1 /* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License 15 */ 16 17 package com.android.server.am; 18 19 import static android.Manifest.permission.INTERACT_ACROSS_USERS; 20 import static android.Manifest.permission.INTERACT_ACROSS_USERS_FULL; 21 import static android.app.ActivityManager.USER_OP_ERROR_IS_SYSTEM; 22 import static android.app.ActivityManager.USER_OP_ERROR_RELATED_USERS_CANNOT_STOP; 23 import static android.app.ActivityManager.USER_OP_IS_CURRENT; 24 import static android.app.ActivityManager.USER_OP_SUCCESS; 25 import static android.content.Context.KEYGUARD_SERVICE; 26 import static android.os.Process.SYSTEM_UID; 27 28 import static com.android.server.am.ActivityManagerDebugConfig.DEBUG_MU; 29 import static com.android.server.am.ActivityManagerDebugConfig.TAG_AM; 30 import static com.android.server.am.ActivityManagerDebugConfig.TAG_WITH_CLASS_NAME; 31 import static com.android.server.am.ActivityManagerService.ALLOW_FULL_ONLY; 32 import static com.android.server.am.ActivityManagerService.ALLOW_NON_FULL; 33 import static com.android.server.am.ActivityManagerService.ALLOW_NON_FULL_IN_PROFILE; 34 import static com.android.server.am.ActivityManagerService.MY_PID; 35 import static com.android.server.am.ActivityManagerService.REPORT_USER_SWITCH_COMPLETE_MSG; 36 import static com.android.server.am.ActivityManagerService.REPORT_USER_SWITCH_MSG; 37 import static com.android.server.am.ActivityManagerService.SYSTEM_USER_CURRENT_MSG; 38 import static com.android.server.am.ActivityManagerService.SYSTEM_USER_START_MSG; 39 import static com.android.server.am.ActivityManagerService.SYSTEM_USER_UNLOCK_MSG; 40 import static com.android.server.am.ActivityManagerService.USER_SWITCH_TIMEOUT_MSG; 41 import static com.android.server.am.UserState.STATE_BOOTING; 42 import static com.android.server.am.UserState.STATE_RUNNING_LOCKED; 43 import static com.android.server.am.UserState.STATE_RUNNING_UNLOCKED; 44 import static com.android.server.am.UserState.STATE_RUNNING_UNLOCKING; 45 46 import android.annotation.NonNull; 47 import android.annotation.UserIdInt; 48 import android.app.ActivityManager; 49 import android.app.AppOpsManager; 50 import android.app.Dialog; 51 import android.app.IStopUserCallback; 52 import android.app.IUserSwitchObserver; 53 import android.app.KeyguardManager; 54 import android.content.Context; 55 import android.content.IIntentReceiver; 56 import android.content.Intent; 57 import android.content.pm.PackageManager; 58 import android.content.pm.UserInfo; 59 import android.os.BatteryStats; 60 import android.os.Binder; 61 import android.os.Build; 62 import android.os.Bundle; 63 import android.os.Debug; 64 import android.os.Handler; 65 import android.os.IBinder; 66 import android.os.IProgressListener; 67 import android.os.IRemoteCallback; 68 import android.os.IUserManager; 69 import android.os.Process; 70 import android.os.RemoteCallbackList; 71 import android.os.RemoteException; 72 import android.os.ServiceManager; 73 import android.os.SystemClock; 74 import android.os.UserHandle; 75 import android.os.UserManager; 76 import android.os.UserManagerInternal; 77 import android.os.storage.IMountService; 78 import android.os.storage.StorageManager; 79 import android.util.IntArray; 80 import android.util.Pair; 81 import android.util.Slog; 82 import android.util.SparseArray; 83 import android.util.SparseIntArray; 84 85 import com.android.internal.R; 86 import com.android.internal.annotations.GuardedBy; 87 import com.android.internal.logging.MetricsLogger; 88 import com.android.internal.util.ArrayUtils; 89 import com.android.internal.widget.LockPatternUtils; 90 import com.android.server.LocalServices; 91 import com.android.server.pm.UserManagerService; 92 93 import java.io.PrintWriter; 94 import java.util.ArrayList; 95 import java.util.Arrays; 96 import java.util.HashSet; 97 import java.util.List; 98 import java.util.Objects; 99 import java.util.Set; 100 101 /** 102 * Helper class for {@link ActivityManagerService} responsible for multi-user functionality. 103 */ 104 final class UserController { 105 private static final String TAG = TAG_WITH_CLASS_NAME ? "UserController" : TAG_AM; 106 107 // Maximum number of users we allow to be running at a time. 108 static final int MAX_RUNNING_USERS = 3; 109 110 // Amount of time we wait for observers to handle a user switch before 111 // giving up on them and unfreezing the screen. 112 static final int USER_SWITCH_TIMEOUT = 2 * 1000; 113 114 private final ActivityManagerService mService; 115 private final Handler mHandler; 116 117 // Holds the current foreground user's id 118 private int mCurrentUserId = UserHandle.USER_SYSTEM; 119 // Holds the target user's id during a user switch 120 private int mTargetUserId = UserHandle.USER_NULL; 121 122 /** 123 * Which users have been started, so are allowed to run code. 124 */ 125 @GuardedBy("mService") 126 private final SparseArray<UserState> mStartedUsers = new SparseArray<>(); 127 128 /** 129 * LRU list of history of current users. Most recently current is at the end. 130 */ 131 private final ArrayList<Integer> mUserLru = new ArrayList<>(); 132 133 /** 134 * Constant array of the users that are currently started. 135 */ 136 private int[] mStartedUserArray = new int[] { 0 }; 137 138 // If there are multiple profiles for the current user, their ids are here 139 // Currently only the primary user can have managed profiles 140 private int[] mCurrentProfileIds = new int[] {}; 141 142 /** 143 * Mapping from each known user ID to the profile group ID it is associated with. 144 */ 145 private final SparseIntArray mUserProfileGroupIdsSelfLocked = new SparseIntArray(); 146 147 /** 148 * Registered observers of the user switching mechanics. 149 */ 150 private final RemoteCallbackList<IUserSwitchObserver> mUserSwitchObservers 151 = new RemoteCallbackList<>(); 152 153 /** 154 * Currently active user switch. 155 */ 156 Object mCurUserSwitchCallback; 157 158 private volatile UserManagerService mUserManager; 159 160 private final LockPatternUtils mLockPatternUtils; 161 162 private UserManagerInternal mUserManagerInternal; 163 UserController(ActivityManagerService service)164 UserController(ActivityManagerService service) { 165 mService = service; 166 mHandler = mService.mHandler; 167 // User 0 is the first and only user that runs at boot. 168 final UserState uss = new UserState(UserHandle.SYSTEM); 169 mStartedUsers.put(UserHandle.USER_SYSTEM, uss); 170 mUserLru.add(UserHandle.USER_SYSTEM); 171 mLockPatternUtils = new LockPatternUtils(mService.mContext); 172 updateStartedUserArrayLocked(); 173 } 174 finishUserSwitch(UserState uss)175 void finishUserSwitch(UserState uss) { 176 synchronized (mService) { 177 finishUserBoot(uss); 178 179 startProfilesLocked(); 180 stopRunningUsersLocked(MAX_RUNNING_USERS); 181 } 182 } 183 stopRunningUsersLocked(int maxRunningUsers)184 void stopRunningUsersLocked(int maxRunningUsers) { 185 int num = mUserLru.size(); 186 int i = 0; 187 while (num > maxRunningUsers && i < mUserLru.size()) { 188 Integer oldUserId = mUserLru.get(i); 189 UserState oldUss = mStartedUsers.get(oldUserId); 190 if (oldUss == null) { 191 // Shouldn't happen, but be sane if it does. 192 mUserLru.remove(i); 193 num--; 194 continue; 195 } 196 if (oldUss.state == UserState.STATE_STOPPING 197 || oldUss.state == UserState.STATE_SHUTDOWN) { 198 // This user is already stopping, doesn't count. 