1 /* 2 * Copyright (C) 2022 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.app; 18 19 import static android.app.AppOpsManager.MODE_ALLOWED; 20 import static android.app.AppOpsManager.MODE_DEFAULT; 21 import static android.app.AppOpsManager.MODE_FOREGROUND; 22 import static android.app.AppOpsManager.MODE_IGNORED; 23 import static android.content.pm.PackageManager.PERMISSION_DENIED; 24 import static android.content.pm.PackageManager.PERMISSION_GRANTED; 25 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_CAMERA; 26 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_CONNECTED_DEVICE; 27 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_DATA_SYNC; 28 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_FILE_MANAGEMENT; 29 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_HEALTH; 30 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_LOCATION; 31 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_MANIFEST; 32 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_MEDIA_PLAYBACK; 33 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_MEDIA_PROJECTION; 34 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_MICROPHONE; 35 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_NONE; 36 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_PHONE_CALL; 37 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_REMOTE_MESSAGING; 38 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_SHORT_SERVICE; 39 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_SPECIAL_USE; 40 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED; 41 import static android.permission.PermissionCheckerManager.PERMISSION_HARD_DENIED; 42 import static android.permission.PermissionCheckerManager.PERMISSION_SOFT_DENIED; 43 44 import android.Manifest; 45 import android.annotation.IntDef; 46 import android.annotation.NonNull; 47 import android.annotation.Nullable; 48 import android.annotation.SuppressLint; 49 import android.app.compat.CompatChanges; 50 import android.app.role.RoleManager; 51 import android.compat.Compatibility; 52 import android.compat.annotation.ChangeId; 53 import android.compat.annotation.Disabled; 54 import android.compat.annotation.EnabledAfter; 55 import android.compat.annotation.Overridable; 56 import android.content.Context; 57 import android.content.PermissionChecker; 58 import android.content.pm.PackageManager; 59 import android.content.pm.ServiceInfo; 60 import android.content.pm.ServiceInfo.ForegroundServiceType; 61 import android.hardware.usb.UsbAccessory; 62 import android.hardware.usb.UsbDevice; 63 import android.hardware.usb.UsbManager; 64 import android.os.RemoteException; 65 import android.os.ServiceManager; 66 import android.os.UserHandle; 67 import android.permission.PermissionCheckerManager; 68 import android.provider.DeviceConfig; 69 import android.text.TextUtils; 70 import android.util.ArrayMap; 71 import android.util.ArraySet; 72 import android.util.SparseArray; 73 74 import com.android.internal.annotations.GuardedBy; 75 import com.android.internal.compat.CompatibilityChangeConfig; 76 import com.android.internal.compat.IPlatformCompat; 77 import com.android.internal.util.ArrayUtils; 78 79 import java.lang.annotation.Retention; 80 import java.lang.annotation.RetentionPolicy; 81 import java.util.ArrayList; 82 import java.util.HashMap; 83 import java.util.List; 84 import java.util.Optional; 85 86 /** 87 * This class enforces the policies around the foreground service types. 88 * 89 * @hide 90 */ 91 public abstract class ForegroundServiceTypePolicy { 92 static final String TAG = "ForegroundServiceTypePolicy"; 93 static final boolean DEBUG_FOREGROUND_SERVICE_TYPE_POLICY = false; 94 95 /** 96 * The FGS type enforcement: 97 * deprecating the {@link android.content.pm.ServiceInfo#FOREGROUND_SERVICE_TYPE_NONE}. 98 * 99 * <p>Starting a FGS with this type (equivalent of no type) from apps with 100 * targetSdkVersion {@link android.os.Build.VERSION_CODES#UPSIDE_DOWN_CAKE} or later will 101 * result in a warning in the log.</p> 102 * 103 * @hide 104 */ 105 @ChangeId 106 @EnabledAfter(targetSdkVersion = android.os.Build.VERSION_CODES.TIRAMISU) 107 @Overridable 108 public static final long FGS_TYPE_NONE_DEPRECATION_CHANGE_ID = 255042465L; 109 110 /** 111 * The FGS type enforcement: 112 * disabling the {@link android.content.pm.ServiceInfo#FOREGROUND_SERVICE_TYPE_NONE}. 113 * 114 * <p>Starting a FGS with this type (equivalent of no type) from apps with 115 * targetSdkVersion {@link android.os.Build.VERSION_CODES#UPSIDE_DOWN_CAKE} or later will 116 * result in an exception.</p> 117 * 118 * @hide 119 */ 120 @ChangeId 121 @EnabledAfter(targetSdkVersion = android.os.Build.VERSION_CODES.TIRAMISU) 122 @Overridable 123 public static final long FGS_TYPE_NONE_DISABLED_CHANGE_ID = 255038118L; 124 125 /** 126 * The FGS type enforcement: 127 * deprecating the {@link android.content.pm.ServiceInfo#FOREGROUND_SERVICE_TYPE_DATA_SYNC}. 128 * 129 * @hide 130 */ 131 @ChangeId 132 @Disabled 133 @Overridable 134 public static final long FGS_TYPE_DATA_SYNC_DEPRECATION_CHANGE_ID = 255039210L; 135 136 /** 137 * The FGS type enforcement: 138 * disabling the {@link android.content.pm.ServiceInfo#FOREGROUND_SERVICE_TYPE_DATA_SYNC}. 139 * 140 * @hide 141 */ 142 @ChangeId 143 @Disabled 144 @Overridable 145 public static final long FGS_TYPE_DATA_SYNC_DISABLED_CHANGE_ID = 255659651L; 146 147 /** 148 * The FGS type enforcement: Starting a FGS from apps with targetSdkVersion 149 * {@link android.os.Build.VERSION_CODES#UPSIDE_DOWN_CAKE} or later but without the required 150 * permissions associated with the FGS type will result in a SecurityException. 151 * 152 * @hide 153 */ 154 @ChangeId 155 @EnabledAfter(targetSdkVersion = android.os.Build.VERSION_CODES.TIRAMISU) 156 @Overridable 157 public static final long FGS_TYPE_PERMISSION_CHANGE_ID = 254662522L; 158 159 /** 160 * The prefix for the feature flags of the permission enforcement. 