summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSvetoslav Ganov <svetoslavganov@google.com>2015-08-07 15:27:49 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>2015-08-07 15:27:49 +0000
commit38d30dc547825bdde2756f588692063a28749e8d (patch)
treee726b4391558137e67920dac25e342bdccd3f0f8
parent77566dd1e15353eb062503767c6e4a354303fd09 (diff)
parentaa41add33b8d7d318387cc74c34e3d347d245211 (diff)
downloadframeworks_base-38d30dc547825bdde2756f588692063a28749e8d.zip
frameworks_base-38d30dc547825bdde2756f588692063a28749e8d.tar.gz
frameworks_base-38d30dc547825bdde2756f588692063a28749e8d.tar.bz2
Merge "Immediately kill a shared user process on a permission revocation." into mnc-dev
Diffstat
-rw-r--r--api/system-current.txt2
-rw-r--r--core/java/android/app/ActivityManager.java4
-rw-r--r--core/java/android/app/ActivityManagerNative.java10
-rw-r--r--core/java/android/app/IActivityManager.java2
-rw-r--r--core/res/AndroidManifest.xml2
-rw-r--r--services/core/java/com/android/server/am/ActivityManagerService.java7
-rw-r--r--services/core/java/com/android/server/audio/AudioService.java4
-rw-r--r--services/core/java/com/android/server/pm/PackageManagerService.java57
8 files changed, 33 insertions, 55 deletions
diff --git a/api/system-current.txt b/api/system-current.txt
index 7987803..001a242 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -115,7 +115,6 @@ package android {
field public static final java.lang.String INTERNET = "android.permission.INTERNET";
field public static final java.lang.String INVOKE_CARRIER_SETUP = "android.permission.INVOKE_CARRIER_SETUP";
field public static final java.lang.String KILL_BACKGROUND_PROCESSES = "android.permission.KILL_BACKGROUND_PROCESSES";
- field public static final java.lang.String KILL_UID = "android.permission.KILL_UID";
field public static final java.lang.String LOCAL_MAC_ADDRESS = "android.permission.LOCAL_MAC_ADDRESS";
field public static final java.lang.String LOCATION_HARDWARE = "android.permission.LOCATION_HARDWARE";
field public static final java.lang.String LOOP_RADIO = "android.permission.LOOP_RADIO";
@@ -3654,7 +3653,6 @@ package android.app {
method public static boolean isRunningInTestHarness();
method public static boolean isUserAMonkey();
method public void killBackgroundProcesses(java.lang.String);
- method public void killUid(int, java.lang.String);
method public void moveTaskToFront(int, int);
method public void moveTaskToFront(int, int, android.os.Bundle);
method public deprecated void restartPackage(java.lang.String);
diff --git a/core/java/android/app/ActivityManager.java b/core/java/android/app/ActivityManager.java
index 55b2fd9..87c9efc2 100644
--- a/core/java/android/app/ActivityManager.java
+++ b/core/java/android/app/ActivityManager.java
@@ -2430,11 +2430,11 @@ public class ActivityManager {
*
* @hide
*/
- @SystemApi
@RequiresPermission(Manifest.permission.KILL_UID)
public void killUid(int uid, String reason) {
try {
- ActivityManagerNative.getDefault().killUid(uid, reason);
+ ActivityManagerNative.getDefault().killUid(UserHandle.getAppId(uid),
+ UserHandle.getUserId(uid), reason);
} catch (RemoteException e) {
Log.e(TAG, "Couldn't kill uid:" + uid, e);
}
diff --git a/core/java/android/app/ActivityManagerNative.java b/core/java/android/app/ActivityManagerNative.java
index e144c29..f6e0735 100644
--- a/core/java/android/app/ActivityManagerNative.java
+++ b/core/java/android/app/ActivityManagerNative.java
@@ -2245,9 +2245,10 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM
case KILL_UID_TRANSACTION: {
data.enforceInterface(IActivityManager.descriptor);
- int uid = data.readInt();
+ int appId = data.readInt();
+ int userId = data.readInt();
String reason = data.readString();
- killUid(uid, reason);
+ killUid(appId, userId, reason);
reply.writeNoException();
return true;
}
@@ -5479,11 +5480,12 @@ class ActivityManagerProxy implements IActivityManager
return res;
}
- public void killUid(int uid, String reason) throws RemoteException {
+ public void killUid(int appId, int userId, String reason) throws RemoteException {
Parcel data = Parcel.obtain();
Parcel reply = Parcel.obtain();
data.writeInterfaceToken(IActivityManager.descriptor);
- data.writeInt(uid);
+ data.writeInt(appId);
+ data.writeInt(userId);
data.writeString(reason);
