1 /* 2 * Copyright (C) 2019 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.location; 18 19 import android.annotation.Nullable; 20 import android.annotation.SuppressLint; 21 import android.app.AppOpsManager; 22 import android.app.Notification; 23 import android.app.NotificationManager; 24 import android.app.PendingIntent; 25 import android.content.BroadcastReceiver; 26 import android.content.Context; 27 import android.content.Intent; 28 import android.content.IntentFilter; 29 import android.content.pm.ApplicationInfo; 30 import android.content.pm.PackageManager; 31 import android.location.LocationManager; 32 import android.os.Handler; 33 import android.os.Looper; 34 import android.os.PowerManager; 35 import android.os.UserHandle; 36 import android.text.TextUtils; 37 import android.util.ArrayMap; 38 import android.util.Log; 39 import android.util.StatsLog; 40 41 import com.android.internal.R; 42 import com.android.internal.location.GpsNetInitiatedHandler; 43 import com.android.internal.notification.SystemNotificationChannels; 44 45 import java.util.Arrays; 46 import java.util.List; 47 import java.util.Map; 48 49 /** 50 * Handles GNSS non-framework location access user visibility and control. 51 * 52 * The state of the GnssVisibilityControl object must be accessed/modified through the Handler 53 * thread only. 54 */ 55 class GnssVisibilityControl { 56 private static final String TAG = "GnssVisibilityControl"; 57 private static final boolean DEBUG = Log.isLoggable(TAG, Log.DEBUG); 58 59 private static final String LOCATION_PERMISSION_NAME = 60 "android.permission.ACCESS_FINE_LOCATION"; 61 62 private static final String[] NO_LOCATION_ENABLED_PROXY_APPS = new String[0]; 63 64 // Max wait time for synchronous method onGpsEnabledChanged() to run. 65 private static final long ON_GPS_ENABLED_CHANGED_TIMEOUT_MILLIS = 3 * 1000; 66 67 // How long to display location icon for each non-framework non-emergency location request. 68 private static final long LOCATION_ICON_DISPLAY_DURATION_MILLIS = 5 * 1000; 69 70 // Wakelocks 71 private static final String WAKELOCK_KEY = TAG; 72 private static final long WAKELOCK_TIMEOUT_MILLIS = 60 * 1000; 73 private final PowerManager.WakeLock mWakeLock; 74 75 private final AppOpsManager mAppOps; 76 private final PackageManager mPackageManager; 77 78 private final Handler mHandler; 79 private final Context mContext; 80 private final GpsNetInitiatedHandler mNiHandler; 81 82 private boolean mIsGpsEnabled; 83 84 private static final class ProxyAppState { 85 private boolean mHasLocationPermission; 86 private boolean mIsLocationIconOn; 87 ProxyAppState(boolean hasLocationPermission)88 private ProxyAppState(boolean hasLocationPermission) { 89 mHasLocationPermission = hasLocationPermission; 90 } 91 } 92 93 // Number of non-framework location access proxy apps is expected to be small (< 5). 94 private static final int ARRAY_MAP_INITIAL_CAPACITY_PROXY_APPS_STATE = 5; 95 private ArrayMap<String, ProxyAppState> mProxyAppsState = new ArrayMap<>( 96 ARRAY_MAP_INITIAL_CAPACITY_PROXY_APPS_STATE); 97 98 private PackageManager.OnPermissionsChangedListener mOnPermissionsChangedListener = 99 uid -> runOnHandler(() -> handlePermissionsChanged(uid)); 100 GnssVisibilityControl(Context context, Looper looper, GpsNetInitiatedHandler niHandler)101 GnssVisibilityControl(Context context, Looper looper, GpsNetInitiatedHandler niHandler) { 102 mContext = context; 103 PowerManager powerManager = (PowerManager) context.getSystemService(Context.POWER_SERVICE); 104 mWakeLock = powerManager.newWakeLock(PowerManager.PARTIAL_WAKE_LOCK, WAKELOCK_KEY); 105 mHandler = new Handler(looper); 106 mNiHandler = niHandler; 107 mAppOps = mContext.getSystemService(AppOpsManager.class); 108 mPackageManager = mContext.getPackageManager(); 109 110 // Complete initialization as the first event to run in mHandler thread. After that, 111 // all object state read/update events run in the mHandler thread. 