Merge "[ActivityManager] Reset ActivityRecord's waitingVisible"
diff --git a/Android.mk b/Android.mk
index 7cd6635..5d9c5b3 100644
--- a/Android.mk
+++ b/Android.mk
@@ -998,13 +998,9 @@
../../external/nist-sip/java \
../../external/apache-http/src \
../../external/tagsoup/src \
- ../../external/libphonenumber/java/src
ext_src_files := $(call all-java-files-under,$(ext_dirs))
-ext_res_dirs := \
- ../../external/libphonenumber/java/src
-
# ==== the library =========================================
include $(CLEAR_VARS)
@@ -1012,7 +1008,7 @@
LOCAL_NO_STANDARD_LIBRARIES := true
LOCAL_JAVA_LIBRARIES := core-libart
-LOCAL_JAVA_RESOURCE_DIRS := $(ext_res_dirs)
+LOCAL_STATIC_JAVA_LIBRARIES := libphonenumber-platform
LOCAL_MODULE_TAGS := optional
LOCAL_MODULE := ext
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index 79e84d9..d08758b 100644
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -6343,14 +6343,7 @@
public static final String CALL_AUTO_RETRY = "call_auto_retry";
/**
- * The preferred network mode 7 = Global
- * 6 = EvDo only
- * 5 = CDMA w/o EvDo
- * 4 = CDMA / EvDo auto
- * 3 = GSM / WCDMA auto
- * 2 = WCDMA only
- * 1 = GSM only
- * 0 = GSM / WCDMA preferred
+ * See RIL_PreferredNetworkType in ril.h
* @hide
*/
public static final String PREFERRED_NETWORK_MODE =
diff --git a/core/jni/AndroidRuntime.cpp b/core/jni/AndroidRuntime.cpp
index c6224e5..fb0d5d5 100644
--- a/core/jni/AndroidRuntime.cpp
+++ b/core/jni/AndroidRuntime.cpp
@@ -525,8 +525,6 @@
JavaVMInitArgs initArgs;
char propBuf[PROPERTY_VALUE_MAX];
char stackTraceFileBuf[sizeof("-Xstacktracefile:")-1 + PROPERTY_VALUE_MAX];
- char dexoptFlagsBuf[PROPERTY_VALUE_MAX];
- char enableAssertBuf[sizeof("-ea:")-1 + PROPERTY_VALUE_MAX];
char jniOptsBuf[sizeof("-Xjniopts:")-1 + PROPERTY_VALUE_MAX];
char heapstartsizeOptsBuf[sizeof("-Xms")-1 + PROPERTY_VALUE_MAX];
char heapsizeOptsBuf[sizeof("-Xmx")-1 + PROPERTY_VALUE_MAX];
@@ -536,8 +534,6 @@
char gctypeOptsBuf[sizeof("-Xgc:")-1 + PROPERTY_VALUE_MAX];
char backgroundgcOptsBuf[sizeof("-XX:BackgroundGC=")-1 + PROPERTY_VALUE_MAX];
char heaptargetutilizationOptsBuf[sizeof("-XX:HeapTargetUtilization=")-1 + PROPERTY_VALUE_MAX];
- char jitcodecachesizeOptsBuf[sizeof("-Xjitcodecachesize:")-1 + PROPERTY_VALUE_MAX];
- char dalvikVmLibBuf[PROPERTY_VALUE_MAX];
char dex2oatXmsImageFlagsBuf[sizeof("-Xms")-1 + PROPERTY_VALUE_MAX];
char dex2oatXmxImageFlagsBuf[sizeof("-Xmx")-1 + PROPERTY_VALUE_MAX];
char dex2oatXmsFlagsBuf[sizeof("-Xms")-1 + PROPERTY_VALUE_MAX];
@@ -566,8 +562,6 @@
char langOption[sizeof("-Duser.language=") + 3];
char regionOption[sizeof("-Duser.region=") + 3];
char lockProfThresholdBuf[sizeof("-Xlockprofthreshold:")-1 + PROPERTY_VALUE_MAX];
- char jitOpBuf[sizeof("-Xjitop:")-1 + PROPERTY_VALUE_MAX];
- char jitMethodBuf[sizeof("-Xjitmethod:")-1 + PROPERTY_VALUE_MAX];
char nativeBridgeLibrary[sizeof("-XX:NativeBridge=") + PROPERTY_VALUE_MAX];
bool checkJni = false;
@@ -586,9 +580,6 @@
/* extended JNI checking */
addOption("-Xcheck:jni");
- /* set a cap on JNI global references */
- addOption("-Xjnigreflimit:2000");
-
/* with -Xcheck:jni, this provides a JNI function call trace */
//addOption("-verbose:jni");
}
@@ -604,30 +595,6 @@
parseRuntimeOption("dalvik.vm.stack-trace-file", stackTraceFileBuf, "-Xstacktracefile:");
- property_get("dalvik.vm.check-dex-sum", propBuf, "");
- if (strcmp(propBuf, "true") == 0) {
- /* perform additional DEX checksum tests */
- addOption("-Xcheckdexsum");
- }
-
- property_get("log.redirect-stdio", propBuf, "");
- if (strcmp(propBuf, "true") == 0) {
- /* convert stdout/stderr to log messages */
- addOption("-Xlog-stdio");
- }
-
- strcpy(enableAssertBuf, "-ea:");
- property_get("dalvik.vm.enableassertions", enableAssertBuf+sizeof("-ea:")-1, "");
- if (enableAssertBuf[sizeof("-ea:")-1] != '\0') {
- /* accept "all" to mean "all classes and packages" */
- if (strcmp(enableAssertBuf+sizeof("-ea:")-1, "all") == 0)
- enableAssertBuf[3] = '\0'; // truncate to "-ea"
- ALOGI("Assertions enabled: '%s'\n", enableAssertBuf);
- addOption(enableAssertBuf);
- } else {
- ALOGV("Assertions disabled\n");
- }
-
strcpy(jniOptsBuf, "-Xjniopts:");
if (parseRuntimeOption("dalvik.vm.jniopts", jniOptsBuf, "-Xjniopts:")) {
ALOGI("JNI options: '%s'\n", jniOptsBuf);
@@ -654,14 +621,6 @@
parseRuntimeOption("dalvik.vm.heapstartsize", heapstartsizeOptsBuf, "-Xms", "4m");
parseRuntimeOption("dalvik.vm.heapsize", heapsizeOptsBuf, "-Xmx", "16m");
- // Increase the main thread's interpreter stack size for bug 6315322.
- addOption("-XX:mainThreadStackSize=24K");
-
- // Set the max jit code cache size. Note: size of 0 will disable the JIT.