199 num--; 200 i++; 201 continue; 202 } 203 if (oldUserId == UserHandle.USER_SYSTEM || oldUserId == mCurrentUserId) { 204 // Owner/System user and current user can't be stopped. We count it as running 205 // when it is not a pure system user. 206 if (UserInfo.isSystemOnly(oldUserId)) { 207 num--; 208 } 209 i++; 210 continue; 211 } 212 // This is a user to be stopped. 213 if (stopUsersLocked(oldUserId, false, null) != USER_OP_SUCCESS) { 214 num--; 215 } 216 num--; 217 i++; 218 } 219 } 220 finishUserBoot(UserState uss)221 private void finishUserBoot(UserState uss) { 222 finishUserBoot(uss, null); 223 } 224 finishUserBoot(UserState uss, IIntentReceiver resultTo)225 private void finishUserBoot(UserState uss, IIntentReceiver resultTo) { 226 final int userId = uss.mHandle.getIdentifier(); 227 Slog.d(TAG, "Finishing user boot " + userId); 228 synchronized (mService) { 229 // Bail if we ended up with a stale user 230 if (mStartedUsers.get(userId) != uss) return; 231 232 // We always walk through all the user lifecycle states to send 233 // consistent developer events. We step into RUNNING_LOCKED here, 234 // but we might immediately step into RUNNING below if the user 235 // storage is already unlocked. 236 if (uss.setState(STATE_BOOTING, STATE_RUNNING_LOCKED)) { 237 getUserManagerInternal().setUserState(userId, uss.state); 238 239 int uptimeSeconds = (int)(SystemClock.elapsedRealtime() / 1000); 240 MetricsLogger.histogram(mService.mContext, "framework_locked_boot_completed", 241 uptimeSeconds); 242 243 Intent intent = new Intent(Intent.ACTION_LOCKED_BOOT_COMPLETED, null); 244 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 245 intent.addFlags(Intent.FLAG_RECEIVER_NO_ABORT 246 | Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND); 247 mService.broadcastIntentLocked(null, null, intent, null, resultTo, 0, null, null, 248 new String[] { android.Manifest.permission.RECEIVE_BOOT_COMPLETED }, 249 AppOpsManager.OP_NONE, null, true, false, MY_PID, SYSTEM_UID, userId); 250 } 251 252 // We need to delay unlocking managed profiles until the parent user 253 // is also unlocked. 254 if (getUserManager().isManagedProfile(userId)) { 255 final UserInfo parent = getUserManager().getProfileParent(userId); 256 if (parent != null 257 && isUserRunningLocked(parent.id, ActivityManager.FLAG_AND_UNLOCKED)) { 258 Slog.d(TAG, "User " + userId + " (parent " + parent.id 259 + "): attempting unlock because parent is unlocked"); 260 maybeUnlockUser(userId); 261 } else { 262 String parentId = (parent == null) ? "<null>" : String.valueOf(parent.id); 263 Slog.d(TAG, "User " + userId + " (parent " + parentId 264 + "): delaying unlock because parent is locked"); 265 } 266 } else { 267 maybeUnlockUser(userId); 268 } 269 } 270 } 271 272 /** 273 * Step from {@link UserState#STATE_RUNNING_LOCKED} to 274 * {@link UserState#STATE_RUNNING_UNLOCKING}. 275 */ finishUserUnlocking(final UserState uss)276 private void finishUserUnlocking(final UserState uss) { 277 final int userId = uss.mHandle.getIdentifier(); 278 synchronized (mService) { 279 // Bail if we ended up with a stale user 280 if (mStartedUsers.get(uss.mHandle.getIdentifier()) != uss) return; 281 282 // Only keep marching forward if user is actually unlocked 283 if (!StorageManager.isUserKeyUnlocked(userId)) return; 284 285 if (uss.setState(STATE_RUNNING_LOCKED, STATE_RUNNING_UNLOCKING)) { 286 getUserManagerInternal().setUserState(userId, uss.state); 287 uss.mUnlockProgress.start(); 288 289 // Prepare app storage before we go any further 290 uss.mUnlockProgress.setProgress(5, 291 mService.mContext.getString(R.string.android_start_title)); 292 mUserManager.onBeforeUnlockUser(userId); 293 uss.mUnlockProgress.setProgress(20); 294 295 // Dispatch unlocked to system services; when fully dispatched, 296 // that calls through to the next "unlocked" phase 297 mHandler.obtainMessage(SYSTEM_USER_UNLOCK_MSG, userId, 0, uss) 298 .sendToTarget(); 299 } 300 } 301 } 302 303 /** 304 * Step from {@link UserState#STATE_RUNNING_UNLOCKING} to 305 * {@link UserState#STATE_RUNNING_UNLOCKED}. 306 */ finishUserUnlocked(final UserState uss)307 void finishUserUnlocked(final UserState uss) { 308 final int userId = uss.mHandle.getIdentifier(); 309 synchronized (mService) { 310 // Bail if we ended up with a stale user 311 if (mStartedUsers.get(uss.mHandle.getIdentifier()) != uss) return; 312 313 // Only keep marching forward if user is actually unlocked 314 if (!StorageManager.isUserKeyUnlocked(userId)) return; 315 316 if (uss.setState(STATE_RUNNING_UNLOCKING, STATE_RUNNING_UNLOCKED)) { 317 getUserManagerInternal().setUserState(userId, uss.state); 318 uss.mUnlockProgress.finish(); 319 320 // Dispatch unlocked to external apps 321 final Intent unlockedIntent = new Intent(Intent.ACTION_USER_UNLOCKED); 322 unlockedIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 323 unlockedIntent.addFlags( 324 Intent.FLAG_RECEIVER_REGISTERED_ONLY | Intent.FLAG_RECEIVER_FOREGROUND); 325 mService.broadcastIntentLocked(null, null, unlockedIntent, null, null, 0, null, 326 null, null, AppOpsManager.OP_NONE, null, false, false, MY_PID, SYSTEM_UID, 327 userId); 328 329 if (getUserInfo(userId).isManagedProfile()) { 330 UserInfo parent = getUserManager().getProfileParent(userId); 331 if (parent != null) { 332 final Intent profileUnlockedIntent = new Intent( 333 Intent.ACTION_MANAGED_PROFILE_UNLOCKED); 334 profileUnlockedIntent.putExtra(Intent.EXTRA_USER, UserHandle.of(userId)); 335 profileUnlockedIntent.addFlags( 336 Intent.FLAG_RECEIVER_REGISTERED_ONLY 337 | Intent.FLAG_RECEIVER_FOREGROUND); 338 mService.broadcastIntentLocked(null, null, profileUnlockedIntent, 339 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 340 null, false, false, MY_PID, SYSTEM_UID, 341 parent.id); 342 } 343 } 344 345 // Send PRE_BOOT broadcasts if user fingerprint changed; we 346 // purposefully block sending BOOT_COMPLETED until after all 347 // PRE_BOOT receivers are finished to avoid ANR'ing apps 348 final UserInfo info = getUserInfo(userId); 349 if (!Objects.equals(info.lastLoggedInFingerprint, Build.FINGERPRINT)) { 350 new PreBootBroadcaster(mService, userId, null) { 351 @Override 352 public void onFinished() { 353 finishUserUnlockedCompleted(uss); 354 } 355 }.sendNext(); 356 } else { 357 finishUserUnlockedCompleted(uss); 358 } 359 } 360 } 361 } 362 finishUserUnlockedCompleted(UserState uss)363 private void finishUserUnlockedCompleted(UserState uss) { 364 final int userId = uss.mHandle.getIdentifier(); 365 synchronized (mService) { 366 // Bail if we ended up with a stale user 367 if (mStartedUsers.get(uss.mHandle.getIdentifier()) != uss) return; 368 final UserInfo userInfo = getUserInfo(userId); 369 if (userInfo == null) { 370 return; 371 } 372 373 // Only keep marching forward if user is actually unlocked 374 if (!StorageManager.isUserKeyUnlocked(userId)) return; 375 376 // Remember that we logged in 377 mUserManager.onUserLoggedIn(userId); 378 379 if (!userInfo.isInitialized()) { 380 if (userId != UserHandle.USER_SYSTEM) { 381 Slog.d(TAG, "Initializing user #" + userId); 382 Intent intent = new Intent(Intent.ACTION_USER_INITIALIZE); 383 intent.addFlags(Intent.FLAG_RECEIVER_FOREGROUND); 384 mService.broadcastIntentLocked(null, null, intent, null, 385 new IIntentReceiver.Stub() { 386 @Override 387 public void performReceive(Intent intent, int resultCode, 388 String data, Bundle extras, boolean ordered, 389 boolean sticky, int sendingUser) { 390 // Note: performReceive is called with mService lock held 391 getUserManager().makeInitialized(userInfo.id); 392 } 393 }, 0, null, null, null, AppOpsManager.OP_NONE, 394 null, true, false, MY_PID, SYSTEM_UID, userId); 395 } 396 } 397 398 Slog.d(TAG, "Sending BOOT_COMPLETE user #" + userId); 399 int uptimeSeconds = (int)(SystemClock.elapsedRealtime() / 1000); 400 MetricsLogger.histogram(mService.mContext, "framework_boot_completed", uptimeSeconds); 401 final Intent bootIntent = new Intent(Intent.ACTION_BOOT_COMPLETED, null); 402 bootIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 403 bootIntent.addFlags(Intent.FLAG_RECEIVER_NO_ABORT 404 | Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND); 405 mService.broadcastIntentLocked(null, null, bootIntent, null, null, 0, null, null, 406 new String[] { android.Manifest.permission.RECEIVE_BOOT_COMPLETED }, 407 AppOpsManager.OP_NONE, null, true, false, MY_PID, SYSTEM_UID, userId); 408 } 409 } 410 stopUser(final int userId, final boolean force, final IStopUserCallback callback)411 int stopUser(final int userId, final boolean force, final IStopUserCallback callback) { 412 if (mService.