112 runOnHandler(this::handleInitialize); 113 } 114 onGpsEnabledChanged(boolean isEnabled)115 void onGpsEnabledChanged(boolean isEnabled) { 116 // The GnssLocationProvider's methods: handleEnable() calls this method after native_init() 117 // and handleDisable() calls this method before native_cleanup(). This method must be 118 // executed synchronously so that the NFW location access permissions are disabled in 119 // the HAL before native_cleanup() method is called. 120 // 121 // NOTE: Since improper use of runWithScissors() method can result in deadlocks, the method 122 // doc recommends limiting its use to cases where some initialization steps need to be 123 // executed in sequence before continuing which fits this scenario. 124 if (mHandler.runWithScissors(() -> handleGpsEnabledChanged(isEnabled), 125 ON_GPS_ENABLED_CHANGED_TIMEOUT_MILLIS)) { 126 return; 127 } 128 129 // After timeout, the method remains posted in the queue and hence future enable/disable 130 // calls to this method will all get executed in the correct sequence. But this timeout 131 // situation should not even arise because runWithScissors() will run in the caller's 132 // thread without blocking as it is the same thread as mHandler's thread. 133 if (!isEnabled) { 134 Log.w(TAG, "Native call to disable non-framework location access in GNSS HAL may" 135 + " get executed after native_cleanup()."); 136 } 137 } 138 reportNfwNotification(String proxyAppPackageName, byte protocolStack, String otherProtocolStackName, byte requestor, String requestorId, byte responseType, boolean inEmergencyMode, boolean isCachedLocation)139 void reportNfwNotification(String proxyAppPackageName, byte protocolStack, 140 String otherProtocolStackName, byte requestor, String requestorId, byte responseType, 141 boolean inEmergencyMode, boolean isCachedLocation) { 142 runOnHandler(() -> handleNfwNotification( 143 new NfwNotification(proxyAppPackageName, protocolStack, otherProtocolStackName, 144 requestor, requestorId, responseType, inEmergencyMode, isCachedLocation))); 145 } 146 onConfigurationUpdated(GnssConfiguration configuration)147 void onConfigurationUpdated(GnssConfiguration configuration) { 148 // The configuration object must be accessed only in the caller thread and not in mHandler. 149 List<String> nfwLocationAccessProxyApps = configuration.getProxyApps(); 150 runOnHandler(() -> handleUpdateProxyApps(nfwLocationAccessProxyApps)); 151 } 152 handleInitialize()153 private void handleInitialize() { 154 listenForProxyAppsPackageUpdates(); 155 } 156 listenForProxyAppsPackageUpdates()157 private void listenForProxyAppsPackageUpdates() { 158 // Listen for proxy apps package installation, removal events. 159 IntentFilter intentFilter = new IntentFilter(); 160 intentFilter.addAction(Intent.ACTION_PACKAGE_ADDED); 161 intentFilter.addAction(Intent.ACTION_PACKAGE_REMOVED); 162 intentFilter.addAction(Intent.ACTION_PACKAGE_REPLACED); 163 intentFilter.addAction(Intent.ACTION_PACKAGE_CHANGED); 164 intentFilter.addDataScheme("package"); 165 mContext.registerReceiverAsUser(new BroadcastReceiver() { 166 @Override 167 public void onReceive(Context context, Intent intent) { 168 String action = intent.getAction(); 169 if (action == null) { 170 return; 171 } 172 173 switch (action) { 174 case Intent.ACTION_PACKAGE_ADDED: 175 case Intent.ACTION_PACKAGE_REMOVED: 176 case Intent.ACTION_PACKAGE_REPLACED: 177 case Intent.ACTION_PACKAGE_CHANGED: 178 String pkgName = intent.getData().getEncodedSchemeSpecificPart(); 179 handleProxyAppPackageUpdate(pkgName, action); 