer {
|
||||
|
||||
@Override
|
||||
public int getUidTargetSdkVersion(int uid) {
|
||||
if (Process.isSupplemental(uid)) {
|
||||
uid = getSupplementalProcessUid();
|
||||
if (Process.isSdkSandboxUid(uid)) {
|
||||
uid = getBaseSdkSandboxUid();
|
||||
}
|
||||
final int appId = UserHandle.getAppId(uid);
|
||||
final SettingBase settingBase = mSettings.getSettingBase(appId);
|
||||
@ -5628,8 +5628,8 @@ public class ComputerEngine implements Computer {
|
||||
@Nullable
|
||||
@Override
|
||||
public ArrayMap<String, ProcessInfo> getProcessesForUid(int uid) {
|
||||
if (Process.isSupplemental(uid)) {
|
||||
uid = getSupplementalProcessUid();
|
||||
if (Process.isSdkSandboxUid(uid)) {
|
||||
uid = getBaseSdkSandboxUid();
|
||||
}
|
||||
final int appId = UserHandle.getAppId(uid);
|
||||
final SettingBase settingBase = mSettings.getSettingBase(appId);
|
||||
@ -5661,8 +5661,8 @@ public class ComputerEngine implements Computer {
|
||||
}
|
||||
}
|
||||
|
||||
private int getSupplementalProcessUid() {
|
||||
return getPackage(mService.getSupplementalProcessPackageName()).getUid();
|
||||
private int getBaseSdkSandboxUid() {
|
||||
return getPackage(mService.getSdkSandboxPackageName()).getUid();
|
||||
}
|
||||
|
||||
@Nullable
|
||||
|
||||
@ -247,8 +247,8 @@ import com.android.server.pm.verify.domain.DomainVerificationManagerInternal;
|
||||
import com.android.server.pm.verify.domain.DomainVerificationService;
|
||||
import com.android.server.pm.verify.domain.proxy.DomainVerificationProxy;
|
||||
import com.android.server.pm.verify.domain.proxy.DomainVerificationProxyV1;
|
||||
import com.android.server.sdksandbox.SdkSandboxManagerLocal;
|
||||
import com.android.server.storage.DeviceStorageMonitorInternal;
|
||||
import com.android.server.supplementalprocess.SupplementalProcessManagerLocal;
|
||||
import com.android.server.utils.SnapshotCache;
|
||||
import com.android.server.utils.TimingsTraceAndSlog;
|
||||
import com.android.server.utils.Watchable;
|
||||
@ -934,7 +934,7 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
final @Nullable String mOverlayConfigSignaturePackage;
|
||||
final @Nullable String mRecentsPackage;
|
||||
final @Nullable String mAmbientContextDetectionPackage;
|
||||
private final @NonNull String mRequiredSupplementalProcessPackage;
|
||||
private final @NonNull String mRequiredSdkSandboxPackage;
|
||||
|
||||
@GuardedBy("mLock")
|
||||
private final PackageUsage mPackageUsage = new PackageUsage();
|
||||
@ -1667,7 +1667,7 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
mSharedSystemSharedLibraryPackageName = testParams.sharedSystemSharedLibraryPackageName;
|
||||
mOverlayConfigSignaturePackage = testParams.overlayConfigSignaturePackage;
|
||||
mResolveComponentName = testParams.resolveComponentName;
|
||||
mRequiredSupplementalProcessPackage = testParams.requiredSupplementalProcessPackage;
|
||||
mRequiredSdkSandboxPackage = testParams.requiredSdkSandboxPackage;
|
||||
|
||||
mLiveComputer = createLiveComputer();
|
||||
mSnapshotComputer = null;
|
||||
@ -2141,8 +2141,8 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
getPackageInfo(mRequiredPermissionControllerPackage, 0,
|
||||
UserHandle.USER_SYSTEM).getLongVersionCode());
|
||||
|
||||
// Resolve the supplemental process
|
||||
mRequiredSupplementalProcessPackage = getRequiredSupplementalProcessPackageName();
|
||||
// Resolve the sdk sandbox package
|
||||
mRequiredSdkSandboxPackage = getRequiredSdkSandboxPackageName();
|
||||
|
||||
// Initialize InstantAppRegistry's Instant App list for all users.