- parseRuntimeOption("dalvik.vm.jit.codecachesize",
- jitcodecachesizeOptsBuf,
- "-Xjitcodecachesize:");
-
parseRuntimeOption("dalvik.vm.heapgrowthlimit", heapgrowthlimitOptsBuf, "-XX:HeapGrowthLimit=");
parseRuntimeOption("dalvik.vm.heapminfree", heapminfreeOptsBuf, "-XX:HeapMinFree=");
parseRuntimeOption("dalvik.vm.heapmaxfree", heapmaxfreeOptsBuf, "-XX:HeapMaxFree=");
@@ -677,53 +636,6 @@
parseRuntimeOption("dalvik.vm.gctype", gctypeOptsBuf, "-Xgc:");
parseRuntimeOption("dalvik.vm.backgroundgctype", backgroundgcOptsBuf, "-XX:BackgroundGC=");
- /*
- * Enable or disable dexopt features, such as bytecode verification and
- * calculation of register maps for precise GC.
- */
- property_get("dalvik.vm.dexopt-flags", dexoptFlagsBuf, "");
- if (dexoptFlagsBuf[0] != '\0') {
- const char* opc;
- const char* val;
-
- opc = strstr(dexoptFlagsBuf, "v="); /* verification */
- if (opc != NULL) {
- switch (*(opc+2)) {
- case 'n': val = "-Xverify:none"; break;
- case 'r': val = "-Xverify:remote"; break;
- case 'a': val = "-Xverify:all"; break;
- default: val = NULL; break;
- }
-
- if (val != NULL) {
- addOption(val);
- }
- }
-
- opc = strstr(dexoptFlagsBuf, "o="); /* optimization */
- if (opc != NULL) {
- switch (*(opc+2)) {
- case 'n': val = "-Xdexopt:none"; break;
- case 'v': val = "-Xdexopt:verified"; break;
- case 'a': val = "-Xdexopt:all"; break;
- case 'f': val = "-Xdexopt:full"; break;
- default: val = NULL; break;
- }
-
- if (val != NULL) {
- addOption(val);
- }
- }
-
- opc = strstr(dexoptFlagsBuf, "m=y"); /* register map */
- if (opc != NULL) {
- addOption("-Xgenregmap");
-
- /* turn on precise GC while we're at it */
- addOption("-Xgc:precise");
- }
- }
-
/* enable debugging; set suspend=y to pause during VM init */
/* use android ADB transport */
addOption("-agentlib:jdwp=transport=dt_android_adb,suspend=n,server=y");
@@ -732,12 +644,6 @@
lockProfThresholdBuf,
"-Xlockprofthreshold:");
- /* Force interpreter-only mode for selected opcodes. Eg "1-0a,3c,f1-ff" */
- parseRuntimeOption("dalvik.vm.jit.op", jitOpBuf, "-Xjitop:");
-
- /* Force interpreter-only mode for selected methods */
- parseRuntimeOption("dalvik.vm.jit.method", jitMethodBuf, "-Xjitmethod:");
-
if (executionMode == kEMIntPortable) {
addOption("-Xint:portable");
} else if (executionMode == kEMIntFast) {
@@ -746,64 +652,57 @@
addOption("-Xint:jit");
}
- // libart tolerates libdvm flags, but not vice versa, so only pass some options if libart.
- property_get("persist.sys.dalvik.vm.lib.2", dalvikVmLibBuf, "libart.so");
- bool libart = (strncmp(dalvikVmLibBuf, "libart", 6) == 0);
+ // If we are booting without the real /data, don't spend time compiling.
+ property_get("vold.decrypt", voldDecryptBuf, "");
+ bool skip_compilation = ((strcmp(voldDecryptBuf, "trigger_restart_min_framework") == 0) ||
+ (strcmp(voldDecryptBuf, "1") == 0));
- if (libart) {
- // If we booting without the real /data, don't spend time compiling.
- property_get("vold.decrypt", voldDecryptBuf, "");
- bool skip_compilation = ((strcmp(voldDecryptBuf, "trigger_restart_min_framework") == 0) ||
- (strcmp(voldDecryptBuf, "1") == 0));
-
- // Extra options for boot.art/boot.oat image generation.
- parseCompilerRuntimeOption("dalvik.vm.image-dex2oat-Xms", dex2oatXmsImageFlagsBuf,
- "-Xms", "-Ximage-compiler-option");
- parseCompilerRuntimeOption("dalvik.vm.image-dex2oat-Xmx", dex2oatXmxImageFlagsBuf,
- "-Xmx", "-Ximage-compiler-option");
- if (skip_compilation) {
- addOption("-Ximage-compiler-option");
- addOption("--compiler-filter=verify-none");
- } else {
- parseCompilerOption("dalvik.vm.image-dex2oat-filter", dex2oatImageCompilerFilterBuf,
- "--compiler-filter=", "-Ximage-compiler-option");
- }
-
- // Make sure there is a preloaded-classes file.
- if (!hasFile("/system/etc/preloaded-classes")) {
- ALOGE("Missing preloaded-classes file, /system/etc/preloaded-classes not found: %s\n",
- strerror(errno));
- goto bail;
- }
+ // Extra options for boot.art/boot.oat image generation.
+ parseCompilerRuntimeOption("dalvik.vm.image-dex2oat-Xms", dex2oatXmsImageFlagsBuf,
+ "-Xms", "-Ximage-compiler-option");
+ parseCompilerRuntimeOption("dalvik.vm.image-dex2oat-Xmx", dex2oatXmxImageFlagsBuf,
+ "-Xmx", "-Ximage-compiler-option");
+ if (skip_compilation) {
addOption("-Ximage-compiler-option");
- addOption("--image-classes=/system/etc/preloaded-classes");
-
- // If there is a compiled-classes file, push it.
- if (hasFile("/system/etc/compiled-classes")) {
- addOption("-Ximage-compiler-option");
- addOption("--compiled-classes=/system/etc/compiled-classes");
- }
-
- property_get("dalvik.vm.image-dex2oat-flags", dex2oatImageFlagsBuf, "");
- parseExtraOpts(dex2oatImageFlagsBuf, "-Ximage-compiler-option");
-
- // Extra options for DexClassLoader.