180 break; 181 } 182 } 183 }, UserHandle.ALL, intentFilter, null, mHandler); 184 } 185 handleProxyAppPackageUpdate(String pkgName, String action)186 private void handleProxyAppPackageUpdate(String pkgName, String action) { 187 final ProxyAppState proxyAppState = mProxyAppsState.get(pkgName); 188 if (proxyAppState == null) { 189 return; // ignore, pkgName is not one of the proxy apps in our list. 190 } 191 192 if (DEBUG) Log.d(TAG, "Proxy app " + pkgName + " package changed: " + action); 193 final boolean updatedLocationPermission = shouldEnableLocationPermissionInGnssHal(pkgName); 194 if (proxyAppState.mHasLocationPermission != updatedLocationPermission) { 195 // Permission changed. So, update the GNSS HAL with the updated list. 196 Log.i(TAG, "Proxy app " + pkgName + " location permission changed." 197 + " IsLocationPermissionEnabled: " + updatedLocationPermission); 198 proxyAppState.mHasLocationPermission = updatedLocationPermission; 199 updateNfwLocationAccessProxyAppsInGnssHal(); 200 } 201 } 202 handleUpdateProxyApps(List<String> nfwLocationAccessProxyApps)203 private void handleUpdateProxyApps(List<String> nfwLocationAccessProxyApps) { 204 if (!isProxyAppListUpdated(nfwLocationAccessProxyApps)) { 205 return; 206 } 207 208 if (nfwLocationAccessProxyApps.isEmpty()) { 209 // Stop listening for app permission changes. Clear the app list in GNSS HAL. 210 if (!mProxyAppsState.isEmpty()) { 211 mPackageManager.removeOnPermissionsChangeListener(mOnPermissionsChangedListener); 212 resetProxyAppsState(); 213 updateNfwLocationAccessProxyAppsInGnssHal(); 214 } 215 return; 216 } 217 218 if (mProxyAppsState.isEmpty()) { 219 mPackageManager.addOnPermissionsChangeListener(mOnPermissionsChangedListener); 220 } else { 221 resetProxyAppsState(); 222 } 223 224 for (String proxyAppPkgName : nfwLocationAccessProxyApps) { 225 ProxyAppState proxyAppState = new ProxyAppState(shouldEnableLocationPermissionInGnssHal( 226 proxyAppPkgName)); 227 mProxyAppsState.put(proxyAppPkgName, proxyAppState); 228 } 229 230 updateNfwLocationAccessProxyAppsInGnssHal(); 231 } 232 resetProxyAppsState()233 private void resetProxyAppsState() { 234 // Clear location icons displayed. 235 for (Map.Entry<String, ProxyAppState> entry : mProxyAppsState.entrySet()) { 236 ProxyAppState proxyAppState = entry.getValue(); 237 if (!proxyAppState.mIsLocationIconOn) { 238 continue; 239 } 240 241 mHandler.removeCallbacksAndMessages(proxyAppState); 242 final ApplicationInfo proxyAppInfo = getProxyAppInfo(entry.getKey()); 243 if (proxyAppInfo != null) { 244 clearLocationIcon(proxyAppState, proxyAppInfo.uid, entry.getKey()); 245 } 246 } 247 mProxyAppsState.clear(); 248 } 249 isProxyAppListUpdated(List<String> nfwLocationAccessProxyApps)250 private boolean isProxyAppListUpdated(List<String> nfwLocationAccessProxyApps) { 251 if (nfwLocationAccessProxyApps.size() != mProxyAppsState.size()) { 252 return true; 253 } 254 255 for (String nfwLocationAccessProxyApp : nfwLocationAccessProxyApps) { 256 if (!mProxyAppsState.containsKey(nfwLocationAccessProxyApp)) { 257 return true; 258 } 259 } 260 return false; 261 } 262 handleGpsEnabledChanged(boolean isGpsEnabled)263 private void handleGpsEnabledChanged(boolean isGpsEnabled) { 264 if (DEBUG) { 265 Log.d(TAG, "handleGpsEnabledChanged, mIsGpsEnabled: " + mIsGpsEnabled 266 + ", isGpsEnabled: " + isGpsEnabled); 267 } 268 269 // The proxy app list in the GNSS HAL needs to be configured if it restarts after 270 // a crash. So, update HAL irrespective of the previous GPS enabled state. 