New "app ops" service.
Initial implementation, tracking use of the vibrator, GPS,
and location reports.
Also includes an update to battery stats to also keep track of
vibrator usage (since I had to be in the vibrator code anyway
to instrument it).
The service itself is only half-done. Currently no API to
retrieve the data (which once there will allow us to show you
which apps are currently causing the GPS to run and who has
recently accessed your location), it doesn't persist its data
like it should, and no way to tell it to reject app requests
for various operations.
But hey, it's a start!
Change-Id: I05b8d76cc4a4f7f37bc758c1701f51f9e0550e15
diff --git a/services/java/com/android/server/AppOpsService.java b/services/java/com/android/server/AppOpsService.java
new file mode 100644
index 0000000..5ad4be8
--- /dev/null
+++ b/services/java/com/android/server/AppOpsService.java
@@ -0,0 +1,260 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server;
+
+import java.io.File;
+import java.io.FileDescriptor;
+import java.io.PrintWriter;
+import java.util.HashMap;
+
+import android.app.AppOpsManager;
+import android.content.Context;
+import android.content.pm.PackageManager;
+import android.content.pm.PackageManager.NameNotFoundException;
+import android.os.Binder;
+import android.os.Environment;
+import android.os.Process;
+import android.os.ServiceManager;
+import android.os.UserHandle;
+import android.util.AtomicFile;
+import android.util.Slog;
+import android.util.SparseArray;
+import android.util.TimeUtils;
+
+import com.android.internal.app.IAppOpsService;
+
+public class AppOpsService extends IAppOpsService.Stub {
+ static final String TAG = "AppOps";
+
+ Context mContext;
+ final AtomicFile mFile;
+
+ final SparseArray<HashMap<String, Ops>> mUidOps
+ = new SparseArray<HashMap<String, Ops>>();
+
+ final static class Ops extends SparseArray<Op> {
+ public final String packageName;
+
+ public Ops(String _packageName) {
+ packageName = _packageName;
+ }
+ }
+
+ final static class Op {
+ public final int op;
+ public int duration;
+ public long time;
+
+ public Op(int _op) {
+ op = _op;
+ }
+ }
+
+ public AppOpsService() {
+ mFile = new AtomicFile(new File(Environment.getSecureDataDirectory(), "appops.xml"));
+ }
+
+ public void publish(Context context) {
+ mContext = context;
+ ServiceManager.addService(Context.APP_OPS_SERVICE, asBinder());
+ }
+
+ public void shutdown() {
+ Slog.w(TAG, "Writing app ops before shutdown...");
+ }
+
+ @Override
+ public int noteOperation(int code, int uid, String packageName) {
+ uid = handleIncomingUid(uid);
+ synchronized (this) {
+ Op op = getOpLocked(code, uid, packageName);
+ if (op == null) {
+ return AppOpsManager.MODE_IGNORED;
+ }
+ if (op.duration == -1) {
+ Slog.w(TAG, "Noting op not finished: uid " + uid + " pkg " + packageName
+ + " code " + code + " time=" + op.time + " duration=" + op.duration);
+ }
+ op.time = System.currentTimeMillis();
+ op.duration = 0;
+ }
+ return AppOpsManager.MODE_ALLOWED;
+ }
+
+ @Override
+ public int startOperation(int code, int uid, String packageName) {
+ uid = handleIncomingUid(uid);
+ synchronized (this) {
+ Op op = getOpLocked(code, uid, packageName);
+ if (op == null) {
+ return AppOpsManager.MODE_IGNORED;
+ }
+ if (op.duration == -1) {
+ Slog.w(TAG, "Starting op not finished: uid " + uid + " pkg " + packageName
+ + " code " + code + " time=" + op.time + " duration=" + op.duration);
+ }
+ op.time = System.currentTimeMillis();
+ op.duration = -1;
+ }
+ return AppOpsManager.MODE_ALLOWED;
+ }
+
+ @Override
+ public void finishOperation(int code, int uid, String packageName) {
+ uid = handleIncomingUid(uid);
+ synchronized (this) {
+ Op op = getOpLocked(code, uid, packageName);
+ if (op == null) {
+ return;
+ }
+ if (op.duration != -1) {
+ Slog.w(TAG, "Ignoring finishing op not started: uid " + uid + " pkg " + packageName