- parseCompilerRuntimeOption("dalvik.vm.dex2oat-Xms", dex2oatXmsFlagsBuf,
- "-Xms", "-Xcompiler-option");
- parseCompilerRuntimeOption("dalvik.vm.dex2oat-Xmx", dex2oatXmxFlagsBuf,
- "-Xmx", "-Xcompiler-option");
- if (skip_compilation) {
- addOption("-Xcompiler-option");
- addOption("--compiler-filter=verify-none");
- } else {
- parseCompilerOption("dalvik.vm.dex2oat-filter", dex2oatCompilerFilterBuf,
- "--compiler-filter=", "-Xcompiler-option");
- }
- property_get("dalvik.vm.dex2oat-flags", dex2oatFlagsBuf, "");
- parseExtraOpts(dex2oatFlagsBuf, "-Xcompiler-option");
-
+ addOption("--compiler-filter=verify-none");
+ } else {
+ parseCompilerOption("dalvik.vm.image-dex2oat-filter", dex2oatImageCompilerFilterBuf,
+ "--compiler-filter=", "-Ximage-compiler-option");
}
+ // Make sure there is a preloaded-classes file.
+ if (!hasFile("/system/etc/preloaded-classes")) {
+ ALOGE("Missing preloaded-classes file, /system/etc/preloaded-classes not found: %s\n",
+ strerror(errno));
+ goto bail;
+ }
+ addOption("-Ximage-compiler-option");
+ addOption("--image-classes=/system/etc/preloaded-classes");
+
+ // If there is a compiled-classes file, push it.
+ if (hasFile("/system/etc/compiled-classes")) {
+ addOption("-Ximage-compiler-option");
+ addOption("--compiled-classes=/system/etc/compiled-classes");
+ }
+
+ property_get("dalvik.vm.image-dex2oat-flags", dex2oatImageFlagsBuf, "");
+ parseExtraOpts(dex2oatImageFlagsBuf, "-Ximage-compiler-option");
+
+ // Extra options for DexClassLoader.
+ parseCompilerRuntimeOption("dalvik.vm.dex2oat-Xms", dex2oatXmsFlagsBuf,
+ "-Xms", "-Xcompiler-option");
+ parseCompilerRuntimeOption("dalvik.vm.dex2oat-Xmx", dex2oatXmxFlagsBuf,
+ "-Xmx", "-Xcompiler-option");
+ if (skip_compilation) {
+ addOption("-Xcompiler-option");
+ addOption("--compiler-filter=verify-none");
+ } else {
+ parseCompilerOption("dalvik.vm.dex2oat-filter", dex2oatCompilerFilterBuf,
+ "--compiler-filter=", "-Xcompiler-option");
+ }
+ property_get("dalvik.vm.dex2oat-flags", dex2oatFlagsBuf, "");
+ parseExtraOpts(dex2oatFlagsBuf, "-Xcompiler-option");
+
/* extra options; parse this late so it overrides others */
property_get("dalvik.vm.extra-opts", extraOptsBuf, "");
parseExtraOpts(extraOptsBuf, NULL);
@@ -820,67 +719,65 @@
/*
* Set profiler options
*/
- if (libart) {
- // Whether or not the profiler should be enabled.
- property_get("dalvik.vm.profiler", propBuf, "0");
- if (propBuf[0] == '1') {
- addOption("-Xenable-profiler");
- }
+ // Whether or not the profiler should be enabled.
+ property_get("dalvik.vm.profiler", propBuf, "0");
+ if (propBuf[0] == '1') {
+ addOption("-Xenable-profiler");
+ }
- // Whether the profile should start upon app startup or be delayed by some random offset
- // (in seconds) that is bound between 0 and a fixed value.
- property_get("dalvik.vm.profile.start-immed", propBuf, "0");
- if (propBuf[0] == '1') {
- addOption("-Xprofile-start-immediately");
- }
+ // Whether the profile should start upon app startup or be delayed by some random offset
+ // (in seconds) that is bound between 0 and a fixed value.
+ property_get("dalvik.vm.profile.start-immed", propBuf, "0");
+ if (propBuf[0] == '1') {
+ addOption("-Xprofile-start-immediately");
+ }
- // Number of seconds during profile runs.
- parseRuntimeOption("dalvik.vm.profile.period-secs", profilePeriod, "-Xprofile-period:");
+ // Number of seconds during profile runs.
+ parseRuntimeOption("dalvik.vm.profile.period-secs", profilePeriod, "-Xprofile-period:");
- // Length of each profile run (seconds).
- parseRuntimeOption("dalvik.vm.profile.duration-secs",
- profileDuration,
- "-Xprofile-duration:");
+ // Length of each profile run (seconds).
+ parseRuntimeOption("dalvik.vm.profile.duration-secs",
+ profileDuration,
+ "-Xprofile-duration:");
- // Polling interval during profile run (microseconds).
- parseRuntimeOption("dalvik.vm.profile.interval-us", profileInterval, "-Xprofile-interval:");
+ // Polling interval during profile run (microseconds).
+ parseRuntimeOption("dalvik.vm.profile.interval-us", profileInterval, "-Xprofile-interval:");
- // Coefficient for period backoff. The the period is multiplied
- // by this value after each profile run.
- parseRuntimeOption("dalvik.vm.profile.backoff-coeff", profileBackoff, "-Xprofile-backoff:");
+ // Coefficient for period backoff. The the period is multiplied
+ // by this value after each profile run.
+ parseRuntimeOption("dalvik.vm.profile.backoff-coeff", profileBackoff, "-Xprofile-backoff:");
- // Top K% of samples that are considered relevant when
- // deciding if the app should be recompiled.
- parseRuntimeOption("dalvik.vm.profile.top-k-thr",
- profileTopKThreshold,
- "-Xprofile-top-k-threshold:");
+ // Top K% of samples that are considered relevant when
+ // deciding if the app should be recompiled.
+ parseRuntimeOption("dalvik.vm.profile.top-k-thr",
+ profileTopKThreshold,
+ "-Xprofile-top-k-threshold:");
- // The threshold after which a change in the structure of the
- // top K% profiled samples becomes significant and triggers
- // recompilation. A change in profile is considered
- // significant if X% (top-k-change-threshold) of the top K%
- // (top-k-threshold property) samples has changed.
- parseRuntimeOption("dalvik.vm.profile.top-k-ch-thr",
- profileTopKChangeThreshold,
- "-Xprofile-top-k-change-threshold:");
+ // The threshold after which a change in the structure of the
+ // top K% profiled samples becomes significant and triggers
+ // recompilation. A change in profile is considered
+ // significant if X% (top-k-change-threshold) of the top K%
+ // (top-k-threshold property) samples has changed.
+ parseRuntimeOption("dalvik.vm.profile.top-k-ch-thr",
+ profileTopKChangeThreshold,
+ "-Xprofile-top-k-change-threshold:");
- // Type of profile data.
- parseRuntimeOption("dalvik.vm.profiler.type", profileType, "-Xprofile-type:");
+ // Type of profile data.
