Merge "Start OP_NO_ISOLATED_STORAGE on `am instrument --no-isolated-storage`" into rvc-dev am: 663727472a am: 2ea633314f am: f055be048b am: bd787d983d

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/11798518 Change-Id: Ic2f0f48e951e6f89af64e772496f700f383ba397
author: Nikita Ioffe <ioffe@google.com> 2020-06-16 21:29:28 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2020-06-16 21:29:28 +0000
commit: ac0b70df10cfdf8d694d3003bcff8ba31bf23f19 (patch)
tree: 0c0dc5cbc42c23100cbb68c3c7b5e16c4d9dce5a
parent: 3db2e59e043d18c35f6689a466af846ced15f90c (diff)
parent: bd787d983decab24f896fc5200d250e1c0b312f4 (diff)
5 files changed, 36 insertions, 7 deletions
diff --git a/cmds/am/src/com/android/commands/am/Instrument.java b/cmds/am/src/com/android/commands/am/Instrument.java
index 2adbc1f6e1ae..7c30c8b1e1dd 100644
--- a/cmds/am/src/com/android/commands/am/Instrument.java
+++ b/cmds/am/src/com/android/commands/am/Instrument.java
@@ -17,8 +17,8 @@
 package com.android.commands.am;
 
 import static android.app.ActivityManager.INSTR_FLAG_DISABLE_HIDDEN_API_CHECKS;
+import static android.app.ActivityManager.INSTR_FLAG_DISABLE_ISOLATED_STORAGE;
 import static android.app.ActivityManager.INSTR_FLAG_DISABLE_TEST_API_CHECKS;
-import static android.app.ActivityManager.INSTR_FLAG_MOUNT_EXTERNAL_STORAGE_FULL;
 
 import android.app.IActivityManager;
 import android.app.IInstrumentationWatcher;
@@ -512,7 +512,7 @@ public class Instrument {
                 flags |= INSTR_FLAG_DISABLE_TEST_API_CHECKS;
             }
             if (disableIsolatedStorage) {
-                flags |= INSTR_FLAG_MOUNT_EXTERNAL_STORAGE_FULL;
+                flags |= INSTR_FLAG_DISABLE_ISOLATED_STORAGE;
             }
             if (!mAm.startInstrumentation(cn, profileFile, flags, args, watcher, connection, userId,
                         abi)) {
diff --git a/core/java/android/app/ActivityManager.java b/core/java/android/app/ActivityManager.java
index 9fc195dbf9d6..7c4c19dde4d0 100644
--- a/core/java/android/app/ActivityManager.java
+++ b/core/java/android/app/ActivityManager.java
@@ -160,10 +160,10 @@ public class ActivityManager {
      */
     public static final int INSTR_FLAG_DISABLE_HIDDEN_API_CHECKS = 1 << 0;
     /**
-     * Mount full external storage for the newly started instrumentation.
+     * Grant full access to the external storage for the newly started instrumentation.
      * @hide
      */
-    public static final int INSTR_FLAG_MOUNT_EXTERNAL_STORAGE_FULL = 1 << 1;
+    public static final int INSTR_FLAG_DISABLE_ISOLATED_STORAGE = 1 << 1;
 
     /**
      * Disable test API access for the newly started instrumentation.
diff --git a/core/java/android/app/AppOpsManager.java b/core/java/android/app/AppOpsManager.java
index 1e0bda7a4c50..9ef3c5bc397c 100644
--- a/core/java/android/app/AppOpsManager.java
+++ b/core/java/android/app/AppOpsManager.java
@@ -1122,8 +1122,11 @@ public class AppOpsManager {
             AppProtoEnums.APP_OP_AUTO_REVOKE_MANAGED_BY_INSTALLER;
 
     /** @hide */
+    public static final int OP_NO_ISOLATED_STORAGE = AppProtoEnums.APP_OP_NO_ISOLATED_STORAGE;
+
+    /** @hide */
     @UnsupportedAppUsage
-    public static final int _NUM_OP = 99;
+    public static final int _NUM_OP = 100;
 