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 413 != PackageManager.PERMISSION_GRANTED) { 414 String msg = "Permission Denial: switchUser() from pid=" 415 + Binder.getCallingPid() 416 + ", uid=" + Binder.getCallingUid() 417 + " requires " + INTERACT_ACROSS_USERS_FULL; 418 Slog.w(TAG, msg); 419 throw new SecurityException(msg); 420 } 421 if (userId < 0 || userId == UserHandle.USER_SYSTEM) { 422 throw new IllegalArgumentException("Can't stop system user " + userId); 423 } 424 mService.enforceShellRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, 425 userId); 426 synchronized (mService) { 427 return stopUsersLocked(userId, force, callback); 428 } 429 } 430 431 /** 432 * Stops the user along with its related users. The method calls 433 * {@link #getUsersToStopLocked(int)} to determine the list of users that should be stopped. 434 */ stopUsersLocked(final int userId, boolean force, final IStopUserCallback callback)435 private int stopUsersLocked(final int userId, boolean force, final IStopUserCallback callback) { 436 if (userId == UserHandle.USER_SYSTEM) { 437 return USER_OP_ERROR_IS_SYSTEM; 438 } 439 if (isCurrentUserLocked(userId)) { 440 return USER_OP_IS_CURRENT; 441 } 442 int[] usersToStop = getUsersToStopLocked(userId); 443 // If one of related users is system or current, no related users should be stopped 444 for (int i = 0; i < usersToStop.length; i++) { 445 int relatedUserId = usersToStop[i]; 446 if ((UserHandle.USER_SYSTEM == relatedUserId) || isCurrentUserLocked(relatedUserId)) { 447 if (DEBUG_MU) Slog.i(TAG, "stopUsersLocked cannot stop related user " 448 + relatedUserId); 449 // We still need to stop the requested user if it's a force stop. 450 if (force) { 451 Slog.i(TAG, 452 "Force stop user " + userId + ". Related users will not be stopped"); 453 stopSingleUserLocked(userId, callback); 454 return USER_OP_SUCCESS; 455 } 456 return USER_OP_ERROR_RELATED_USERS_CANNOT_STOP; 457 } 458 } 459 if (DEBUG_MU) Slog.i(TAG, "stopUsersLocked usersToStop=" + Arrays.toString(usersToStop)); 460 for (int userIdToStop : usersToStop) { 461 stopSingleUserLocked(userIdToStop, userIdToStop == userId ? callback : null); 462 } 463 return USER_OP_SUCCESS; 464 } 465 stopSingleUserLocked(final int userId, final IStopUserCallback callback)466 private void stopSingleUserLocked(final int userId, final IStopUserCallback callback) { 467 if (DEBUG_MU) Slog.i(TAG, "stopSingleUserLocked userId=" + userId); 468 final UserState uss = mStartedUsers.get(userId); 469 if (uss == null) { 470 // User is not started, nothing to do... but we do need to 471 // callback if requested. 472 if (callback != null) { 473 mHandler.post(new Runnable() { 474 @Override 475 public void run() { 476 try { 477 callback.userStopped(userId); 478 } catch (RemoteException e) { 479 } 480 } 481 }); 482 } 483 return; 484 } 485 486 if (callback != null) { 487 uss.mStopCallbacks.add(callback); 488 } 489 490 if (uss.state != UserState.STATE_STOPPING 491 && uss.state != UserState.STATE_SHUTDOWN) { 492 uss.setState(UserState.STATE_STOPPING); 493 getUserManagerInternal().setUserState(userId, uss.state); 494 updateStartedUserArrayLocked(); 495 496 long ident = Binder.clearCallingIdentity(); 497 try { 498 // We are going to broadcast ACTION_USER_STOPPING and then 499 // once that is done send a final ACTION_SHUTDOWN and then 500 // stop the user. 501 final Intent stoppingIntent = new Intent(Intent.ACTION_USER_STOPPING); 502 stoppingIntent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); 503 stoppingIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 504 stoppingIntent.putExtra(Intent.EXTRA_SHUTDOWN_USERSPACE_ONLY, true); 505 // This is the result receiver for the initial stopping broadcast. 506 final IIntentReceiver stoppingReceiver = new IIntentReceiver.Stub() { 507 @Override 508 public void performReceive(Intent intent, int resultCode, String data, 509 Bundle extras, boolean ordered, boolean sticky, int sendingUser) { 510 mHandler.post(new Runnable() { 511 @Override 512 public void run() { 513 finishUserStopping(userId, uss); 514 } 515 }); 516 } 517 }; 518 // Clear broadcast queue for the user to avoid delivering stale broadcasts 519 mService.clearBroadcastQueueForUserLocked(userId); 520 // Kick things off. 521 mService.broadcastIntentLocked(null, null, stoppingIntent, 522 null, stoppingReceiver, 0, null, null, 523 new String[]{INTERACT_ACROSS_USERS}, AppOpsManager.OP_NONE, 524 null, true, false, MY_PID, SYSTEM_UID, UserHandle.USER_ALL); 525 } finally { 526 Binder.restoreCallingIdentity(ident); 527 } 528 } 529 } 530 finishUserStopping(final int userId, final UserState uss)531 void finishUserStopping(final int userId, final UserState uss) { 532 // On to the next. 533 final Intent shutdownIntent = new Intent(Intent.ACTION_SHUTDOWN); 534 // This is the result receiver for the final shutdown broadcast. 535 final IIntentReceiver shutdownReceiver = new IIntentReceiver.Stub() { 536 @Override 537 public void performReceive(Intent intent, int resultCode, String data, 538 Bundle extras, boolean ordered, boolean sticky, int sendingUser) { 539 mHandler.post(new Runnable() { 540 @Override 541 public void run() { 542 finishUserStopped(uss); 543 } 544 }); 545 } 546 }; 547 548 synchronized (mService) { 549 if (uss.state != UserState.STATE_STOPPING) { 550 // Whoops, we are being started back up. Abort, abort! 551 return; 552 } 553 uss.setState(UserState.STATE_SHUTDOWN); 554 } 555 getUserManagerInternal().setUserState(userId, uss.state); 556 557 mService.mBatteryStatsService.noteEvent( 558 BatteryStats.HistoryItem.EVENT_USER_RUNNING_FINISH, 559 Integer.toString(userId), userId); 560 mService.mSystemServiceManager.stopUser(userId); 561 562 synchronized (mService) { 563 mService.broadcastIntentLocked(null, null, shutdownIntent, 564 null, shutdownReceiver, 0, null, null, null, 565 AppOpsManager.OP_NONE, 566 null, true, false, MY_PID, SYSTEM_UID, userId); 567 } 568 } 569 finishUserStopped(UserState uss)570 void finishUserStopped(UserState uss) { 571 final int userId = uss.mHandle.getIdentifier(); 572 boolean stopped; 573 ArrayList<IStopUserCallback> callbacks; 574 synchronized (mService) { 575 callbacks = new ArrayList<>(uss.mStopCallbacks); 576 if (mStartedUsers.get(userId) != uss) { 577 stopped = false; 578 } else if (uss.state != UserState.STATE_SHUTDOWN) { 579 stopped = false; 580 } else { 581 stopped = true; 582 // User can no longer run. 583 mStartedUsers.remove(userId); 584 getUserManagerInternal().removeUserState(userId); 585 mUserLru.remove(Integer.valueOf(userId)); 586 updateStartedUserArrayLocked(); 587 588 mService.onUserStoppedLocked(userId); 589 // Clean up all state and processes associated with the user. 590 // Kill all the processes for the user. 591 forceStopUserLocked(userId, "finish user"); 592 } 593 } 594 595 for (int i = 0; i < callbacks.size(); i++) { 596 try { 597 if (stopped) callbacks.get(i).userStopped(userId); 598 else callbacks.get(i).userStopAborted(userId); 599 } catch (RemoteException e) { 600 } 601 } 602 603 if (stopped) { 604 mService.mSystemServiceManager.cleanupUser(userId); 605 synchronized (mService) { 606 mService.mStackSupervisor.removeUserLocked(userId); 607 } 608 // Remove the user if it is ephemeral. 