2 * Copyright (C) 2014 The Android Open Source Project
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 package com.android.server;
19 import static com.android.internal.util.ArrayUtils.appendInt;
21 import android.app.ActivityManager;
22 import android.content.ComponentName;
23 import android.content.pm.FeatureInfo;
24 import android.content.pm.PackageManager;
25 import android.os.Environment;
26 import android.os.Process;
27 import android.os.storage.StorageManager;
28 import android.util.ArrayMap;
29 import android.util.ArraySet;
30 import android.util.Slog;
31 import android.util.SparseArray;
32 import android.util.Xml;
34 import com.android.internal.util.XmlUtils;
36 import libcore.io.IoUtils;
38 import org.xmlpull.v1.XmlPullParser;
39 import org.xmlpull.v1.XmlPullParserException;
42 import java.io.FileNotFoundException;
43 import java.io.FileReader;
44 import java.io.IOException;
47 * Loads global system configuration info.
49 public class SystemConfig {
50 static final String TAG = "SystemConfig";
52 static SystemConfig sInstance;
54 // permission flag, determines which types of configuration are allowed to be read
55 private static final int ALLOW_FEATURES = 0x01;
56 private static final int ALLOW_LIBS = 0x02;
57 private static final int ALLOW_PERMISSIONS = 0x04;
58 private static final int ALLOW_APP_CONFIGS = 0x08;
59 private static final int ALLOW_ALL = ~0;
61 // Group-ids that are given to all packages as read from etc/permissions/*.xml.
64 // These are the built-in uid -> permission mappings that were read from the
65 // system configuration files.
66 final SparseArray<ArraySet<String>> mSystemPermissions = new SparseArray<>();
68 // These are the built-in shared libraries that were read from the
69 // system configuration files. Keys are the library names; strings are the
70 // paths to the libraries.
71 final ArrayMap<String, String> mSharedLibraries = new ArrayMap<>();
73 // These are the features this devices supports that were read from the
74 // system configuration files.
75 final ArrayMap<String, FeatureInfo> mAvailableFeatures = new ArrayMap<>();
77 // These are the features which this device doesn't support; the OEM
78 // partition uses these to opt-out of features from the system image.
79 final ArraySet<String> mUnavailableFeatures = new ArraySet<>();
81 public static final class PermissionEntry {
82 public final String name;
84 public boolean perUser;
86 PermissionEntry(String name, boolean perUser) {
88 this.perUser = perUser;
92 // These are the permission -> gid mappings that were read from the
93 // system configuration files.
94 final ArrayMap<String, PermissionEntry> mPermissions = new ArrayMap<>();
96 // These are the packages that are white-listed to be able to run in the
97 // background while in power save mode (but not whitelisted from device idle modes),
98 // as read from the configuration files.
99 final ArraySet<String> mAllowInPowerSaveExceptIdle = new ArraySet<>();
101 // These are the packages that are white-listed to be able to run in the
102 // background while in power save mode, as read from the configuration files.
103 final ArraySet<String> mAllowInPowerSave = new ArraySet<>();
105 // These are the packages that are white-listed to be able to run in the
106 // background while in data-usage save mode, as read from the configuration files.
107 final ArraySet<String> mAllowInDataUsageSave = new ArraySet<>();
109 // These are the package names of apps which should be in the 'always'
110 // URL-handling state upon factory reset.
111 final ArraySet<String> mLinkedApps = new ArraySet<>();
113 // These are the packages that are whitelisted to be able to run as system user
114 final ArraySet<String> mSystemUserWhitelistedApps = new ArraySet<>();
116 // These are the packages that should not run under system user
117 final ArraySet<String> mSystemUserBlacklistedApps = new ArraySet<>();
119 // These are the components that are enabled by default as VR mode listener services.
