1 /* 2 * Copyright (C) 2022 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.app; 18 19 import static android.app.AppOpsManager.MODE_ALLOWED; 20 import static android.app.AppOpsManager.MODE_DEFAULT; 21 import static android.app.AppOpsManager.MODE_FOREGROUND; 22 import static android.app.AppOpsManager.MODE_IGNORED; 23 import static android.content.pm.PackageManager.PERMISSION_DENIED; 24 import static android.content.pm.PackageManager.PERMISSION_GRANTED; 25 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_CAMERA; 26 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_CONNECTED_DEVICE; 27 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_DATA_SYNC; 28 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_FILE_MANAGEMENT; 29 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_HEALTH; 30 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_LOCATION; 31 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_MANIFEST; 32 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_MEDIA_PLAYBACK; 33 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_MEDIA_PROCESSING; 34 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_MEDIA_PROJECTION; 35 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_MICROPHONE; 36 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_NONE; 37 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_PHONE_CALL; 38 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_REMOTE_MESSAGING; 39 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_SHORT_SERVICE; 40 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_SPECIAL_USE; 41 import static android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED; 42 import static android.permission.PermissionCheckerManager.PERMISSION_HARD_DENIED; 43 import static android.permission.PermissionCheckerManager.PERMISSION_SOFT_DENIED; 44 45 import android.Manifest; 46 import android.annotation.IntDef; 47 import android.annotation.NonNull; 48 import android.annotation.Nullable; 49 import android.annotation.SuppressLint; 50 import android.app.compat.CompatChanges; 51 import android.app.role.RoleManager; 52 import android.compat.Compatibility; 53 import android.compat.annotation.ChangeId; 54 import android.compat.annotation.Disabled; 55 import android.compat.annotation.EnabledAfter; 56 import android.compat.annotation.Overridable; 57 import android.content.Context; 58 import android.content.PermissionChecker; 59 import android.content.pm.PackageManager; 60 import android.content.pm.ServiceInfo; 61 import android.content.pm.ServiceInfo.ForegroundServiceType; 62 import android.hardware.usb.UsbAccessory; 63 import android.hardware.usb.UsbDevice; 64 import android.hardware.usb.UsbManager; 65 import android.os.RemoteException; 66 import android.os.ServiceManager; 67 import android.os.UserHandle; 68 import android.permission.PermissionCheckerManager; 69 import android.provider.DeviceConfig; 70 import android.text.TextUtils; 71 import android.util.ArrayMap; 72 import android.util.ArraySet; 73 import android.util.SparseArray; 74 75 import com.android.internal.annotations.GuardedBy; 76 import com.android.internal.compat.CompatibilityChangeConfig; 77 import com.android.internal.compat.IPlatformCompat; 78 import com.android.internal.util.ArrayUtils; 79 80 import java.lang.annotation.Retention; 81 import java.lang.annotation.RetentionPolicy; 82 import java.util.ArrayList; 83 import java.util.HashMap; 84 import java.util.List; 85 import java.util.Optional; 86 87 /** 88 * This class enforces the policies around the foreground service types. 89 * 90 * @hide 91 */ 92 public abstract class ForegroundServiceTypePolicy { 93 static final String TAG = "ForegroundServiceTypePolicy"; 94 static final boolean DEBUG_FOREGROUND_SERVICE_TYPE_POLICY = false; 95 96 /** 97 * The FGS type enforcement: 98 * deprecating the {@link android.content.pm.ServiceInfo#FOREGROUND_SERVICE_TYPE_NONE}. 99 * 100 * <p>Starting a FGS with this type (equivalent of no type) from apps with 101 * targetSdkVersion {@link android.os.Build.VERSION_CODES#UPSIDE_DOWN_CAKE} or later will 102 * result in a warning in the log.</p> 103 * 104 * @hide 105 */ 106 @ChangeId 107 @EnabledAfter(targetSdkVersion = android.os.Build.VERSION_CODES.TIRAMISU) 108 @Overridable 109 public static final long FGS_TYPE_NONE_DEPRECATION_CHANGE_ID = 255042465L; 110 111 /** 112 * The FGS type enforcement: 113 * disabling the {@link android.content.pm.ServiceInfo#FOREGROUND_SERVICE_TYPE_NONE}. 114 * 115 * <p>Starting a FGS with this type (equivalent of no type) from apps with 116 * targetSdkVersion {@link android.os.Build.VERSION_CODES#UPSIDE_DOWN_CAKE} or later will 117 * result in an exception.</p> 118 * 119 * @hide 120 */ 121 @ChangeId 122 @EnabledAfter(targetSdkVersion = android.os.Build.VERSION_CODES.TIRAMISU) 123 @Overridable 124 public static final long FGS_TYPE_NONE_DISABLED_CHANGE_ID = 255038118L; 125 126 /** 127 * The FGS type enforcement: 128 * deprecating the {@link android.content.pm.ServiceInfo#FOREGROUND_SERVICE_TYPE_DATA_SYNC}. 129 * 130 * @hide 131 */ 132 @ChangeId 133 @Disabled 134 @Overridable 135 public static final long FGS_TYPE_DATA_SYNC_DEPRECATION_CHANGE_ID = 255039210L; 136 137 /** 138 * The FGS type enforcement: 139 * disabling the {@link android.content.pm.ServiceInfo#FOREGROUND_SERVICE_TYPE_DATA_SYNC}. 140 * 141 * @hide 142 */ 143 @ChangeId 144 @Disabled 145 @Overridable 146 public static final long FGS_TYPE_DATA_SYNC_DISABLED_CHANGE_ID = 255659651L; 147 148 /** 149 * The FGS type enforcement: Starting a FGS from apps with targetSdkVersion 150 * {@link android.os.Build.VERSION_CODES#UPSIDE_DOWN_CAKE} or later but without the required 151 * permissions associated with the FGS type will result in a SecurityException. 152 * 153 * @hide 154 */ 155 @ChangeId 156 @EnabledAfter(targetSdkVersion = android.os.Build.VERSION_CODES.TIRAMISU) 157 @Overridable 158 public static final long FGS_TYPE_PERMISSION_CHANGE_ID = 254662522L; 159 160 /** 161 * The prefix for the feature flags of the permission enforcement. 