161 */ 162 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX = 163 "fgs_type_perm_enforcement_flag_"; 164 165 /** 166 * The feature flag of the permission enforcement for 167 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_DATA_SYNC}, 168 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 169 */ 170 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_DATA_SYNC = 171 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "data_sync"; 172 173 /** 174 * The feature flag of the permission enforcement for 175 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MEDIA_PLAYBACK}, 176 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 177 */ 178 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_MEDIA_PLAYBACK = 179 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "media_playback"; 180 181 /** 182 * The feature flag of the permission enforcement for 183 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_PHONE_CALL}, 184 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 185 */ 186 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_PHONE_CALL = 187 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "phone_call"; 188 189 /** 190 * The feature flag of the permission enforcement for 191 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_LOCATION}, 192 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 193 */ 194 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_LOCATION = 195 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "location"; 196 197 /** 198 * The feature flag of the permission enforcement for 199 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_CONNECTED_DEVICE}, 200 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 201 */ 202 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_CONNECTED_DEVICE = 203 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "connected_device"; 204 205 /** 206 * The feature flag of the permission enforcement for 207 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MEDIA_PROJECTION}, 208 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 209 */ 210 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_MEDIA_PROJECTION = 211 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "media_projection"; 212 213 /** 214 * The feature flag of the permission enforcement for 215 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_CAMERA}, 216 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 217 */ 218 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_CAMERA = 219 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "camera"; 220 221 /** 222 * The feature flag of the permission enforcement for 223 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MICROPHONE}, 224 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 225 */ 226 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_MICROPHONE = 227 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "microphone"; 228 229 /** 230 * The feature flag of the permission enforcement for 231 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_HEALTH}, 232 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 233 */ 234 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_HEALTH = 235 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "health"; 236 237 /** 238 * The feature flag of the permission enforcement for 239 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_REMOTE_MESSAGING}, 240 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 241 */ 242 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_REMOTE_MESSAGING = 243 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "remote_messaging"; 244 245 /** 246 * The feature flag of the permission enforcement for 247 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED}, 248 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 249 */ 250 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_SYSTEM_EXEMPTED = 251 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "system_exempted"; 252 253 /** 254 * The feature flag of the permission enforcement for 255 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_SPECIAL_USE}, 256 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 257 */ 258 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_SPECIAL_USE = 259 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "special_use"; 260 261 /** 262 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MANIFEST}. 263 * 264 * @hide 265 */ 266 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_MANIFEST = 267 new ForegroundServiceTypePolicyInfo( 268 FOREGROUND_SERVICE_TYPE_MANIFEST, 269 FGS_TYPE_NONE_DEPRECATION_CHANGE_ID, 270 FGS_TYPE_NONE_DISABLED_CHANGE_ID, 271 null /* allOfPermissions */, 272 null /* anyOfPermissions */, 273 null /* permissionEnforcementFlag */, 274 false /* permissionEnforcementFlagDefaultValue */, 275 false /* foregroundOnlyPermission */ 276 ); 277 278 /** 279 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_NONE}. 280 * 281 * @hide 282 */ 283 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_NONE = 284 new ForegroundServiceTypePolicyInfo( 285 FOREGROUND_SERVICE_TYPE_NONE, 286 FGS_TYPE_NONE_DEPRECATION_CHANGE_ID, 287 FGS_TYPE_NONE_DISABLED_CHANGE_ID, 288 null /* allOfPermissions */, 289 null /* anyOfPermissions */, 290 null /* permissionEnforcementFlag */, 291 false /* permissionEnforcementFlagDefaultValue */, 292 false /* foregroundOnlyPermission */ 293 ); 294 295 /** 296 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_DATA_SYNC}. 297 * 298 * @hide 299 */ 300 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_DATA_SYNC = 301 new ForegroundServiceTypePolicyInfo( 302 FOREGROUND_SERVICE_TYPE_DATA_SYNC, 303 FGS_TYPE_DATA_SYNC_DEPRECATION_CHANGE_ID, 304 FGS_TYPE_DATA_SYNC_DISABLED_CHANGE_ID, 305 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 306 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_DATA_SYNC) 307 }, true), 308 null /* anyOfPermissions */, 309 FGS_TYPE_PERM_ENFORCEMENT_FLAG_DATA_SYNC /* permissionEnforcementFlag */, 310 true /* permissionEnforcementFlagDefaultValue */, 311 false /* foregroundOnlyPermission */ 312 ); 313 314 /** 315 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MEDIA_PLAYBACK}. 316 * 317 * @hide 318 */ 319 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_MEDIA_PLAYBACK = 320 new ForegroundServiceTypePolicyInfo( 321 FOREGROUND_SERVICE_TYPE_MEDIA_PLAYBACK, 322 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 323 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 324 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 325 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK) 326 }, true), 327 null /* anyOfPermissions */, 328 FGS_TYPE_PERM_ENFORCEMENT_FLAG_MEDIA_PLAYBACK /* permissionEnforcementFlag */, 329 true /* permissionEnforcementFlagDefaultValue */, 330 false /* foregroundOnlyPermission */ 331 ); 332 333 /** 334 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_PHONE_CALL}. 335 * 336 * @hide 337 */ 338 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_PHONE_CALL = 339 new ForegroundServiceTypePolicyInfo( 340 FOREGROUND_SERVICE_TYPE_PHONE_CALL, 341 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 342 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 343 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 344 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_PHONE_CALL) 345 }, true), 346 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 347 new RegularPermission(Manifest.permission.MANAGE_OWN_CALLS), 348 new RolePermission(RoleManager.ROLE_DIALER) 349 }, false), 350 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PHONE_CALL /* permissionEnforcementFlag */, 351 true /* permissionEnforcementFlagDefaultValue */, 352 false /* foregroundOnlyPermission */ 353 ); 354 355 /** 356 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_LOCATION}. 