609 if (getUserInfo(userId).isEphemeral()) { 610 mUserManager.removeUser(userId); 611 } 612 } 613 } 614 615 /** 616 * Determines the list of users that should be stopped together with the specified 617 * {@code userId}. The returned list includes {@code userId}. 618 */ getUsersToStopLocked(int userId)619 private @NonNull int[] getUsersToStopLocked(int userId) { 620 int startedUsersSize = mStartedUsers.size(); 621 IntArray userIds = new IntArray(); 622 userIds.add(userId); 623 synchronized (mUserProfileGroupIdsSelfLocked) { 624 int userGroupId = mUserProfileGroupIdsSelfLocked.get(userId, 625 UserInfo.NO_PROFILE_GROUP_ID); 626 for (int i = 0; i < startedUsersSize; i++) { 627 UserState uss = mStartedUsers.valueAt(i); 628 int startedUserId = uss.mHandle.getIdentifier(); 629 // Skip unrelated users (profileGroupId mismatch) 630 int startedUserGroupId = mUserProfileGroupIdsSelfLocked.get(startedUserId, 631 UserInfo.NO_PROFILE_GROUP_ID); 632 boolean sameGroup = (userGroupId != UserInfo.NO_PROFILE_GROUP_ID) 633 && (userGroupId == startedUserGroupId); 634 // userId has already been added 635 boolean sameUserId = startedUserId == userId; 636 if (!sameGroup || sameUserId) { 637 continue; 638 } 639 userIds.add(startedUserId); 640 } 641 } 642 return userIds.toArray(); 643 } 644 forceStopUserLocked(int userId, String reason)645 private void forceStopUserLocked(int userId, String reason) { 646 mService.forceStopPackageLocked(null, -1, false, false, true, false, false, 647 userId, reason); 648 Intent intent = new Intent(Intent.ACTION_USER_STOPPED); 649 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 650 | Intent.FLAG_RECEIVER_FOREGROUND); 651 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 652 mService.broadcastIntentLocked(null, null, intent, 653 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 654 null, false, false, MY_PID, SYSTEM_UID, UserHandle.USER_ALL); 655 } 656 657 /** 658 * Stops the guest or ephemeral user if it has gone to the background. 659 */ stopGuestOrEphemeralUserIfBackground()660 private void stopGuestOrEphemeralUserIfBackground() { 661 synchronized (mService) { 662 final int num = mUserLru.size(); 663 for (int i = 0; i < num; i++) { 664 Integer oldUserId = mUserLru.get(i); 665 UserState oldUss = mStartedUsers.get(oldUserId); 666 if (oldUserId == UserHandle.USER_SYSTEM || oldUserId == mCurrentUserId 667 || oldUss.state == UserState.STATE_STOPPING 668 || oldUss.state == UserState.STATE_SHUTDOWN) { 669 continue; 670 } 671 UserInfo userInfo = getUserInfo(oldUserId); 672 if (userInfo.isEphemeral()) { 673 LocalServices.getService(UserManagerInternal.class) 674 .onEphemeralUserStop(oldUserId); 675 } 676 if (userInfo.isGuest() || userInfo.isEphemeral()) { 677 // This is a user to be stopped. 678 stopUsersLocked(oldUserId, true, null); 679 break; 680 } 681 } 682 } 683 } 684 startProfilesLocked()685 void startProfilesLocked() { 686 if (DEBUG_MU) Slog.i(TAG, "startProfilesLocked"); 687 List<UserInfo> profiles = getUserManager().getProfiles( 688 mCurrentUserId, false /* enabledOnly */); 689 List<UserInfo> profilesToStart = new ArrayList<>(profiles.size()); 690 for (UserInfo user : profiles) { 691 if ((user.flags & UserInfo.FLAG_INITIALIZED) == UserInfo.FLAG_INITIALIZED 692 && user.id != mCurrentUserId && !user.isQuietModeEnabled()) { 693 profilesToStart.add(user); 694 } 695 } 696 final int profilesToStartSize = profilesToStart.size(); 697 int i = 0; 698 for (; i < profilesToStartSize && i < (MAX_RUNNING_USERS - 1); ++i) { 699 startUser(profilesToStart.get(i).id, /* foreground= */ false); 700 } 701 if (i < profilesToStartSize) { 702 Slog.w(TAG, "More profiles than MAX_RUNNING_USERS"); 703 } 704 } 705 getUserManager()706 private UserManagerService getUserManager() { 707 UserManagerService userManager = mUserManager; 708 if (userManager == null) { 709 IBinder b = ServiceManager.getService(Context.USER_SERVICE); 710 userManager = mUserManager = (UserManagerService) IUserManager.Stub.asInterface(b); 711 } 712 return userManager; 713 } 714 getMountService()715 private IMountService getMountService() { 716 return IMountService.Stub.asInterface(ServiceManager.getService("mount")); 717 } 718 719 /** 720 * Start user, if its not already running. 721 * <p>The user will be brought to the foreground, if {@code foreground} parameter is set. 722 * When starting the user, multiple intents will be broadcast in the following order:</p> 723 * <ul> 724 * <li>{@link Intent#ACTION_USER_STARTED} - sent to registered receivers of the new user 725 * <li>{@link Intent#ACTION_USER_BACKGROUND} - sent to registered receivers of the outgoing 726 * user and all profiles of this user. Sent only if {@code foreground} parameter is true 727 * <li>{@link Intent#ACTION_USER_FOREGROUND} - sent to registered receivers of the new 728 * user and all profiles of this user. Sent only if {@code foreground} parameter is true 729 * <li>{@link Intent#ACTION_USER_SWITCHED} - sent to registered receivers of the new user. 730 * Sent only if {@code foreground} parameter is true 731 * <li>{@link Intent#ACTION_USER_STARTING} - ordered broadcast sent to registered receivers 732 * of the new fg user 733 * <li>{@link Intent#ACTION_LOCKED_BOOT_COMPLETED} - ordered broadcast sent to receivers of 734 * the new user 735 * <li>{@link Intent#ACTION_USER_UNLOCKED} - sent to registered receivers of the new user 736 * <li>{@link Intent#ACTION_PRE_BOOT_COMPLETED} - ordered broadcast sent to receivers of the 737 * new user. Sent only when the user is booting after a system update. 738 * <li>{@link Intent#ACTION_USER_INITIALIZE} - ordered broadcast sent to receivers of the 739 * new user. Sent only the first time a user is starting. 740 * <li>{@link Intent#ACTION_BOOT_COMPLETED} - ordered broadcast sent to receivers of the new 741 * user. Indicates that the user has finished booting. 742 * </ul> 743 * 744 * @param userId ID of the user to start 745 * @param foreground true if user should be brought to the foreground 746 * @return true if the user has been successfully started 747 */ startUser(final int userId, final boolean foreground)748 boolean startUser(final int userId, final boolean foreground) { 749 if (mService.