162 */ 163 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX = 164 "fgs_type_perm_enforcement_flag_"; 165 166 /** 167 * The feature flag of the permission enforcement for 168 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_DATA_SYNC}, 169 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 170 */ 171 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_DATA_SYNC = 172 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "data_sync"; 173 174 /** 175 * The feature flag of the permission enforcement for 176 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MEDIA_PLAYBACK}, 177 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 178 */ 179 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_MEDIA_PLAYBACK = 180 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "media_playback"; 181 182 /** 183 * The feature flag of the permission enforcement for 184 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_PHONE_CALL}, 185 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 186 */ 187 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_PHONE_CALL = 188 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "phone_call"; 189 190 /** 191 * The feature flag of the permission enforcement for 192 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_LOCATION}, 193 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 194 */ 195 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_LOCATION = 196 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "location"; 197 198 /** 199 * The feature flag of the permission enforcement for 200 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_CONNECTED_DEVICE}, 201 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 202 */ 203 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_CONNECTED_DEVICE = 204 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "connected_device"; 205 206 /** 207 * The feature flag of the permission enforcement for 208 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MEDIA_PROJECTION}, 209 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 210 */ 211 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_MEDIA_PROJECTION = 212 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "media_projection"; 213 214 /** 215 * The feature flag of the permission enforcement for 216 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_CAMERA}, 217 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 218 */ 219 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_CAMERA = 220 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "camera"; 221 222 /** 223 * The feature flag of the permission enforcement for 224 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MICROPHONE}, 225 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 226 */ 227 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_MICROPHONE = 228 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "microphone"; 229 230 /** 231 * The feature flag of the permission enforcement for 232 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_HEALTH}, 233 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 234 */ 235 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_HEALTH = 236 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "health"; 237 238 /** 239 * The feature flag of the permission enforcement for 240 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_REMOTE_MESSAGING}, 241 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 242 */ 243 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_REMOTE_MESSAGING = 244 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "remote_messaging"; 245 246 /** 247 * The feature flag of the permission enforcement for 248 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED}, 249 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 250 */ 251 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_SYSTEM_EXEMPTED = 252 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "system_exempted"; 253 254 /** 255 * The feature flag of the permission enforcement for 256 * {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_SPECIAL_USE}, 257 * in the namespace of {@link DeviceConfig#NAMESPACE_ACTIVITY_MANAGER}. 258 */ 259 private static final String FGS_TYPE_PERM_ENFORCEMENT_FLAG_SPECIAL_USE = 260 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PREFIX + "special_use"; 261 262 /** 263 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MANIFEST}. 264 * 265 * @hide 266 */ 267 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_MANIFEST = 268 new ForegroundServiceTypePolicyInfo( 269 FOREGROUND_SERVICE_TYPE_MANIFEST, 270 FGS_TYPE_NONE_DEPRECATION_CHANGE_ID, 271 FGS_TYPE_NONE_DISABLED_CHANGE_ID, 272 null /* allOfPermissions */, 273 null /* anyOfPermissions */, 274 null /* permissionEnforcementFlag */, 275 false /* permissionEnforcementFlagDefaultValue */, 276 false /* foregroundOnlyPermission */ 277 ); 278 279 /** 280 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_NONE}. 281 * 282 * @hide 283 */ 284 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_NONE = 285 new ForegroundServiceTypePolicyInfo( 286 FOREGROUND_SERVICE_TYPE_NONE, 287 FGS_TYPE_NONE_DEPRECATION_CHANGE_ID, 288 FGS_TYPE_NONE_DISABLED_CHANGE_ID, 289 null /* allOfPermissions */, 290 null /* anyOfPermissions */, 291 null /* permissionEnforcementFlag */, 292 false /* permissionEnforcementFlagDefaultValue */, 293 false /* foregroundOnlyPermission */ 294 ); 295 296 /** 297 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_DATA_SYNC}. 298 * 299 * @hide 300 */ 301 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_DATA_SYNC = 302 new ForegroundServiceTypePolicyInfo( 303 FOREGROUND_SERVICE_TYPE_DATA_SYNC, 304 FGS_TYPE_DATA_SYNC_DEPRECATION_CHANGE_ID, 305 FGS_TYPE_DATA_SYNC_DISABLED_CHANGE_ID, 306 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 307 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_DATA_SYNC) 308 }, true), 309 null /* anyOfPermissions */, 310 FGS_TYPE_PERM_ENFORCEMENT_FLAG_DATA_SYNC /* permissionEnforcementFlag */, 311 true /* permissionEnforcementFlagDefaultValue */, 312 false /* foregroundOnlyPermission */ 313 ); 314 315 /** 316 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MEDIA_PLAYBACK}. 317 * 318 * @hide 319 */ 320 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_MEDIA_PLAYBACK = 321 new ForegroundServiceTypePolicyInfo( 322 FOREGROUND_SERVICE_TYPE_MEDIA_PLAYBACK, 323 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 324 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 325 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 326 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK) 327 }, true), 328 null /* anyOfPermissions */, 329 FGS_TYPE_PERM_ENFORCEMENT_FLAG_MEDIA_PLAYBACK /* permissionEnforcementFlag */, 330 true /* permissionEnforcementFlagDefaultValue */, 331 false /* foregroundOnlyPermission */ 332 ); 333 334 /** 335 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_PHONE_CALL}. 336 * 337 * @hide 338 */ 339 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_PHONE_CALL = 340 new ForegroundServiceTypePolicyInfo( 341 FOREGROUND_SERVICE_TYPE_PHONE_CALL, 342 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 343 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 344 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 345 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_PHONE_CALL) 346 }, true), 347 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 348 new RegularPermission(Manifest.permission.MANAGE_OWN_CALLS), 349 new RolePermission(RoleManager.ROLE_DIALER) 350 }, false), 351 FGS_TYPE_PERM_ENFORCEMENT_FLAG_PHONE_CALL /* permissionEnforcementFlag */, 352 true /* permissionEnforcementFlagDefaultValue */, 353 false /* foregroundOnlyPermission */ 354 ); 355 356 /** 357 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_LOCATION}. 