357 * 358 * @hide 359 */ 360 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_LOCATION = 361 new ForegroundServiceTypePolicyInfo( 362 FOREGROUND_SERVICE_TYPE_LOCATION, 363 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 364 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 365 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 366 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_LOCATION) 367 }, true), 368 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 369 new RegularPermission(Manifest.permission.ACCESS_COARSE_LOCATION), 370 new RegularPermission(Manifest.permission.ACCESS_FINE_LOCATION), 371 }, false), 372 FGS_TYPE_PERM_ENFORCEMENT_FLAG_LOCATION /* permissionEnforcementFlag */, 373 true /* permissionEnforcementFlagDefaultValue */, 374 true /* foregroundOnlyPermission */ 375 ); 376 377 /** 378 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_CONNECTED_DEVICE}. 379 * 380 * @hide 381 */ 382 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_CONNECTED_DEVICE = 383 new ForegroundServiceTypePolicyInfo( 384 FOREGROUND_SERVICE_TYPE_CONNECTED_DEVICE, 385 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 386 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 387 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 388 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE) 389 }, true), 390 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 391 new RegularPermission(Manifest.permission.BLUETOOTH_ADVERTISE), 392 new RegularPermission(Manifest.permission.BLUETOOTH_CONNECT), 393 new RegularPermission(Manifest.permission.BLUETOOTH_SCAN), 394 new RegularPermission(Manifest.permission.CHANGE_NETWORK_STATE), 395 new RegularPermission(Manifest.permission.CHANGE_WIFI_STATE), 396 new RegularPermission(Manifest.permission.CHANGE_WIFI_MULTICAST_STATE), 397 new RegularPermission(Manifest.permission.NFC), 398 new RegularPermission(Manifest.permission.TRANSMIT_IR), 399 new RegularPermission(Manifest.permission.UWB_RANGING), 400 new UsbDevicePermission(), 401 new UsbAccessoryPermission(), 402 }, false), 403 FGS_TYPE_PERM_ENFORCEMENT_FLAG_CONNECTED_DEVICE /* permissionEnforcementFlag */, 404 true /* permissionEnforcementFlagDefaultValue */, 405 false /* foregroundOnlyPermission */ 406 ); 407 408 /** 409 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MEDIA_PROJECTION}. 410 * 411 * @hide 412 */ 413 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_MEDIA_PROJECTION = 414 new ForegroundServiceTypePolicyInfo( 415 FOREGROUND_SERVICE_TYPE_MEDIA_PROJECTION, 416 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 417 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 418 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 419 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION) 420 }, true), 421 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 422 new RegularPermission(Manifest.permission.CAPTURE_VIDEO_OUTPUT), 423 new AppOpPermission(AppOpsManager.OP_PROJECT_MEDIA) 424 }, false), 425 FGS_TYPE_PERM_ENFORCEMENT_FLAG_MEDIA_PROJECTION /* permissionEnforcementFlag */, 426 true /* permissionEnforcementFlagDefaultValue */, 427 false /* foregroundOnlyPermission */ 428 ); 429 430 /** 431 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_CAMERA}. 432 * 433 * @hide 434 */ 435 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_CAMERA = 436 new ForegroundServiceTypePolicyInfo( 437 FOREGROUND_SERVICE_TYPE_CAMERA, 438 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 439 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 440 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 441 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_CAMERA) 442 }, true), 443 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 444 new RegularPermission(Manifest.permission.CAMERA), 445 new RegularPermission(Manifest.permission.SYSTEM_CAMERA), 446 }, false), 447 FGS_TYPE_PERM_ENFORCEMENT_FLAG_CAMERA /* permissionEnforcementFlag */, 448 true /* permissionEnforcementFlagDefaultValue */, 449 true /* foregroundOnlyPermission */ 450 ); 451 452 /** 453 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MICROPHONE}. 454 * 455 * @hide 456 */ 457 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_MICROPHONE = 458 new ForegroundServiceTypePolicyInfo( 459 FOREGROUND_SERVICE_TYPE_MICROPHONE, 460 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 461 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 462 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 463 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_MICROPHONE) 464 }, true), 465 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 466 new RegularPermission(Manifest.permission.CAPTURE_AUDIO_HOTWORD), 467 new RegularPermission(Manifest.permission.CAPTURE_AUDIO_OUTPUT), 468 new RegularPermission(Manifest.permission.CAPTURE_MEDIA_OUTPUT), 469 new RegularPermission(Manifest.permission.CAPTURE_TUNER_AUDIO_INPUT), 470 new RegularPermission(Manifest.permission.CAPTURE_VOICE_COMMUNICATION_OUTPUT), 471 new RegularPermission(Manifest.permission.RECORD_AUDIO), 472 }, false), 473 FGS_TYPE_PERM_ENFORCEMENT_FLAG_MICROPHONE /* permissionEnforcementFlag */, 474 true /* permissionEnforcementFlagDefaultValue */, 475 true /* foregroundOnlyPermission */ 476 ); 477 478 /** 479 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_HEALTH}. 480 * 481 * @hide 482 */ 483 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_HEALTH = 484 new ForegroundServiceTypePolicyInfo( 485 FOREGROUND_SERVICE_TYPE_HEALTH, 486 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 487 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 488 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 489 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_HEALTH) 490 }, true), 491 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 492 new RegularPermission(Manifest.permission.ACTIVITY_RECOGNITION), 493 new RegularPermission(Manifest.permission.BODY_SENSORS), 494 new RegularPermission(Manifest.permission.HIGH_SAMPLING_RATE_SENSORS), 495 }, false), 496 FGS_TYPE_PERM_ENFORCEMENT_FLAG_HEALTH /* permissionEnforcementFlag */, 497 true /* permissionEnforcementFlagDefaultValue */, 498 false /* foregroundOnlyPermission */ 499 ); 500 501 /** 502 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_REMOTE_MESSAGING}. 503 * 504 * @hide 505 */ 506 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_REMOTE_MESSAGING = 507 new ForegroundServiceTypePolicyInfo( 508 FOREGROUND_SERVICE_TYPE_REMOTE_MESSAGING, 509 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 510 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 511 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 512 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_REMOTE_MESSAGING) 513 }, true), 514 null /* anyOfPermissions */, 515 FGS_TYPE_PERM_ENFORCEMENT_FLAG_REMOTE_MESSAGING /* permissionEnforcementFlag */, 516 true /* permissionEnforcementFlagDefaultValue */, 517 false /* foregroundOnlyPermission */ 518 ); 519 520 /** 521 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED}. 