1 /* 2 * Copyright (C) 2023 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.contentprotection; 18 19 import android.annotation.NonNull; 20 import android.annotation.Nullable; 21 import android.content.pm.PackageInfo; 22 import android.util.Slog; 23 24 import com.android.internal.annotations.VisibleForTesting; 25 26 import java.io.BufferedReader; 27 import java.io.FileReader; 28 import java.util.Collections; 29 import java.util.List; 30 import java.util.Set; 31 import java.util.stream.Collectors; 32 33 /** 34 * Manages whether the content protection is enabled for an app using a blocklist. 35 * 36 * @hide 37 */ 38 public class ContentProtectionBlocklistManager { 39 40 private static final String TAG = "ContentProtectionBlocklistManager"; 41 42 private static final String PACKAGE_NAME_BLOCKLIST_FILENAME = 43 "/product/etc/res/raw/content_protection/package_name_blocklist.txt"; 44 45 @NonNull private final ContentProtectionPackageManager mContentProtectionPackageManager; 46 47 @Nullable private Set<String> mPackageNameBlocklist; 48 ContentProtectionBlocklistManager( @onNull ContentProtectionPackageManager contentProtectionPackageManager)49 public ContentProtectionBlocklistManager( 50 @NonNull ContentProtectionPackageManager contentProtectionPackageManager) { 51 mContentProtectionPackageManager = contentProtectionPackageManager; 52 } 53 isAllowed(@onNull String packageName)54 public boolean isAllowed(@NonNull String packageName) { 55 if (mPackageNameBlocklist == null) { 56 // List not loaded or failed to load, don't run on anything 57 return false; 58 } 59 if (mPackageNameBlocklist.contains(packageName)) { 60 return false; 61 } 62 PackageInfo packageInfo = mContentProtectionPackageManager.getPackageInfo(packageName); 63 if (packageInfo == null) { 64 return false; 65 } 66 if (!mContentProtectionPackageManager.hasRequestedInternetPermissions(packageInfo)) { 67 return false; 68 } 69 if (mContentProtectionPackageManager.isSystemApp(packageInfo)) { 70 return false; 71 } 72 if (mContentProtectionPackageManager.isUpdatedSystemApp(packageInfo)) { 73 return false; 74 } 75 return true; 76 } 77 updateBlocklist(int blocklistSize)78 public void updateBlocklist(int blocklistSize) { 79 Slog.i(TAG, "Blocklist size updating to: " + blocklistSize); 80 mPackageNameBlocklist = readPackageNameBlocklist(blocklistSize); 81 } 82 83 @Nullable readPackageNameBlocklist(int blocklistSize)84 private Set<String> readPackageNameBlocklist(int blocklistSize) { 85 if (blocklistSize <= 0) { 86 // Explicitly requested an empty blocklist 87 return Collections.emptySet(); 88 } 89 List<String> lines = readLinesFromRawFile(PACKAGE_NAME_BLOCKLIST_FILENAME); 90 if (lines == null) { 91 return null; 92 } 93 return lines.stream().limit(blocklistSize).collect(Collectors.toSet()); 94 } 95 96 @VisibleForTesting 97 @Nullable readLinesFromRawFile(@onNull String filename)98 protected List<String> readLinesFromRawFile(@NonNull String filename) { 99 try (FileReader fileReader = new FileReader(filename); 100 BufferedReader bufferedReader = new BufferedReader(fileReader)) { 101 return bufferedReader 102 .lines() 103 .map(line -> line.trim()) 104 .filter(line -> !line.isBlank()) 105 .collect(Collectors.toList()); 106 } catch (Exception ex) { 107 Slog.e(TAG, "Failed to read: " + filename, ex); 108 return null; 109 } 110 } 111 } 112