|  | /* | 
|  | * Copyright (C) 2013 The Android Open Source Project | 
|  | * | 
|  | * Licensed under the Apache License, Version 2.0 (the "License"); | 
|  | * you may not use this file except in compliance with the License. | 
|  | * You may obtain a copy of the License at | 
|  | * | 
|  | *      http://www.apache.org/licenses/LICENSE-2.0 | 
|  | * | 
|  | * Unless required by applicable law or agreed to in writing, software | 
|  | * distributed under the License is distributed on an "AS IS" BASIS, | 
|  | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | 
|  | * See the License for the specific language governing permissions and | 
|  | * limitations under the License. | 
|  | */ | 
|  |  | 
|  | #include <mutex> | 
|  | #include <binder/AppOpsManager.h> | 
|  | #include <binder/Binder.h> | 
|  | #include <binder/IServiceManager.h> | 
|  |  | 
|  | #include <utils/SystemClock.h> | 
|  |  | 
|  | namespace android { | 
|  |  | 
|  | namespace { | 
|  |  | 
|  | #if defined(__BRILLO__) | 
|  | // Because Brillo has no application model, security policy is managed | 
|  | // statically (at build time) with SELinux controls. | 
|  | // As a consequence, it also never runs the AppOpsManager service. | 
|  | const int APP_OPS_MANAGER_UNAVAILABLE_MODE = AppOpsManager::MODE_ALLOWED; | 
|  | #else | 
|  | const int APP_OPS_MANAGER_UNAVAILABLE_MODE = AppOpsManager::MODE_IGNORED; | 
|  | #endif  // defined(__BRILLO__) | 
|  |  | 
|  | }  // namespace | 
|  |  | 
|  | static String16 _appops("appops"); | 
|  | static pthread_mutex_t gTokenMutex = PTHREAD_MUTEX_INITIALIZER; | 
|  | static sp<IBinder> gToken; | 
|  |  | 
|  | static const sp<IBinder>& getToken(const sp<IAppOpsService>& service) { | 
|  | pthread_mutex_lock(&gTokenMutex); | 
|  | if (gToken == nullptr || gToken->pingBinder() != NO_ERROR) { | 
|  | gToken = service->getToken(new BBinder()); | 
|  | } | 
|  | pthread_mutex_unlock(&gTokenMutex); | 
|  | return gToken; | 
|  | } | 
|  |  | 
|  | AppOpsManager::AppOpsManager() | 
|  | { | 
|  | } | 
|  |  | 
|  | #if defined(__BRILLO__) | 
|  | // There is no AppOpsService on Brillo | 
|  | sp<IAppOpsService> AppOpsManager::getService() { return NULL; } | 
|  | #else | 
|  | sp<IAppOpsService> AppOpsManager::getService() | 
|  | { | 
|  |  | 
|  | std::lock_guard<Mutex> scoped_lock(mLock); | 
|  | int64_t startTime = 0; | 
|  | sp<IAppOpsService> service = mService; | 
|  | while (service == nullptr || !IInterface::asBinder(service)->isBinderAlive()) { | 
|  | sp<IBinder> binder = defaultServiceManager()->checkService(_appops); | 
|  | if (binder == nullptr) { | 
|  | // Wait for the app ops service to come back... | 
|  | if (startTime == 0) { | 
|  | startTime = uptimeMillis(); | 
|  | ALOGI("Waiting for app ops service"); | 
|  | } else if ((uptimeMillis()-startTime) > 10000) { | 
|  | ALOGW("Waiting too long for app ops service, giving up"); | 
|  | service = nullptr; | 
|  | break; | 
|  | } | 
|  | sleep(1); | 
|  | } else { | 
|  | service = interface_cast<IAppOpsService>(binder); | 
|  | mService = service; | 
|  | } | 
|  | } | 
|  | return service; | 
|  | } | 
|  | #endif  // defined(__BRILLO__) | 
|  |  | 
|  | int32_t AppOpsManager::checkOp(int32_t op, int32_t uid, const String16& callingPackage) | 
|  | { | 
|  | sp<IAppOpsService> service = getService(); | 
|  | return service != nullptr | 
|  | ? service->checkOperation(op, uid, callingPackage) | 
|  | : APP_OPS_MANAGER_UNAVAILABLE_MODE; | 
|  | } | 
|  |  | 
|  | int32_t AppOpsManager::checkAudioOpNoThrow(int32_t op, int32_t usage, int32_t uid, | 
|  | const String16& callingPackage) { | 
|  | sp<IAppOpsService> service = getService(); | 
|  | return service != nullptr | 
|  | ? service->checkAudioOperation(op, usage, uid, callingPackage) | 
|  | : APP_OPS_MANAGER_UNAVAILABLE_MODE; | 
|  | } | 
|  |  | 
|  | int32_t AppOpsManager::noteOp(int32_t op, int32_t uid, const String16& callingPackage) { | 
|  | sp<IAppOpsService> service = getService(); | 
|  | return service != nullptr | 
|  | ? service->noteOperation(op, uid, callingPackage) | 
|  | : APP_OPS_MANAGER_UNAVAILABLE_MODE; | 
|  | } | 
|  |  | 
|  | int32_t AppOpsManager::startOpNoThrow(int32_t op, int32_t uid, const String16& callingPackage, | 
|  | bool startIfModeDefault) { | 
|  | sp<IAppOpsService> service = getService(); | 
|  | return service != nullptr | 
|  | ? service->startOperation(getToken(service), op, uid, callingPackage, | 
|  | startIfModeDefault) : APP_OPS_MANAGER_UNAVAILABLE_MODE; | 
|  | } | 
|  |  | 
|  | void AppOpsManager::finishOp(int32_t op, int32_t uid, const String16& callingPackage) { | 
|  | sp<IAppOpsService> service = getService(); | 
|  | if (service != nullptr) { | 
|  | service->finishOperation(getToken(service), op, uid, callingPackage); | 
|  | } | 
|  | } | 
|  |  | 
|  | void AppOpsManager::startWatchingMode(int32_t op, const String16& packageName, | 
|  | const sp<IAppOpsCallback>& callback) { | 
|  | sp<IAppOpsService> service = getService(); | 
|  | if (service != nullptr) { | 
|  | service->startWatchingMode(op, packageName, callback); | 
|  | } | 
|  | } | 
|  |  | 
|  | void AppOpsManager::stopWatchingMode(const sp<IAppOpsCallback>& callback) { | 
|  | sp<IAppOpsService> service = getService(); | 
|  | if (service != nullptr) { | 
|  | service->stopWatchingMode(callback); | 
|  | } | 
|  | } | 
|  |  | 
|  | int32_t AppOpsManager::permissionToOpCode(const String16& permission) { | 
|  | sp<IAppOpsService> service = getService(); | 
|  | if (service != nullptr) { | 
|  | return service->permissionToOpCode(permission); | 
|  | } | 
|  | return -1; | 
|  | } | 
|  |  | 
|  |  | 
|  | }; // namespace android |