522 * 523 * @hide 524 */ 525 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_SYSTEM_EXEMPTED = 526 new ForegroundServiceTypePolicyInfo( 527 FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED, 528 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 529 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 530 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 531 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_SYSTEM_EXEMPTED) 532 }, true), 533 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 534 new RegularPermission(Manifest.permission.SCHEDULE_EXACT_ALARM), 535 new RegularPermission(Manifest.permission.USE_EXACT_ALARM), 536 new AppOpPermission(AppOpsManager.OP_ACTIVATE_VPN), 537 }, false), 538 FGS_TYPE_PERM_ENFORCEMENT_FLAG_SYSTEM_EXEMPTED /* permissionEnforcementFlag */, 539 true /* permissionEnforcementFlagDefaultValue */, 540 false /* foregroundOnlyPermission */ 541 ); 542 543 /** 544 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_SHORT_SERVICE}. 545 * 546 * @hide 547 */ 548 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_SHORT_SERVICE = 549 new ForegroundServiceTypePolicyInfo( 550 FOREGROUND_SERVICE_TYPE_SHORT_SERVICE, 551 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 552 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 553 null /* allOfPermissions */, 554 null /* anyOfPermissions */, 555 null /* permissionEnforcementFlag */, 556 false /* permissionEnforcementFlagDefaultValue */, 557 false /* foregroundOnlyPermission */ 558 ); 559 560 /** 561 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_FILE_MANAGEMENT}. 562 * 563 * @hide 564 */ 565 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_FILE_MANAGEMENT = 566 new ForegroundServiceTypePolicyInfo( 567 FOREGROUND_SERVICE_TYPE_FILE_MANAGEMENT, 568 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 569 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 570 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 571 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_FILE_MANAGEMENT) 572 }, true), 573 null /* anyOfPermissions */, 574 null /* permissionEnforcementFlag */, 575 false /* permissionEnforcementFlagDefaultValue */, 576 false /* foregroundOnlyPermission */ 577 ); 578 579 /** 580 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_SPECIAL_USE}. 581 * 582 * @hide 583 */ 584 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_SPECIAL_USE = 585 new ForegroundServiceTypePolicyInfo( 586 FOREGROUND_SERVICE_TYPE_SPECIAL_USE, 587 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 588 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 589 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 590 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_SPECIAL_USE) 591 }, true), 592 null /* anyOfPermissions */, 593 FGS_TYPE_PERM_ENFORCEMENT_FLAG_SPECIAL_USE /* permissionEnforcementFlag */, 594 true /* permissionEnforcementFlagDefaultValue */, 595 false /* foregroundOnlyPermission */ 596 ); 597 598 /** 599 * Foreground service policy check result code: this one is not actually being used. 600 * 601 * @hide 602 */ 603 public static final int FGS_TYPE_POLICY_CHECK_UNKNOWN = 604 AppProtoEnums.FGS_TYPE_POLICY_CHECK_UNKNOWN; 605 606 /** 607 * Foreground service policy check result code: okay to go. 608 * 609 * @hide 610 */ 611 public static final int FGS_TYPE_POLICY_CHECK_OK = 612 AppProtoEnums.FGS_TYPE_POLICY_CHECK_OK; 613 614 /** 615 * Foreground service policy check result code: this foreground service type is deprecated. 616 * 617 * @hide 618 */ 619 public static final int FGS_TYPE_POLICY_CHECK_DEPRECATED = 620 AppProtoEnums.FGS_TYPE_POLICY_CHECK_DEPRECATED; 621 622 /** 623 * Foreground service policy check result code: this foreground service type is disabled. 624 * 625 * @hide 626 */ 627 public static final int FGS_TYPE_POLICY_CHECK_DISABLED = 628 AppProtoEnums.FGS_TYPE_POLICY_CHECK_DISABLED; 629 630 /** 631 * Foreground service policy check result code: the caller doesn't have permission to start 632 * foreground service with this type, but the policy is permissive. 633 * 634 * @hide 635 */ 636 public static final int FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_PERMISSIVE = 637 AppProtoEnums.FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_PERMISSIVE; 638 639 /** 640 * Foreground service policy check result code: the caller doesn't have permission to start 641 * foreground service with this type, and the policy is enforced. 642 * 643 * @hide 644 */ 645 public static final int FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_ENFORCED = 646 AppProtoEnums.FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_ENFORCED; 647 648 /** 649 * @hide 650 */ 651 @IntDef(flag = true, prefix = { "FGS_TYPE_POLICY_CHECK_" }, value = { 652 FGS_TYPE_POLICY_CHECK_UNKNOWN, 653 FGS_TYPE_POLICY_CHECK_OK, 654 FGS_TYPE_POLICY_CHECK_DEPRECATED, 655 FGS_TYPE_POLICY_CHECK_DISABLED, 656 FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_PERMISSIVE, 657 FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_ENFORCED, 658 }) 659 @Retention(RetentionPolicy.SOURCE) 660 public @interface ForegroundServicePolicyCheckCode{} 661 662 /** 663 * Whether or not to require that app to have actual access to certain foreground only 664 * permissions before starting the foreground service. 665 * 666 * <p> 667 * Examples here are microphone, camera and fg location related permissions. 668 * When the user grants the permission, its permission state is set to "granted", 669 * but the actual capability to access these sensors, is to be evaluated according to 670 * its process state. The Android {@link android.os.Build.VERSION_CODES#R} introduced 671 * the while-in-use permission, basically the background-started FGS will not have access 672 * to these sensors. In this context, there is no legitimate reasons to start a FGS from 673 * the background with these types. This flag controls the behavior of the enforcement, 674 * when it's enabled, in the aforementioned case, the FGS start will result in 675 * a SecurityException. </p> 676 */ 677 private static final String FGS_TYPE_FG_PERM_ENFORCEMENT_FLAG = 678 "fgs_type_fg_perm_enforcement_flag"; 679 680 /** 681 * The default value to the {@link #FGS_TYPE_FG_PERM_ENFORCEMENT_FLAG}. 682 */ 683 private static final boolean DEFAULT_FGS_TYPE_FG_PERM_ENFORCEMENT_FLAG_VALUE = true; 684 685 /** 686 * @return The policy info for the given type. 687 */ 688 @NonNull getForegroundServiceTypePolicyInfo( @oregroundServiceType int type, @ForegroundServiceType int defaultToType)689 public abstract ForegroundServiceTypePolicyInfo getForegroundServiceTypePolicyInfo( 690 @ForegroundServiceType int type, @ForegroundServiceType int defaultToType); 691 692 /** 693 * Run check on the foreground service type policy for the given uid/pid 694 * 695 * @hide 696 */ 697 @ForegroundServicePolicyCheckCode checkForegroundServiceTypePolicy(@onNull Context context, @NonNull String packageName, int callerUid, int callerPid, boolean allowWhileInUse, @NonNull ForegroundServiceTypePolicyInfo policy)698 public abstract int checkForegroundServiceTypePolicy(@NonNull Context context, 699 @NonNull String packageName, int callerUid, int callerPid, boolean allowWhileInUse, 700 @NonNull ForegroundServiceTypePolicyInfo policy); 701 702 /** 703 * Run the given {@code policyFunctor} on the matching policy, if the flag is known 704 * to the policy. 