Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_native / 3382a94b38b0c5a020dd939e8416e2aa4a0c99c6^1..3382a94b38b0c5a020dd939e8416e2aa4a0c99c6 / .
commit3382a94b38b0c5a020dd939e8416e2aa4a0c99c6[log] [tgz]
authorTreeHugger Robot <treehugger-gerrit@google.com>Tue Sep 10 03:14:02 2019 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>Tue Sep 10 03:14:02 2019 +0000
tree45323ab1e3e57ebb6d05ed1735be3fe496801436
parentc84f5c78ea472b158023bd09df225cd9f34cdcc1 [diff]
parentc326a94d15828aee6a9261763bb40b82824f0c6c [diff]
Merge "libbinder: Hide AppOpsManager/Service from vendor."
diff --git a/libs/binder/Android.bp b/libs/binder/Android.bp
index 6ece4a2..86f19c5 100644
--- a/libs/binder/Android.bp
+++ b/libs/binder/Android.bp

@@ -86,8 +86,10 @@
         vendor: {
             exclude_srcs: [
                 "ActivityManager.cpp",
+                "AppOpsManager.cpp",
                 "IActivityManager.cpp",
                 "IAppOpsCallback.cpp",
+                "IAppOpsService.cpp",
                 "IBatteryStats.cpp",
                 "IMediaResourceMonitor.cpp",
                 "IPermissionController.cpp",

diff --git a/libs/binder/AppOpsManager.cpp b/libs/binder/AppOpsManager.cpp
index e2af01c..711fed9 100644
--- a/libs/binder/AppOpsManager.cpp
+++ b/libs/binder/AppOpsManager.cpp

@@ -32,7 +32,6 @@
 
 namespace {
 
-#ifndef __ANDROID_VNDK__
 #if defined(__BRILLO__)
 // Because Brillo has no application model, security policy is managed
 // statically (at build time) with SELinux controls.
@@ -41,17 +40,13 @@
 #else
 const int APP_OPS_MANAGER_UNAVAILABLE_MODE = AppOpsManager::MODE_IGNORED;
 #endif  // defined(__BRILLO__)
-#endif // __ANDROID_VNDK__
 
 }  // namespace
 
 static String16 _appops("appops");
-#ifndef __ANDROID_VNDK__
 static pthread_mutex_t gTokenMutex = PTHREAD_MUTEX_INITIALIZER;
-#endif // __ANDROID_VNDK__
 static sp<IBinder> gToken;
 
-#ifndef __ANDROID_VNDK__
 static const sp<IBinder>& getToken(const sp<IAppOpsService>& service) {
     pthread_mutex_lock(&gTokenMutex);
     if (gToken == nullptr || gToken->pingBinder() != NO_ERROR) {
@@ -60,17 +55,12 @@
     pthread_mutex_unlock(&gTokenMutex);
     return gToken;
 }
-#endif // __ANDROID_VNDK__
 
 thread_local uint64_t notedAppOpsInThisBinderTransaction[2];
 thread_local int32_t uidOfThisBinderTransaction = -1;
 
 // Whether an appop should be collected: 0 == not initialized, 1 == don't note, 2 == note
-#ifndef __ANDROID_VNDK__
 uint8_t appOpsToNote[AppOpsManager::_NUM_OP] = {0};
-#else
-uint8_t appOpsToNote[128] = {0};
-#endif // __ANDROID_VNDK__
 
 AppOpsManager::AppOpsManager()
 {
@@ -108,7 +98,6 @@
 }
 #endif  // defined(__BRILLO__)
 
-#ifndef __ANDROID_VNDK__
 int32_t AppOpsManager::checkOp(int32_t op, int32_t uid, const String16& callingPackage)
 {
     sp<IAppOpsService> service = getService();
@@ -200,8 +189,6 @@
     }
 }
 
-#endif // __ANDROID_VNDK__
-
 bool AppOpsManager::shouldCollectNotes(int32_t opcode) {
     sp<IAppOpsService> service = getService();
     if (service != nullptr) {

diff --git a/libs/binder/IAppOpsService.cpp b/libs/binder/IAppOpsService.cpp
index b6360cb..c58ea02 100644
--- a/libs/binder/IAppOpsService.cpp
+++ b/libs/binder/IAppOpsService.cpp

@@ -34,7 +34,6 @@
     {
     }
 
-#ifndef __ANDROID_VNDK__
     virtual int32_t checkOperation(int32_t code, int32_t uid, const String16& packageName) {
         Parcel data, reply;
         data.writeInterfaceToken(IAppOpsService::getInterfaceDescriptor());
@@ -145,7 +144,6 @@
         remote()->transact(SET_CAMERA_AUDIO_RESTRICTION_TRANSACTION, data, &reply);
     }
 