271 mIsGpsEnabled = isGpsEnabled; 272 if (!mIsGpsEnabled) { 273 disableNfwLocationAccess(); 274 return; 275 } 276 277 setNfwLocationAccessProxyAppsInGnssHal(getLocationPermissionEnabledProxyApps()); 278 } 279 disableNfwLocationAccess()280 private void disableNfwLocationAccess() { 281 setNfwLocationAccessProxyAppsInGnssHal(NO_LOCATION_ENABLED_PROXY_APPS); 282 } 283 284 // Represents NfwNotification structure in IGnssVisibilityControlCallback.hal 285 private static class NfwNotification { 286 // These must match with NfwResponseType enum in IGnssVisibilityControlCallback.hal. 287 private static final byte NFW_RESPONSE_TYPE_REJECTED = 0; 288 private static final byte NFW_RESPONSE_TYPE_ACCEPTED_NO_LOCATION_PROVIDED = 1; 289 private static final byte NFW_RESPONSE_TYPE_ACCEPTED_LOCATION_PROVIDED = 2; 290 291 private final String mProxyAppPackageName; 292 private final byte mProtocolStack; 293 private final String mOtherProtocolStackName; 294 private final byte mRequestor; 295 private final String mRequestorId; 296 private final byte mResponseType; 297 private final boolean mInEmergencyMode; 298 private final boolean mIsCachedLocation; 299 NfwNotification(String proxyAppPackageName, byte protocolStack, String otherProtocolStackName, byte requestor, String requestorId, byte responseType, boolean inEmergencyMode, boolean isCachedLocation)300 private NfwNotification(String proxyAppPackageName, byte protocolStack, 301 String otherProtocolStackName, byte requestor, String requestorId, 302 byte responseType, boolean inEmergencyMode, boolean isCachedLocation) { 303 mProxyAppPackageName = proxyAppPackageName; 304 mProtocolStack = protocolStack; 305 mOtherProtocolStackName = otherProtocolStackName; 306 mRequestor = requestor; 307 mRequestorId = requestorId; 308 mResponseType = responseType; 309 mInEmergencyMode = inEmergencyMode; 310 mIsCachedLocation = isCachedLocation; 311 } 312 313 @SuppressLint("DefaultLocale") toString()314 public String toString() { 315 return String.format( 316 "{proxyAppPackageName: %s, protocolStack: %d, otherProtocolStackName: %s, " 317 + "requestor: %d, requestorId: %s, responseType: %s, inEmergencyMode:" 318 + " %b, isCachedLocation: %b}", 319 mProxyAppPackageName, mProtocolStack, mOtherProtocolStackName, mRequestor, 320 mRequestorId, getResponseTypeAsString(), mInEmergencyMode, mIsCachedLocation); 321 } 322 getResponseTypeAsString()323 private String getResponseTypeAsString() { 324 switch (mResponseType) { 325 case NFW_RESPONSE_TYPE_REJECTED: 326 return "REJECTED"; 327 case NFW_RESPONSE_TYPE_ACCEPTED_NO_LOCATION_PROVIDED: 328 return "ACCEPTED_NO_LOCATION_PROVIDED"; 329 case NFW_RESPONSE_TYPE_ACCEPTED_LOCATION_PROVIDED: 330 return "ACCEPTED_LOCATION_PROVIDED"; 331 default: 332 return "<Unknown>"; 333 } 334 } 335 isRequestAccepted()336 private boolean isRequestAccepted() { 337 return mResponseType != NfwNotification.NFW_RESPONSE_TYPE_REJECTED; 338 } 339 isLocationProvided()340 private boolean isLocationProvided() { 341 return mResponseType == NfwNotification.NFW_RESPONSE_TYPE_ACCEPTED_LOCATION_PROVIDED; 342 } 343 isRequestAttributedToProxyApp()344 private boolean isRequestAttributedToProxyApp() { 345 return !TextUtils.isEmpty(mProxyAppPackageName); 346 } 347 isEmergencyRequestNotification()348 private boolean isEmergencyRequestNotification() { 349 return mInEmergencyMode && !isRequestAttributedToProxyApp(); 350 } 351 } 352 handlePermissionsChanged(int uid)353 private void handlePermissionsChanged(int uid) { 354 if (mProxyAppsState.isEmpty()) { 355 return; 356 } 357 358 for (Map.Entry<String, ProxyAppState> entry : mProxyAppsState.entrySet()) { 359 final String proxyAppPkgName = entry.getKey(); 360 final ApplicationInfo proxyAppInfo = getProxyAppInfo(proxyAppPkgName); 361 if (proxyAppInfo == null || proxyAppInfo.uid != uid) { 362 continue; 363 } 364 365 final boolean isLocationPermissionEnabled = shouldEnableLocationPermissionInGnssHal( 366 proxyAppPkgName); 367 ProxyAppState proxyAppState = entry.getValue(); 368 if (isLocationPermissionEnabled != proxyAppState.mHasLocationPermission) { 369 Log.i(TAG, "Proxy app " + proxyAppPkgName + " location permission changed." 