705 * 706 * @hide 707 */ updatePermissionEnforcementFlagIfNecessary(@onNull String flag)708 public abstract void updatePermissionEnforcementFlagIfNecessary(@NonNull String flag); 709 710 @GuardedBy("sLock") 711 private static ForegroundServiceTypePolicy sDefaultForegroundServiceTypePolicy = null; 712 713 private static final Object sLock = new Object(); 714 715 /** 716 * Return the default policy for FGS type. 717 */ getDefaultPolicy()718 public static @NonNull ForegroundServiceTypePolicy getDefaultPolicy() { 719 synchronized (sLock) { 720 if (sDefaultForegroundServiceTypePolicy == null) { 721 sDefaultForegroundServiceTypePolicy = new DefaultForegroundServiceTypePolicy(); 722 } 723 return sDefaultForegroundServiceTypePolicy; 724 } 725 } 726 isFgsTypeFgPermissionEnforcementEnabled()727 private static boolean isFgsTypeFgPermissionEnforcementEnabled() { 728 return DeviceConfig.getBoolean(DeviceConfig.NAMESPACE_ACTIVITY_MANAGER, 729 FGS_TYPE_FG_PERM_ENFORCEMENT_FLAG, DEFAULT_FGS_TYPE_FG_PERM_ENFORCEMENT_FLAG_VALUE); 730 } 731 732 /** 733 * Constructor. 734 * 735 * @hide 736 */ ForegroundServiceTypePolicy()737 public ForegroundServiceTypePolicy() { 738 } 739 740 /** 741 * This class represents the policy for a specific FGS service type. 742 * 743 * @hide 744 */ 745 public static final class ForegroundServiceTypePolicyInfo { 746 /** 747 * The foreground service type. 748 */ 749 final @ForegroundServiceType int mType; 750 751 /** 752 * The change id to tell if this FGS type is deprecated. 753 * 754 * <p>A 0 indicates it's not deprecated.</p> 755 */ 756 final long mDeprecationChangeId; 757 758 /** 759 * The change id to tell if this FGS type is disabled. 760 * 761 * <p>A 0 indicates it's not disabled.</p> 762 */ 763 final long mDisabledChangeId; 764 765 /** 766 * The required permissions to start a foreground with this type, all of them 767 * MUST have been granted. 768 */ 769 final @Nullable ForegroundServiceTypePermissions mAllOfPermissions; 770 771 /** 772 * The required permissions to start a foreground with this type, any one of them 773 * being granted is sufficient. 774 */ 775 final @Nullable ForegroundServiceTypePermissions mAnyOfPermissions; 776 777 /** 778 * A permission enforcement flag, unlike the {@link #FGS_TYPE_PERMISSION_CHANGE_ID}, 779 * here it applies to all apps using this FGS type. 780 */ 781 final @Nullable String mPermissionEnforcementFlag; 782 783 /** 784 * The default value to {@link #mPermissionEnforcementFlag}. 785 */ 786 final boolean mPermissionEnforcementFlagDefaultValue; 787 788 /** 789 * Whether or not the permissions here are limited to foreground only. 790 * Typical examples are microphone/camera/location. 791 */ 792 final boolean mForegroundOnlyPermission; 793 794 /** 795 * A customized check for the permissions. 796 */ 797 @Nullable ForegroundServiceTypePermission mCustomPermission; 798 799 /** 800 * The value of the permission enforcement flag, will be updated by the system. 801 * If the value is {@code false}, the FGS permission check will be ignored. 802 * 803 * <p>This value could be updated via the DeviceConfig flag specified 804 * in the {@link #mPermissionEnforcementFlag}.</p> 805 */ 806 volatile boolean mPermissionEnforcementFlagValue; 807 808 /** 809 * Not a real change id, but a place holder. 810 */ 811 private static final long INVALID_CHANGE_ID = 0L; 812 813 /** 814 * @return {@code true} if the given change id is valid. 815 */ isValidChangeId(long changeId)816 private static boolean isValidChangeId(long changeId) { 817 return changeId != INVALID_CHANGE_ID; 818 } 819 820 /** 821 * Construct a new instance. 822 * 823 * @hide 824 */ ForegroundServiceTypePolicyInfo(@oregroundServiceType int type, long deprecationChangeId, long disabledChangeId, @Nullable ForegroundServiceTypePermissions allOfPermissions, @Nullable ForegroundServiceTypePermissions anyOfPermissions, @Nullable String permissionEnforcementFlag, boolean permissionEnforcementFlagDefaultValue, boolean foregroundOnlyPermission)825 public ForegroundServiceTypePolicyInfo(@ForegroundServiceType int type, 826 long deprecationChangeId, long disabledChangeId, 827 @Nullable ForegroundServiceTypePermissions allOfPermissions, 828 @Nullable ForegroundServiceTypePermissions anyOfPermissions, 829 @Nullable String permissionEnforcementFlag, 830 boolean permissionEnforcementFlagDefaultValue, 831 boolean foregroundOnlyPermission) { 832 mType = type; 833 mDeprecationChangeId = deprecationChangeId; 834 mDisabledChangeId = disabledChangeId; 835 mAllOfPermissions = allOfPermissions; 836 mAnyOfPermissions = anyOfPermissions; 837 mPermissionEnforcementFlag = permissionEnforcementFlag; 838 mPermissionEnforcementFlagDefaultValue = permissionEnforcementFlagDefaultValue; 839 mPermissionEnforcementFlagValue = permissionEnforcementFlagDefaultValue; 840 mForegroundOnlyPermission = foregroundOnlyPermission; 841 } 842 843 /** 844 * @return The foreground service type. 845 */ 846 @ForegroundServiceType getForegroundServiceType()847 public int getForegroundServiceType() { 848 return mType; 849 } 850 851 @Override toString()852 public String toString() { 853 final StringBuilder sb = toPermissionString(new StringBuilder()); 854 sb.append("type=0x"); 855 sb.append(Integer.toHexString(mType)); 856 sb.append(" deprecationChangeId="); 857 sb.append(mDeprecationChangeId); 858 sb.append(" disabledChangeId="); 859 sb.append(mDisabledChangeId); 860 sb.append(" customPermission="); 861 sb.append(mCustomPermission); 862 return sb.toString(); 863 } 864 865 /** 866 * @return The required permissions. 867 */ toPermissionString()868 public String toPermissionString() { 869 return toPermissionString(new StringBuilder()).toString(); 870 } 871 toPermissionString(StringBuilder sb)872 private StringBuilder toPermissionString(StringBuilder sb) { 873 if (mAllOfPermissions != null) { 874 sb.append("all of the permissions "); 875 sb.append(mAllOfPermissions.toString()); 876 sb.append(' '); 877 } 878 if (mAnyOfPermissions != null) { 879 sb.append("any of the permissions "); 880 sb.append(mAnyOfPermissions.toString()); 881 sb.append(' '); 882 } 883 return sb; 884 } 885 updatePermissionEnforcementFlagIfNecessary(@onNull String flagName)886 private void updatePermissionEnforcementFlagIfNecessary(@NonNull String flagName) { 887 if (mPermissionEnforcementFlag == null 888 || !TextUtils.equals(flagName, mPermissionEnforcementFlag)) { 889 return; 890 } 891 mPermissionEnforcementFlagValue = DeviceConfig.getBoolean( 892 DeviceConfig.NAMESPACE_ACTIVITY_MANAGER, 893 mPermissionEnforcementFlag, 894 mPermissionEnforcementFlagDefaultValue); 895 } 896 897 /** 898 * @hide 899 */ setCustomPermission( @ullable ForegroundServiceTypePermission customPermission)900 public void setCustomPermission( 901 @Nullable ForegroundServiceTypePermission customPermission) { 902 mCustomPermission = customPermission; 903 } 904 905 /** 906 * @return The name of the permissions which are all required. 