mRemote.transact(KILL_UID_TRANSACTION, data, reply, 0);
reply.readException();
diff --git a/core/java/android/app/IActivityManager.java b/core/java/android/app/IActivityManager.java
index 90216af..ef121ce 100644
--- a/core/java/android/app/IActivityManager.java
+++ b/core/java/android/app/IActivityManager.java
@@ -447,7 +447,7 @@ public interface IActivityManager extends IInterface {
public boolean showAssistFromActivity(IBinder token, Bundle args) throws RemoteException;
- public void killUid(int uid, String reason) throws RemoteException;
+ public void killUid(int appId, int userId, String reason) throws RemoteException;
public void hang(IBinder who, boolean allowRestart) throws RemoteException;
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 1f47ce3..699e113 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -2575,7 +2575,7 @@
<permission android:name="android.permission.QUERY_DO_NOT_ASK_CREDENTIALS_ON_BOOT"
android:protectionLevel="signature" />
- <!-- @SystemApi Allows applications to kill UIDs.
+ <!-- Allows applications to kill UIDs.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.KILL_UID"
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index 39e3b46..3d523d9 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -5521,7 +5521,7 @@ public final class ActivityManagerService extends ActivityManagerNative
// If no package is specified, we call all processes under the
// give user id.
if (packageName == null) {
- if (app.userId != userId) {
+ if (userId != UserHandle.USER_ALL && app.userId != userId) {
continue;
}
if (appId >= 0 && UserHandle.getAppId(app.uid) != appId) {
@@ -11226,13 +11226,12 @@ public final class ActivityManagerService extends ActivityManagerNative
}
@Override
- public void killUid(int uid, String reason) {
+ public void killUid(int appId, int userId, String reason) {
enforceCallingPermission(Manifest.permission.KILL_UID, "killUid");
synchronized (this) {
final long identity = Binder.clearCallingIdentity();
try {
- killPackageProcessesLocked(null, UserHandle.getAppId(uid),
- UserHandle.getUserId(uid),
+ killPackageProcessesLocked(null, appId, userId,
ProcessList.PERSISTENT_PROC_ADJ, false, true, true, true,
reason != null ? reason : "kill uid");
} finally {
diff --git a/services/core/java/com/android/server/audio/AudioService.java b/services/core/java/com/android/server/audio/AudioService.java
index a0ededf..7565e9d 100644
--- a/services/core/java/com/android/server/audio/AudioService.java
+++ b/services/core/java/com/android/server/audio/AudioService.java
@@ -5150,7 +5150,9 @@ public class AudioService extends IAudioService.Stub {
continue;
}
try {
- ActivityManagerNative.getDefault().killUid(pkg.applicationInfo.uid,
+ final int uid = pkg.applicationInfo.uid;
+ ActivityManagerNative.getDefault().killUid(UserHandle.getAppId(uid),
+ UserHandle.getUserId(uid),
"killBackgroundUserProcessesWithAudioRecordPermission");
} catch (RemoteException e) {
Log.w(TAG, "Error calling killUid", e);
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 473be56..ce40c28 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -3469,10 +3469,11 @@ public class PackageManagerService extends IPackageManager.Stub {
}
case PermissionsState.PERMISSION_OPERATION_SUCCESS_GIDS_CHANGED: {
+ final int appId = UserHandle.getAppId(pkg.applicationInfo.uid);
mHandler.post(new Runnable() {
@Override
public void run() {
- killSettingPackagesForUser(sb, userId, KILL_APP_REASON_GIDS_CHANGED);
+ killUid(appId, userId, KILL_APP_REASON_GIDS_CHANGED);
}
});
} break;
@@ -3516,7 +3517,7 @@ public class PackageManagerService extends IPackageManager.Stub {
enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false,
"revokeRuntimePermission");
- final SettingBase sb;
+ final int appId;
synchronized (mPackages) {
final PackageParser.Package pkg = mPackages.get(packageName);
@@ -3531,7 +3532,7 @@ public class PackageManagerService extends IPackageManager.Stub {
enforceDeclaredAsUsedAndRuntimePermission(pkg, bp);
- sb = (SettingBase) pkg.mExtras;
+ SettingBase sb = (SettingBase) pkg.mExtras;
if (sb == null) {
throw new IllegalArgumentException("Unknown package: " + packageName);
}
@@ -3553,9 +3554,11 @@ public class PackageManagerService extends IPackageManager.Stub {
// Critical, after this call app should never have the permission.
