1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
|
/*
* Copyright (C) 2014 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License
*/
package com.android.server;
import android.Manifest.permission;
import android.content.BroadcastReceiver;
import android.content.ContentResolver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.pm.PackageManager;
import android.net.INetworkScoreCache;
import android.net.INetworkScoreService;
import android.net.NetworkScoreManager;
import android.net.NetworkScorerAppManager;
import android.net.NetworkScorerAppManager.NetworkScorerAppData;
import android.net.ScoredNetwork;
import android.os.Binder;
import android.os.PatternMatcher;
import android.os.RemoteException;
import android.os.UserHandle;
import android.provider.Settings;
import android.text.TextUtils;
import android.util.Log;
import com.android.internal.R;
import com.android.internal.annotations.GuardedBy;
import java.io.FileDescriptor;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* Backing service for {@link android.net.NetworkScoreManager}.
* @hide
*/
public class NetworkScoreService extends INetworkScoreService.Stub {
private static final String TAG = "NetworkScoreService";
private final Context mContext;
private final Map<Integer, INetworkScoreCache> mScoreCaches;
/** Lock used to update mReceiver when scorer package changes occur. */
private Object mReceiverLock = new Object[0];
/** Clears scores when the active scorer package is no longer valid. */
@GuardedBy("mReceiverLock")
private ScorerChangedReceiver mReceiver;
private class ScorerChangedReceiver extends BroadcastReceiver {
final String mRegisteredPackage;
ScorerChangedReceiver(String packageName) {
mRegisteredPackage = packageName;
}
@Override
public void onReceive(Context context, Intent intent) {
String action = intent.getAction();
if ((Intent.ACTION_PACKAGE_CHANGED.equals(action) ||
Intent.ACTION_PACKAGE_REPLACED.equals(action) ||
Intent.ACTION_PACKAGE_FULLY_REMOVED.equals(action)) &&
NetworkScorerAppManager.getActiveScorer(mContext) == null) {
// Package change has invalidated a scorer.
Log.i(TAG, "Package " + mRegisteredPackage +
" is no longer valid, disabling scoring");
setScorerInternal(null);
}
}
}
public NetworkScoreService(Context context) {
mContext = context;
mScoreCaches = new HashMap<>();
}
/** Called when the system is ready to run third-party code but before it actually does so. */
void systemReady() {
ContentResolver cr = mContext.getContentResolver();
if (Settings.Global.getInt(cr, Settings.Global.NETWORK_SCORING_PROVISIONED, 0) == 0) {
// On first run, we try to initialize the scorer to the one configured at build time.
// This will be a no-op if the scorer isn't actually valid.
String defaultPackage = mContext.getResources().getString(
R.string.config_defaultNetworkScorerPackageName);
if (!TextUtils.isEmpty(defaultPackage)) {
NetworkScorerAppManager.setActiveScorer(mContext, defaultPackage);
}
Settings.Global.putInt(cr, Settings.Global.NETWORK_SCORING_PROVISIONED, 1);
}
registerPackageReceiverIfNeeded();
}
private void registerPackageReceiverIfNeeded() {
NetworkScorerAppData scorer = NetworkScorerAppManager.getActiveScorer(mContext);
synchronized (mReceiverLock) {
// Unregister the receiver if the current scorer has changed since last registration.
if (mReceiver != null) {
if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG, "Unregistering receiver for " + mReceiver.mRegisteredPackage);
}
mContext.unregisterReceiver(mReceiver);
mReceiver = null;
}
// Register receiver if a scorer is active.
if (scorer != null) {
IntentFilter filter = new IntentFilter();
filter.addAction(Intent.ACTION_PACKAGE_CHANGED);
filter.addAction(Intent.ACTION_PACKAGE_REPLACED);
filter.addAction(Intent.ACTION_PACKAGE_FULLY_REMOVED);
filter.addDataScheme("package");
filter.addDataSchemeSpecificPart(scorer.mPackageName,
PatternMatcher.PATTERN_LITERAL);
mReceiver = new ScorerChangedReceiver(scorer.mPackageName);
// TODO: Need to update when we support per-user scorers.
mContext.registerReceiverAsUser(mReceiver, UserHandle.OWNER, filter, null, null);
if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG, "Registered receiver for " + scorer.mPackageName);
}
}
}
}
@Override
public boolean updateScores(ScoredNetwork[] networks) {
if (!NetworkScorerAppManager.isCallerActiveScorer(mContext, getCallingUid())) {
throw new SecurityException("Caller with UID " + getCallingUid() +
" is not the active scorer.");
}
// Separate networks by type.