+ parseRuntimeOption("dalvik.vm.profiler.type", profileType, "-Xprofile-type:");
- // Depth of bounded stack data
- parseRuntimeOption("dalvik.vm.profile.stack-depth",
- profileMaxStackDepth,
- "-Xprofile-max-stack-depth:");
+ // Depth of bounded stack data
+ parseRuntimeOption("dalvik.vm.profile.stack-depth",
+ profileMaxStackDepth,
+ "-Xprofile-max-stack-depth:");
- // Native bridge library. "0" means that native bridge is disabled.
- property_get("ro.dalvik.vm.native.bridge", propBuf, "");
- if (propBuf[0] == '\0') {
- ALOGW("ro.dalvik.vm.native.bridge is not expected to be empty");
- } else if (strcmp(propBuf, "0") != 0) {
- snprintf(nativeBridgeLibrary, sizeof("-XX:NativeBridge=") + PROPERTY_VALUE_MAX,
- "-XX:NativeBridge=%s", propBuf);
- addOption(nativeBridgeLibrary);
- }
+ // Native bridge library. "0" means that native bridge is disabled.
+ property_get("ro.dalvik.vm.native.bridge", propBuf, "");
+ if (propBuf[0] == '\0') {
+ ALOGW("ro.dalvik.vm.native.bridge is not expected to be empty");
+ } else if (strcmp(propBuf, "0") != 0) {
+ snprintf(nativeBridgeLibrary, sizeof("-XX:NativeBridge=") + PROPERTY_VALUE_MAX,
+ "-XX:NativeBridge=%s", propBuf);
+ addOption(nativeBridgeLibrary);
}
initArgs.version = JNI_VERSION_1_4;
diff --git a/services/core/java/com/android/server/pm/SELinuxMMAC.java b/services/core/java/com/android/server/pm/SELinuxMMAC.java
index 98f2997..95ed7bc 100644
--- a/services/core/java/com/android/server/pm/SELinuxMMAC.java
+++ b/services/core/java/com/android/server/pm/SELinuxMMAC.java
@@ -35,13 +35,22 @@
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
+import java.util.Collections;
import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;
/**
- * Centralized access to SELinux MMAC (middleware MAC) implementation.
+ * Centralized access to SELinux MMAC (middleware MAC) implementation. This
+ * class is responsible for loading the appropriate mac_permissions.xml file
+ * as well as providing an interface for assigning seinfo values to apks.
+ *
* {@hide}
*/
public final class SELinuxMMAC {
@@ -51,11 +60,9 @@
private static final boolean DEBUG_POLICY = false;
private static final boolean DEBUG_POLICY_INSTALL = DEBUG_POLICY || false;
- // Signature seinfo values read from policy.
- private static HashMap<Signature, Policy> sSigSeinfo = new HashMap<Signature, Policy>();
-
- // Default seinfo read from policy.
- private static String sDefaultSeinfo = null;
+ // All policy stanzas read from mac_permissions.xml. This is also the lock
+ // to synchronize access during policy load and access attempts.
+ private static final List<Policy> sPolicies = new ArrayList<Policy>();
// Data policy override version file.
private static final String DATA_VERSION_FILE =
@@ -94,293 +101,289 @@
private static final String SEAPP_HASH_FILE =
Environment.getDataDirectory().toString() + "/system/seapp_hash";
-
- // Signature policy stanzas
- static class Policy {
- private String seinfo;
- private final HashMap<String, String> pkgMap;
-
- Policy() {
- seinfo = null;
- pkgMap = new HashMap<String, String>();
- }
-
- void putSeinfo(String seinfoValue) {
- seinfo = seinfoValue;
- }
-
- void putPkg(String pkg, String seinfoValue) {
- pkgMap.put(pkg, seinfoValue);
- }
-
- // Valid policy stanza means there exists a global
- // seinfo value or at least one package policy.
- boolean isValid() {
- return (seinfo != null) || (!pkgMap.isEmpty());
- }
-
- String checkPolicy(String pkgName) {
- // Check for package name seinfo value first.
- String seinfoValue = pkgMap.get(pkgName);
- if (seinfoValue != null) {
- return seinfoValue;
- }
-
- // Return the global seinfo value.
- return seinfo;
- }
- }
-
- private static void flushInstallPolicy() {
- sSigSeinfo.clear();
- sDefaultSeinfo = null;
- }
-
+ /**
+ * Load the mac_permissions.xml file containing all seinfo assignments used to
+ * label apps. The loaded mac_permissions.xml file is determined by the
+ * MAC_PERMISSIONS class variable which is set at class load time which itself
+ * is based on the USE_OVERRIDE_POLICY class variable. For further guidance on
+ * the proper structure of a mac_permissions.xml file consult the source code
+ * located at external/sepolicy/mac_permissions.xml.
+ *
+ * @return boolean indicating if policy was correctly loaded. A value of false
+ * typically indicates a structural problem with the xml or incorrectly
+ * constructed policy stanzas. A value of true means that all stanzas
+ * were loaded successfully; no partial loading is possible.
+ */
public static boolean readInstallPolicy() {
- return readInstallPolicy(MAC_PERMISSIONS);
- }
+ // Temp structure to hold the rules while we parse the xml file. We add
+ // all the rules once we know there's no problems.
+ List<Policy> policies = new ArrayList<>();
- public static boolean readInstallPolicy(String macPermsPath) {
- if (macPermsPath == null) {
- throw new NullPointerException("mac_permissions.xml file path is null");
- }
+ // A separate structure to hold the default stanza. We need to add this to
+ // the end of the policies list structure.
+ Policy defaultPolicy = null;
- // Temp structures to hold the rules while we parse the xml file.
- // We add all the rules together once we know there's no structural problems.
- HashMap<Signature, Policy> sigSeinfo = new HashMap<Signature, Policy>();
- String defaultSeinfo = null;
+ // Track sets of known policy certs so we can enforce rules across stanzas.
+ Set<Set<Signature>> knownCerts = new HashSet<>();
FileReader policyFile = null;
+ XmlPullParser parser = Xml.newPullParser();
try {
- policyFile = new FileReader(macPermsPath);
- Slog.d(TAG, "Using policy file " + macPermsPath);
+ policyFile = new FileReader(MAC_PERMISSIONS);
+ Slog.d(TAG, "Using policy file " + MAC_PERMISSIONS);
- XmlPullParser parser = Xml.newPullParser();
parser.setInput(policyFile);
+ parser.nextTag();
+ parser.require(XmlPullParser.START_TAG, null, "policy");
- XmlUtils.beginDocument(parser, "policy");
- while (true) {
- XmlUtils.nextElement(parser);
- if (parser.getEventType() == XmlPullParser.END_DOCUMENT) {
- break;
+ while (parser.next() != XmlPullParser.END_TAG) {
+ if (parser.getEventType() != XmlPullParser.START_TAG) {
+ continue;
}
String tagName = parser.getName();
if ("signer".equals(tagName)) {
- String cert = parser.getAttributeValue(null, "signature");
- if (cert == null) {
- Slog.w(TAG, "<signer> without signature at "
- + parser.getPositionDescription());
- XmlUtils.skipCurrentTag(parser);
- continue;
+ Policy signerPolicy = readSignerOrThrow(parser);
+ // Return of a Policy instance ensures certain invariants have
+ // passed, however, we still want to do some cross policy checking.