358 * 359 * @hide 360 */ 361 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_LOCATION = 362 new ForegroundServiceTypePolicyInfo( 363 FOREGROUND_SERVICE_TYPE_LOCATION, 364 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 365 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 366 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 367 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_LOCATION) 368 }, true), 369 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 370 new RegularPermission(Manifest.permission.ACCESS_COARSE_LOCATION), 371 new RegularPermission(Manifest.permission.ACCESS_FINE_LOCATION), 372 }, false), 373 FGS_TYPE_PERM_ENFORCEMENT_FLAG_LOCATION /* permissionEnforcementFlag */, 374 true /* permissionEnforcementFlagDefaultValue */, 375 true /* foregroundOnlyPermission */ 376 ); 377 378 /** 379 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_CONNECTED_DEVICE}. 380 * 381 * @hide 382 */ 383 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_CONNECTED_DEVICE = 384 new ForegroundServiceTypePolicyInfo( 385 FOREGROUND_SERVICE_TYPE_CONNECTED_DEVICE, 386 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 387 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 388 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 389 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE) 390 }, true), 391 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 392 new RegularPermission(Manifest.permission.BLUETOOTH_ADVERTISE), 393 new RegularPermission(Manifest.permission.BLUETOOTH_CONNECT), 394 new RegularPermission(Manifest.permission.BLUETOOTH_SCAN), 395 new RegularPermission(Manifest.permission.CHANGE_NETWORK_STATE), 396 new RegularPermission(Manifest.permission.CHANGE_WIFI_STATE), 397 new RegularPermission(Manifest.permission.CHANGE_WIFI_MULTICAST_STATE), 398 new RegularPermission(Manifest.permission.NFC), 399 new RegularPermission(Manifest.permission.TRANSMIT_IR), 400 new RegularPermission(Manifest.permission.UWB_RANGING), 401 new UsbDevicePermission(), 402 new UsbAccessoryPermission(), 403 }, false), 404 FGS_TYPE_PERM_ENFORCEMENT_FLAG_CONNECTED_DEVICE /* permissionEnforcementFlag */, 405 true /* permissionEnforcementFlagDefaultValue */, 406 false /* foregroundOnlyPermission */ 407 ); 408 409 /** 410 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MEDIA_PROJECTION}. 411 * 412 * @hide 413 */ 414 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_MEDIA_PROJECTION = 415 new ForegroundServiceTypePolicyInfo( 416 FOREGROUND_SERVICE_TYPE_MEDIA_PROJECTION, 417 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 418 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 419 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 420 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION) 421 }, true), 422 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 423 new RegularPermission(Manifest.permission.CAPTURE_VIDEO_OUTPUT), 424 new AppOpPermission(AppOpsManager.OP_PROJECT_MEDIA) 425 }, false), 426 FGS_TYPE_PERM_ENFORCEMENT_FLAG_MEDIA_PROJECTION /* permissionEnforcementFlag */, 427 true /* permissionEnforcementFlagDefaultValue */, 428 false /* foregroundOnlyPermission */ 429 ); 430 431 /** 432 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_CAMERA}. 433 * 434 * @hide 435 */ 436 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_CAMERA = 437 new ForegroundServiceTypePolicyInfo( 438 FOREGROUND_SERVICE_TYPE_CAMERA, 439 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 440 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 441 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 442 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_CAMERA) 443 }, true), 444 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 445 new RegularPermission(Manifest.permission.CAMERA), 446 new RegularPermission(Manifest.permission.SYSTEM_CAMERA), 447 }, false), 448 FGS_TYPE_PERM_ENFORCEMENT_FLAG_CAMERA /* permissionEnforcementFlag */, 449 true /* permissionEnforcementFlagDefaultValue */, 450 true /* foregroundOnlyPermission */ 451 ); 452 453 /** 454 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MICROPHONE}. 455 * 456 * @hide 457 */ 458 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_MICROPHONE = 459 new ForegroundServiceTypePolicyInfo( 460 FOREGROUND_SERVICE_TYPE_MICROPHONE, 461 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 462 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 463 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 464 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_MICROPHONE) 465 }, true), 466 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 467 new RegularPermission(Manifest.permission.CAPTURE_AUDIO_HOTWORD), 468 new RegularPermission(Manifest.permission.CAPTURE_AUDIO_OUTPUT), 469 new RegularPermission(Manifest.permission.CAPTURE_MEDIA_OUTPUT), 470 new RegularPermission(Manifest.permission.CAPTURE_TUNER_AUDIO_INPUT), 471 new RegularPermission(Manifest.permission.CAPTURE_VOICE_COMMUNICATION_OUTPUT), 472 new RegularPermission(Manifest.permission.RECORD_AUDIO), 473 }, false), 474 FGS_TYPE_PERM_ENFORCEMENT_FLAG_MICROPHONE /* permissionEnforcementFlag */, 475 true /* permissionEnforcementFlagDefaultValue */, 476 true /* foregroundOnlyPermission */ 477 ); 478 479 /** 480 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_HEALTH}. 481 * 482 * @hide 483 */ 484 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_HEALTH = 485 new ForegroundServiceTypePolicyInfo( 486 FOREGROUND_SERVICE_TYPE_HEALTH, 487 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 488 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 489 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 490 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_HEALTH) 491 }, true), 492 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 493 new RegularPermission(Manifest.permission.ACTIVITY_RECOGNITION), 494 new RegularPermission(Manifest.permission.BODY_SENSORS), 495 new RegularPermission(Manifest.permission.HIGH_SAMPLING_RATE_SENSORS), 496 }, false), 497 FGS_TYPE_PERM_ENFORCEMENT_FLAG_HEALTH /* permissionEnforcementFlag */, 498 true /* permissionEnforcementFlagDefaultValue */, 499 false /* foregroundOnlyPermission */ 500 ); 501 502 /** 503 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_REMOTE_MESSAGING}. 504 * 505 * @hide 506 */ 507 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_REMOTE_MESSAGING = 508 new ForegroundServiceTypePolicyInfo( 509 FOREGROUND_SERVICE_TYPE_REMOTE_MESSAGING, 510 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 511 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 512 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 513 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_REMOTE_MESSAGING) 514 }, true), 515 null /* anyOfPermissions */, 516 FGS_TYPE_PERM_ENFORCEMENT_FLAG_REMOTE_MESSAGING /* permissionEnforcementFlag */, 517 true /* permissionEnforcementFlagDefaultValue */, 518 false /* foregroundOnlyPermission */ 519 ); 520 521 /** 522 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED}. 