120 final ArraySet<ComponentName> mDefaultVrComponents = new ArraySet<>();
122 // These are the permitted backup transport service components
123 final ArraySet<ComponentName> mBackupTransportWhitelist = new ArraySet<>();
125 public static SystemConfig getInstance() {
126 synchronized (SystemConfig.class) {
127 if (sInstance == null) {
128 sInstance = new SystemConfig();
134 public int[] getGlobalGids() {
138 public SparseArray<ArraySet<String>> getSystemPermissions() {
139 return mSystemPermissions;
142 public ArrayMap<String, String> getSharedLibraries() {
143 return mSharedLibraries;
146 public ArrayMap<String, FeatureInfo> getAvailableFeatures() {
147 return mAvailableFeatures;
150 public ArrayMap<String, PermissionEntry> getPermissions() {
154 public ArraySet<String> getAllowInPowerSaveExceptIdle() {
155 return mAllowInPowerSaveExceptIdle;
158 public ArraySet<String> getAllowInPowerSave() {
159 return mAllowInPowerSave;
162 public ArraySet<String> getAllowInDataUsageSave() {
163 return mAllowInDataUsageSave;
166 public ArraySet<String> getLinkedApps() {
170 public ArraySet<String> getSystemUserWhitelistedApps() {
171 return mSystemUserWhitelistedApps;
174 public ArraySet<String> getSystemUserBlacklistedApps() {
175 return mSystemUserBlacklistedApps;
178 public ArraySet<ComponentName> getDefaultVrComponents() {
179 return mDefaultVrComponents;
182 public ArraySet<ComponentName> getBackupTransportWhitelist() {
183 return mBackupTransportWhitelist;
187 // Read configuration from system
188 readPermissions(Environment.buildPath(
189 Environment.getRootDirectory(), "etc", "sysconfig"), ALLOW_ALL);
190 // Read configuration from the old permissions dir
191 readPermissions(Environment.buildPath(
192 Environment.getRootDirectory(), "etc", "permissions"), ALLOW_ALL);
193 // Allow ODM to customize system configs around libs, features and apps
194 int odmPermissionFlag = ALLOW_LIBS | ALLOW_FEATURES | ALLOW_APP_CONFIGS;
195 readPermissions(Environment.buildPath(
196 Environment.getOdmDirectory(), "etc", "sysconfig"), odmPermissionFlag);
197 readPermissions(Environment.buildPath(
198 Environment.getOdmDirectory(), "etc", "permissions"), odmPermissionFlag);
199 // Only allow OEM to customize features
200 readPermissions(Environment.buildPath(
201 Environment.getOemDirectory(), "etc", "sysconfig"), ALLOW_FEATURES);
202 readPermissions(Environment.buildPath(
203 Environment.getOemDirectory(), "etc", "permissions"), ALLOW_FEATURES);
206 void readPermissions(File libraryDir, int permissionFlag) {
207 // Read permissions from given directory.