mSettings.writeRuntimePermissionsForUserLPr(userId, true);
+
+ appId = UserHandle.getAppId(pkg.applicationInfo.uid);
}
- killSettingPackagesForUser(sb, userId, KILL_APP_REASON_PERMISSIONS_REVOKED);
+ killUid(appId, userId, KILL_APP_REASON_PERMISSIONS_REVOKED);
}
@Override
@@ -3859,28 +3862,15 @@ public class PackageManagerService extends IPackageManager.Stub {
}
}
- private void killSettingPackagesForUser(SettingBase sb, int userId, String reason) {
+ private void killUid(int appId, int userId, String reason) {
final long identity = Binder.clearCallingIdentity();
try {
- if (sb instanceof SharedUserSetting) {
- SharedUserSetting sus = (SharedUserSetting) sb;
- final int packageCount = sus.packages.size();
- for (int i = 0; i < packageCount; i++) {
- PackageSetting susPs = sus.packages.valueAt(i);
- if (userId == UserHandle.USER_ALL) {
- killApplication(susPs.pkg.packageName, susPs.appId, reason);
- } else {
- final int uid = UserHandle.getUid(userId, susPs.appId);
- killUid(uid, reason);
- }
- }
- } else if (sb instanceof PackageSetting) {
- PackageSetting ps = (PackageSetting) sb;
- if (userId == UserHandle.USER_ALL) {
- killApplication(ps.pkg.packageName, ps.appId, reason);
- } else {
- final int uid = UserHandle.getUid(userId, ps.appId);
- killUid(uid, reason);
+ IActivityManager am = ActivityManagerNative.getDefault();
+ if (am != null) {
+ try {
+ am.killUid(appId, userId, reason);
+ } catch (RemoteException e) {
+ /* ignore - same process */
}
}
} finally {
@@ -3888,17 +3878,6 @@ public class PackageManagerService extends IPackageManager.Stub {
}
}
- private static void killUid(int uid, String reason) {
- IActivityManager am = ActivityManagerNative.getDefault();
- if (am != null) {
- try {
- am.killUid(uid, reason);
- } catch (RemoteException e) {
- /* ignore - same process */
- }
- }
- }
-
/**
* Compares two sets of signatures. Returns:
* <br />
@@ -12821,7 +12800,7 @@ public class PackageManagerService extends IPackageManager.Stub {
@Override
public void run() {
// This has to happen with no lock held.
- killSettingPackagesForUser(deletedPs, userIdToKill,
+ killApplication(deletedPs.name, deletedPs.appId,
KILL_APP_REASON_GIDS_CHANGED);
}
});
@@ -13407,13 +13386,11 @@ public class PackageManagerService extends IPackageManager.Stub {
case PERMISSION_OPERATION_SUCCESS_GIDS_CHANGED: {
writeRuntimePermissions = true;
- // If gids changed for this user, kill all affected packages.
+ final int appId = ps.appId;
mHandler.post(new Runnable() {
@Override
public void run() {
- // This has to happen with no lock held.
- killSettingPackagesForUser(ps, userId,
- KILL_APP_REASON_GIDS_CHANGED);
+ killUid(appId, userId, KILL_APP_REASON_GIDS_CHANGED);
}
});
} break;
generated by cgit v1.1 at 2024-05-18 02:18:23 +0000