523 * 524 * @hide 525 */ 526 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_SYSTEM_EXEMPTED = 527 new ForegroundServiceTypePolicyInfo( 528 FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED, 529 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 530 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 531 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 532 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_SYSTEM_EXEMPTED) 533 }, true), 534 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 535 new RegularPermission(Manifest.permission.SCHEDULE_EXACT_ALARM), 536 new RegularPermission(Manifest.permission.USE_EXACT_ALARM), 537 new AppOpPermission(AppOpsManager.OP_ACTIVATE_VPN), 538 }, false), 539 FGS_TYPE_PERM_ENFORCEMENT_FLAG_SYSTEM_EXEMPTED /* permissionEnforcementFlag */, 540 true /* permissionEnforcementFlagDefaultValue */, 541 false /* foregroundOnlyPermission */ 542 ); 543 544 /** 545 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_SHORT_SERVICE}. 546 * 547 * @hide 548 */ 549 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_SHORT_SERVICE = 550 new ForegroundServiceTypePolicyInfo( 551 FOREGROUND_SERVICE_TYPE_SHORT_SERVICE, 552 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 553 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 554 null /* allOfPermissions */, 555 null /* anyOfPermissions */, 556 null /* permissionEnforcementFlag */, 557 false /* permissionEnforcementFlagDefaultValue */, 558 false /* foregroundOnlyPermission */ 559 ); 560 561 /** 562 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_FILE_MANAGEMENT}. 563 * 564 * @hide 565 */ 566 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_FILE_MANAGEMENT = 567 new ForegroundServiceTypePolicyInfo( 568 FOREGROUND_SERVICE_TYPE_FILE_MANAGEMENT, 569 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 570 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 571 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 572 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_FILE_MANAGEMENT) 573 }, true), 574 null /* anyOfPermissions */, 575 null /* permissionEnforcementFlag */, 576 false /* permissionEnforcementFlagDefaultValue */, 577 false /* foregroundOnlyPermission */ 578 ); 579 580 /** 581 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_MEDIA_PROCESSING}. 582 * 583 * @hide 584 */ 585 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_MEDIA_PROCESSING = 586 new ForegroundServiceTypePolicyInfo( 587 FOREGROUND_SERVICE_TYPE_MEDIA_PROCESSING, 588 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 589 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 590 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 591 new RegularPermission( 592 Manifest.permission.FOREGROUND_SERVICE_MEDIA_PROCESSING) 593 }, true), 594 null /* anyOfPermissions */, 595 null /* permissionEnforcementFlag */, 596 true /* permissionEnforcementFlagDefaultValue */, 597 false /* foregroundOnlyPermission */ 598 ); 599 600 /** 601 * The policy for the {@link ServiceInfo#FOREGROUND_SERVICE_TYPE_SPECIAL_USE}. 602 * 603 * @hide 604 */ 605 public static final @NonNull ForegroundServiceTypePolicyInfo FGS_TYPE_POLICY_SPECIAL_USE = 606 new ForegroundServiceTypePolicyInfo( 607 FOREGROUND_SERVICE_TYPE_SPECIAL_USE, 608 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 609 ForegroundServiceTypePolicyInfo.INVALID_CHANGE_ID, 610 new ForegroundServiceTypePermissions(new ForegroundServiceTypePermission[] { 611 new RegularPermission(Manifest.permission.FOREGROUND_SERVICE_SPECIAL_USE) 612 }, true), 613 null /* anyOfPermissions */, 614 FGS_TYPE_PERM_ENFORCEMENT_FLAG_SPECIAL_USE /* permissionEnforcementFlag */, 615 true /* permissionEnforcementFlagDefaultValue */, 616 false /* foregroundOnlyPermission */ 617 ); 618 619 /** 620 * Foreground service policy check result code: this one is not actually being used. 621 * 622 * @hide 623 */ 624 public static final int FGS_TYPE_POLICY_CHECK_UNKNOWN = 625 AppProtoEnums.FGS_TYPE_POLICY_CHECK_UNKNOWN; 626 627 /** 628 * Foreground service policy check result code: okay to go. 629 * 630 * @hide 631 */ 632 public static final int FGS_TYPE_POLICY_CHECK_OK = 633 AppProtoEnums.FGS_TYPE_POLICY_CHECK_OK; 634 635 /** 636 * Foreground service policy check result code: this foreground service type is deprecated. 637 * 638 * @hide 639 */ 640 public static final int FGS_TYPE_POLICY_CHECK_DEPRECATED = 641 AppProtoEnums.FGS_TYPE_POLICY_CHECK_DEPRECATED; 642 643 /** 644 * Foreground service policy check result code: this foreground service type is disabled. 645 * 646 * @hide 647 */ 648 public static final int FGS_TYPE_POLICY_CHECK_DISABLED = 649 AppProtoEnums.FGS_TYPE_POLICY_CHECK_DISABLED; 650 651 /** 652 * Foreground service policy check result code: the caller doesn't have permission to start 653 * foreground service with this type, but the policy is permissive. 654 * 655 * @hide 656 */ 657 public static final int FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_PERMISSIVE = 658 AppProtoEnums.FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_PERMISSIVE; 659 660 /** 661 * Foreground service policy check result code: the caller doesn't have permission to start 662 * foreground service with this type, and the policy is enforced. 663 * 664 * @hide 665 */ 666 public static final int FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_ENFORCED = 667 AppProtoEnums.FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_ENFORCED; 668 669 /** 670 * @hide 671 */ 672 @IntDef(flag = true, prefix = { "FGS_TYPE_POLICY_CHECK_" }, value = { 673 FGS_TYPE_POLICY_CHECK_UNKNOWN, 674 FGS_TYPE_POLICY_CHECK_OK, 675 FGS_TYPE_POLICY_CHECK_DEPRECATED, 676 FGS_TYPE_POLICY_CHECK_DISABLED, 677 FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_PERMISSIVE, 678 FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_ENFORCED, 679 }) 680 @Retention(RetentionPolicy.SOURCE) 681 public @interface ForegroundServicePolicyCheckCode{} 682 683 /** 684 * Whether or not to require that app to have actual access to certain foreground only 685 * permissions before starting the foreground service. 686 * 687 * <p> 688 * Examples here are microphone, camera and fg location related permissions. 689 * When the user grants the permission, its permission state is set to "granted", 690 * but the actual capability to access these sensors, is to be evaluated according to 691 * its process state. The Android {@link android.os.Build.VERSION_CODES#R} introduced 692 * the while-in-use permission, basically the background-started FGS will not have access 693 * to these sensors. In this context, there is no legitimate reasons to start a FGS from 694 * the background with these types. This flag controls the behavior of the enforcement, 695 * when it's enabled, in the aforementioned case, the FGS start will result in 696 * a SecurityException. </p> 697 */ 698 private static final String FGS_TYPE_FG_PERM_ENFORCEMENT_FLAG = 699 "fgs_type_fg_perm_enforcement_flag"; 700 701 /** 702 * The default value to the {@link #FGS_TYPE_FG_PERM_ENFORCEMENT_FLAG}. 