370 + " IsLocationPermissionEnabled: " + isLocationPermissionEnabled); 371 proxyAppState.mHasLocationPermission = isLocationPermissionEnabled; 372 updateNfwLocationAccessProxyAppsInGnssHal(); 373 } 374 return; 375 } 376 } 377 getProxyAppInfo(String proxyAppPkgName)378 private ApplicationInfo getProxyAppInfo(String proxyAppPkgName) { 379 try { 380 return mPackageManager.getApplicationInfo(proxyAppPkgName, 0); 381 } catch (PackageManager.NameNotFoundException e) { 382 if (DEBUG) Log.d(TAG, "Proxy app " + proxyAppPkgName + " is not found."); 383 return null; 384 } 385 } 386 shouldEnableLocationPermissionInGnssHal(String proxyAppPkgName)387 private boolean shouldEnableLocationPermissionInGnssHal(String proxyAppPkgName) { 388 return isProxyAppInstalled(proxyAppPkgName) && hasLocationPermission(proxyAppPkgName); 389 } 390 isProxyAppInstalled(String pkgName)391 private boolean isProxyAppInstalled(String pkgName) { 392 ApplicationInfo proxyAppInfo = getProxyAppInfo(pkgName); 393 return (proxyAppInfo != null) && proxyAppInfo.enabled; 394 } 395 hasLocationPermission(String pkgName)396 private boolean hasLocationPermission(String pkgName) { 397 return mPackageManager.checkPermission(LOCATION_PERMISSION_NAME, pkgName) 398 == PackageManager.PERMISSION_GRANTED; 399 } 400 updateNfwLocationAccessProxyAppsInGnssHal()401 private void updateNfwLocationAccessProxyAppsInGnssHal() { 402 if (!mIsGpsEnabled) { 403 return; // Keep non-framework location access disabled. 404 } 405 setNfwLocationAccessProxyAppsInGnssHal(getLocationPermissionEnabledProxyApps()); 406 } 407 setNfwLocationAccessProxyAppsInGnssHal( String[] locationPermissionEnabledProxyApps)408 private void setNfwLocationAccessProxyAppsInGnssHal( 409 String[] locationPermissionEnabledProxyApps) { 410 final String proxyAppsStr = Arrays.toString(locationPermissionEnabledProxyApps); 411 Log.i(TAG, "Updating non-framework location access proxy apps in the GNSS HAL to: " 412 + proxyAppsStr); 413 boolean result = native_enable_nfw_location_access(locationPermissionEnabledProxyApps); 414 if (!result) { 415 Log.e(TAG, "Failed to update non-framework location access proxy apps in the" 416 + " GNSS HAL to: " + proxyAppsStr); 417 } 418 } 419 getLocationPermissionEnabledProxyApps()420 private String[] getLocationPermissionEnabledProxyApps() { 421 // Get a count of proxy apps with location permission enabled for array creation size. 422 int countLocationPermissionEnabledProxyApps = 0; 423 for (ProxyAppState proxyAppState : mProxyAppsState.values()) { 424 if (proxyAppState.mHasLocationPermission) { 425 ++countLocationPermissionEnabledProxyApps; 426 } 427 } 428 429 int i = 0; 430 String[] locationPermissionEnabledProxyApps = 431 new String[countLocationPermissionEnabledProxyApps]; 432 for (Map.Entry<String, ProxyAppState> entry : mProxyAppsState.entrySet()) { 433 final String proxyApp = entry.getKey(); 434 if (entry.getValue().mHasLocationPermission) { 435 locationPermissionEnabledProxyApps[i++] = proxyApp; 436 } 437 } 438 return locationPermissionEnabledProxyApps; 439 } 440 handleNfwNotification(NfwNotification nfwNotification)441 private void handleNfwNotification(NfwNotification nfwNotification) { 442 if (DEBUG) Log.d(TAG, "Non-framework location access notification: " + nfwNotification); 443 444 if (nfwNotification.isEmergencyRequestNotification()) { 445 handleEmergencyNfwNotification(nfwNotification); 446 return; 447 } 448 449 final String proxyAppPkgName = nfwNotification.mProxyAppPackageName; 450 final ProxyAppState proxyAppState = mProxyAppsState.get(proxyAppPkgName); 451 final boolean isLocationRequestAccepted = nfwNotification.isRequestAccepted(); 452 final boolean isPermissionMismatched = isPermissionMismatched(proxyAppState, 453 nfwNotification); 454 logEvent(nfwNotification, isPermissionMismatched); 455 456 if (!nfwNotification.isRequestAttributedToProxyApp()) { 457 // Handle cases where GNSS HAL implementation correctly rejected NFW location request. 