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 750 != PackageManager.PERMISSION_GRANTED) { 751 String msg = "Permission Denial: switchUser() from pid=" 752 + Binder.getCallingPid() 753 + ", uid=" + Binder.getCallingUid() 754 + " requires " + INTERACT_ACROSS_USERS_FULL; 755 Slog.w(TAG, msg); 756 throw new SecurityException(msg); 757 } 758 759 Slog.i(TAG, "Starting userid:" + userId + " fg:" + foreground); 760 761 final long ident = Binder.clearCallingIdentity(); 762 try { 763 synchronized (mService) { 764 final int oldUserId = mCurrentUserId; 765 if (oldUserId == userId) { 766 return true; 767 } 768 769 mService.mStackSupervisor.setLockTaskModeLocked(null, 770 ActivityManager.LOCK_TASK_MODE_NONE, "startUser", false); 771 772 final UserInfo userInfo = getUserInfo(userId); 773 if (userInfo == null) { 774 Slog.w(TAG, "No user info for user #" + userId); 775 return false; 776 } 777 if (foreground && userInfo.isManagedProfile()) { 778 Slog.w(TAG, "Cannot switch to User #" + userId + ": not a full user"); 779 return false; 780 } 781 782 if (foreground) { 783 mService.mWindowManager.startFreezingScreen( 784 R.anim.screen_user_exit, R.anim.screen_user_enter); 785 } 786 787 boolean needStart = false; 788 789 // If the user we are switching to is not currently started, then 790 // we need to start it now. 791 if (mStartedUsers.get(userId) == null) { 792 UserState userState = new UserState(UserHandle.of(userId)); 793 mStartedUsers.put(userId, userState); 794 getUserManagerInternal().setUserState(userId, userState.state); 795 updateStartedUserArrayLocked(); 796 needStart = true; 797 } 798 799 final UserState uss = mStartedUsers.get(userId); 800 final Integer userIdInt = userId; 801 mUserLru.remove(userIdInt); 802 mUserLru.add(userIdInt); 803 804 if (foreground) { 805 mCurrentUserId = userId; 806 mService.updateUserConfigurationLocked(); 807 mTargetUserId = UserHandle.USER_NULL; // reset, mCurrentUserId has caught up 808 updateCurrentProfileIdsLocked(); 809 mService.mWindowManager.setCurrentUser(userId, mCurrentProfileIds); 810 // Once the internal notion of the active user has switched, we lock the device 811 // with the option to show the user switcher on the keyguard. 812 mService.mWindowManager.lockNow(null); 813 } else { 814 final Integer currentUserIdInt = mCurrentUserId; 815 updateCurrentProfileIdsLocked(); 816 mService.mWindowManager.setCurrentProfileIds(mCurrentProfileIds); 817 mUserLru.remove(currentUserIdInt); 818 mUserLru.add(currentUserIdInt); 819 } 820 821 // Make sure user is in the started state. If it is currently 822 // stopping, we need to knock that off. 823 if (uss.state == UserState.STATE_STOPPING) { 824 // If we are stopping, we haven't sent ACTION_SHUTDOWN, 825 // so we can just fairly silently bring the user back from 826 // the almost-dead. 827 uss.setState(uss.lastState); 828 getUserManagerInternal().setUserState(userId, uss.state); 829 updateStartedUserArrayLocked(); 830 needStart = true; 831 } else if (uss.state == UserState.STATE_SHUTDOWN) { 832 // This means ACTION_SHUTDOWN has been sent, so we will 833 // need to treat this as a new boot of the user. 834 uss.setState(UserState.STATE_BOOTING); 835 getUserManagerInternal().setUserState(userId, uss.state); 836 updateStartedUserArrayLocked(); 837 needStart = true; 838 } 839 840 if (uss.state == UserState.STATE_BOOTING) { 841 // Give user manager a chance to propagate user restrictions 842 // to other services and prepare app storage 843 getUserManager().onBeforeStartUser(userId); 844 845 // Booting up a new user, need to tell system services about it. 846 // Note that this is on the same handler as scheduling of broadcasts, 847 // which is important because it needs to go first. 848 mHandler.sendMessage(mHandler.obtainMessage(SYSTEM_USER_START_MSG, userId, 0)); 849 } 850 851 if (foreground) { 852 mHandler.sendMessage(mHandler.obtainMessage(SYSTEM_USER_CURRENT_MSG, userId, 853 oldUserId)); 854 mHandler.removeMessages(REPORT_USER_SWITCH_MSG); 855 mHandler.removeMessages(USER_SWITCH_TIMEOUT_MSG); 856 mHandler.sendMessage(mHandler.obtainMessage(REPORT_USER_SWITCH_MSG, 857 oldUserId, userId, uss)); 858 mHandler.sendMessageDelayed(mHandler.obtainMessage(USER_SWITCH_TIMEOUT_MSG, 859 oldUserId, userId, uss), USER_SWITCH_TIMEOUT); 860 } 861 862 if (needStart) { 863 // Send USER_STARTED broadcast 864 Intent intent = new Intent(Intent.ACTION_USER_STARTED); 865 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 866 | Intent.FLAG_RECEIVER_FOREGROUND); 867 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 868 mService.broadcastIntentLocked(null, null, intent, 869 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 870 null, false, false, MY_PID, SYSTEM_UID, userId); 871 } 872 873 if (foreground) { 874 moveUserToForegroundLocked(uss, oldUserId, userId); 875 } else { 876 mService.mUserController.finishUserBoot(uss); 877 } 878 879 if (needStart) { 880 Intent intent = new Intent(Intent.ACTION_USER_STARTING); 881 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); 882 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 883 mService.broadcastIntentLocked(null, null, intent, 884 null, new IIntentReceiver.Stub() { 885 @Override 886 public void performReceive(Intent intent, int resultCode, 887 String data, Bundle extras, boolean ordered, boolean sticky, 888 int sendingUser) throws RemoteException { 889 } 890 }, 0, null, null, 891 new String[] {INTERACT_ACROSS_USERS}, AppOpsManager.OP_NONE, 892 null, true, false, MY_PID, SYSTEM_UID, UserHandle.USER_ALL); 893 } 894 } 895 } finally { 896 Binder.restoreCallingIdentity(ident); 897 } 898 899 return true; 900 } 901 902 /** 903 * Start user, if its not already running, and bring it to foreground. 904 */ startUserInForeground(final int userId, Dialog dlg)905 boolean startUserInForeground(final int userId, Dialog dlg) { 906 boolean result = startUser(userId, /* foreground */ true); 907 dlg.dismiss(); 908 return result; 909 } 910 unlockUser(final int userId, byte[] token, byte[] secret, IProgressListener listener)911 boolean unlockUser(final int userId, byte[] token, byte[] secret, IProgressListener listener) { 912 if (mService.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 913 != PackageManager.PERMISSION_GRANTED) { 914 String msg = "Permission Denial: unlockUser() from pid=" 915 + Binder.getCallingPid() 916 + ", uid=" + Binder.getCallingUid() 917 + " requires " + INTERACT_ACROSS_USERS_FULL; 918 Slog.w(TAG, msg); 919 throw new SecurityException(msg); 920 } 921 922 final long binderToken = Binder.clearCallingIdentity(); 923 try { 924 return unlockUserCleared(userId, token, secret, listener); 925 } finally { 926 Binder.restoreCallingIdentity(binderToken); 927 } 928 } 929 930 /** 931 * Attempt to unlock user without a credential token. This typically 932 * succeeds when the device doesn't have credential-encrypted storage, or 933 * when the the credential-encrypted storage isn't tied to a user-provided 934 * PIN or pattern. 