-#endif
     virtual void noteAsyncOp(const String16& callingPackageName, int32_t uid,
             const String16& packageName, int32_t opCode, const String16& message) {
         Parcel data, reply;
@@ -195,7 +193,6 @@
 {
     //printf("AppOpsService received: "); data.print();
     switch(code) {
-#ifndef __ANDROID_VNDK__
         case CHECK_OPERATION_TRANSACTION: {
             CHECK_INTERFACE(IAppOpsService, data, reply);
             int32_t code = data.readInt32();
@@ -288,7 +285,6 @@
             reply->writeNoException();
             return NO_ERROR;
         } break;
-#endif // __ANDROID_VNDK__
         case NOTE_ASYNC_OP_TRANSACTION: {
             CHECK_INTERFACE(IAppOpsService, data, reply);
             String16 callingPackageName = data.readString16();

diff --git a/libs/binder/include/binder/AppOpsManager.h b/libs/binder/include/binder/AppOpsManager.h
index dff4d49..f5a54ce 100644
--- a/libs/binder/include/binder/AppOpsManager.h
+++ b/libs/binder/include/binder/AppOpsManager.h

@@ -21,6 +21,10 @@
 
 #include <utils/threads.h>
 
+#ifdef __ANDROID_VNDK__
+#error "This header is not visible to vendors"
+#endif
+
 // ---------------------------------------------------------------------------
 namespace android {
 
@@ -33,7 +37,6 @@
         MODE_ERRORED = IAppOpsService::MODE_ERRORED
     };
 
-#ifndef __ANDROID_VNDK__
     enum {
         OP_NONE = -1,
         OP_COARSE_LOCATION = 0,
@@ -121,11 +124,9 @@
         OP_READ_DEVICE_IDENTIFIERS = 89,
         _NUM_OP = 90
     };
-#endif // __ANDROID_VNDK__
 
     AppOpsManager();
 
-#ifndef __ANDROID_VNDK__
     int32_t checkOp(int32_t op, int32_t uid, const String16& callingPackage);
     int32_t checkAudioOpNoThrow(int32_t op, int32_t usage, int32_t uid,
             const String16& callingPackage);
@@ -145,7 +146,6 @@
     void stopWatchingMode(const sp<IAppOpsCallback>& callback);
     int32_t permissionToOpCode(const String16& permission);
     void setCameraAudioRestriction(int32_t mode);
-#endif // __ANDROID_VNDK__
     void noteAsyncOp(const String16& callingPackageName, int32_t uid, const String16& packageName,
             int32_t opCode, const String16& message);
 

diff --git a/libs/binder/include/binder/IAppOpsService.h b/libs/binder/include/binder/IAppOpsService.h
index 009ef6c..9784003 100644
--- a/libs/binder/include/binder/IAppOpsService.h
+++ b/libs/binder/include/binder/IAppOpsService.h

@@ -18,11 +18,13 @@
 #ifndef ANDROID_IAPP_OPS_SERVICE_H
 #define ANDROID_IAPP_OPS_SERVICE_H
 
-#ifndef __ANDROID_VNDK__
 #include <binder/IAppOpsCallback.h>
-#endif
 #include <binder/IInterface.h>
 
+#ifdef __ANDROID_VNDK__
+#error "This header is not visible to vendors"
+#endif
+
 namespace android {
 
 // ----------------------------------------------------------------------
@@ -32,7 +34,6 @@
 public:
     DECLARE_META_INTERFACE(AppOpsService)
 
-#ifndef __ANDROID_VNDK__
     virtual int32_t checkOperation(int32_t code, int32_t uid, const String16& packageName) = 0;
     virtual int32_t noteOperation(int32_t code, int32_t uid, const String16& packageName) = 0;
     virtual int32_t startOperation(const sp<IBinder>& token, int32_t code, int32_t uid,
@@ -47,13 +48,11 @@
     virtual int32_t checkAudioOperation(int32_t code, int32_t usage,int32_t uid,
             const String16& packageName) = 0;
     virtual void setCameraAudioRestriction(int32_t mode) = 0;
-#endif // __ANDROID_VNDK__
     virtual void noteAsyncOp(const String16& callingPackageName, int32_t uid,
             const String16& packageName, int32_t opCode, const String16& message) = 0;
     virtual bool shouldCollectNotes(int32_t opCode) = 0;
 
     enum {
-#ifndef __ANDROID_VNDK__
         CHECK_OPERATION_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION,
         NOTE_OPERATION_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+1,
         START_OPERATION_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+2,
@@ -63,13 +62,9 @@
         GET_TOKEN_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+6,
         PERMISSION_TO_OP_CODE_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+7,
         CHECK_AUDIO_OPERATION_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+8,
-#endif // __ANDROID_VNDK__
         NOTE_ASYNC_OP_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+9,
         SHOULD_COLLECT_NOTES_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+10,
-#ifndef __ANDROID_VNDK__
         SET_CAMERA_AUDIO_RESTRICTION_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION+11,
-#endif // __ANDROID_VNDK__
-
     };
 
     enum {