458 // 1. GNSS HAL implementation doesn't provide location to any NFW location use cases. 459 // There is no Location Attribution App configured in the framework. 460 // 2. GNSS HAL implementation doesn't provide location to some NFW location use cases. 461 // Location Attribution Apps are configured only for the supported NFW location 462 // use cases. All other use cases which are not supported (and always rejected) by 463 // the GNSS HAL implementation will have proxyAppPackageName set to empty string. 464 if (!isLocationRequestAccepted) { 465 if (DEBUG) { 466 Log.d(TAG, "Non-framework location request rejected. ProxyAppPackageName field" 467 + " is not set in the notification: " + nfwNotification + ". Number of" 468 + " configured proxy apps: " + mProxyAppsState.size()); 469 } 470 return; 471 } 472 473 Log.e(TAG, "ProxyAppPackageName field is not set. AppOps service not notified" 474 + " for notification: " + nfwNotification); 475 return; 476 } 477 478 if (proxyAppState == null) { 479 Log.w(TAG, "Could not find proxy app " + proxyAppPkgName + " in the value specified for" 480 + " config parameter: " + GnssConfiguration.CONFIG_NFW_PROXY_APPS 481 + ". AppOps service not notified for notification: " + nfwNotification); 482 return; 483 } 484 485 // Display location icon attributed to this proxy app. 486 final ApplicationInfo proxyAppInfo = getProxyAppInfo(proxyAppPkgName); 487 if (proxyAppInfo == null) { 488 Log.e(TAG, "Proxy app " + proxyAppPkgName + " is not found. AppOps service not " 489 + "notified for notification: " + nfwNotification); 490 return; 491 } 492 493 if (nfwNotification.isLocationProvided()) { 494 showLocationIcon(proxyAppState, nfwNotification, proxyAppInfo.uid, proxyAppPkgName); 495 mAppOps.noteOpNoThrow(AppOpsManager.OP_FINE_LOCATION, proxyAppInfo.uid, 496 proxyAppPkgName); 497 } 498 499 // Log proxy app permission mismatch between framework and GNSS HAL. 500 if (isPermissionMismatched) { 501 Log.w(TAG, "Permission mismatch. Proxy app " + proxyAppPkgName 502 + " location permission is set to " + proxyAppState.mHasLocationPermission 503 + " and GNSS HAL enabled is set to " + mIsGpsEnabled 504 + " but GNSS non-framework location access response type is " 505 + nfwNotification.getResponseTypeAsString() + " for notification: " 506 + nfwNotification); 507 } 508 } 509 isPermissionMismatched(ProxyAppState proxyAppState, NfwNotification nfwNotification)510 private boolean isPermissionMismatched(ProxyAppState proxyAppState, 511 NfwNotification nfwNotification) { 512 // Non-framework non-emergency location requests must be accepted only when IGnss.hal 513 // is enabled and the proxy app has location permission. 514 final boolean isLocationRequestAccepted = nfwNotification.isRequestAccepted(); 515 return (proxyAppState == null || !mIsGpsEnabled) ? isLocationRequestAccepted 516 : (proxyAppState.mHasLocationPermission != isLocationRequestAccepted); 517 } 518 showLocationIcon(ProxyAppState proxyAppState, NfwNotification nfwNotification, int uid, String proxyAppPkgName)519 private void showLocationIcon(ProxyAppState proxyAppState, NfwNotification nfwNotification, 520 int uid, String proxyAppPkgName) { 521 // If we receive a new NfwNotification before the location icon is turned off for the 522 // previous notification, update the timer to extend the location icon display duration. 