diff options
author | Svetoslav Ganov <svetoslavganov@google.com> | 2015-08-07 15:27:49 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2015-08-07 15:27:49 +0000 |
commit | 38d30dc547825bdde2756f588692063a28749e8d (patch) | |
tree | e726b4391558137e67920dac25e342bdccd3f0f8 | |
parent | 77566dd1e15353eb062503767c6e4a354303fd09 (diff) | |
parent | aa41add33b8d7d318387cc74c34e3d347d245211 (diff) | |
download | frameworks_base-38d30dc547825bdde2756f588692063a28749e8d.zip frameworks_base-38d30dc547825bdde2756f588692063a28749e8d.tar.gz frameworks_base-38d30dc547825bdde2756f588692063a28749e8d.tar.bz2 |
Merge "Immediately kill a shared user process on a permission revocation." into mnc-dev
-rw-r--r-- | api/system-current.txt | 2 | ||||
-rw-r--r-- | core/java/android/app/ActivityManager.java | 4 | ||||
-rw-r--r-- | core/java/android/app/ActivityManagerNative.java | 10 | ||||
-rw-r--r-- | core/java/android/app/IActivityManager.java | 2 | ||||
-rw-r--r-- | core/res/AndroidManifest.xml | 2 | ||||
-rw-r--r-- | services/core/java/com/android/server/am/ActivityManagerService.java | 7 | ||||
-rw-r--r-- | services/core/java/com/android/server/audio/AudioService.java | 4 | ||||
-rw-r--r-- | services/core/java/com/android/server/pm/PackageManagerService.java | 57 |
8 files changed, 33 insertions, 55 deletions
diff --git a/api/system-current.txt b/api/system-current.txt index 7987803..001a242 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -115,7 +115,6 @@ package android { field public static final java.lang.String INTERNET = "android.permission.INTERNET"; field public static final java.lang.String INVOKE_CARRIER_SETUP = "android.permission.INVOKE_CARRIER_SETUP"; field public static final java.lang.String KILL_BACKGROUND_PROCESSES = "android.permission.KILL_BACKGROUND_PROCESSES"; - field public static final java.lang.String KILL_UID = "android.permission.KILL_UID"; field public static final java.lang.String LOCAL_MAC_ADDRESS = "android.permission.LOCAL_MAC_ADDRESS"; field public static final java.lang.String LOCATION_HARDWARE = "android.permission.LOCATION_HARDWARE"; field public static final java.lang.String LOOP_RADIO = "android.permission.LOOP_RADIO"; @@ -3654,7 +3653,6 @@ package android.app { method public static boolean isRunningInTestHarness(); method public static boolean isUserAMonkey(); method public void killBackgroundProcesses(java.lang.String); - method public void killUid(int, java.lang.String); method public void moveTaskToFront(int, int); method public void moveTaskToFront(int, int, android.os.Bundle); method public deprecated void restartPackage(java.lang.String); diff --git a/core/java/android/app/ActivityManager.java b/core/java/android/app/ActivityManager.java index 55b2fd9..87c9efc2 100644 --- a/core/java/android/app/ActivityManager.java +++ b/core/java/android/app/ActivityManager.java @@ -2430,11 +2430,11 @@ public class ActivityManager { * * @hide */ - @SystemApi @RequiresPermission(Manifest.permission.KILL_UID) public void killUid(int uid, String reason) { try { - ActivityManagerNative.getDefault().killUid(uid, reason); + ActivityManagerNative.getDefault().killUid(UserHandle.getAppId(uid), + UserHandle.getUserId(uid), reason); } catch (RemoteException e) { Log.e(TAG, "Couldn't kill uid:" + uid, e); } diff --git a/core/java/android/app/ActivityManagerNative.java b/core/java/android/app/ActivityManagerNative.java index e144c29..f6e0735 100644 --- a/core/java/android/app/ActivityManagerNative.java +++ b/core/java/android/app/ActivityManagerNative.java @@ -2245,9 +2245,10 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM case KILL_UID_TRANSACTION: { data.enforceInterface(IActivityManager.descriptor); - int uid = data.readInt(); + int appId = data.readInt(); + int userId = data.readInt(); String reason = data.readString(); - killUid(uid, reason); + killUid(appId, userId, reason); reply.writeNoException(); return