|
||||
for (AndroidPackage pkg : mPackages.values()) {
|
||||
@ -3143,8 +3143,8 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getSupplementalProcessPackageName() {
|
||||
return mRequiredSupplementalProcessPackage;
|
||||
public String getSdkSandboxPackageName() {
|
||||
return mRequiredSdkSandboxPackage;
|
||||
}
|
||||
|
||||
String getPackageInstallerPackageName() {
|
||||
@ -5458,8 +5458,8 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
}
|
||||
}
|
||||
|
||||
private @NonNull String getRequiredSupplementalProcessPackageName() {
|
||||
final Intent intent = new Intent(SupplementalProcessManagerLocal.SERVICE_INTERFACE);
|
||||
private @NonNull String getRequiredSdkSandboxPackageName() {
|
||||
final Intent intent = new Intent(SdkSandboxManagerLocal.SERVICE_INTERFACE);
|
||||
|
||||
final List<ResolveInfo> matches = queryIntentServicesInternal(
|
||||
intent,
|
||||
@ -5471,7 +5471,7 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
if (matches.size() == 1) {
|
||||
return matches.get(0).getComponentInfo().packageName;
|
||||
} else {
|
||||
throw new RuntimeException("There should exactly one supplemental process; found "
|
||||
throw new RuntimeException("There should exactly one sdk sandbox package; found "
|
||||
+ matches.size() + ": matches=" + matches);
|
||||
}
|
||||
}
|
||||
|
||||
@ -89,7 +89,7 @@ public final class PackageManagerServiceTestParams {
|
||||
public @Nullable String defaultTextClassifierPackage;
|
||||
public @Nullable String systemTextClassifierPackage;
|
||||
public @Nullable String overlayConfigSignaturePackage;
|
||||
public @NonNull String requiredSupplementalProcessPackage;
|
||||
public @NonNull String requiredSdkSandboxPackage;
|
||||
public ViewCompiler viewCompiler;
|
||||
public @Nullable String retailDemoPackage;
|
||||
public @Nullable String recentsPackage;
|
||||
|
||||
@ -420,8 +420,8 @@ public final class SystemServer implements Dumpable {
|
||||
private static final String BLUETOOTH_SERVICE_CLASS =
|
||||
"com.android.server.bluetooth.BluetoothService";
|
||||
|
||||
private static final String SUPPLEMENTALPROCESS_SERVICE_CLASS =
|
||||
"com.android.server.supplementalprocess.SupplementalProcessManagerService$Lifecycle";
|
||||
private static final String SDK_SANDBOX_MANAGER_SERVICE_CLASS =
|
||||
"com.android.server.sdksandbox.SdkSandboxManagerService$Lifecycle";
|
||||
|
||||
private static final String TETHERING_CONNECTOR_CLASS = "android.net.ITetheringConnector";
|
||||
|
||||
@ -2602,9 +2602,9 @@ public final class SystemServer implements Dumpable {
|
||||
mSystemServiceManager.startService(IncidentCompanionService.class);
|
||||
t.traceEnd();
|
||||
|
||||
// Supplemental Process
|
||||
t.traceBegin("StartSupplementalProcessManagerService");
|
||||
mSystemServiceManager.startService(SUPPLEMENTALPROCESS_SERVICE_CLASS);
|
||||
// SdkSandboxManagerService
|
||||
t.traceBegin("StarSdkSandboxManagerService");
|
||||
mSystemServiceManager.startService(SDK_SANDBOX_MANAGER_SERVICE_CLASS);
|
||||
t.traceEnd();
|
||||
|
||||
if (safeMode) {
|
||||
|
||||
@ -70,7 +70,7 @@ import com.android.server.pm.pkg.parsing.ParsingPackage
|
||||
import com.android.server.pm.pkg.parsing.ParsingPackageUtils
|
||||
import com.android.server.pm.resolution.ComponentResolver
|
||||
import com.android.server.pm.verify.domain.DomainVerificationManagerInternal
|
||||
import com.android.server.supplementalprocess.SupplementalProcessManagerLocal
|
||||
import com.android.server.sdksandbox.SdkSandboxManagerLocal
|
||||
import com.android.server.testutils.TestHandler
|
||||
import com.android.server.testutils.mock
|
||||
import com.android.server.testutils.nullable
|
||||
@ -577,7 +577,7 @@ class MockSystem(withSession: (StaticMockitoSessionBuilder) -> Unit = {}) {
|
||||
1L, systemPartitions[0].privAppFolder,
|
||||
withPackage = { pkg: PackageImpl ->
|
||||
val applicationInfo: ApplicationInfo = createBasicApplicationInfo(pkg)
|
||||
mockQueryServices(SupplementalProcessManagerLocal.SERVICE_INTERFACE,
|
||||
mockQueryServices(SdkSandboxManagerLocal.SERVICE_INTERFACE,
|
||||
createBasicServiceInfo(
|
||||
pkg, applicationInfo, "SupplementalProcessService"))
|
||||
pkg
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user