907 * It may contain app op names. 908 * 909 * For test only. 910 */ getRequiredAllOfPermissionsForTest( @onNull Context context)911 public @NonNull Optional<String[]> getRequiredAllOfPermissionsForTest( 912 @NonNull Context context) { 913 if (mAllOfPermissions == null) { 914 return Optional.empty(); 915 } 916 return Optional.of(mAllOfPermissions.toStringArray(context)); 917 } 918 919 /** 920 * @return The name of the permissions where any of the is granted is sufficient. 921 * It may contain app op names. 922 * 923 * For test only. 924 */ getRequiredAnyOfPermissionsForTest( @onNull Context context)925 public @NonNull Optional<String[]> getRequiredAnyOfPermissionsForTest( 926 @NonNull Context context) { 927 if (mAnyOfPermissions == null) { 928 return Optional.empty(); 929 } 930 return Optional.of(mAnyOfPermissions.toStringArray(context)); 931 } 932 933 /** 934 * Whether or not this type is disabled. 935 */ 936 @SuppressLint("AndroidFrameworkRequiresPermission") isTypeDisabled(int callerUid)937 public boolean isTypeDisabled(int callerUid) { 938 return isValidChangeId(mDisabledChangeId) 939 && CompatChanges.isChangeEnabled(mDisabledChangeId, callerUid); 940 } 941 942 /** 943 * Whether or not the permissions here are limited to foreground only. 944 * Typical examples are microphone/camera/location. 945 */ hasForegroundOnlyPermission()946 public boolean hasForegroundOnlyPermission() { 947 return mForegroundOnlyPermission; 948 } 949 950 /** 951 * Override the type disabling change Id. 952 * 953 * For test only. 954 */ setTypeDisabledForTest(boolean disabled, @NonNull String packageName)955 public void setTypeDisabledForTest(boolean disabled, @NonNull String packageName) 956 throws RemoteException { 957 overrideChangeIdForTest(mDisabledChangeId, disabled, packageName); 958 } 959 960 /** 961 * clear the type disabling change Id. 962 * 963 * For test only. 964 */ clearTypeDisabledForTest(@onNull String packageName)965 public void clearTypeDisabledForTest(@NonNull String packageName) throws RemoteException { 966 clearOverrideForTest(mDisabledChangeId, packageName); 967 } 968 969 @SuppressLint("AndroidFrameworkRequiresPermission") isTypeDeprecated(int callerUid)970 boolean isTypeDeprecated(int callerUid) { 971 return isValidChangeId(mDeprecationChangeId) 972 && CompatChanges.isChangeEnabled(mDeprecationChangeId, callerUid); 973 } 974 overrideChangeIdForTest(long changeId, boolean enable, String packageName)975 private void overrideChangeIdForTest(long changeId, boolean enable, String packageName) 976 throws RemoteException { 977 if (!isValidChangeId(changeId)) { 978 return; 979 } 980 final ArraySet<Long> enabled = new ArraySet<>(); 981 final ArraySet<Long> disabled = new ArraySet<>(); 982 if (enable) { 983 enabled.add(changeId); 984 } else { 985 disabled.add(changeId); 986 } 987 final CompatibilityChangeConfig overrides = new CompatibilityChangeConfig( 988 new Compatibility.ChangeConfig(enabled, disabled)); 989 IPlatformCompat platformCompat = IPlatformCompat.Stub.asInterface( 990 ServiceManager.getService(Context.PLATFORM_COMPAT_SERVICE)); 991 platformCompat.setOverridesForTest(overrides, packageName); 992 } 993 clearOverrideForTest(long changeId, @NonNull String packageName)994 private void clearOverrideForTest(long changeId, @NonNull String packageName) 995 throws RemoteException { 996 IPlatformCompat platformCompat = IPlatformCompat.Stub.asInterface( 997 ServiceManager.getService(Context.PLATFORM_COMPAT_SERVICE)); 998 platformCompat.clearOverrideForTest(changeId, packageName); 999 } 1000 1001 /** 1002 * For test only. 1003 * 1004 * @return The permission enforcement flag. 1005 */ getPermissionEnforcementFlagForTest()1006 public @Nullable String getPermissionEnforcementFlagForTest() { 1007 return mPermissionEnforcementFlag; 1008 } 1009 } 1010 1011 /** 1012 * This represents the set of permissions that's going to be required 1013 * for a specific service type. 1014 * 1015 * @hide 1016 */ 1017 public static class ForegroundServiceTypePermissions { 1018 /** 1019 * The set of the permissions to be required. 1020 */ 1021 final @NonNull ForegroundServiceTypePermission[] mPermissions; 1022 1023 /** 1024 * Are we requiring all of the permissions to be granted or any of them. 1025 */ 1026 final boolean mAllOf; 1027 1028 /** 1029 * Constructor. 1030 */ ForegroundServiceTypePermissions( @onNull ForegroundServiceTypePermission[] permissions, boolean allOf)1031 public ForegroundServiceTypePermissions( 1032 @NonNull ForegroundServiceTypePermission[] permissions, boolean allOf) { 1033 mPermissions = permissions; 1034 mAllOf = allOf; 1035 } 1036 1037 /** 1038 * Check the permissions. 1039 */ 1040 @PackageManager.PermissionResult checkPermissions(@onNull Context context, int callerUid, int callerPid, @NonNull String packageName, boolean allowWhileInUse)1041 public int checkPermissions(@NonNull Context context, int callerUid, int callerPid, 1042 @NonNull String packageName, boolean allowWhileInUse) { 1043 if (mAllOf) { 1044 for (ForegroundServiceTypePermission perm : mPermissions) { 1045 final int result = perm.checkPermission(context, callerUid, callerPid, 1046 packageName, allowWhileInUse); 1047 if (result != PERMISSION_GRANTED) { 1048 return PERMISSION_DENIED; 1049 } 1050 } 1051 return PERMISSION_GRANTED; 1052 } else { 1053 boolean anyOfGranted = false; 1054 for (ForegroundServiceTypePermission perm : mPermissions) { 1055 final int result = perm.checkPermission(context, callerUid, callerPid, 1056 packageName, allowWhileInUse); 1057 if (result == PERMISSION_GRANTED) { 1058 anyOfGranted = true; 1059 break; 1060 } 1061 } 1062 return anyOfGranted ? PERMISSION_GRANTED : PERMISSION_DENIED; 1063 } 1064 } 1065 1066 @Override toString()1067 public String toString() { 1068 final StringBuilder sb = new StringBuilder(); 1069 sb.append("allOf="); 1070 sb.append(mAllOf); 1071 sb.append(' '); 1072 sb.append('['); 1073 for (int i = 0; i < mPermissions.length; i++) { 1074 if (i > 0) { 1075 sb.append(", "); 1076 } 1077 sb.append(mPermissions[i].toString()); 1078 } 1079 sb.append(']'); 1080 return sb.toString(); 1081 } 1082 toStringArray(Context context)1083 @NonNull String[] toStringArray(Context context) { 1084 final ArrayList<String> list = new ArrayList<>(); 1085 for (int i = 0; i < mPermissions.length; i++) { 1086 mPermissions[i].addToList(context, list); 1087 } 1088 return list.toArray(new String[list.size()]); 1089 } 1090 } 1091 1092 /** 1093 * This represents a permission that's going to be required for a specific service type. 1094 * 1095 * @hide 1096 */ 1097 public abstract static class ForegroundServiceTypePermission { 1098 /** 1099 * The name of this permission. 