523 final boolean isLocationIconOn = proxyAppState.mIsLocationIconOn; 524 if (!isLocationIconOn) { 525 if (!updateLocationIcon(/* displayLocationIcon = */ true, uid, proxyAppPkgName)) { 526 Log.w(TAG, "Failed to show Location icon for notification: " + nfwNotification); 527 return; 528 } 529 proxyAppState.mIsLocationIconOn = true; 530 } else { 531 // Extend timer by canceling the current one and starting a new one. 532 mHandler.removeCallbacksAndMessages(proxyAppState); 533 } 534 535 // Start timer to turn off location icon. proxyAppState is used as a token to cancel timer. 536 if (DEBUG) { 537 Log.d(TAG, "Location icon on. " + (isLocationIconOn ? "Extending" : "Setting") 538 + " icon display timer. Uid: " + uid + ", proxyAppPkgName: " + proxyAppPkgName); 539 } 540 if (!mHandler.postDelayed(() -> handleLocationIconTimeout(proxyAppPkgName), 541 /* token = */ proxyAppState, LOCATION_ICON_DISPLAY_DURATION_MILLIS)) { 542 clearLocationIcon(proxyAppState, uid, proxyAppPkgName); 543 Log.w(TAG, "Failed to show location icon for the full duration for notification: " 544 + nfwNotification); 545 } 546 } 547 handleLocationIconTimeout(String proxyAppPkgName)548 private void handleLocationIconTimeout(String proxyAppPkgName) { 549 // Get uid again instead of using the one provided in startOp() call as the app could have 550 // been uninstalled and reinstalled during the timeout duration (unlikely in real world). 551 final ApplicationInfo proxyAppInfo = getProxyAppInfo(proxyAppPkgName); 552 if (proxyAppInfo != null) { 553 clearLocationIcon(mProxyAppsState.get(proxyAppPkgName), proxyAppInfo.uid, 554 proxyAppPkgName); 555 } 556 } 557 clearLocationIcon(@ullable ProxyAppState proxyAppState, int uid, String proxyAppPkgName)558 private void clearLocationIcon(@Nullable ProxyAppState proxyAppState, int uid, 559 String proxyAppPkgName) { 560 updateLocationIcon(/* displayLocationIcon = */ false, uid, proxyAppPkgName); 561 if (proxyAppState != null) proxyAppState.mIsLocationIconOn = false; 562 if (DEBUG) { 563 Log.d(TAG, "Location icon off. Uid: " + uid + ", proxyAppPkgName: " + proxyAppPkgName); 564 } 565 } 566 updateLocationIcon(boolean displayLocationIcon, int uid, String proxyAppPkgName)567 private boolean updateLocationIcon(boolean displayLocationIcon, int uid, 568 String proxyAppPkgName) { 569 if (displayLocationIcon) { 570 // Need two calls to startOp() here with different op code so that the proxy app shows 571 // up in the recent location requests page and also the location icon gets displayed. 572 if (mAppOps.startOpNoThrow(AppOpsManager.OP_MONITOR_LOCATION, uid, 573 proxyAppPkgName) != AppOpsManager.MODE_ALLOWED) { 574 return false; 575 } 576 if (mAppOps.startOpNoThrow(AppOpsManager.OP_MONITOR_HIGH_POWER_LOCATION, uid, 577 proxyAppPkgName) != AppOpsManager.MODE_ALLOWED) { 578 mAppOps.finishOp(AppOpsManager.OP_MONITOR_LOCATION, uid, proxyAppPkgName); 579 return false; 580 } 581 } else { 582 mAppOps.finishOp(AppOpsManager.OP_MONITOR_LOCATION, uid, proxyAppPkgName); 583 mAppOps.finishOp(AppOpsManager.OP_MONITOR_HIGH_POWER_LOCATION, uid, proxyAppPkgName); 584 } 585 sendHighPowerMonitoringBroadcast(); 586 return true; 587 } 588 sendHighPowerMonitoringBroadcast()589 private void sendHighPowerMonitoringBroadcast() { 590 // Send an intent to notify that a high power request has been added/removed so that 591 // the SystemUi checks the state of AppOps and updates the location icon accordingly. 592 Intent intent = new Intent(LocationManager.HIGH_POWER_REQUEST_CHANGE_ACTION); 593 mContext.sendBroadcastAsUser(intent, UserHandle.ALL); 594 } 595 handleEmergencyNfwNotification(NfwNotification nfwNotification)596 private void handleEmergencyNfwNotification(NfwNotification nfwNotification) { 597 boolean isPermissionMismatched = false; 598 if (!nfwNotification.isRequestAccepted()) { 599 Log.e(TAG, "Emergency non-framework location request incorrectly rejected." 