935 */ maybeUnlockUser(final int userId)936 boolean maybeUnlockUser(final int userId) { 937 // Try unlocking storage using empty token 938 return unlockUserCleared(userId, null, null, null); 939 } 940 notifyFinished(int userId, IProgressListener listener)941 private static void notifyFinished(int userId, IProgressListener listener) { 942 if (listener == null) return; 943 try { 944 listener.onFinished(userId, null); 945 } catch (RemoteException ignored) { 946 } 947 } 948 unlockUserCleared(final int userId, byte[] token, byte[] secret, IProgressListener listener)949 boolean unlockUserCleared(final int userId, byte[] token, byte[] secret, 950 IProgressListener listener) { 951 synchronized (mService) { 952 // TODO Move this block outside of synchronized if it causes lock contention 953 if (!StorageManager.isUserKeyUnlocked(userId)) { 954 final UserInfo userInfo = getUserInfo(userId); 955 final IMountService mountService = getMountService(); 956 try { 957 // We always want to unlock user storage, even user is not started yet 958 mountService.unlockUserKey(userId, userInfo.serialNumber, token, secret); 959 } catch (RemoteException | RuntimeException e) { 960 Slog.w(TAG, "Failed to unlock: " + e.getMessage()); 961 } 962 } 963 // Bail if user isn't actually running, otherwise register the given 964 // listener to watch for unlock progress 965 final UserState uss = mStartedUsers.get(userId); 966 if (uss == null) { 967 notifyFinished(userId, listener); 968 return false; 969 } else { 970 uss.mUnlockProgress.addListener(listener); 971 } 972 973 finishUserUnlocking(uss); 974 975 // We just unlocked a user, so let's now attempt to unlock any 976 // managed profiles under that user. 977 for (int i = 0; i < mStartedUsers.size(); i++) { 978 final int testUserId = mStartedUsers.keyAt(i); 979 final UserInfo parent = getUserManager().getProfileParent(testUserId); 980 if (parent != null && parent.id == userId && testUserId != userId) { 981 Slog.d(TAG, "User " + testUserId + " (parent " + parent.id 982 + "): attempting unlock because parent was just unlocked"); 983 maybeUnlockUser(testUserId); 984 } 985 } 986 } 987 988 return true; 989 } 990 showUserSwitchDialog(Pair<UserInfo, UserInfo> fromToUserPair)991 void showUserSwitchDialog(Pair<UserInfo, UserInfo> fromToUserPair) { 992 // The dialog will show and then initiate the user switch by calling startUserInForeground 993 Dialog d = new UserSwitchingDialog(mService, mService.mContext, fromToUserPair.first, 994 fromToUserPair.second, true /* above system */); 995 d.show(); 996 } 997 dispatchForegroundProfileChanged(int userId)998 void dispatchForegroundProfileChanged(int userId) { 999 final int observerCount = mUserSwitchObservers.beginBroadcast(); 1000 for (int i = 0; i < observerCount; i++) { 1001 try { 1002 mUserSwitchObservers.getBroadcastItem(i).onForegroundProfileSwitch(userId); 1003 } catch (RemoteException e) { 1004 // Ignore 1005 } 1006 } 1007 mUserSwitchObservers.finishBroadcast(); 1008 } 1009 1010 /** Called on handler thread */ dispatchUserSwitchComplete(int userId)1011 void dispatchUserSwitchComplete(int userId) { 1012 final int observerCount = mUserSwitchObservers.beginBroadcast(); 1013 for (int i = 0; i < observerCount; i++) { 1014 try { 1015 mUserSwitchObservers.getBroadcastItem(i).onUserSwitchComplete(userId); 1016 } catch (RemoteException e) { 1017 } 1018 } 1019 mUserSwitchObservers.finishBroadcast(); 1020 } 1021 stopBackgroundUsersIfEnforced(int oldUserId)1022 private void stopBackgroundUsersIfEnforced(int oldUserId) { 1023 // Never stop system user 1024 if (oldUserId == UserHandle.USER_SYSTEM) { 1025 return; 1026 } 1027 // For now, only check for user restriction. Additional checks can be added here 1028 boolean disallowRunInBg = hasUserRestriction(UserManager.DISALLOW_RUN_IN_BACKGROUND, 1029 oldUserId); 1030 if (!disallowRunInBg) { 1031 return; 1032 } 1033 synchronized (mService) { 1034 if (DEBUG_MU) Slog.i(TAG, "stopBackgroundUsersIfEnforced stopping " + oldUserId 1035 + " and related users"); 1036 stopUsersLocked(oldUserId, false, null); 1037 } 1038 } 1039 timeoutUserSwitch(UserState uss, int oldUserId, int newUserId)1040 void timeoutUserSwitch(UserState uss, int oldUserId, int newUserId) { 1041 synchronized (mService) { 1042 Slog.wtf(TAG, "User switch timeout: from " + oldUserId + " to " + newUserId); 1043 sendContinueUserSwitchLocked(uss, oldUserId, newUserId); 1044 } 1045 } 1046 dispatchUserSwitch(final UserState uss, final int oldUserId, final int newUserId)1047 void dispatchUserSwitch(final UserState uss, final int oldUserId, final int newUserId) { 1048 Slog.d(TAG, "Dispatch onUserSwitching oldUser #" + oldUserId + " newUser #" + newUserId); 1049 final int observerCount = mUserSwitchObservers.beginBroadcast(); 1050 if (observerCount > 0) { 1051 final IRemoteCallback callback = new IRemoteCallback.Stub() { 1052 int mCount = 0; 1053 @Override 1054 public void sendResult(Bundle data) throws RemoteException { 1055 synchronized (mService) { 1056 if (mCurUserSwitchCallback == this) { 1057 mCount++; 1058 if (mCount == observerCount) { 1059 sendContinueUserSwitchLocked(uss, oldUserId, newUserId); 1060 } 1061 } 1062 } 1063 } 1064 }; 1065 synchronized (mService) { 1066 uss.switching = true; 1067 mCurUserSwitchCallback = callback; 1068 } 1069 for (int i = 0; i < observerCount; i++) { 1070 try { 1071 mUserSwitchObservers.getBroadcastItem(i).onUserSwitching( 1072 newUserId, callback); 1073 } catch (RemoteException e) { 1074 } 1075 } 1076 } else { 1077 synchronized (mService) { 1078 sendContinueUserSwitchLocked(uss, oldUserId, newUserId); 1079 } 1080 } 1081 mUserSwitchObservers.finishBroadcast(); 1082 } 1083 sendContinueUserSwitchLocked(UserState uss, int oldUserId, int newUserId)1084 void sendContinueUserSwitchLocked(UserState uss, int oldUserId, int newUserId) { 1085 mCurUserSwitchCallback = null; 1086 mHandler.removeMessages(USER_SWITCH_TIMEOUT_MSG); 1087 mHandler.sendMessage(mHandler.obtainMessage(ActivityManagerService.CONTINUE_USER_SWITCH_MSG, 1088 oldUserId, newUserId, uss)); 1089 } 1090 continueUserSwitch(UserState uss, int oldUserId, int newUserId)1091 void continueUserSwitch(UserState uss, int oldUserId, int newUserId) { 1092 Slog.d(TAG, "Continue user switch oldUser #" + oldUserId + ", newUser #" + newUserId); 1093 synchronized (mService) { 1094 mService.mWindowManager.stopFreezingScreen(); 1095 } 1096 uss.switching = false; 1097 mHandler.removeMessages(REPORT_USER_SWITCH_COMPLETE_MSG); 1098 mHandler.sendMessage(mHandler.obtainMessage(REPORT_USER_SWITCH_COMPLETE_MSG, 1099 newUserId, 0)); 1100 stopGuestOrEphemeralUserIfBackground(); 1101 stopBackgroundUsersIfEnforced(oldUserId); 1102 } 1103 moveUserToForegroundLocked(UserState uss, int oldUserId, int newUserId)1104 void moveUserToForegroundLocked(UserState uss, int oldUserId, int newUserId) { 1105 boolean homeInFront = mService.mStackSupervisor.switchUserLocked(newUserId, uss); 1106 if (homeInFront) { 1107 mService.startHomeActivityLocked(newUserId, "moveUserToForeground"); 1108 } else { 1109 mService.mStackSupervisor.resumeFocusedStackTopActivityLocked(); 1110 } 1111 EventLogTags.writeAmSwitchUser(newUserId); 1112 sendUserSwitchBroadcastsLocked(oldUserId, newUserId); 1113 } 1114 sendUserSwitchBroadcastsLocked(int oldUserId, int newUserId)1115 void sendUserSwitchBroadcastsLocked(int oldUserId, int newUserId) { 1116 long ident = Binder.clearCallingIdentity(); 1117 try { 1118 Intent intent; 1119 if (oldUserId >= 0) { 1120 // Send USER_BACKGROUND broadcast to all profiles of the outgoing user 1121 List<UserInfo> profiles = getUserManager().getProfiles(oldUserId, false); 1122 int count = profiles.size(); 1123 for (int i = 0; i < count; i++) { 1124 int profileUserId = profiles.get(i).id; 1125 intent = new Intent(Intent.ACTION_USER_BACKGROUND); 1126 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 1127 | Intent.FLAG_RECEIVER_FOREGROUND); 1128 intent.putExtra(Intent.EXTRA_USER_HANDLE, profileUserId); 1129 mService.broadcastIntentLocked(null, null, intent, 1130 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 1131 null, false, false, MY_PID, SYSTEM_UID, profileUserId); 1132 } 1133 } 1134 if (newUserId >= 0) { 1135 // Send USER_FOREGROUND broadcast to all profiles of the incoming user 1136 List<UserInfo> profiles = getUserManager().getProfiles(newUserId, false); 1137 int count = profiles.size(); 1138 for (int i = 0; i < count; i++) { 1139 int profileUserId = profiles.get(i).id; 1140 intent = new