1100 */ 1101 protected final @NonNull String mName; 1102 1103 /** 1104 * Constructor. 1105 */ ForegroundServiceTypePermission(@onNull String name)1106 public ForegroundServiceTypePermission(@NonNull String name) { 1107 mName = name; 1108 } 1109 1110 /** 1111 * Check if the given uid/pid/package has the access to the permission. 1112 */ 1113 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, @NonNull String packageName, boolean allowWhileInUse)1114 public abstract int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1115 @NonNull String packageName, boolean allowWhileInUse); 1116 1117 @Override toString()1118 public String toString() { 1119 return mName; 1120 } 1121 addToList(@onNull Context context, @NonNull ArrayList<String> list)1122 void addToList(@NonNull Context context, @NonNull ArrayList<String> list) { 1123 list.add(mName); 1124 } 1125 } 1126 1127 /** 1128 * This represents a regular Android permission to be required for a specific service type. 1129 */ 1130 static class RegularPermission extends ForegroundServiceTypePermission { RegularPermission(@onNull String name)1131 RegularPermission(@NonNull String name) { 1132 super(name); 1133 } 1134 1135 @Override 1136 @SuppressLint("AndroidFrameworkRequiresPermission") 1137 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1138 public int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1139 String packageName, boolean allowWhileInUse) { 1140 return checkPermission(context, mName, callerUid, callerPid, packageName, 1141 allowWhileInUse); 1142 } 1143 1144 @SuppressLint("AndroidFrameworkRequiresPermission") 1145 @PackageManager.PermissionResult checkPermission(@onNull Context context, @NonNull String name, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1146 int checkPermission(@NonNull Context context, @NonNull String name, int callerUid, 1147 int callerPid, String packageName, boolean allowWhileInUse) { 1148 @PermissionCheckerManager.PermissionResult final int result = 1149 PermissionChecker.checkPermissionForPreflight(context, name, 1150 callerPid, callerUid, packageName); 1151 if (result == PERMISSION_HARD_DENIED) { 1152 // If the user didn't grant this permission at all. 1153 return PERMISSION_DENIED; 1154 } 1155 final int opCode = AppOpsManager.permissionToOpCode(name); 1156 if (opCode == AppOpsManager.OP_NONE) { 1157 // Simple case, check if it's already granted. 1158 return result == PermissionCheckerManager.PERMISSION_GRANTED 1159 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1160 } 1161 final AppOpsManager appOpsManager = context.getSystemService(AppOpsManager.class); 1162 final int mode = appOpsManager.unsafeCheckOpRawNoThrow(opCode, callerUid, packageName); 1163 switch (mode) { 1164 case MODE_ALLOWED: 1165 // The appop is just allowed, plain and simple. 1166 return PERMISSION_GRANTED; 1167 case MODE_DEFAULT: 1168 // Follow the permission check result. 1169 return result == PermissionCheckerManager.PERMISSION_GRANTED 1170 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1171 case MODE_FOREGROUND: 1172 // If the enforcement flag is OFF, we silently allow it. Or, if it's in 1173 // the foreground only mode and we're allowing while-in-use, allow it. 1174 return !isFgsTypeFgPermissionEnforcementEnabled() || allowWhileInUse 1175 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1176 case MODE_IGNORED: 1177 // If it's soft denied with the mode "ignore", semantically it's a silent 1178 // failure and no exception should be thrown, we might not want to allow 1179 // the FGS. However, since the user has agreed with this permission 1180 // (otherwise it's going to be a hard denial), and we're allowing 1181 // while-in-use here, it's safe to allow the FGS run here. 1182 return allowWhileInUse && result == PERMISSION_SOFT_DENIED 1183 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1184 default: 1185 return PERMISSION_DENIED; 1186 } 1187 } 1188 } 1189 1190 /** 1191 * This represents an app op permission to be required for a specific service type. 1192 */ 1193 static class AppOpPermission extends ForegroundServiceTypePermission { 1194 final int mOpCode; 1195 AppOpPermission(int opCode)1196 AppOpPermission(int opCode) { 1197 super(AppOpsManager.opToPublicName(opCode)); 1198 mOpCode = opCode; 1199 } 1200 1201 @Override 1202 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1203 public int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1204 String packageName, boolean allowWhileInUse) { 1205 final AppOpsManager appOpsManager = context.getSystemService(AppOpsManager.class); 1206 final int mode = appOpsManager.unsafeCheckOpRawNoThrow(mOpCode, callerUid, packageName); 1207 return (mode == MODE_ALLOWED || (allowWhileInUse && mode == MODE_FOREGROUND)) 1208 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1209 } 1210 } 1211 1212 /** 1213 * This represents a particular role an app needs to hold for a specific service type. 1214 */ 1215 static class RolePermission extends ForegroundServiceTypePermission { 1216 final String mRole; 1217 RolePermission(@onNull String role)1218 RolePermission(@NonNull String role) { 1219 super(role); 1220 mRole = role; 1221 } 1222 1223 @Override 1224 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1225 public int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1226 String packageName, boolean allowWhileInUse) { 1227 final RoleManager rm = context.getSystemService(RoleManager.class); 1228 final List<String> holders = rm.getRoleHoldersAsUser(mRole, 1229 UserHandle.getUserHandleForUid(callerUid)); 1230 return holders != null && holders.contains(packageName) 1231 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1232 } 1233 } 1234 1235 /** 1236 * This represents a special Android permission to be required for accessing usb devices. 1237 */ 1238 static class UsbDevicePermission extends ForegroundServiceTypePermission { UsbDevicePermission()1239 UsbDevicePermission() { 1240 super("USB Device"); 1241 } 1242 1243 @Override 1244 @SuppressLint("AndroidFrameworkRequiresPermission") 1245 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1246 public int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1247 String packageName, boolean allowWhileInUse) { 1248 final UsbManager usbManager = context.getSystemService(UsbManager.class); 1249 final HashMap<String, UsbDevice> devices = usbManager.getDeviceList(); 1250 if (!ArrayUtils.isEmpty(devices)) { 1251 for (UsbDevice device : devices.values()) { 1252 if (usbManager.hasPermission(device, packageName, callerPid, callerUid)) { 1253 return PERMISSION_GRANTED; 1254 } 1255 } 1256 } 1257 return PERMISSION_DENIED; 1258 } 1259 } 1260 1261 /** 1262 * This represents a special Android permission to be required for accessing usb accessories. 