+ // Thus, check that we haven't seen the certs in another stanza.
+ Set<Signature> certs = signerPolicy.getSignatures();
+ if (knownCerts.contains(certs)) {
+ String msg = "Separate stanzas have identical certs";
+ throw new IllegalStateException(msg);
}
- Signature signature;
- try {
- signature = new Signature(cert);
- } catch (IllegalArgumentException e) {
- Slog.w(TAG, "<signer> with bad signature at "
- + parser.getPositionDescription(), e);
- XmlUtils.skipCurrentTag(parser);
- continue;
- }
- Policy policy = readPolicyTags(parser);
- if (policy.isValid()) {
- sigSeinfo.put(signature, policy);
- }
+ knownCerts.add(certs);
+ policies.add(signerPolicy);
} else if ("default".equals(tagName)) {
- // Value is null if default tag is absent or seinfo tag is malformed.
- defaultSeinfo = readSeinfoTag(parser);
- if (DEBUG_POLICY_INSTALL)
- Slog.i(TAG, "<default> tag assigned seinfo=" + defaultSeinfo);
-
+ Policy defPolicy = readDefaultOrThrow(parser);
+ // Return of a Policy instance ensures certain invariants have
+ // passed, however, we still want to do some cross policy checking.
+ // Thus, check that we haven't already seen a default stanza.
+ if (defaultPolicy != null) {
+ String msg = "Multiple default stanzas identified";
+ throw new IllegalStateException(msg);
+ }
+ defaultPolicy = defPolicy;
} else {
- XmlUtils.skipCurrentTag(parser);
+ skip(parser);
}
}
- } catch (XmlPullParserException xpe) {
- Slog.w(TAG, "Got exception parsing " + macPermsPath, xpe);
+ } catch (IllegalStateException | IllegalArgumentException |
+ XmlPullParserException ex) {
+ StringBuilder sb = new StringBuilder("Exception @");
+ sb.append(parser.getPositionDescription());
+ sb.append(" while parsing ");
+ sb.append(MAC_PERMISSIONS);
+ sb.append(":");
+ sb.append(ex);
+ Slog.w(TAG, sb.toString());
return false;
} catch (IOException ioe) {
- Slog.w(TAG, "Got exception parsing " + macPermsPath, ioe);
+ Slog.w(TAG, "Exception parsing " + MAC_PERMISSIONS, ioe);
return false;
} finally {
IoUtils.closeQuietly(policyFile);
}
- flushInstallPolicy();
- sSigSeinfo = sigSeinfo;
- sDefaultSeinfo = defaultSeinfo;
+ // Add the default policy to the end if there is one. This will ensure that
+ // the default stanza is consulted last when performing policy lookups.
+ if (defaultPolicy != null) {
+ policies.add(defaultPolicy);
+ }
+
+ synchronized (sPolicies) {
+ sPolicies.clear();
+ sPolicies.addAll(policies);
+ }
return true;
}
- private static Policy readPolicyTags(XmlPullParser parser) throws
- IOException, XmlPullParserException {
+ /**
+ * Loop over a signer tag looking for seinfo, package and cert tags. A {@link Policy}
+ * instance will be created and returned in the process. During the pass all other
+ * tag elements will be skipped.
+ *
+ * @param parser an XmlPullParser object representing a signer element.
+ * @return the constructed {@link Policy} instance
+ * @throws IOException
+ * @throws XmlPullParserException
+ * @throws IllegalArgumentException if any of the validation checks fail while
+ * parsing tag values.
+ * @throws IllegalStateException if any of the invariants fail when constructing
+ * the {@link Policy} instance.
+ */
+ private static Policy readSignerOrThrow(XmlPullParser parser) throws IOException,
+ XmlPullParserException {
- int type;
- int outerDepth = parser.getDepth();
- Policy policy = new Policy();
- while ((type=parser.next()) != XmlPullParser.END_DOCUMENT
- && (type != XmlPullParser.END_TAG
- || parser.getDepth() > outerDepth)) {
- if (type == XmlPullParser.END_TAG
- || type == XmlPullParser.TEXT) {
+ parser.require(XmlPullParser.START_TAG, null, "signer");
+ Policy.PolicyBuilder pb = new Policy.PolicyBuilder();
+
+ // Check for a cert attached to the signer tag. We allow a signature
+ // to appear as an attribute as well as those attached to cert tags.
+ String cert = parser.getAttributeValue(null, "signature");
+ if (cert != null) {
+ pb.addSignature(cert);
+ }
+
+ while (parser.next() != XmlPullParser.END_TAG) {
+ if (parser.getEventType() != XmlPullParser.START_TAG) {
continue;
}
String tagName = parser.getName();
if ("seinfo".equals(tagName)) {
- String seinfo = parseSeinfo(parser);
- if (seinfo != null) {
- policy.putSeinfo(seinfo);
- }
- XmlUtils.skipCurrentTag(parser);
+ String seinfo = parser.getAttributeValue(null, "value");
+ pb.setGlobalSeinfoOrThrow(seinfo);
+ readSeinfo(parser);
} else if ("package".equals(tagName)) {
- String pkg = parser.getAttributeValue(null, "name");
- if (!validatePackageName(pkg)) {
- Slog.w(TAG, "<package> without valid name at "
- + parser.getPositionDescription());
- XmlUtils.skipCurrentTag(parser);
- continue;
- }
-
- String seinfo = readSeinfoTag(parser);
- if (seinfo != null) {
- policy.putPkg(pkg, seinfo);
- }
+ readPackageOrThrow(parser, pb);
+ } else if ("cert".equals(tagName)) {
+ String sig = parser.getAttributeValue(null, "signature");
+ pb.addSignature(sig);
+ readCert(parser);
} else {
- XmlUtils.skipCurrentTag(parser);
+ skip(parser);
}
}
- return policy;
+
+ return pb.build();
}
- private static String readSeinfoTag(XmlPullParser parser) throws
- IOException, XmlPullParserException {
+ /**
+ * Loop over a default element looking for seinfo child tags. A {@link Policy}
+ * instance will be created and returned in the process. All other tags encountered
+ * will be skipped.
