1 /* 2 * Copyright (C) 2013 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #include <mutex> 18 #include <binder/AppOpsManager.h> 19 #include <binder/Binder.h> 20 #include <binder/IServiceManager.h> 21 22 #include <utils/SystemClock.h> 23 24 namespace android { 25 26 namespace { 27 28 #if defined(__BRILLO__) 29 // Because Brillo has no application model, security policy is managed 30 // statically (at build time) with SELinux controls. 31 // As a consequence, it also never runs the AppOpsManager service. 32 const int APP_OPS_MANAGER_UNAVAILABLE_MODE = AppOpsManager::MODE_ALLOWED; 33 #else 34 const int APP_OPS_MANAGER_UNAVAILABLE_MODE = AppOpsManager::MODE_IGNORED; 35 #endif // defined(__BRILLO__) 36 37 } // namespace 38 39 static String16 _appops("appops"); 40 static pthread_mutex_t gTokenMutex = PTHREAD_MUTEX_INITIALIZER; 41 static sp<IBinder> gToken; 42 43 static const sp<IBinder>& getToken(const sp<IAppOpsService>& service) { 44 pthread_mutex_lock(&gTokenMutex); 45 if (gToken == nullptr || gToken->pingBinder() != NO_ERROR) { 46 gToken = service->getToken(new BBinder()); 47 } 48 pthread_mutex_unlock(&gTokenMutex); 49 return gToken; 50 } 51 52 AppOpsManager::AppOpsManager() 53 { 54 } 55 56 #if defined(__BRILLO__) 57 // There is no AppOpsService on Brillo 58 sp<IAppOpsService> AppOpsManager::getService() { return NULL; } 59 #else 60 sp<IAppOpsService> AppOpsManager::getService() 61 { 62 63 std::lock_guard<Mutex> scoped_lock(mLock); 64 int64_t startTime = 0; 65 sp<IAppOpsService> service = mService; 66 while (service == nullptr || !IInterface::asBinder(service)->isBinderAlive()) { 67 sp<IBinder> binder = defaultServiceManager()->checkService(_appops); 68 if (binder == nullptr) { 69 // Wait for the app ops service to come back... 70 if (startTime == 0) { 71 startTime = uptimeMillis(); 72 ALOGI("Waiting for app ops service"); 73 } else if ((uptimeMillis()-startTime) > 10000) { 74 ALOGW("Waiting too long for app ops service, giving up"); 75 service = nullptr; 76 break; 77 } 78 sleep(1); 79 } else { 80 service = interface_cast<IAppOpsService>(binder); 81 mService = service; 82 } 83 } 84 return service; 85 } 86 #endif // defined(__BRILLO__) 87 88 int32_t AppOpsManager::checkOp(int32_t op, int32_t uid, const String16& callingPackage) 89 { 90 sp<IAppOpsService> service = getService(); 91 return service != nullptr 92 ? service->checkOperation(op, uid, callingPackage) 93 : APP_OPS_MANAGER_UNAVAILABLE_MODE; 94 } 95 96 int32_t AppOpsManager::checkAudioOpNoThrow(int32_t op, int32_t usage, int32_t uid, 97 const String16& callingPackage) { 98 sp<IAppOpsService> service = getService(); 99 return service != nullptr 100 ? service->checkAudioOperation(op, usage, uid, callingPackage) 101 : APP_OPS_MANAGER_UNAVAILABLE_MODE; 102 } 103 104 int32_t AppOpsManager::noteOp(int32_t op, int32_t uid, const String16& callingPackage) { 105 sp<IAppOpsService> service = getService(); 106 return service != nullptr 107 ? service->noteOperation(op, uid, callingPackage) 108 : APP_OPS_MANAGER_UNAVAILABLE_MODE; 109 } 110 111 int32_t AppOpsManager::startOpNoThrow(int32_t op, int32_t uid, const String16& callingPackage, 112 bool startIfModeDefault) { 113 sp<IAppOpsService> service = getService(); 114 return service != nullptr 115 ? service->startOperation(getToken(service), op, uid, callingPackage, 116 startIfModeDefault) : APP_OPS_MANAGER_UNAVAILABLE_MODE; 117 } 118 119 void AppOpsManager::finishOp(int32_t op, int32_t uid, const String16& callingPackage) { 120 sp<IAppOpsService> service = getService(); 121 if (service != nullptr) { 122 service->finishOperation(getToken(service), op, uid, callingPackage); 123 } 124 } 125 126 void AppOpsManager::startWatchingMode(int32_t op, const String16& packageName, 127 const sp<IAppOpsCallback>& callback) { 128 sp<IAppOpsService> service = getService(); 129 if (service != nullptr) { 130 service->startWatchingMode(op, packageName, callback); 131 } 132 } 133 134 void AppOpsManager::stopWatchingMode(const sp<IAppOpsCallback>& callback) { 135 sp<IAppOpsService> service = getService(); 136 if (service != nullptr) { 137 service->stopWatchingMode(callback); 138 } 139 } 140 141 int32_t AppOpsManager::permissionToOpCode(const String16& permission) { 142 sp<IAppOpsService> service = getService(); 143 if (service != nullptr) { 144 return service->permissionToOpCode(permission); 145 } 146 return -1; 147 } 148 149 150 }; // namespace android 151