703 */ 704 private static final boolean DEFAULT_FGS_TYPE_FG_PERM_ENFORCEMENT_FLAG_VALUE = true; 705 706 /** 707 * @return The policy info for the given type. 708 */ 709 @NonNull getForegroundServiceTypePolicyInfo( @oregroundServiceType int type, @ForegroundServiceType int defaultToType)710 public abstract ForegroundServiceTypePolicyInfo getForegroundServiceTypePolicyInfo( 711 @ForegroundServiceType int type, @ForegroundServiceType int defaultToType); 712 713 /** 714 * Run check on the foreground service type policy for the given uid/pid 715 * 716 * @hide 717 */ 718 @ForegroundServicePolicyCheckCode checkForegroundServiceTypePolicy(@onNull Context context, @NonNull String packageName, int callerUid, int callerPid, boolean allowWhileInUse, @NonNull ForegroundServiceTypePolicyInfo policy)719 public abstract int checkForegroundServiceTypePolicy(@NonNull Context context, 720 @NonNull String packageName, int callerUid, int callerPid, boolean allowWhileInUse, 721 @NonNull ForegroundServiceTypePolicyInfo policy); 722 723 /** 724 * Run the given {@code policyFunctor} on the matching policy, if the flag is known 725 * to the policy. 726 * 727 * @hide 728 */ updatePermissionEnforcementFlagIfNecessary(@onNull String flag)729 public abstract void updatePermissionEnforcementFlagIfNecessary(@NonNull String flag); 730 731 @GuardedBy("sLock") 732 private static ForegroundServiceTypePolicy sDefaultForegroundServiceTypePolicy = null; 733 734 private static final Object sLock = new Object(); 735 736 /** 737 * Return the default policy for FGS type. 738 */ getDefaultPolicy()739 public static @NonNull ForegroundServiceTypePolicy getDefaultPolicy() { 740 synchronized (sLock) { 741 if (sDefaultForegroundServiceTypePolicy == null) { 742 sDefaultForegroundServiceTypePolicy = new DefaultForegroundServiceTypePolicy(); 743 } 744 return sDefaultForegroundServiceTypePolicy; 745 } 746 } 747 isFgsTypeFgPermissionEnforcementEnabled()748 private static boolean isFgsTypeFgPermissionEnforcementEnabled() { 749 return DeviceConfig.getBoolean(DeviceConfig.NAMESPACE_ACTIVITY_MANAGER, 750 FGS_TYPE_FG_PERM_ENFORCEMENT_FLAG, DEFAULT_FGS_TYPE_FG_PERM_ENFORCEMENT_FLAG_VALUE); 751 } 752 753 /** 754 * Constructor. 755 * 756 * @hide 757 */ ForegroundServiceTypePolicy()758 public ForegroundServiceTypePolicy() { 759 } 760 761 /** 762 * This class represents the policy for a specific FGS service type. 763 * 764 * @hide 765 */ 766 public static final class ForegroundServiceTypePolicyInfo { 767 /** 768 * The foreground service type. 769 */ 770 final @ForegroundServiceType int mType; 771 772 /** 773 * The change id to tell if this FGS type is deprecated. 774 * 775 * <p>A 0 indicates it's not deprecated.</p> 776 */ 777 final long mDeprecationChangeId; 778 779 /** 780 * The change id to tell if this FGS type is disabled. 781 * 782 * <p>A 0 indicates it's not disabled.</p> 783 */ 784 final long mDisabledChangeId; 785 786 /** 787 * The required permissions to start a foreground with this type, all of them 788 * MUST have been granted. 789 */ 790 final @Nullable ForegroundServiceTypePermissions mAllOfPermissions; 791 792 /** 793 * The required permissions to start a foreground with this type, any one of them 794 * being granted is sufficient. 795 */ 796 final @Nullable ForegroundServiceTypePermissions mAnyOfPermissions; 797 798 /** 799 * A permission enforcement flag, unlike the {@link #FGS_TYPE_PERMISSION_CHANGE_ID}, 800 * here it applies to all apps using this FGS type. 801 */ 802 final @Nullable String mPermissionEnforcementFlag; 803 804 /** 805 * The default value to {@link #mPermissionEnforcementFlag}. 806 */ 807 final boolean mPermissionEnforcementFlagDefaultValue; 808 809 /** 810 * Whether or not the permissions here are limited to foreground only. 811 * Typical examples are microphone/camera/location. 812 */ 813 final boolean mForegroundOnlyPermission; 814 815 /** 816 * A customized check for the permissions. 817 */ 818 @Nullable ForegroundServiceTypePermission mCustomPermission; 819 820 /** 821 * The value of the permission enforcement flag, will be updated by the system. 822 * If the value is {@code false}, the FGS permission check will be ignored. 823 * 824 * <p>This value could be updated via the DeviceConfig flag specified 825 * in the {@link #mPermissionEnforcementFlag}.</p> 826 */ 827 volatile boolean mPermissionEnforcementFlagValue; 828 829 /** 830 * Not a real change id, but a place holder. 831 */ 832 private static final long INVALID_CHANGE_ID = 0L; 833 834 /** 835 * @return {@code true} if the given change id is valid. 836 */ isValidChangeId(long changeId)837 private static boolean isValidChangeId(long changeId) { 838 return changeId != INVALID_CHANGE_ID; 839 } 840 841 /** 842 * Construct a new instance. 843 * 844 * @hide 845 */ ForegroundServiceTypePolicyInfo(@oregroundServiceType int type, long deprecationChangeId, long disabledChangeId, @Nullable ForegroundServiceTypePermissions allOfPermissions, @Nullable ForegroundServiceTypePermissions anyOfPermissions, @Nullable String permissionEnforcementFlag, boolean permissionEnforcementFlagDefaultValue, boolean foregroundOnlyPermission)846 public ForegroundServiceTypePolicyInfo(@ForegroundServiceType int type, 847 long deprecationChangeId, long disabledChangeId, 848 @Nullable ForegroundServiceTypePermissions allOfPermissions, 849 @Nullable ForegroundServiceTypePermissions anyOfPermissions, 850 @Nullable String permissionEnforcementFlag, 851 boolean permissionEnforcementFlagDefaultValue, 852 boolean foregroundOnlyPermission) { 853 mType = type; 854 mDeprecationChangeId = deprecationChangeId; 855 mDisabledChangeId = disabledChangeId; 856 mAllOfPermissions = allOfPermissions; 857 mAnyOfPermissions = anyOfPermissions; 858 mPermissionEnforcementFlag = permissionEnforcementFlag; 859 mPermissionEnforcementFlagDefaultValue = permissionEnforcementFlagDefaultValue; 860 mPermissionEnforcementFlagValue = permissionEnforcementFlagDefaultValue; 861 mForegroundOnlyPermission = foregroundOnlyPermission; 862 } 863 864 /** 865 * @return The foreground service type. 866 */ 867 @ForegroundServiceType getForegroundServiceType()868 public int getForegroundServiceType() { 869 return mType; 870 } 871 872 @Override toString()873 public String toString() { 874 final StringBuilder sb = toPermissionString(new StringBuilder()); 875 sb.append("type=0x"); 876 sb.append(Integer.toHexString(mType)); 877 sb.append(" deprecationChangeId="); 878 sb.append(mDeprecationChangeId); 879 sb.append(" disabledChangeId="); 880 sb.append(mDisabledChangeId); 881 sb.append(" customPermission="); 882 sb.append(mCustomPermission); 883 return sb.toString(); 884 } 885 886 /** 887 * @return The required permissions. 888 */ toPermissionString()889 public String toPermissionString() { 890 return toPermissionString(new StringBuilder()).toString(); 891 } 892 toPermissionString(StringBuilder sb)893 private StringBuilder toPermissionString(StringBuilder sb) { 894 if (mAllOfPermissions != null) { 895 sb.append("all of the permissions "); 896 sb.append(mAllOfPermissions.toString()); 897 sb.append(' '); 898 } 899 if (mAnyOfPermissions != null) { 900 sb.append("any of the permissions "); 901 sb.append(mAnyOfPermissions.toString()); 902 sb.append(' '); 903 } 904 return sb; 905 } 906 updatePermissionEnforcementFlagIfNecessary(@onNull String flagName)907 private void updatePermissionEnforcementFlagIfNecessary(@NonNull String flagName) { 908 if (mPermissionEnforcementFlag == null 909 || !TextUtils.equals(flagName, mPermissionEnforcementFlag)) { 910 return; 911 } 912 mPermissionEnforcementFlagValue = DeviceConfig.getBoolean( 913 DeviceConfig.NAMESPACE_ACTIVITY_MANAGER, 914 mPermissionEnforcementFlag, 915 mPermissionEnforcementFlagDefaultValue); 916 } 917 918 /** 919 * @hide 920 */ setCustomPermission( @ullable ForegroundServiceTypePermission customPermission)921 public void setCustomPermission( 922 @Nullable ForegroundServiceTypePermission customPermission) { 923 mCustomPermission = customPermission; 924 } 925 926 /** 927 * @return The name of the permissions which are all required. 