+ *
+ * @param parser an XmlPullParser object representing a default element.
+ * @return the constructed {@link Policy} instance
+ * @throws IOException
+ * @throws XmlPullParserException
+ * @throws IllegalArgumentException if any of the validation checks fail while
+ * parsing tag values.
+ * @throws IllegalStateException if any of the invariants fail when constructing
+ * the {@link Policy} instance.
+ */
+ private static Policy readDefaultOrThrow(XmlPullParser parser) throws IOException,
+ XmlPullParserException {
- int type;
- int outerDepth = parser.getDepth();
- String seinfo = null;
- while ((type=parser.next()) != XmlPullParser.END_DOCUMENT
- && (type != XmlPullParser.END_TAG
- || parser.getDepth() > outerDepth)) {
- if (type == XmlPullParser.END_TAG
- || type == XmlPullParser.TEXT) {
+ parser.require(XmlPullParser.START_TAG, null, "default");
+ Policy.PolicyBuilder pb = new Policy.PolicyBuilder();
+ pb.setAsDefaultPolicy();
+
+ while (parser.next() != XmlPullParser.END_TAG) {
+ if (parser.getEventType() != XmlPullParser.START_TAG) {
continue;
}
String tagName = parser.getName();
if ("seinfo".equals(tagName)) {
- seinfo = parseSeinfo(parser);
+ String seinfo = parser.getAttributeValue(null, "value");
+ pb.setGlobalSeinfoOrThrow(seinfo);
+ readSeinfo(parser);
+ } else {
+ skip(parser);
}
- XmlUtils.skipCurrentTag(parser);
}
- return seinfo;
- }
- private static String parseSeinfo(XmlPullParser parser) {
-
- String seinfoValue = parser.getAttributeValue(null, "value");
- if (!validateValue(seinfoValue)) {
- Slog.w(TAG, "<seinfo> without valid value at "
- + parser.getPositionDescription());
- seinfoValue = null;
- }
- return seinfoValue;
+ return pb.build();
}
/**
- * General validation routine for package names.
- * Returns a boolean indicating if the passed string
- * is a valid android package name.
+ * Loop over a package element looking for seinfo child tags. If found return the
+ * value attribute of the seinfo tag, otherwise return null. All other tags encountered
+ * will be skipped.
+ *
+ * @param parser an XmlPullParser object representing a package element.
+ * @param pb a Policy.PolicyBuilder instance to build
+ * @throws IOException
+ * @throws XmlPullParserException
+ * @throws IllegalArgumentException if any of the validation checks fail while
+ * parsing tag values.
+ * @throws IllegalStateException if there is a duplicate seinfo tag for the current
+ * package tag.
*/
- private static boolean validatePackageName(String name) {
- if (name == null)
- return false;
+ private static void readPackageOrThrow(XmlPullParser parser, Policy.PolicyBuilder pb) throws
+ IOException, XmlPullParserException {
+ parser.require(XmlPullParser.START_TAG, null, "package");
+ String pkgName = parser.getAttributeValue(null, "name");
- final int N = name.length();
- boolean hasSep = false;
- boolean front = true;
- for (int i=0; i<N; i++) {
- final char c = name.charAt(i);
- if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')) {
- front = false;
+ while (parser.next() != XmlPullParser.END_TAG) {
+ if (parser.getEventType() != XmlPullParser.START_TAG) {
continue;
}
- if (!front) {
- if ((c >= '0' && c <= '9') || c == '_') {
- continue;
- }
+
+ String tagName = parser.getName();
+ if ("seinfo".equals(tagName)) {
+ String seinfo = parser.getAttributeValue(null, "value");
+ pb.addInnerPackageMapOrThrow(pkgName, seinfo);
+ readSeinfo(parser);
+ } else {
+ skip(parser);
}
- if (c == '.') {
- hasSep = true;
- front = true;
- continue;
- }
- return false;
}
- return hasSep;
+ }
+
+ private static void readCert(XmlPullParser parser) throws IOException,
+ XmlPullParserException {
+ parser.require(XmlPullParser.START_TAG, null, "cert");
+ parser.nextTag();
+ }
+
+ private static void readSeinfo(XmlPullParser parser) throws IOException,
+ XmlPullParserException {
+ parser.require(XmlPullParser.START_TAG, null, "seinfo");
+ parser.nextTag();
+ }
+
+ private static void skip(XmlPullParser p) throws IOException, XmlPullParserException {
+ if (p.getEventType() != XmlPullParser.START_TAG) {
+ throw new IllegalStateException();
+ }
+ int depth = 1;
+ while (depth != 0) {
+ switch (p.next()) {
+ case XmlPullParser.END_TAG:
+ depth--;
+ break;
+ case XmlPullParser.START_TAG:
+ depth++;
+ break;
+ }
+ }
}
/**
- * General validation routine for tag values.
- * Returns a boolean indicating if the passed string
- * contains only letters or underscores.
- */
- private static boolean validateValue(String name) {
- if (name == null)
- return false;
-
- final int N = name.length();
- if (N == 0)
- return false;
-
- for (int i = 0; i < N; i++) {
- final char c = name.charAt(i);
- if ((c < 'a' || c > 'z') && (c < 'A' || c > 'Z') && (c != '_')) {
- return false;
- }
- }
- return true;
- }
-
- /**
- * Labels a package based on an seinfo tag from install policy.
- * The label is attached to the ApplicationInfo instance of the package.
+ * Applies a security label to a package based on an seinfo tag taken from a matched
+ * policy. All signature based policy stanzas are consulted first and, if no match
+ * is found, the default policy stanza is then consulted. The security label is
+ * attached to the ApplicationInfo instance of the package in the event that a matching
+ * policy was found.
+ *
* @param pkg object representing the package to be labeled.
- * @return boolean which determines whether a non null seinfo label
- * was assigned to the package. A null value simply meaning that
- * no policy matched.
+ * @return boolean which determines whether a non null seinfo label was assigned
+ * to the package. A null value simply represents that no policy matched.
*/
public static boolean assignSeinfoValue(PackageParser.Package pkg) {
-
- // We just want one of the signatures to match.