     /** Access to coarse location information. */
     public static final String OPSTR_COARSE_LOCATION = "android:coarse_location";
@@ -1434,6 +1437,12 @@ public class AppOpsManager {
     @SystemApi
     public static final String OPSTR_LOADER_USAGE_STATS = "android:loader_usage_stats";
 
+    /**
+     * AppOp granted to apps that we are started via {@code am instrument -e --no-isolated-storage}
+     *
+     * @hide
+     */
+    public static final String OPSTR_NO_ISOLATED_STORAGE = "android:no_isolated_storage";
 
     /** {@link #sAppOpsToNote} not initialized yet for this op */
     private static final byte SHOULD_COLLECT_NOTE_OP_NOT_INITIALIZED = 0;
@@ -1623,6 +1632,7 @@ public class AppOpsManager {
             OP_DEPRECATED_1,                    // deprecated
             OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED, //AUTO_REVOKE_PERMISSIONS_IF_UNUSED
             OP_AUTO_REVOKE_MANAGED_BY_INSTALLER, //OP_AUTO_REVOKE_MANAGED_BY_INSTALLER
+            OP_NO_ISOLATED_STORAGE,             // NO_ISOLATED_STORAGE
     };
 
     /**
@@ -1728,6 +1738,7 @@ public class AppOpsManager {
             "", // deprecated
             OPSTR_AUTO_REVOKE_PERMISSIONS_IF_UNUSED,
             OPSTR_AUTO_REVOKE_MANAGED_BY_INSTALLER,
+            OPSTR_NO_ISOLATED_STORAGE,
     };
 
     /**
@@ -1834,6 +1845,7 @@ public class AppOpsManager {
             "deprecated",
             "AUTO_REVOKE_PERMISSIONS_IF_UNUSED",
             "AUTO_REVOKE_MANAGED_BY_INSTALLER",
+            "NO_ISOLATED_STORAGE",
     };
 
     /**
@@ -1941,6 +1953,7 @@ public class AppOpsManager {
             null, // deprecated operation
             null, // no permission for OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED
             null, // no permission for OP_AUTO_REVOKE_MANAGED_BY_INSTALLER
+            null, // no permission for OP_NO_ISOLATED_STORAGE
     };
 
     /**
@@ -2048,6 +2061,7 @@ public class AppOpsManager {
             null, // deprecated operation
             null, // AUTO_REVOKE_PERMISSIONS_IF_UNUSED
             null, // AUTO_REVOKE_MANAGED_BY_INSTALLER
+            null, // NO_ISOLATED_STORAGE
     };
 
     /**
@@ -2154,6 +2168,7 @@ public class AppOpsManager {
             null, // deprecated operation
             null, // AUTO_REVOKE_PERMISSIONS_IF_UNUSED
             null, // AUTO_REVOKE_MANAGED_BY_INSTALLER
+            null, // NO_ISOLATED_STORAGE
     };
 
     /**
@@ -2259,6 +2274,7 @@ public class AppOpsManager {
             AppOpsManager.MODE_IGNORED, // deprecated operation
             AppOpsManager.MODE_DEFAULT, // OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED
             AppOpsManager.MODE_ALLOWED, // OP_AUTO_REVOKE_MANAGED_BY_INSTALLER
+            AppOpsManager.MODE_ERRORED, // OP_NO_ISOLATED_STORAGE
     };
 
     /**
@@ -2368,6 +2384,7 @@ public class AppOpsManager {
             false, // deprecated operation
             false, // AUTO_REVOKE_PERMISSIONS_IF_UNUSED
             false, // AUTO_REVOKE_MANAGED_BY_INSTALLER
+            true, // NO_ISOLATED_STORAGE
     };
 