928 * It may contain app op names. 929 * 930 * For test only. 931 */ getRequiredAllOfPermissionsForTest( @onNull Context context)932 public @NonNull Optional<String[]> getRequiredAllOfPermissionsForTest( 933 @NonNull Context context) { 934 if (mAllOfPermissions == null) { 935 return Optional.empty(); 936 } 937 return Optional.of(mAllOfPermissions.toStringArray(context)); 938 } 939 940 /** 941 * @return The name of the permissions where any of the is granted is sufficient. 942 * It may contain app op names. 943 * 944 * For test only. 945 */ getRequiredAnyOfPermissionsForTest( @onNull Context context)946 public @NonNull Optional<String[]> getRequiredAnyOfPermissionsForTest( 947 @NonNull Context context) { 948 if (mAnyOfPermissions == null) { 949 return Optional.empty(); 950 } 951 return Optional.of(mAnyOfPermissions.toStringArray(context)); 952 } 953 954 /** 955 * Whether or not this type is disabled. 956 */ 957 @SuppressLint("AndroidFrameworkRequiresPermission") isTypeDisabled(int callerUid)958 public boolean isTypeDisabled(int callerUid) { 959 return isValidChangeId(mDisabledChangeId) 960 && CompatChanges.isChangeEnabled(mDisabledChangeId, callerUid); 961 } 962 963 /** 964 * Whether or not the permissions here are limited to foreground only. 965 * Typical examples are microphone/camera/location. 966 */ hasForegroundOnlyPermission()967 public boolean hasForegroundOnlyPermission() { 968 return mForegroundOnlyPermission; 969 } 970 971 /** 972 * Override the type disabling change Id. 973 * 974 * For test only. 975 */ setTypeDisabledForTest(boolean disabled, @NonNull String packageName)976 public void setTypeDisabledForTest(boolean disabled, @NonNull String packageName) 977 throws RemoteException { 978 overrideChangeIdForTest(mDisabledChangeId, disabled, packageName); 979 } 980 981 /** 982 * clear the type disabling change Id. 983 * 984 * For test only. 985 */ clearTypeDisabledForTest(@onNull String packageName)986 public void clearTypeDisabledForTest(@NonNull String packageName) throws RemoteException { 987 clearOverrideForTest(mDisabledChangeId, packageName); 988 } 989 990 @SuppressLint("AndroidFrameworkRequiresPermission") isTypeDeprecated(int callerUid)991 boolean isTypeDeprecated(int callerUid) { 992 return isValidChangeId(mDeprecationChangeId) 993 && CompatChanges.isChangeEnabled(mDeprecationChangeId, callerUid); 994 } 995 overrideChangeIdForTest(long changeId, boolean enable, String packageName)996 private void overrideChangeIdForTest(long changeId, boolean enable, String packageName) 997 throws RemoteException { 998 if (!isValidChangeId(changeId)) { 999 return; 1000 } 1001 final ArraySet<Long> enabled = new ArraySet<>(); 1002 final ArraySet<Long> disabled = new ArraySet<>(); 1003 if (enable) { 1004 enabled.add(changeId); 1005 } else { 1006 disabled.add(changeId); 1007 } 1008 final CompatibilityChangeConfig overrides = new CompatibilityChangeConfig( 1009 new Compatibility.ChangeConfig(enabled, disabled)); 1010 IPlatformCompat platformCompat = IPlatformCompat.Stub.asInterface( 1011 ServiceManager.getService(Context.PLATFORM_COMPAT_SERVICE)); 1012 platformCompat.setOverridesForTest(overrides, packageName); 1013 } 1014 clearOverrideForTest(long changeId, @NonNull String packageName)1015 private void clearOverrideForTest(long changeId, @NonNull String packageName) 1016 throws RemoteException { 1017 IPlatformCompat platformCompat = IPlatformCompat.Stub.asInterface( 1018 ServiceManager.getService(Context.PLATFORM_COMPAT_SERVICE)); 1019 platformCompat.clearOverrideForTest(changeId, packageName); 1020 } 1021 1022 /** 1023 * For test only. 1024 * 1025 * @return The permission enforcement flag. 1026 */ getPermissionEnforcementFlagForTest()1027 public @Nullable String getPermissionEnforcementFlagForTest() { 1028 return mPermissionEnforcementFlag; 1029 } 1030 } 1031 1032 /** 1033 * This represents the set of permissions that's going to be required 1034 * for a specific service type. 1035 * 1036 * @hide 1037 */ 1038 public static class ForegroundServiceTypePermissions { 1039 /** 1040 * The set of the permissions to be required. 1041 */ 1042 final @NonNull ForegroundServiceTypePermission[] mPermissions; 1043 1044 /** 1045 * Are we requiring all of the permissions to be granted or any of them. 1046 */ 1047 final boolean mAllOf; 1048 1049 /** 1050 * Constructor. 1051 */ ForegroundServiceTypePermissions( @onNull ForegroundServiceTypePermission[] permissions, boolean allOf)1052 public ForegroundServiceTypePermissions( 1053 @NonNull ForegroundServiceTypePermission[] permissions, boolean allOf) { 1054 mPermissions = permissions; 1055 mAllOf = allOf; 1056 } 1057 1058 /** 1059 * Check the permissions. 1060 */ 1061 @PackageManager.PermissionResult checkPermissions(@onNull Context context, int callerUid, int callerPid, @NonNull String packageName, boolean allowWhileInUse)1062 public int checkPermissions(@NonNull Context context, int callerUid, int callerPid, 1063 @NonNull String packageName, boolean allowWhileInUse) { 1064 if (mAllOf) { 1065 for (ForegroundServiceTypePermission perm : mPermissions) { 1066 final int result = perm.checkPermission(context, callerUid, callerPid, 1067 packageName, allowWhileInUse); 1068 if (result != PERMISSION_GRANTED) { 1069 return PERMISSION_DENIED; 1070 } 1071 } 1072 return PERMISSION_GRANTED; 1073 } else { 1074 boolean anyOfGranted = false; 1075 for (ForegroundServiceTypePermission perm : mPermissions) { 1076 final int result = perm.checkPermission(context, callerUid, callerPid, 1077 packageName, allowWhileInUse); 1078 if (result == PERMISSION_GRANTED) { 1079 anyOfGranted = true; 1080 break; 1081 } 1082 } 1083 return anyOfGranted ? PERMISSION_GRANTED : PERMISSION_DENIED; 1084 } 1085 } 1086 1087 @Override toString()1088 public String toString() { 1089 final StringBuilder sb = new StringBuilder(); 1090 sb.append("allOf="); 1091 sb.append(mAllOf); 1092 sb.append(' '); 1093 sb.append('['); 1094 for (int i = 0; i < mPermissions.length; i++) { 1095 if (i > 0) { 1096 sb.append(", "); 1097 } 1098 sb.append(mPermissions[i].toString()); 1099 } 1100 sb.append(']'); 1101 return sb.toString(); 1102 } 1103 toStringArray(Context context)1104 @NonNull String[] toStringArray(Context context) { 1105 final ArrayList<String> list = new ArrayList<>(); 1106 for (int i = 0; i < mPermissions.length; i++) { 1107 mPermissions[i].addToList(context, list); 1108 } 1109 return list.toArray(new String[list.size()]); 1110 } 1111 } 1112 1113 /** 1114 * This represents a permission that's going to be required for a specific service type. 1115 * 1116 * @hide 1117 */ 1118 public abstract static class ForegroundServiceTypePermission { 1119 /** 1120 * The name of this permission. 