+ + " code " + code + " time=" + op.time + " duration=" + op.duration);
+ return;
+ }
+ op.duration = (int)(System.currentTimeMillis() - op.time);
+ }
+ }
+
+ @Override
+ public int noteTimedOperation(int code, int uid, String packageName, int duration) {
+ uid = handleIncomingUid(uid);
+ synchronized (this) {
+ Op op = getOpLocked(code, uid, packageName);
+ if (op == null) {
+ return AppOpsManager.MODE_IGNORED;
+ }
+ if (op.duration == -1) {
+ Slog.w(TAG, "Noting op not finished: uid " + uid + " pkg " + packageName
+ + " code " + code + " time=" + op.time + " duration=" + op.duration);
+ }
+ op.time = System.currentTimeMillis();
+ op.duration = duration;
+ }
+ return AppOpsManager.MODE_ALLOWED;
+ }
+
+ @Override
+ public void earlyFinishOperation(int code, int uid, String packageName) {
+ uid = handleIncomingUid(uid);
+ synchronized (this) {
+ Op op = getOpLocked(code, uid, packageName);
+ if (op == null) {
+ return;
+ }
+ if (op.duration != -1) {
+ Slog.w(TAG, "Noting timed op not finished: uid " + uid + " pkg " + packageName
+ + " code " + code + " time=" + op.time + " duration=" + op.duration);
+ }
+ int newDuration = (int)(System.currentTimeMillis() - op.time);
+ if (newDuration < op.duration) {
+ op.duration = newDuration;
+ }
+ }
+ }
+
+ private int handleIncomingUid(int uid) {
+ if (uid == Binder.getCallingUid()) {
+ return uid;
+ }
+ if (Binder.getCallingPid() == Process.myPid()) {
+ return uid;
+ }
+ mContext.enforcePermission(android.Manifest.permission.UPDATE_APP_OPS_STATS,
+ Binder.getCallingPid(), Binder.getCallingUid(), null);
+ return uid;
+ }
+
+ private Op getOpLocked(int code, int uid, String packageName) {
+ HashMap<String, Ops> pkgOps = mUidOps.get(uid);
+ if (pkgOps == null) {
+ pkgOps = new HashMap<String, Ops>();
+ mUidOps.put(uid, pkgOps);
+ }
+ Ops ops = pkgOps.get(packageName);
+ if (ops == null) {
+ // This is the first time we have seen this package name under this uid,
+ // so let's make sure it is valid.
+ // XXX for now we always allow null through until we can fix everything
+ // to provide the name.
+ if (packageName != null) {
+ final long ident = Binder.clearCallingIdentity();
+ try {
+ int pkgUid = -1;
+ try {
+ pkgUid = mContext.getPackageManager().getPackageUid(packageName,
+ UserHandle.getUserId(uid));
+ } catch (NameNotFoundException e) {
+ }
+ if (pkgUid != uid) {
+ // Oops! The package name is not valid for the uid they are calling
+ // under. Abort.
+ Slog.w(TAG, "Bad call: specified package " + packageName
+ + " under uid " + uid + " but it is really " + pkgUid);
+ return null;
+ }
+ } finally {
+ Binder.restoreCallingIdentity(ident);
+ }
+ }
+ ops = new Ops(packageName);
+ pkgOps.put(packageName, ops);
+ }
+ Op op = ops.get(code);
+ if (op == null) {
+ op = new Op(code);
+ ops.put(code, op);
+ }
+ return op;
+ }
+
+ @Override
+ protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
+ if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.DUMP)
+ != PackageManager.PERMISSION_GRANTED) {
+ pw.println("Permission Denial: can't dump ApOps service from from pid="
+ + Binder.getCallingPid()
+ + ", uid=" + Binder.getCallingUid());
+ return;
+ }
+
+ synchronized (this) {
+ pw.println("Current AppOps Service state:");
+ for (int i=0; i<mUidOps.size(); i++) {
+ pw.print(" Uid "); UserHandle.formatUid(pw, mUidOps.keyAt(i)); pw.println(":");
+ HashMap<String, Ops> pkgOps = mUidOps.valueAt(i);
+ for (Ops ops : pkgOps.values()) {
+ pw.print(" Package "); pw.print(ops.packageName); pw.println(":");
+ for (int j=0; j<ops.size(); j++) {
+ Op op = ops.valueAt(j);
+ pw.print(" "); pw.print(AppOpsManager.opToString(op.op));
+ pw.print(": time=");
+ TimeUtils.formatDuration(System.currentTimeMillis()-op.time, pw);
+ pw.print(" ago");
+ if (op.duration == -1) {
+ pw.println(" (running)");
+ } else {
+ pw.print("; duration=");
+ TimeUtils.formatDuration(op.duration, pw);
+ pw.println();
+ }
+ }
+ }
+ }
+ }
+ }
+}