- for (Signature s : pkg.mSignatures) {
- if (s == null)
- continue;
-
- Policy policy = sSigSeinfo.get(s);
- if (policy != null) {
- String seinfo = policy.checkPolicy(pkg.packageName);
+ synchronized (sPolicies) {
+ for (Policy policy : sPolicies) {
+ String seinfo = policy.getMatchedSeinfo(pkg);
if (seinfo != null) {
pkg.applicationInfo.seinfo = seinfo;
- if (DEBUG_POLICY_INSTALL)
- Slog.i(TAG, "package (" + pkg.packageName +
- ") labeled with seinfo=" + seinfo);
-
+ if (DEBUG_POLICY_INSTALL) {
+ Slog.i(TAG, "package (" + pkg.packageName + ") labeled with " +
+ "seinfo=" + seinfo);
+ }
return true;
}
}
}
- // If we have a default seinfo value then great, otherwise
- // we set a null object and that is what we started with.
- pkg.applicationInfo.seinfo = sDefaultSeinfo;
- if (DEBUG_POLICY_INSTALL)
- Slog.i(TAG, "package (" + pkg.packageName + ") labeled with seinfo="
- + (sDefaultSeinfo == null ? "null" : sDefaultSeinfo));
-
- return (sDefaultSeinfo != null);
+ if (DEBUG_POLICY_INSTALL) {
+ Slog.i(TAG, "package (" + pkg.packageName + ") doesn't match any policy; " +
+ "seinfo will remain null");
+ }
+ return false;
}
/**
@@ -485,3 +488,312 @@
return false;
}
}
+
+/**
+ * Holds valid policy representations of individual stanzas from a mac_permissions.xml
+ * file. Each instance can further be used to assign seinfo values to apks using the
+ * {@link Policy#getMatchedSeinfo} method. To create an instance of this use the
+ * {@link PolicyBuilder} pattern class, where each instance is validated against a set
+ * of invariants before being built and returned. Each instance can be guaranteed to
+ * hold one valid policy stanza as outlined in the external/sepolicy/mac_permissions.xml
+ * file.
+ * </p>
+ * The following is an example of how to use {@link Policy.PolicyBuilder} to create a
+ * signer based Policy instance.
+ * </p>
+ * <pre>
+ * {@code
+ * Policy policy = new Policy.PolicyBuilder()
+ * .addSignature("308204a8...")
+ * .addSignature("483538c8...")
+ * .setGlobalSeinfoOrThrow("paltform")
+ * .addInnerPackageMapOrThrow("com.foo.", "bar")
+ * .addInnerPackageMapOrThrow("com.foo.other", "bar")
+ * .build();
+ * }
+ * </pre>
+ * <p>
+ * An example of how to use {@link Policy.PolicyBuilder} to create a default based Policy
+ * instance.
+ * </p>
+ * <pre>
+ * {@code
+ * Policy policy = new Policy.PolicyBuilder()
+ * .setAsDefaultPolicy()
+ * .setGlobalSeinfoOrThrow("defualt")
+ * .build();
+ * }
+ * </pre>
+ */
+final class Policy {
+
+ private final String mSeinfo;
+ private final boolean mDefaultStanza;
+ private final Set<Signature> mCerts;
+ private final Map<String, String> mPkgMap;
+
+ // Use the PolicyBuilder pattern to instantiate
+ private Policy(PolicyBuilder builder) {
+ mSeinfo = builder.mSeinfo;
+ mDefaultStanza = builder.mDefaultStanza;
+ mCerts = Collections.unmodifiableSet(builder.mCerts);
+ mPkgMap = Collections.unmodifiableMap(builder.mPkgMap);
+ }
+
+ /**
+ * Return all the certs stored with this policy stanza.
+ *
+ * @return A set of Signature objects representing all the certs stored
+ * with the policy.
+ */
+ public Set<Signature> getSignatures() {
+ return mCerts;
+ }
+
+ /**
+ * <p>
+ * Determine the seinfo value to assign to an apk. The appropriate seinfo value
+ * is determined using the following steps:
+ * </p>
+ * <ul>
+ * <li> If this Policy instance is defined as a default stanza:
+ * <ul><li>Return the global seinfo value</li></ul>
+ * </li>
+ * <li> If this Policy instance is defined as a signer stanza:
+ * <ul>
+ * <li> All certs used to sign the apk and all certs stored with this policy
+ * instance are tested for set equality. If this fails then null is returned.
+ * </li>
+ * <li> If all certs match then an appropriate inner package stanza is
+ * searched based on package name alone. If matched, the stored seinfo
+ * value for that mapping is returned.
+ * </li>
+ * <li> If all certs matched and no inner package stanza matches then return
+ * the global seinfo value. The returned value can be null in this case.
+ * </li>
+ * </ul>
+ * </li>
+ * </ul>
+ * <p>
+ * In all cases, a return value of null should be interpreted as the apk failing
+ * to match this Policy instance; i.e. failing this policy stanza.
+ * </p>
+ * @param pkg the apk to check given as a PackageParser.Package object
+ * @return A string representing the seinfo matched during policy lookup.
+ * A value of null can also be returned if no match occured.
+ */
+ public String getMatchedSeinfo(PackageParser.Package pkg) {
+ if (!mDefaultStanza) {
+ // Check for exact signature matches across all certs.
+ Signature[] certs = mCerts.toArray(new Signature[0]);
+ if (!Signature.areExactMatch(certs, pkg.mSignatures)) {
+ return null;
+ }
+
+ // Check for inner package name matches given that the
+ // signature checks already passed.
+ String seinfoValue = mPkgMap.get(pkg.packageName);
+ if (seinfoValue != null) {
+ return seinfoValue;
+ }
+ }
+
+ // Return the global seinfo value (even if it's null).
+ return mSeinfo;
+ }
+
+ /**
+ * A nested builder class to create {@link Policy} instances. A {@link Policy}
+ * class instance represents one valid policy stanza found in a mac_permissions.xml
+ * file. A valid policy stanza is defined to be either a signer or default stanza
+ * which obeys the rules outlined in external/sepolicy/mac_permissions.xml. The
+ * {@link #build} method ensures a set of invariants are upheld enforcing the correct
+ * stanza structure before returning a valid Policy object.
+ */
+ public static final class PolicyBuilder {
+
+ private String mSeinfo;
+ private boolean mDefaultStanza;
+ private final Set<Signature> mCerts;
+ private final Map<String, String> mPkgMap;
+
+ public PolicyBuilder() {
+ mCerts = new HashSet<Signature>(2);
+ mPkgMap = new HashMap<String, String>(2);
+ }
+
+ /**
+ * Sets this stanza as a defualt stanza. All policy stanzas are assumed to
+ * be signer stanzas unless this method is explicitly called. Default stanzas
+ * are treated differently with respect to allowable child tags, ordering and
+ * when and how policy decisions are enforced.
+ *
+ * @return The reference to this PolicyBuilder.
+ */
+ public PolicyBuilder setAsDefaultPolicy() {
+ mDefaultStanza = true;
+ return this;
+ }
+
+ /**
+ * Adds a signature to the set of certs used for validation checks. The purpose
+ * being that all contained certs will need to be matched against all certs
+ * contained with an apk.