600 + " Notification: " + nfwNotification); 601 isPermissionMismatched = true; 602 } 603 604 if (!mNiHandler.getInEmergency()) { 605 Log.w(TAG, "Emergency state mismatch. Device currently not in user initiated emergency" 606 + " session. Notification: " + nfwNotification); 607 isPermissionMismatched = true; 608 } 609 610 logEvent(nfwNotification, isPermissionMismatched); 611 612 if (nfwNotification.isLocationProvided()) { 613 postEmergencyLocationUserNotification(nfwNotification); 614 } 615 } 616 postEmergencyLocationUserNotification(NfwNotification nfwNotification)617 private void postEmergencyLocationUserNotification(NfwNotification nfwNotification) { 618 // Emulate deprecated IGnssNi.hal user notification of emergency NI requests. 619 NotificationManager notificationManager = (NotificationManager) mContext 620 .getSystemService(Context.NOTIFICATION_SERVICE); 621 if (notificationManager == null) { 622 Log.w(TAG, "Could not notify user of emergency location request. Notification: " 623 + nfwNotification); 624 return; 625 } 626 627 notificationManager.notifyAsUser(/* tag= */ null, /* notificationId= */ 0, 628 createEmergencyLocationUserNotification(mContext), UserHandle.ALL); 629 } 630 createEmergencyLocationUserNotification(Context context)631 private static Notification createEmergencyLocationUserNotification(Context context) { 632 // NOTE: Do not reuse the returned notification object as it will not reflect 633 // changes to notification text when the system language is changed. 634 final String firstLineText = context.getString(R.string.gpsNotifTitle); 635 final String secondLineText = context.getString(R.string.global_action_emergency); 636 final String accessibilityServicesText = firstLineText + " (" + secondLineText + ")"; 637 return new Notification.Builder(context, SystemNotificationChannels.NETWORK_ALERTS) 638 .setSmallIcon(com.android.internal.R.drawable.stat_sys_gps_on) 639 .setWhen(0) 640 .setOngoing(true) 641 .setAutoCancel(true) 642 .setColor(context.getColor( 643 com.android.internal.R.color.system_notification_accent_color)) 644 .setDefaults(0) 645 .setTicker(accessibilityServicesText) 646 .setContentTitle(firstLineText) 647 .setContentText(secondLineText) 648 .setContentIntent(PendingIntent.getBroadcast(context, 0, new Intent(), 0)) 649 .build(); 650 } 651 logEvent(NfwNotification notification, boolean isPermissionMismatched)652 private void logEvent(NfwNotification notification, boolean isPermissionMismatched) { 653 StatsLog.write(StatsLog.GNSS_NFW_NOTIFICATION_REPORTED, 654 notification.mProxyAppPackageName, 655 notification.mProtocolStack, 656 notification.mOtherProtocolStackName, 657 notification.mRequestor, 658 notification.mRequestorId, 659 notification.mResponseType, 660 notification.mInEmergencyMode, 661 notification.mIsCachedLocation, 662 isPermissionMismatched); 663 } 664 runOnHandler(Runnable event)665 private void runOnHandler(Runnable event) { 666 // Hold a wake lock until this message is delivered. 667 // Note that this assumes the message will not be removed from the queue before 668 // it is handled (otherwise the wake lock would be leaked). 669 mWakeLock.acquire(WAKELOCK_TIMEOUT_MILLIS); 670 if (!mHandler.post(runEventAndReleaseWakeLock(event))) { 671 mWakeLock.release(); 672 } 673 } 674 runEventAndReleaseWakeLock(Runnable event)675 private Runnable runEventAndReleaseWakeLock(Runnable event) { 676 return () -> { 677 try { 678 event.run(); 679 } finally { 680 mWakeLock.release(); 681 } 682 }; 683 } 684 685 private native boolean native_enable_nfw_location_access(String[] proxyApps); 686 } 687