true; } @@ -5479,11 +5480,12 @@ class ActivityManagerProxy implements IActivityManager return res; } - public void killUid(int uid, String reason) throws RemoteException { + public void killUid(int appId, int userId, String reason) throws RemoteException { Parcel data = Parcel.obtain(); Parcel reply = Parcel.obtain(); data.writeInterfaceToken(IActivityManager.descriptor); - data.writeInt(uid); + data.writeInt(appId); + data.writeInt(userId); data.writeString(reason); mRemote.transact(KILL_UID_TRANSACTION, data, reply, 0); reply.readException(); diff --git a/core/java/android/app/IActivityManager.java b/core/java/android/app/IActivityManager.java index 90216af..ef121ce 100644 --- a/core/java/android/app/IActivityManager.java +++ b/core/java/android/app/IActivityManager.java @@ -447,7 +447,7 @@ public interface IActivityManager extends IInterface { public boolean showAssistFromActivity(IBinder token, Bundle args) throws RemoteException; - public void killUid(int uid, String reason) throws RemoteException; + public void killUid(int appId, int userId, String reason) throws RemoteException; public void hang(IBinder who, boolean allowRestart) throws RemoteException; diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 1f47ce3..699e113 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -2575,7 +2575,7 @@ <permission android:name="android.permission.QUERY_DO_NOT_ASK_CREDENTIALS_ON_BOOT" android:protectionLevel="signature" /> - <!-- @SystemApi Allows applications to kill UIDs. + <!-- Allows applications to kill UIDs. <p>Not for use by third-party applications. @hide --> <permission android:name="android.permission.KILL_UID" diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java index 39e3b46..3d523d9 100644 --- a/services/core/java/com/android/server/am/ActivityManagerService.java +++ b/services/core/java/com/android/server/am/ActivityManagerService.java @@ -5521,7 +5521,7 @@ public final class ActivityManagerService extends ActivityManagerNative // If no package is specified, we call all processes under the // give user id. if (packageName == null) { - if (app.userId != userId) { + if (userId != UserHandle.USER_ALL && app.userId != userId) { continue; } if (appId >= 0 && UserHandle.getAppId(app.uid) != appId) { @@ -11226,13 +11226,12 @@ public final class ActivityManagerService extends ActivityManagerNative } @Override - public void killUid(int uid, String reason) { + public void killUid(int appId, int userId, String reason) { enforceCallingPermission(Manifest.permission.KILL_UID, "killUid"); synchronized (this) { final long identity = Binder.clearCallingIdentity(); try { - killPackageProcessesLocked(null, UserHandle.getAppId(uid), - UserHandle.getUserId(uid), + killPackageProcessesLocked(null, appId, userId, ProcessList.PERSISTENT_PROC_ADJ, false, true, true, true, reason != null ? reason : "kill uid"); } finally { diff --git a/services/core/java/com/android/server/audio/AudioService.java b/services/core/java/com/android/server/audio/AudioService.java index a0ededf..7565e9d 100644 --- a/services/core/java/com/android/server/audio/AudioService.java +++ b/services/core/java/com/android/server/audio/AudioService.java @@ -5150,7 +5150,9 @@ public class AudioService extends IAudioService.Stub { continue; } try { - ActivityManagerNative.getDefault().killUid(pkg.applicationInfo.uid, + final int uid = pkg.applicationInfo.uid; + ActivityManagerNative.getDefault().killUid(UserHandle.getAppId(uid), + UserHandle.getUserId(uid), "killBackgroundUserProcessesWithAudioRecordPermission"); } catch (RemoteException e) { Log.w(TAG, "Error calling killUid", e); diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index 473be56..ce40c28 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -3469,10 +3469,11 @@ public class PackageManagerService