1121 */ 1122 protected final @NonNull String mName; 1123 1124 /** 1125 * Constructor. 1126 */ ForegroundServiceTypePermission(@onNull String name)1127 public ForegroundServiceTypePermission(@NonNull String name) { 1128 mName = name; 1129 } 1130 1131 /** 1132 * Check if the given uid/pid/package has the access to the permission. 1133 */ 1134 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, @NonNull String packageName, boolean allowWhileInUse)1135 public abstract int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1136 @NonNull String packageName, boolean allowWhileInUse); 1137 1138 @Override toString()1139 public String toString() { 1140 return mName; 1141 } 1142 addToList(@onNull Context context, @NonNull ArrayList<String> list)1143 void addToList(@NonNull Context context, @NonNull ArrayList<String> list) { 1144 list.add(mName); 1145 } 1146 } 1147 1148 /** 1149 * This represents a regular Android permission to be required for a specific service type. 1150 */ 1151 static class RegularPermission extends ForegroundServiceTypePermission { RegularPermission(@onNull String name)1152 RegularPermission(@NonNull String name) { 1153 super(name); 1154 } 1155 1156 @Override 1157 @SuppressLint("AndroidFrameworkRequiresPermission") 1158 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1159 public int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1160 String packageName, boolean allowWhileInUse) { 1161 return checkPermission(context, mName, callerUid, callerPid, packageName, 1162 allowWhileInUse); 1163 } 1164 1165 @SuppressLint("AndroidFrameworkRequiresPermission") 1166 @PackageManager.PermissionResult checkPermission(@onNull Context context, @NonNull String name, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1167 int checkPermission(@NonNull Context context, @NonNull String name, int callerUid, 1168 int callerPid, String packageName, boolean allowWhileInUse) { 1169 @PermissionCheckerManager.PermissionResult final int result = 1170 PermissionChecker.checkPermissionForPreflight(context, name, 1171 callerPid, callerUid, packageName); 1172 if (result == PERMISSION_HARD_DENIED) { 1173 // If the user didn't grant this permission at all. 1174 return PERMISSION_DENIED; 1175 } 1176 final int opCode = AppOpsManager.permissionToOpCode(name); 1177 if (opCode == AppOpsManager.OP_NONE) { 1178 // Simple case, check if it's already granted. 1179 return result == PermissionCheckerManager.PERMISSION_GRANTED 1180 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1181 } 1182 final AppOpsManager appOpsManager = context.getSystemService(AppOpsManager.class); 1183 final int mode = appOpsManager.unsafeCheckOpRawNoThrow(opCode, callerUid, packageName); 1184 switch (mode) { 1185 case MODE_ALLOWED: 1186 // The appop is just allowed, plain and simple. 1187 return PERMISSION_GRANTED; 1188 case MODE_DEFAULT: 1189 // Follow the permission check result. 1190 return result == PermissionCheckerManager.PERMISSION_GRANTED 1191 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1192 case MODE_FOREGROUND: 1193 // If the enforcement flag is OFF, we silently allow it. Or, if it's in 1194 // the foreground only mode and we're allowing while-in-use, allow it. 1195 return !isFgsTypeFgPermissionEnforcementEnabled() || allowWhileInUse 1196 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1197 case MODE_IGNORED: 1198 // If it's soft denied with the mode "ignore", semantically it's a silent 1199 // failure and no exception should be thrown, we might not want to allow 1200 // the FGS. However, since the user has agreed with this permission 1201 // (otherwise it's going to be a hard denial), and we're allowing 1202 // while-in-use here, it's safe to allow the FGS run here. 1203 return allowWhileInUse && result == PERMISSION_SOFT_DENIED 1204 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1205 default: 1206 return PERMISSION_DENIED; 1207 } 1208 } 1209 } 1210 1211 /** 1212 * This represents an app op permission to be required for a specific service type. 1213 */ 1214 static class AppOpPermission extends ForegroundServiceTypePermission { 1215 final int mOpCode; 1216 AppOpPermission(int opCode)1217 AppOpPermission(int opCode) { 1218 super(AppOpsManager.opToPublicName(opCode)); 1219 mOpCode = opCode; 1220 } 1221 1222 @Override 1223 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1224 public int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1225 String packageName, boolean allowWhileInUse) { 1226 final AppOpsManager appOpsManager = context.getSystemService(AppOpsManager.class); 1227 final int mode = appOpsManager.unsafeCheckOpRawNoThrow(mOpCode, callerUid, packageName); 1228 return (mode == MODE_ALLOWED || (allowWhileInUse && mode == MODE_FOREGROUND)) 1229 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1230 } 1231 } 1232 1233 /** 1234 * This represents a particular role an app needs to hold for a specific service type. 1235 */ 1236 static class RolePermission extends ForegroundServiceTypePermission { 1237 final String mRole; 1238 RolePermission(@onNull String role)1239 RolePermission(@NonNull String role) { 1240 super(role); 1241 mRole = role; 1242 } 1243 1244 @Override 1245 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1246 public int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1247 String packageName, boolean allowWhileInUse) { 1248 final RoleManager rm = context.getSystemService(RoleManager.class); 1249 final List<String> holders = rm.getRoleHoldersAsUser(mRole, 1250 UserHandle.getUserHandleForUid(callerUid)); 1251 return holders != null && holders.contains(packageName) 1252 ? PERMISSION_GRANTED : PERMISSION_DENIED; 1253 } 1254 } 1255 1256 /** 1257 * This represents a special Android permission to be required for accessing usb devices. 1258 */ 1259 static class UsbDevicePermission extends ForegroundServiceTypePermission { UsbDevicePermission()1260 UsbDevicePermission() { 1261 super("USB Device"); 1262 } 1263 1264 @Override 1265 @SuppressLint("AndroidFrameworkRequiresPermission") 1266 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1267 public int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1268 String packageName, boolean allowWhileInUse) { 1269 final UsbManager usbManager = context.getSystemService(UsbManager.class); 1270 final HashMap<String, UsbDevice> devices = usbManager.getDeviceList(); 1271 if (!ArrayUtils.isEmpty(devices)) { 1272 for (UsbDevice device : devices.values()) { 1273 if (usbManager.hasPermission(device, packageName, callerPid, callerUid)) { 1274 return PERMISSION_GRANTED; 1275 } 1276 } 1277 } 1278 return PERMISSION_DENIED; 1279 } 1280 } 1281 1282 /** 1283 * This represents a special Android permission to be required for accessing usb accessories. 