+ *
+ * @param cert the signature to add given as a String.
+ * @return The reference to this PolicyBuilder.
+ * @throws IllegalArgumentException if the cert value fails validation;
+ * null or is an invalid hex-encoded ASCII string.
+ */
+ public PolicyBuilder addSignature(String cert) {
+ if (cert == null) {
+ String err = "Invalid signature value " + cert;
+ throw new IllegalArgumentException(err);
+ }
+
+ mCerts.add(new Signature(cert));
+ return this;
+ }
+
+ /**
+ * Set the global seinfo tag for this policy stanza. The global seinfo tag
+ * represents the seinfo element that is used in one of two ways depending on
+ * its context. When attached to a signer tag the global seinfo represents an
+ * assignment when there isn't a further inner package refinement in policy.
+ * When used with a default tag, it represents the only allowable assignment
+ * value.
+ *
+ * @param seinfo the seinfo value given as a String.
+ * @return The reference to this PolicyBuilder.
+ * @throws IllegalArgumentException if the seinfo value fails validation;
+ * null, zero length or contains non-valid characters [^a-zA-Z_\._0-9].
+ * @throws IllegalStateException if an seinfo value has already been found
+ */
+ public PolicyBuilder setGlobalSeinfoOrThrow(String seinfo) {
+ if (!validateValue(seinfo)) {
+ String err = "Invalid seinfo value " + seinfo;
+ throw new IllegalArgumentException(err);
+ }
+
+ if (mSeinfo != null && !mSeinfo.equals(seinfo)) {
+ String err = "Duplicate seinfo tag found";
+ throw new IllegalStateException(err);
+ }
+
+ mSeinfo = seinfo;
+ return this;
+ }
+
+ /**
+ * Create a package name to seinfo value mapping. Each mapping represents
+ * the seinfo value that will be assigned to the described package name.
+ * These localized mappings allow the global seinfo to be overriden. This
+ * mapping provides no value when used in conjunction with a default stanza;
+ * enforced through the {@link #build} method.
+ *
+ * @param pkgName the android package name given to the app
+ * @param seinfo the seinfo value that will be assigned to the passed pkgName
+ * @return The reference to this PolicyBuilder.
+ * @throws IllegalArgumentException if the seinfo value fails validation;
+ * null, zero length or contains non-valid characters [^a-zA-Z_\.0-9].
+ * Or, if the package name isn't a valid android package name.
+ * @throws IllegalStateException if trying to reset a package mapping with a
+ * different seinfo value.
+ */
+ public PolicyBuilder addInnerPackageMapOrThrow(String pkgName, String seinfo) {
+ if (!validateValue(pkgName)) {
+ String err = "Invalid package name " + pkgName;
+ throw new IllegalArgumentException(err);
+ }
+ if (!validateValue(seinfo)) {
+ String err = "Invalid seinfo value " + seinfo;
+ throw new IllegalArgumentException(err);
+ }
+
+ String pkgValue = mPkgMap.get(pkgName);
+ if (pkgValue != null && !pkgValue.equals(seinfo)) {
+ String err = "Conflicting seinfo value found";
+ throw new IllegalStateException(err);
+ }
+
+ mPkgMap.put(pkgName, seinfo);
+ return this;
+ }
+
+ /**
+ * General validation routine for the attribute strings of an element. Checks
+ * if the string is non-null, positive length and only contains [a-zA-Z_\.0-9].
+ *
+ * @param name the string to validate.
+ * @return boolean indicating if the string was valid.
+ */
+ private boolean validateValue(String name) {
+ if (name == null)
+ return false;
+
+ // Want to match on [0-9a-zA-Z_.]
+ if (!name.matches("\\A[\\.\\w]+\\z")) {
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * <p>
+ * Create a {@link Policy} instance based on the current configuration. This
+ * method checks for certain policy invariants used to enforce certain guarantees
+ * about the expected structure of a policy stanza.
+ * Those invariants are:
+ * </p>
+ * <ul>
+ * <li> If a default stanza
+ * <ul>
+ * <li> an attached global seinfo tag must be present </li>
+ * <li> no signatures and no package names can be present </li>
+ * </ul>
+ * </li>
+ * <li> If a signer stanza
+ * <ul>
+ * <li> at least one cert must be found </li>
+ * <li> either a global seinfo value is present OR at least one
+ * inner package mapping must be present. </li>
+ * </ul>
+ * </li>
+ * </ul>
+ *
+ * @return an instance of {@link Policy} with the options set from this builder
+ * @throws IllegalStateException if an invariant is violated.
+ */
+ public Policy build() {
+ Policy p = new Policy(this);
+
+ if (p.mDefaultStanza) {
+ if (p.mSeinfo == null) {
+ String err = "Missing global seinfo tag with default stanza.";
+ throw new IllegalStateException(err);
+ }
+ if (p.mCerts.size() != 0) {
+ String err = "Certs not allowed with default stanza.";
+ throw new IllegalStateException(err);
+ }
+ if (!p.mPkgMap.isEmpty()) {
+ String err = "Inner package mappings not allowed with default stanza.";
+ throw new IllegalStateException(err);
+ }
+ } else {
+ if (p.mCerts.size() == 0) {
+ String err = "Missing certs with signer tag. Expecting at least one.";
+ throw new IllegalStateException(err);
+ }
+ if ((p.mSeinfo == null) && (p.mPkgMap.isEmpty())) {
+ String err = "Missing seinfo OR package tags with signer tag. At " +
+ "least one must be present.";
+ throw new IllegalStateException(err);
+ }
+ }
+
+ return p;
+ }
+ }
+}
diff --git a/services/core/java/com/android/server/wm/WindowManagerService.java b/services/core/java/com/android/server/wm/WindowManagerService.java
index 1c03ced..c80d0e1 100644
--- a/services/core/java/com/android/server/wm/WindowManagerService.java
+++ b/services/core/java/com/android/server/wm/WindowManagerService.java
@@ -8796,7 +8796,8 @@
if (!gone || !win.mHaveFrame || win.mLayoutNeeded
|| ((win.isConfigChanged() || win.setInsetsChanged()) &&
((win.mAttrs.privateFlags & PRIVATE_FLAG_KEYGUARD) != 0 ||
- win.mAppToken != null && win.mAppToken.layoutConfigChanges))
+ (win.mHasSurface && win.mAppToken != null &&
+ win.mAppToken.layoutConfigChanges)))
|| win.mAttrs.type == TYPE_UNIVERSE_BACKGROUND) {
if (!win.mLayoutAttached) {
if (initial) {