Intent(Intent.ACTION_USER_FOREGROUND); 1141 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 1142 | Intent.FLAG_RECEIVER_FOREGROUND); 1143 intent.putExtra(Intent.EXTRA_USER_HANDLE, profileUserId); 1144 mService.broadcastIntentLocked(null, null, intent, 1145 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 1146 null, false, false, MY_PID, SYSTEM_UID, profileUserId); 1147 } 1148 intent = new Intent(Intent.ACTION_USER_SWITCHED); 1149 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 1150 | Intent.FLAG_RECEIVER_FOREGROUND); 1151 intent.putExtra(Intent.EXTRA_USER_HANDLE, newUserId); 1152 mService.broadcastIntentLocked(null, null, intent, 1153 null, null, 0, null, null, 1154 new String[] {android.Manifest.permission.MANAGE_USERS}, 1155 AppOpsManager.OP_NONE, null, false, false, MY_PID, SYSTEM_UID, 1156 UserHandle.USER_ALL); 1157 } 1158 } finally { 1159 Binder.restoreCallingIdentity(ident); 1160 } 1161 } 1162 1163 handleIncomingUser(int callingPid, int callingUid, int userId, boolean allowAll, int allowMode, String name, String callerPackage)1164 int handleIncomingUser(int callingPid, int callingUid, int userId, boolean allowAll, 1165 int allowMode, String name, String callerPackage) { 1166 final int callingUserId = UserHandle.getUserId(callingUid); 1167 if (callingUserId == userId) { 1168 return userId; 1169 } 1170 1171 // Note that we may be accessing mCurrentUserId outside of a lock... 1172 // shouldn't be a big deal, if this is being called outside 1173 // of a locked context there is intrinsically a race with 1174 // the value the caller will receive and someone else changing it. 1175 // We assume that USER_CURRENT_OR_SELF will use the current user; later 1176 // we will switch to the calling user if access to the current user fails. 1177 int targetUserId = unsafeConvertIncomingUserLocked(userId); 1178 1179 if (callingUid != 0 && callingUid != SYSTEM_UID) { 1180 final boolean allow; 1181 if (mService.checkComponentPermission(INTERACT_ACROSS_USERS_FULL, callingPid, 1182 callingUid, -1, true) == PackageManager.PERMISSION_GRANTED) { 1183 // If the caller has this permission, they always pass go. And collect $200. 1184 allow = true; 1185 } else if (allowMode == ALLOW_FULL_ONLY) { 1186 // We require full access, sucks to be you. 1187 allow = false; 1188 } else if (mService.checkComponentPermission(INTERACT_ACROSS_USERS, callingPid, 1189 callingUid, -1, true) != PackageManager.PERMISSION_GRANTED) { 1190 // If the caller does not have either permission, they are always doomed. 1191 allow = false; 1192 } else if (allowMode == ALLOW_NON_FULL) { 1193 // We are blanket allowing non-full access, you lucky caller! 1194 allow = true; 1195 } else if (allowMode == ALLOW_NON_FULL_IN_PROFILE) { 1196 // We may or may not allow this depending on whether the two users are 1197 // in the same profile. 1198 allow = isSameProfileGroup(callingUserId, targetUserId); 1199 } else { 1200 throw new IllegalArgumentException("Unknown mode: " + allowMode); 1201 } 1202 if (!allow) { 1203 if (userId == UserHandle.USER_CURRENT_OR_SELF) { 1204 // In this case, they would like to just execute as their 1205 // owner user instead of failing. 1206 targetUserId = callingUserId; 1207 } else { 1208 StringBuilder builder = new StringBuilder(128); 1209 builder.append("Permission Denial: "); 1210 builder.append(name); 1211 if (callerPackage != null) { 1212 builder.append(" from "); 1213 builder.append(callerPackage); 1214 } 1215 builder.append(" asks to run as user "); 1216 builder.append(userId); 1217 builder.append(" but is calling from user "); 1218 builder.append(UserHandle.getUserId(callingUid)); 1219 builder.append("; this requires "); 1220 builder.append(INTERACT_ACROSS_USERS_FULL); 1221 if (allowMode != ALLOW_FULL_ONLY) { 1222 builder.append(" or "); 1223 builder.append(INTERACT_ACROSS_USERS); 1224 } 1225 String msg = builder.toString(); 1226 Slog.w(TAG, msg); 1227 throw new SecurityException(msg); 1228 } 1229 } 1230 } 1231 if (!allowAll && targetUserId < 0) { 1232 throw new IllegalArgumentException( 1233 "Call does not support special user #" + targetUserId); 1234 } 1235 // Check shell permission 1236 if (callingUid == Process.SHELL_UID && targetUserId >= UserHandle.USER_SYSTEM) { 1237 if (hasUserRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, targetUserId)) { 1238 throw new SecurityException("Shell does not have permission to access user " 1239 + targetUserId + "\n " + Debug.getCallers(3)); 1240 } 1241 } 1242 return targetUserId; 1243 } 1244 unsafeConvertIncomingUserLocked(int userId)1245 int unsafeConvertIncomingUserLocked(int userId) { 1246 return (userId == UserHandle.USER_CURRENT || userId == UserHandle.USER_CURRENT_OR_SELF) 1247 ? getCurrentUserIdLocked(): userId; 1248 } 1249 registerUserSwitchObserver(IUserSwitchObserver observer)1250 void registerUserSwitchObserver(IUserSwitchObserver observer) { 1251 if (mService.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 1252 != PackageManager.PERMISSION_GRANTED) { 1253 final String msg = "Permission Denial: registerUserSwitchObserver() from pid=" 1254 + Binder.getCallingPid() 1255 + ", uid=" + Binder.getCallingUid() 1256 + " requires " + INTERACT_ACROSS_USERS_FULL; 1257 Slog.w(TAG, msg); 1258 throw new SecurityException(msg); 1259 } 1260 1261 mUserSwitchObservers.register(observer); 1262 } 1263 unregisterUserSwitchObserver(IUserSwitchObserver observer)1264 void unregisterUserSwitchObserver(IUserSwitchObserver observer) { 1265 mUserSwitchObservers.unregister(observer); 1266 } 1267 getStartedUserStateLocked(int userId)1268 UserState getStartedUserStateLocked(int userId) { 1269 return mStartedUsers.get(userId); 1270 } 1271 hasStartedUserState(int userId)1272 boolean hasStartedUserState(int userId) { 1273 return mStartedUsers.get(userId) != null; 1274 } 1275 updateStartedUserArrayLocked()1276 private void updateStartedUserArrayLocked() { 1277 int num = 0; 1278 for (int i = 0; i < mStartedUsers.size(); i++) { 1279 UserState uss = mStartedUsers.valueAt(i); 1280 // This list does not include stopping users. 1281 if (uss.state != UserState.STATE_STOPPING 1282 && uss.state != UserState.STATE_SHUTDOWN) { 1283 num++; 1284 } 1285 } 1286 mStartedUserArray = new int[num]; 1287 num = 0; 1288 for (int i = 0; i < mStartedUsers.size(); i++) { 1289 UserState uss = mStartedUsers.valueAt(i); 1290 if (uss.state != UserState.STATE_STOPPING 1291 && uss.state != UserState.STATE_SHUTDOWN) { 1292 mStartedUserArray[num++] = mStartedUsers.keyAt(i); 1293 } 1294 } 1295 } 1296 sendBootCompletedLocked(IIntentReceiver resultTo)1297 void sendBootCompletedLocked(IIntentReceiver resultTo) { 1298 for (int i = 0; i < mStartedUsers.size(); i++) { 1299 UserState uss = mStartedUsers.valueAt(i); 1300 finishUserBoot(uss, resultTo); 1301 } 1302 } 1303 onSystemReady()1304 void onSystemReady() { 1305 updateCurrentProfileIdsLocked(); 1306 } 1307 1308 /** 1309 * Refreshes the list of users related to the current user when either a 1310 * user switch happens or when a new related user is started in the 1311 * background. 