1284 */ 1285 static class UsbAccessoryPermission extends ForegroundServiceTypePermission { UsbAccessoryPermission()1286 UsbAccessoryPermission() { 1287 super("USB Accessory"); 1288 } 1289 1290 @Override 1291 @SuppressLint("AndroidFrameworkRequiresPermission") 1292 @PackageManager.PermissionResult checkPermission(@onNull Context context, int callerUid, int callerPid, String packageName, boolean allowWhileInUse)1293 public int checkPermission(@NonNull Context context, int callerUid, int callerPid, 1294 String packageName, boolean allowWhileInUse) { 1295 final UsbManager usbManager = context.getSystemService(UsbManager.class); 1296 final UsbAccessory[] accessories = usbManager.getAccessoryList(); 1297 if (!ArrayUtils.isEmpty(accessories)) { 1298 for (UsbAccessory accessory: accessories) { 1299 if (usbManager.hasPermission(accessory, callerPid, callerUid)) { 1300 return PERMISSION_GRANTED; 1301 } 1302 } 1303 } 1304 return PERMISSION_DENIED; 1305 } 1306 } 1307 1308 /** 1309 * The default policy for the foreground service types. 1310 * 1311 * @hide 1312 */ 1313 public static class DefaultForegroundServiceTypePolicy extends ForegroundServiceTypePolicy { 1314 private final SparseArray<ForegroundServiceTypePolicyInfo> mForegroundServiceTypePolicies = 1315 new SparseArray<>(); 1316 1317 /** 1318 * The map between permission enforcement flag to its permission policy info. 1319 */ 1320 private final ArrayMap<String, ForegroundServiceTypePolicyInfo> 1321 mPermissionEnforcementToPolicyInfoMap = new ArrayMap<>(); 1322 1323 /** 1324 * Constructor 1325 */ DefaultForegroundServiceTypePolicy()1326 public DefaultForegroundServiceTypePolicy() { 1327 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_MANIFEST, 1328 FGS_TYPE_POLICY_MANIFEST); 1329 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_NONE, 1330 FGS_TYPE_POLICY_NONE); 1331 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_DATA_SYNC, 1332 FGS_TYPE_POLICY_DATA_SYNC); 1333 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_MEDIA_PLAYBACK, 1334 FGS_TYPE_POLICY_MEDIA_PLAYBACK); 1335 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_PHONE_CALL, 1336 FGS_TYPE_POLICY_PHONE_CALL); 1337 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_LOCATION, 1338 FGS_TYPE_POLICY_LOCATION); 1339 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_CONNECTED_DEVICE, 1340 FGS_TYPE_POLICY_CONNECTED_DEVICE); 1341 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_MEDIA_PROJECTION, 1342 FGS_TYPE_POLICY_MEDIA_PROJECTION); 1343 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_CAMERA, 1344 FGS_TYPE_POLICY_CAMERA); 1345 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_MICROPHONE, 1346 FGS_TYPE_POLICY_MICROPHONE); 1347 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_HEALTH, 1348 FGS_TYPE_POLICY_HEALTH); 1349 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_REMOTE_MESSAGING, 1350 FGS_TYPE_POLICY_REMOTE_MESSAGING); 1351 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED, 1352 FGS_TYPE_POLICY_SYSTEM_EXEMPTED); 1353 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_SHORT_SERVICE, 1354 FGS_TYPE_POLICY_SHORT_SERVICE); 1355 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_MEDIA_PROCESSING, 1356 FGS_TYPE_POLICY_MEDIA_PROCESSING); 1357 // TODO (b/271950506): revisit it in the next release. 1358 // Hide the file management type for now. If anyone uses it, will default to "none". 1359 mForegroundServiceTypePolicies.put(FOREGROUND_SERVICE_TYPE_SPECIAL_USE, 1360 FGS_TYPE_POLICY_SPECIAL_USE); 1361 for (int i = 0, size = mForegroundServiceTypePolicies.size(); i < size; i++) { 1362 final ForegroundServiceTypePolicyInfo info = 1363 mForegroundServiceTypePolicies.valueAt(i); 1364 mPermissionEnforcementToPolicyInfoMap.put(info.mPermissionEnforcementFlag, info); 1365 } 1366 } 1367 1368 @Override getForegroundServiceTypePolicyInfo( @oregroundServiceType int type, @ForegroundServiceType int defaultToType)1369 public ForegroundServiceTypePolicyInfo getForegroundServiceTypePolicyInfo( 1370 @ForegroundServiceType int type, @ForegroundServiceType int defaultToType) { 1371 ForegroundServiceTypePolicyInfo info = mForegroundServiceTypePolicies.get(type); 1372 if (info == null) { 1373 // Unknown type, fallback to the defaultToType 1374 info = mForegroundServiceTypePolicies.get(defaultToType); 1375 if (info == null) { 1376 // It shouldn't happen. 1377 throw new IllegalArgumentException("Invalid default fgs type " + defaultToType); 1378 } 1379 } 1380 return info; 1381 } 1382 1383 @Override 1384 @SuppressLint("AndroidFrameworkRequiresPermission") 1385 @ForegroundServicePolicyCheckCode checkForegroundServiceTypePolicy(Context context, String packageName, int callerUid, int callerPid, boolean allowWhileInUse, @NonNull ForegroundServiceTypePolicyInfo policy)1386 public int checkForegroundServiceTypePolicy(Context context, String packageName, 1387 int callerUid, int callerPid, boolean allowWhileInUse, 1388 @NonNull ForegroundServiceTypePolicyInfo policy) { 1389 // Has this FGS type been disabled and not allowed to use anymore? 1390 if (policy.isTypeDisabled(callerUid)) { 1391 return FGS_TYPE_POLICY_CHECK_DISABLED; 1392 } 1393 int permissionResult = PERMISSION_GRANTED; 1394 // Do we have the permission to start FGS with this type. 1395 if (policy.mAllOfPermissions != null) { 1396 permissionResult = policy.mAllOfPermissions.checkPermissions(context, 1397 callerUid, callerPid, packageName, allowWhileInUse); 1398 } 1399 // If it has the "all of" permissions granted, check the "any of" ones. 1400 if (permissionResult == PERMISSION_GRANTED) { 1401 boolean checkCustomPermission = true; 1402 // Check the "any of" permissions. 1403 if (policy.mAnyOfPermissions != null) { 1404 permissionResult = policy.mAnyOfPermissions.checkPermissions(context, 1405 callerUid, callerPid, packageName, allowWhileInUse); 1406 if (permissionResult == PERMISSION_GRANTED) { 1407 // We have one of them granted, no need to check custom permissions. 1408 checkCustomPermission = false; 1409 } 1410 } 1411 // If we have a customized permission checker, also call it now. 1412 if (checkCustomPermission && policy.mCustomPermission != null) { 1413 permissionResult = policy.mCustomPermission.checkPermission(context, 1414 callerUid, callerPid, packageName, allowWhileInUse); 1415 } 1416 } 1417 if (permissionResult != PERMISSION_GRANTED) { 1418 return policy.mPermissionEnforcementFlagValue 1419 && (CompatChanges.isChangeEnabled(FGS_TYPE_PERMISSION_CHANGE_ID, callerUid)) 1420 ? FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_ENFORCED 1421 : FGS_TYPE_POLICY_CHECK_PERMISSION_DENIED_PERMISSIVE; 1422 } 1423 // Has this FGS type been deprecated? 1424 if (policy.isTypeDeprecated(callerUid)) { 1425 return FGS_TYPE_POLICY_CHECK_DEPRECATED; 1426 } 1427 return FGS_TYPE_POLICY_CHECK_OK; 1428 } 1429 1430 @Override updatePermissionEnforcementFlagIfNecessary(@onNull String flagName)1431 public void updatePermissionEnforcementFlagIfNecessary(@NonNull String flagName) { 1432 final ForegroundServiceTypePolicyInfo info = 1433 mPermissionEnforcementToPolicyInfoMap.get(flagName); 1434 if (info != null) { 1435 info.updatePermissionEnforcementFlagIfNecessary(flagName); 1436 } 1437 } 1438 } 1439 } 1440