Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 3aecf323e3e9f253b5a5482c2b79c613ce8c9fcf^! / .
commit3aecf323e3e9f253b5a5482c2b79c613ce8c9fcf[log] [tgz]
authorHongyi Zhang <hongyiz@google.com>Sun Mar 01 18:46:51 2020 -0800
committerHongyi Zhang <hongyiz@google.com>Fri Mar 13 16:30:06 2020 +0000
treecf4c47f9c0f421d483325f1ac97948be224c9b20
parent7fcb7d59c433b28c1d90c9ac5c9c87cd8e9728c2 [diff]
RescueParty: Add a DeviceConfig killswitch

1. Add a killswitch DeviceConfig flag in case emergency rollback is
needed (e.g. PackageWatchdog doesn't behave correctly).
2. Register the namespace for native flag sync mapper so that we can
also use the flag to turn off native disaster recovery.

Test: Atest RescueParty & verified on local device
Bug: 149420506
Change-Id: I9a0b546c7229c8444947b522585dd2c5ed37a00b
(cherry picked from commit 1c0993cf12d34e7611db258982c1854960985545)

diff --git a/core/java/android/provider/DeviceConfig.java b/core/java/android/provider/DeviceConfig.java
index aa511cc..fb81d67 100644
--- a/core/java/android/provider/DeviceConfig.java
+++ b/core/java/android/provider/DeviceConfig.java

@@ -399,6 +399,13 @@
     public static final String NAMESPACE_CONNECTIVITY_THERMAL_POWER_MANAGER =
             "connectivity_thermal_power_manager";
 
+    /**
+     * Namespace for configuration related features.
+     *
+     * @hide
+     */
+    public static final String NAMESPACE_CONFIGURATION = "configuration";
+
     private static final Object sLock = new Object();
     @GuardedBy("sLock")
     private static ArrayMap<OnPropertiesChangedListener, Pair<String, Executor>> sListeners =

diff --git a/services/core/java/com/android/server/RescueParty.java b/services/core/java/com/android/server/RescueParty.java
index 80036bb..808d322 100644
--- a/services/core/java/com/android/server/RescueParty.java
+++ b/services/core/java/com/android/server/RescueParty.java

@@ -99,6 +99,8 @@
     private static final String PROP_DISABLE_RESCUE = "persist.sys.disable_rescue";
     private static final String PROP_VIRTUAL_DEVICE = "ro.hardware.virtual_device";
 
+    private static final String DEVICE_CONFIG_DISABLE_FLAG = "disable_rescue_party";
+
     private static final int PERSISTENT_MASK = ApplicationInfo.FLAG_PERSISTENT
             | ApplicationInfo.FLAG_SYSTEM;
 
@@ -114,6 +116,14 @@
             return false;
         }
 
+        // We're disabled if the DeviceConfig disable flag is set to true.
+        // This is in case that an emergency rollback of the feature is needed.
+        if (DeviceConfig.getBoolean(
+                DeviceConfig.NAMESPACE_CONFIGURATION, DEVICE_CONFIG_DISABLE_FLAG, false)) {
+            Slog.v(TAG, "Disabled because of DeviceConfig flag");
+            return true;
+        }
+
         // We're disabled on all engineering devices
         if (Build.IS_ENG) {
             Slog.v(TAG, "Disabled because of eng build");

diff --git a/services/core/java/com/android/server/am/SettingsToPropertiesMapper.java b/services/core/java/com/android/server/am/SettingsToPropertiesMapper.java
index 0a8e70c..bac7565 100644
--- a/services/core/java/com/android/server/am/SettingsToPropertiesMapper.java
+++ b/services/core/java/com/android/server/am/SettingsToPropertiesMapper.java

@@ -80,6 +80,7 @@
     @VisibleForTesting
     static final String[] sDeviceConfigScopes = new String[] {
         DeviceConfig.NAMESPACE_ACTIVITY_MANAGER_NATIVE_BOOT,
+        DeviceConfig.NAMESPACE_CONFIGURATION,
         DeviceConfig.NAMESPACE_INPUT_NATIVE_BOOT,
         DeviceConfig.NAMESPACE_INTELLIGENCE_CONTENT_SUGGESTIONS,
         DeviceConfig.NAMESPACE_MEDIA_NATIVE,

diff --git a/services/tests/mockingservicestests/src/com/android/server/RescuePartyTest.java b/services/tests/mockingservicestests/src/com/android/server/RescuePartyTest.java
index c94bb87..5c82200 100644
--- a/services/tests/mockingservicestests/src/com/android/server/RescuePartyTest.java
+++ b/services/tests/mockingservicestests/src/com/android/server/RescuePartyTest.java

@@ -79,6 +79,7 @@
     private static final String CALLING_PACKAGE2 = "com.package.name2";
     private static final String NAMESPACE1 = "namespace1";
     private static final String NAMESPACE2 = "namespace2";
+    private static final String DISABLE_RESCUE_PARTY_FLAG = "disable_rescue_party";
 
     private MockitoSession mSession;
     private HashMap<String, String> mSystemSettingsMap;
@@ -316,6 +317,13 @@
 
     @Test
     public void testExplicitlyEnablingAndDisablingRescue() {
+        // mock the DeviceConfig get call to avoid hitting
+        // android.permission.READ_DEVICE_CONFIG when calling real DeviceConfig.
+        doReturn(true)
+                .when(() -> DeviceConfig.getBoolean(
+                    eq(DeviceConfig.NAMESPACE_CONFIGURATION),
+                    eq(DISABLE_RESCUE_PARTY_FLAG),
+                    eq(false)));
         SystemProperties.set(RescueParty.PROP_ENABLE_RESCUE, Boolean.toString(false));
         SystemProperties.set(PROP_DISABLE_RESCUE, Boolean.toString(true));
         assertEquals(RescuePartyObserver.getInstance(mMockContext).execute(sFailingPackage,
@@ -327,6 +335,22 @@
     }
 
     @Test
+    public void testDisablingRescueByDeviceConfigFlag() {
+        doReturn(true)
+                .when(() -> DeviceConfig.getBoolean(
+                    eq(DeviceConfig.NAMESPACE_CONFIGURATION),
+                    eq(DISABLE_RESCUE_PARTY_FLAG),
+                    eq(false)));
+        SystemProperties.set(RescueParty.PROP_ENABLE_RESCUE, Boolean.toString(false));
+
+        assertEquals(RescuePartyObserver.getInstance(mMockContext).execute(sFailingPackage,
+                PackageWatchdog.FAILURE_REASON_APP_NOT_RESPONDING), false);
+
+        // Restore the property value initalized in SetUp()
+        SystemProperties.set(RescueParty.PROP_ENABLE_RESCUE, Boolean.toString(true));
+    }
+
+    @Test
     public void testHealthCheckLevels() {
         RescuePartyObserver observer = RescuePartyObserver.getInstance(mMockContext);