extends IPackageManager.Stub { } case PermissionsState.PERMISSION_OPERATION_SUCCESS_GIDS_CHANGED: { + final int appId = UserHandle.getAppId(pkg.applicationInfo.uid); mHandler.post(new Runnable() { @Override public void run() { - killSettingPackagesForUser(sb, userId, KILL_APP_REASON_GIDS_CHANGED); + killUid(appId, userId, KILL_APP_REASON_GIDS_CHANGED); } }); } break; @@ -3516,7 +3517,7 @@ public class PackageManagerService extends IPackageManager.Stub { enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false, "revokeRuntimePermission"); - final SettingBase sb; + final int appId; synchronized (mPackages) { final PackageParser.Package pkg = mPackages.get(packageName); @@ -3531,7 +3532,7 @@ public class PackageManagerService extends IPackageManager.Stub { enforceDeclaredAsUsedAndRuntimePermission(pkg, bp); - sb = (SettingBase) pkg.mExtras; + SettingBase sb = (SettingBase) pkg.mExtras; if (sb == null) { throw new IllegalArgumentException("Unknown package: " + packageName); } @@ -3553,9 +3554,11 @@ public class PackageManagerService extends IPackageManager.Stub { // Critical, after this call app should never have the permission. mSettings.writeRuntimePermissionsForUserLPr(userId, true); + + appId = UserHandle.getAppId(pkg.applicationInfo.uid); } - killSettingPackagesForUser(sb, userId, KILL_APP_REASON_PERMISSIONS_REVOKED); + killUid(appId, userId, KILL_APP_REASON_PERMISSIONS_REVOKED); } @Override @@ -3859,28 +3862,15 @@ public class PackageManagerService extends IPackageManager.Stub { } } - private void killSettingPackagesForUser(SettingBase sb, int userId, String reason) { + private void killUid(int appId, int userId, String reason) { final long identity = Binder.clearCallingIdentity(); try { - if (sb instanceof SharedUserSetting) { - SharedUserSetting sus = (SharedUserSetting) sb; - final int packageCount = sus.packages.size(); - for (int i = 0; i < packageCount; i++) { - PackageSetting susPs = sus.packages.valueAt(i); - if (userId == UserHandle.USER_ALL) { - killApplication(susPs.pkg.packageName, susPs.appId, reason); - } else { - final int uid = UserHandle.getUid(userId, susPs.appId); - killUid(uid, reason); - } - } - } else if (sb instanceof PackageSetting) { - PackageSetting ps = (PackageSetting) sb; - if (userId == UserHandle.USER_ALL) { - killApplication(ps.pkg.packageName, ps.appId, reason); - } else { - final int uid = UserHandle.getUid(userId, ps.appId); - killUid(uid, reason); + IActivityManager am = ActivityManagerNative.getDefault(); + if (am != null) { + try { + am.killUid(appId, userId, reason); + } catch (RemoteException e) { + /* ignore - same process */ } } } finally { @@ -3888,17 +3878,6 @@ public class PackageManagerService extends IPackageManager.Stub { } } - private static void killUid(int uid, String reason) { - IActivityManager am = ActivityManagerNative.getDefault(); - if (am != null) { - try { - am.killUid(uid, reason); - } catch (RemoteException e) { - /* ignore - same process */ - } - } - } - /** * Compares two sets of signatures. Returns: * <br /> @@ -12821,7 +12800,7 @@ public class PackageManagerService extends IPackageManager.Stub { @Override public void run() { // This has to happen with no lock held. - killSettingPackagesForUser(deletedPs, userIdToKill, + killApplication(deletedPs.name, deletedPs.appId, KILL_APP_REASON_GIDS_CHANGED); } }); @@ -13407,13 +13386,11 @@ public class PackageManagerService extends IPackageManager.Stub { case PERMISSION_OPERATION_SUCCESS_GIDS_CHANGED: { writeRuntimePermissions = true; - // If gids changed for this user, kill all affected packages. + final int appId = ps.appId; mHandler.post(new Runnable() { @Override public void run() { - // This has to happen with no lock held. - killSettingPackagesForUser(ps, userId, - KILL_APP_REASON_GIDS_CHANGED); + killUid(appId, userId, KILL_APP_REASON_GIDS_CHANGED); } }); } break; |