     /**
diff --git a/core/proto/android/app/enums.proto b/core/proto/android/app/enums.proto
index 563ef145b79c..bd5cb62f7fde 100644
--- a/core/proto/android/app/enums.proto
+++ b/core/proto/android/app/enums.proto
@@ -206,4 +206,5 @@ enum AppOpEnum {
     APP_OP_DEPRECATED_1 = 96 [deprecated = true];
     APP_OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED = 97;
     APP_OP_AUTO_REVOKE_MANAGED_BY_INSTALLER = 98;
+    APP_OP_NO_ISOLATED_STORAGE = 99;
 }
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index ed67f210b063..967be53d8f1a 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -24,8 +24,8 @@ import static android.Manifest.permission.INTERACT_ACROSS_USERS_FULL;
 import static android.Manifest.permission.REMOVE_TASKS;
 import static android.Manifest.permission.START_ACTIVITIES_FROM_BACKGROUND;
 import static android.app.ActivityManager.INSTR_FLAG_DISABLE_HIDDEN_API_CHECKS;
+import static android.app.ActivityManager.INSTR_FLAG_DISABLE_ISOLATED_STORAGE;
 import static android.app.ActivityManager.INSTR_FLAG_DISABLE_TEST_API_CHECKS;
-import static android.app.ActivityManager.INSTR_FLAG_MOUNT_EXTERNAL_STORAGE_FULL;
 import static android.app.ActivityManager.PROCESS_STATE_LAST_ACTIVITY;
 import static android.app.ActivityManager.PROCESS_STATE_NONEXISTENT;
 import static android.app.ActivityManager.PROCESS_STATE_TOP;
@@ -16916,8 +16916,9 @@ public class ActivityManagerService extends IActivityManager.Stub
                         "disable hidden API checks");
             }
 
+            // TODO(b/158750470): remove
             final boolean mountExtStorageFull = isCallerShell()
-                    && (flags & INSTR_FLAG_MOUNT_EXTERNAL_STORAGE_FULL) != 0;
+                    && (flags & INSTR_FLAG_DISABLE_ISOLATED_STORAGE) != 0;
 
             final long origId = Binder.clearCallingIdentity();
             // Instrumentation can kill and relaunch even persistent processes
@@ -16939,6 +16940,13 @@ public class ActivityManagerService extends IActivityManager.Stub
             if (!mActiveInstrumentation.contains(activeInstr)) {
                 mActiveInstrumentation.add(activeInstr);
             }
+
+            if ((flags & INSTR_FLAG_DISABLE_ISOLATED_STORAGE) != 0) {
+                // Allow OP_NO_ISOLATED_STORAGE app op for the package running instrumentation with
+                // --no-isolated-storage flag.
+                mAppOpsService.setMode(AppOpsManager.OP_NO_ISOLATED_STORAGE, ai.uid,
+                        ii.packageName, AppOpsManager.MODE_ALLOWED);
+            }
             Binder.restoreCallingIdentity(origId);
         }
 
@@ -17029,6 +17037,9 @@ public class ActivityManagerService extends IActivityManager.Stub
 
             // Can't call out of the system process with a lock held, so post a message.
             if (instr.mUiAutomationConnection != null) {
+                // Go back to the default mode of denying OP_NO_ISOLATED_STORAGE app op.
+                mAppOpsService.setMode(AppOpsManager.OP_NO_ISOLATED_STORAGE, app.uid,
+                        app.info.packageName, AppOpsManager.MODE_ERRORED);
                 mAppOpsService.setAppOpsServiceDelegate(null);
                 getPermissionManagerInternalLocked().setCheckPermissionDelegate(null);
                 mHandler.obtainMessage(SHUTDOWN_UI_AUTOMATION_CONNECTION_MSG,
author	Nikita Ioffe <ioffe@google.com>	2020-06-16 21:29:28 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2020-06-16 21:29:28 +0000
commit	ac0b70df10cfdf8d694d3003bcff8ba31bf23f19 (patch)
tree	0c0dc5cbc42c23100cbb68c3c7b5e16c4d9dce5a
parent	3db2e59e043d18c35f6689a466af846ced15f90c (diff)
parent	bd787d983decab24f896fc5200d250e1c0b312f4 (diff)