1312 */ updateCurrentProfileIdsLocked()1313 private void updateCurrentProfileIdsLocked() { 1314 final List<UserInfo> profiles = getUserManager().getProfiles(mCurrentUserId, 1315 false /* enabledOnly */); 1316 int[] currentProfileIds = new int[profiles.size()]; // profiles will not be null 1317 for (int i = 0; i < currentProfileIds.length; i++) { 1318 currentProfileIds[i] = profiles.get(i).id; 1319 } 1320 mCurrentProfileIds = currentProfileIds; 1321 1322 synchronized (mUserProfileGroupIdsSelfLocked) { 1323 mUserProfileGroupIdsSelfLocked.clear(); 1324 final List<UserInfo> users = getUserManager().getUsers(false); 1325 for (int i = 0; i < users.size(); i++) { 1326 UserInfo user = users.get(i); 1327 if (user.profileGroupId != UserInfo.NO_PROFILE_GROUP_ID) { 1328 mUserProfileGroupIdsSelfLocked.put(user.id, user.profileGroupId); 1329 } 1330 } 1331 } 1332 } 1333 getStartedUserArrayLocked()1334 int[] getStartedUserArrayLocked() { 1335 return mStartedUserArray; 1336 } 1337 isUserStoppingOrShuttingDownLocked(int userId)1338 boolean isUserStoppingOrShuttingDownLocked(int userId) { 1339 UserState state = getStartedUserStateLocked(userId); 1340 if (state == null) { 1341 return false; 1342 } 1343 return state.state == UserState.STATE_STOPPING 1344 || state.state == UserState.STATE_SHUTDOWN; 1345 } 1346 isUserRunningLocked(int userId, int flags)1347 boolean isUserRunningLocked(int userId, int flags) { 1348 UserState state = getStartedUserStateLocked(userId); 1349 if (state == null) { 1350 return false; 1351 } 1352 if ((flags & ActivityManager.FLAG_OR_STOPPED) != 0) { 1353 return true; 1354 } 1355 if ((flags & ActivityManager.FLAG_AND_LOCKED) != 0) { 1356 switch (state.state) { 1357 case UserState.STATE_BOOTING: 1358 case UserState.STATE_RUNNING_LOCKED: 1359 return true; 1360 default: 1361 return false; 1362 } 1363 } 1364 if ((flags & ActivityManager.FLAG_AND_UNLOCKING_OR_UNLOCKED) != 0) { 1365 switch (state.state) { 1366 case UserState.STATE_RUNNING_UNLOCKING: 1367 case UserState.STATE_RUNNING_UNLOCKED: 1368 return true; 1369 default: 1370 return false; 1371 } 1372 } 1373 if ((flags & ActivityManager.FLAG_AND_UNLOCKED) != 0) { 1374 switch (state.state) { 1375 case UserState.STATE_RUNNING_UNLOCKED: 1376 return true; 1377 default: 1378 return false; 1379 } 1380 } 1381 1382 // One way or another, we're running! 1383 return true; 1384 } 1385 getCurrentUser()1386 UserInfo getCurrentUser() { 1387 if ((mService.checkCallingPermission(INTERACT_ACROSS_USERS) 1388 != PackageManager.PERMISSION_GRANTED) && ( 1389 mService.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 1390 != PackageManager.PERMISSION_GRANTED)) { 1391 String msg = "Permission Denial: getCurrentUser() from pid=" 1392 + Binder.getCallingPid() 1393 + ", uid=" + Binder.getCallingUid() 1394 + " requires " + INTERACT_ACROSS_USERS; 1395 Slog.w(TAG, msg); 1396 throw new SecurityException(msg); 1397 } 1398 synchronized (mService) { 1399 return getCurrentUserLocked(); 1400 } 1401 } 1402 getCurrentUserLocked()1403 UserInfo getCurrentUserLocked() { 1404 int userId = mTargetUserId != UserHandle.USER_NULL ? mTargetUserId : mCurrentUserId; 1405 return getUserInfo(userId); 1406 } 1407 getCurrentOrTargetUserIdLocked()1408 int getCurrentOrTargetUserIdLocked() { 1409 return mTargetUserId != UserHandle.USER_NULL ? mTargetUserId : mCurrentUserId; 1410 } 1411 getCurrentUserIdLocked()1412 int getCurrentUserIdLocked() { 1413 return mCurrentUserId; 1414 } 1415 isCurrentUserLocked(int userId)1416 private boolean isCurrentUserLocked(int userId) { 1417 return userId == getCurrentOrTargetUserIdLocked(); 1418 } 1419 setTargetUserIdLocked(int targetUserId)1420 int setTargetUserIdLocked(int targetUserId) { 1421 return mTargetUserId = targetUserId; 1422 } 1423 getUsers()1424 int[] getUsers() { 1425 UserManagerService ums = getUserManager(); 1426 return ums != null ? ums.getUserIds() : new int[] { 0 }; 1427 } 1428 getUserInfo(int userId)1429 UserInfo getUserInfo(int userId) { 1430 return getUserManager().getUserInfo(userId); 1431 } 1432 getUserIds()1433 int[] getUserIds() { 1434 return getUserManager().getUserIds(); 1435 } 1436 exists(int userId)1437 boolean exists(int userId) { 1438 return getUserManager().exists(userId); 1439 } 1440 hasUserRestriction(String restriction, int userId)1441 boolean hasUserRestriction(String restriction, int userId) { 1442 return getUserManager().hasUserRestriction(restriction, userId); 1443 } 1444 getProfileIds(int userId)1445 Set<Integer> getProfileIds(int userId) { 1446 Set<Integer> userIds = new HashSet<>(); 1447 final List<UserInfo> profiles = getUserManager().getProfiles(userId, 1448 false /* enabledOnly */); 1449 for (UserInfo user : profiles) { 1450 userIds.add(user.id); 1451 } 1452 return userIds; 1453 } 1454 isSameProfileGroup(int callingUserId, int targetUserId)1455 boolean isSameProfileGroup(int callingUserId, int targetUserId) { 1456 synchronized (mUserProfileGroupIdsSelfLocked) { 1457 int callingProfile = mUserProfileGroupIdsSelfLocked.get(callingUserId, 1458 UserInfo.NO_PROFILE_GROUP_ID); 1459 int targetProfile = mUserProfileGroupIdsSelfLocked.get(targetUserId, 1460 UserInfo.NO_PROFILE_GROUP_ID); 1461 return callingProfile != UserInfo.NO_PROFILE_GROUP_ID 1462 && callingProfile == targetProfile; 1463 } 1464 } 1465 isCurrentProfileLocked(int userId)1466 boolean isCurrentProfileLocked(int userId) { 1467 return ArrayUtils.contains(mCurrentProfileIds, userId); 1468 } 1469 getCurrentProfileIdsLocked()1470 int[] getCurrentProfileIdsLocked() { 1471 return mCurrentProfileIds; 1472 } 1473 1474 /** 1475 * Returns whether the given user requires credential entry at this time. This is used to 1476 * intercept activity launches for work apps when the Work Challenge is present. 1477 */ shouldConfirmCredentials(int userId)1478 boolean shouldConfirmCredentials(int userId) { 1479 synchronized (mService) { 1480 if (mStartedUsers.get(userId) == null) { 1481 return false; 1482 } 1483 } 1484 if (!mLockPatternUtils.isSeparateProfileChallengeEnabled(userId)) { 1485 return false; 1486 } 1487 final KeyguardManager km = (KeyguardManager) mService.mContext 1488 .getSystemService(KEYGUARD_SERVICE); 1489 return km.isDeviceLocked(userId) && km.isDeviceSecure(userId); 1490 } 1491 isLockScreenDisabled(@serIdInt int userId)1492 boolean isLockScreenDisabled(@UserIdInt int userId) { 1493 return mLockPatternUtils.isLockScreenDisabled(userId); 1494 } 1495 getUserManagerInternal()1496 private UserManagerInternal getUserManagerInternal() { 1497 if (mUserManagerInternal == null) { 1498 mUserManagerInternal = LocalServices.getService(UserManagerInternal.class); 1499 } 1500 return mUserManagerInternal; 1501 } 1502 dump(PrintWriter pw, boolean dumpAll)1503 void dump(PrintWriter pw, boolean dumpAll) { 1504 pw.println(" mStartedUsers:"); 1505 for (int i = 0; i < mStartedUsers.size(); i++) { 1506 UserState uss = mStartedUsers.valueAt(i); 1507 pw.print(" User #"); pw.print(uss.mHandle.getIdentifier()); 1508 pw.print(": "); uss.dump("", pw); 1509 } 1510 pw.print(" mStartedUserArray: ["); 1511 for (int i = 0; i < mStartedUserArray.length; i++) { 1512 if (i > 0) pw.print(", "); 1513 pw.print(mStartedUserArray[i]); 1514 } 1515 pw.println("]"); 1516 pw.print(" mUserLru: ["); 1517 for (int i = 0; i < mUserLru.size(); i++) { 1518 if (i > 0) pw.print(", "); 1519 pw.print(mUserLru.get(i)); 1520 } 1521 pw.println("]"); 1522 if (dumpAll) { 1523 pw.print(" mStartedUserArray: "); pw.println(Arrays.toString(mStartedUserArray)); 1524 } 1525 synchronized (mUserProfileGroupIdsSelfLocked) { 1526 if (mUserProfileGroupIdsSelfLocked.size() > 0) { 1527 pw.println(" mUserProfileGroupIds:"); 1528 for (int i=0; i<mUserProfileGroupIdsSelfLocked.size(); i++) { 1529 pw.print(" User #"); 1530 pw.print(mUserProfileGroupIdsSelfLocked.keyAt(i)); 1531 pw.print(" -> profile #"); 1532 pw.println(mUserProfileGroupIdsSelfLocked.valueAt(i)); 1533 } 1534 } 1535 } 1536 } 1537 } 1538