1263 */ 1264 static class UsbAccessoryPermission extends ForegroundServiceTypePermission { UsbAccessoryPermission()1265 UsbAccessoryPermission() { 1266 super("USB Accessory"); 1267 } 1268 1269 @Override 1270 @SuppressLint("AndroidFrameworkRequiresPermission") 1271 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1272 public int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1273 String packageName, boolean allowWhileInUse) { 1274 final UsbManager usbManager = context.getSystemService(UsbManager.class); 1275 final UsbAccessory[] accessories = usbManager.getAccessoryList(); 1276 if (!ArrayUtils.isEmpty(accessories)) { 1277 for (UsbAccessory accessory: accessories) { 1278 if (usbManager.hasPermission(accessory, callerPid, callerUid)) { 1279 return PERMISSION_GRANTED; 1280 } 1281 } 1282 } 1283 return PERMISSION_DENIED; 1284 } 1285 } 1286 1287 /** 1288 * The default policy for the foreground service types. 1289 * 1290 * @hide 1291 */ 1292 public static class DefaultForegroundServiceTypePolicy extends ForegroundServiceTypePolicy { 1293 private final SparseArray<ForegroundServiceTypePolicyInfo> mForegroundServiceTypePolicies = 1294 new SparseArray<>(); 1295 1296 /** 1297 * The map between permission enforcement flag to its permission policy info. 1298 */ 1299 private final ArrayMap<String, ForegroundServiceTypePolicyInfo> 1300 mPermissionEnforcementToPolicyInfoMap = new ArrayMap<>(); 1301 1302 /** 1303 * Constructor 1304 */ DefaultForegroundServiceTypePolicy()1305 public DefaultForegroundServiceTypePolicy() { 1306 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_MANIFEST, 1307 FGS_TYPE_POLICY_MANIFEST); 1308 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_NONE, 1309 FGS_TYPE_POLICY_NONE); 1310 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_DATA_SYNC, 1311 FGS_TYPE_POLICY_DATA_SYNC); 1312 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_MEDIA_PLAYBACK, 1313 FGS_TYPE_POLICY_MEDIA_PLAYBACK); 1314 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_PHONE_CALL, 1315 FGS_TYPE_POLICY_PHONE_CALL); 1316 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_LOCATION, 1317 FGS_TYPE_POLICY_LOCATION); 1318 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_CONNECTED_DEVICE, 1319 FGS_TYPE_POLICY_CONNECTED_DEVICE); 1320 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_MEDIA_PROJECTION, 1321 FGS_TYPE_POLICY_MEDIA_PROJECTION); 1322 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_CAMERA, 1323 FGS_TYPE_POLICY_CAMERA); 1324 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_MICROPHONE, 1325 FGS_TYPE_POLICY_MICROPHONE); 1326 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_HEALTH, 1327 FGS_TYPE_POLICY_HEALTH); 1328 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_REMOTE_MESSAGING, 1329 FGS_TYPE_POLICY_REMOTE_MESSAGING); 1330 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED, 1331 FGS_TYPE_POLICY_SYSTEM_EXEMPTED); 1332 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_SHORT_SERVICE, 1333 FGS_TYPE_POLICY_SHORT_SERVICE); 1334 // TODO (b/271950506): revisit it in the next release. 1335 // Hide the file management type for now. If anyone uses it, will default to "none". 1336 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_SPECIAL_USE, 1337 FGS_TYPE_POLICY_SPECIAL_USE); 1338 for (int i = 0, size = mForegroundServiceTypePolicies.size(); i < size; i++) { 1339 final ForegroundServiceTypePolicyInfo info = 1340 mForegroundServiceTypePolicies.valueAt(i); 1341 mPermissionEnforcementToPolicyInfoMap.put(info.mPermissionEnforcementFlag, info); 1342 } 1343 } 1344 1345 @Override getForegroundServiceTypePolicyInfo( @oregroundServiceType int type, @ForegroundServiceType int defaultToType)1346 public ForegroundServiceTypePolicyInfo getForegroundServiceTypePolicyInfo( 1347 @ForegroundServiceType int type, @ForegroundServiceType int defaultToType) { 1348 ForegroundServiceTypePolicyInfo info = mForegroundServiceTypePolicies.get(type); 1349 if (info == null) { 1350 // Unknown type, fallback to the defaultToType 1351 info = mForegroundServiceTypePolicies.get(defaultToType); 1352 if (info == null) { 1353 // It shouldn't happen. 1354 throw new IllegalArgumentException("Invalid default fgs type " + defaultToType); 1355 } 1356 } 1357 return info; 1358 } 1359 1360 @Override 1361 @SuppressLint("AndroidFrameworkRequiresPermission") 1362 @ForegroundServicePolicyCheckCode checkForegroundServiceTypePolicy(Context context, String packageName, int callerUid, int callerPid, boolean allowWhileInUse, @NonNull ForegroundServiceTypePolicyInfo policy)1363 public int checkForegroundServiceTypePolicy(Context context, String packageName, 1364 int callerUid, int callerPid, boolean allowWhileInUse, 1365 @NonNull ForegroundServiceTypePolicyInfo policy) { 1366 // Has this FGS type been disabled and not allowed to use anymore? 1367 if (policy.isTypeDisabled(callerUid)) { 1368 return FGS_TYPE_POLICY_CHECK_DISABLED; 1369 } 1370 int permissionResult = PERMISSION_GRANTED; 1371 // Do we have the permission to start FGS with this type. 1372 if (policy.mAllOfPermissions != null) { 1373 permissionResult = policy.mAllOfPermissions.checkPermissions(context, 1374 callerUid, callerPid, packageName, allowWhileInUse); 1375 } 1376 // If it has the "all of" permissions granted, check the "any of" ones. 1377 if (permissionResult == PERMISSION_GRANTED) { 1378 boolean checkCustomPermission = true; 1379 // Check the "any of" permissions. 1380 if (policy.mAnyOfPermissions != null) { 1381 permissionResult = policy.mAnyOfPermissions.checkPermissions(context, 1382 callerUid, callerPid, packageName, allowWhileInUse); 1383 if (permissionResult == PERMISSION_GRANTED) { 1384 // We have one of them granted, no need to check custom permissions. 1385 checkCustomPermission = false; 1386 } 1387 } 1388 // If we have a customized permission checker, also call it now. 1389 if (checkCustomPermission && policy.mCustomPermission != null) { 1390 permissionResult = policy.mCustomPermission.checkPermission(context, 1391 callerUid, callerPid, packageName, allowWhileInUse); 1392 } 1393 } 1394 if (permissionResult != PERMISSION_GRANTED) { 1395 return policy.mPermissionEnforcementFlagValue 1396 && (CompatChanges.isChangeEnabled(FGS_TYPE_PERMISSION_CHANGE_ID, callerUid)) 1397 ? FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_ENFORCED 1398 : FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_PERMISSIVE; 1399 } 1400 // Has this FGS type been deprecated? 1401 if (policy.isTypeDeprecated(callerUid)) { 1402 return FGS_TYPE_POLICY_CHECK_DEPRECATED; 1403 } 1404 return FGS_TYPE_POLICY_CHECK_OK; 1405 } 1406 1407 @Override updatePermissionEnforcementFlagIfNecessary(@onNull String flagName)1408 public void updatePermissionEnforcementFlagIfNecessary(@NonNull String flagName) { 1409 final ForegroundServiceTypePolicyInfo info = 1410 mPermissionEnforcementToPolicyInfoMap.get(flagName); 1411 if (info != null) { 1412 info.updatePermissionEnforcementFlagIfNecessary(flagName); 1413 } 1414 } 1415 } 1416 } 1417