Map<Integer, List<ScoredNetwork>> networksByType = new HashMap<>();
for (ScoredNetwork network : networks) {
List<ScoredNetwork> networkList = networksByType.get(network.networkKey.type);
if (networkList == null) {
networkList = new ArrayList<>();
networksByType.put(network.networkKey.type, networkList);
}
networkList.add(network);
}
// Pass the scores of each type down to the appropriate network scorer.
for (Map.Entry<Integer, List<ScoredNetwork>> entry : networksByType.entrySet()) {
INetworkScoreCache scoreCache = mScoreCaches.get(entry.getKey());
if (scoreCache != null) {
try {
scoreCache.updateScores(entry.getValue());
} catch (RemoteException e) {
if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG, "Unable to update scores of type " + entry.getKey(), e);
}
}
} else if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG, "No scorer registered for type " + entry.getKey() + ", discarding");
}
}
return true;
}
@Override
public boolean clearScores() {
// Only the active scorer or the system (who can broadcast BROADCAST_NETWORK_PRIVILEGED)
// should be allowed to flush all scores.
if (NetworkScorerAppManager.isCallerActiveScorer(mContext, getCallingUid()) ||
mContext.checkCallingOrSelfPermission(permission.BROADCAST_NETWORK_PRIVILEGED) ==
PackageManager.PERMISSION_GRANTED) {
clearInternal();
return true;
} else {
throw new SecurityException(
"Caller is neither the active scorer nor the scorer manager.");
}
}
@Override
public boolean setActiveScorer(String packageName) {
// TODO: For now, since SCORE_NETWORKS requires an app to be privileged, we allow such apps
// to directly set the scorer app rather than having to use the consent dialog. The
// assumption is that anyone bundling a scorer app with the system is trusted by the OEM to
// do the right thing and not enable this feature without explaining it to the user.
// In the future, should this API be opened to 3p apps, we will need to lock this down and
// figure out another way to streamline the UX.
// mContext.enforceCallingOrSelfPermission(permission.BROADCAST_NETWORK_PRIVILEGED, TAG);
mContext.enforceCallingOrSelfPermission(permission.SCORE_NETWORKS, TAG);
return setScorerInternal(packageName);
}
@Override
public void disableScoring() {
// Only the active scorer or the system (who can broadcast BROADCAST_NETWORK_PRIVILEGED)
// should be allowed to disable scoring.
if (NetworkScorerAppManager.isCallerActiveScorer(mContext, getCallingUid()) ||
mContext.checkCallingOrSelfPermission(permission.BROADCAST_NETWORK_PRIVILEGED) ==
PackageManager.PERMISSION_GRANTED) {
// The return value is discarded here because at this point, the call should always
// succeed. The only reason for failure is if the new package is not a valid scorer, but
// we're disabling scoring altogether here.
setScorerInternal(null /* packageName */);
} else {
throw new SecurityException(
"Caller is neither the active scorer nor the scorer manager.");
}
}
/** Set the active scorer. Callers are responsible for checking permissions as appropriate. */
private boolean setScorerInternal(String packageName) {
long token = Binder.clearCallingIdentity();
try {
// Preemptively clear scores even though the set operation could fail. We do this for
// safety as scores should never be compared across apps; in practice, Settings should
// only be allowing valid apps to be set as scorers, so failure here should be rare.
clearInternal();
boolean result = NetworkScorerAppManager.setActiveScorer(mContext, packageName);
if (result) {
registerPackageReceiverIfNeeded();
Intent intent = new Intent(NetworkScoreManager.ACTION_SCORER_CHANGED);
intent.putExtra(NetworkScoreManager.EXTRA_NEW_SCORER, packageName);
mContext.sendBroadcastAsUser(intent, UserHandle.ALL);
}
return result;
} finally {
Binder.restoreCallingIdentity(token);
}
}
/** Clear scores. Callers are responsible for checking permissions as appropriate. */
private void clearInternal() {
Set<INetworkScoreCache> cachesToClear = getScoreCaches();
for (INetworkScoreCache scoreCache : cachesToClear) {
try {
scoreCache.clearScores();
} catch (RemoteException e) {
if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG, "Unable to clear scores", e);
}
}
}
}
@Override
public void registerNetworkScoreCache(int networkType, INetworkScoreCache scoreCache) {
mContext.enforceCallingOrSelfPermission(permission.BROADCAST_NETWORK_PRIVILEGED, TAG);
synchronized (mScoreCaches) {
if (mScoreCaches.containsKey(networkType)) {
throw new IllegalArgumentException(
"Score cache already registered for type " + networkType);
}
mScoreCaches.put(networkType, scoreCache);
}
}
@Override
protected void dump(FileDescriptor fd, PrintWriter writer, String[] args) {
mContext.enforceCallingOrSelfPermission(permission.DUMP, TAG);
NetworkScorerAppData currentScorer = NetworkScorerAppManager.getActiveScorer(mContext);
if (currentScorer == null) {
writer.println("Scoring is disabled.");
return;
}
writer.println("Current scorer: " + currentScorer.mPackageName);
writer.flush();
for (INetworkScoreCache scoreCache : getScoreCaches()) {
try {
scoreCache.asBinder().dump(fd, args);
} catch (RemoteException e) {
writer.println("Unable to dump score cache");
if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG, "Unable to dump score cache", e);
}
}
}
}
/**
* Returns a set of all score caches that are currently active.
*
* <p>May be used to perform an action on all score caches without potentially strange behavior
* if a new scorer is registered during that action's execution.
*/
private Set<INetworkScoreCache> getScoreCaches() {
synchronized (mScoreCaches) {
return new HashSet<>(mScoreCaches.values());
}
}
}
|