208 if (!libraryDir.exists() || !libraryDir.isDirectory()) {
209 if (permissionFlag == ALLOW_ALL) {
210 Slog.w(TAG, "No directory " + libraryDir + ", skipping");
214 if (!libraryDir.canRead()) {
215 Slog.w(TAG, "Directory " + libraryDir + " cannot be read");
219 // Iterate over the files in the directory and scan .xml files
220 File platformFile = null;
221 for (File f : libraryDir.listFiles()) {
222 // We'll read platform.xml last
223 if (f.getPath().endsWith("etc/permissions/platform.xml")) {
228 if (!f.getPath().endsWith(".xml")) {
229 Slog.i(TAG, "Non-xml file " + f + " in " + libraryDir + " directory, ignoring");
233 Slog.w(TAG, "Permissions library file " + f + " cannot be read");
237 readPermissionsFromXml(f, permissionFlag);
240 // Read platform permissions last so it will take precedence
241 if (platformFile != null) {
242 readPermissionsFromXml(platformFile, permissionFlag);
246 private void readPermissionsFromXml(File permFile, int permissionFlag) {
247 FileReader permReader = null;
249 permReader = new FileReader(permFile);
250 } catch (FileNotFoundException e) {
251 Slog.w(TAG, "Couldn't find or open permissions file " + permFile);
255 final boolean lowRam = ActivityManager.isLowRamDeviceStatic();
258 XmlPullParser parser = Xml.newPullParser();
259 parser.setInput(permReader);
262 while ((type=parser.next()) != parser.START_TAG
263 && type != parser.END_DOCUMENT) {
267 if (type != parser.START_TAG) {
268 throw new XmlPullParserException("No start tag found");
271 if (!parser.getName().equals("permissions") && !parser.getName().equals("config")) {
272 throw new XmlPullParserException("Unexpected start tag in " + permFile
273 + ": found " + parser.getName() + ", expected 'permissions' or 'config'");
276 boolean allowAll = permissionFlag == ALLOW_ALL;
277 boolean allowLibs = (permissionFlag & ALLOW_LIBS) != 0;
278 boolean allowFeatures = (permissionFlag & ALLOW_FEATURES) != 0;
279 boolean allowPermissions = (permissionFlag & ALLOW_PERMISSIONS) != 0;
280 boolean allowAppConfigs = (permissionFlag & ALLOW_APP_CONFIGS) != 0;
282 XmlUtils.nextElement(parser);
283 if (parser.getEventType() == XmlPullParser.END_DOCUMENT) {
287 String name = parser.getName();
288 if ("group".equals(name) && allowAll) {
289 String gidStr = parser.getAttributeValue(null, "gid");
290 if (gidStr != null) {
291 int gid = android.os.Process.getGidForName(gidStr);
292 mGlobalGids = appendInt(mGlobalGids, gid);
294 Slog.w(TAG, "<group> without gid in " + permFile + " at "
295 + parser.getPositionDescription());
298 XmlUtils.skipCurrentTag(parser);
300 } else if ("permission".equals(name) && allowPermissions) {
301 String perm = parser.getAttributeValue(null, "name");
303 Slog.w(TAG, "<permission> without name in " + permFile + " at "
304 + parser.getPositionDescription());
305 XmlUtils.skipCurrentTag(parser);
308 perm = perm.intern();
309 readPermission(parser, perm);
311 } else if ("assign-permission".equals(name) && allowPermissions) {
312 String perm = parser.getAttributeValue(null, "name");
314 Slog.w(TAG, "<assign-permission> without name in " + permFile + " at "
315 + parser.getPositionDescription());
316 XmlUtils.skipCurrentTag(parser);
319 String uidStr = parser.getAttributeValue(null, "uid");
320 if (uidStr == null) {
321 Slog.w(TAG, "<assign-permission> without uid in " + permFile + " at "
322 + parser.getPositionDescription());
323 XmlUtils.skipCurrentTag(parser);
326 int uid = Process.getUidForName(uidStr);
328 Slog.w(TAG, "<assign-permission> with unknown uid \""
329 + uidStr + " in " + permFile + " at "
330 + parser.getPositionDescription());
331 XmlUtils.skipCurrentTag(parser);
334 perm = perm.intern();
335 ArraySet<String> perms = mSystemPermissions.get(uid);
337 perms = new ArraySet<String>();
338 mSystemPermissions.put(uid, perms);
341 XmlUtils.skipCurrentTag(parser);
343 } else if ("library".equals(name) && allowLibs) {
344 String lname = parser.getAttributeValue(null, "name");
345 String lfile = parser.getAttributeValue(null, "file");
347 Slog.w(TAG, "<library> without name in " + permFile + " at "
348 + parser.getPositionDescription());
349 } else if (lfile == null) {
350 Slog.w(TAG, "<library> without file in " + permFile + " at "
351 + parser.getPositionDescription());
353 //Log.i(TAG, "Got library " + lname + " in " + lfile);
354 mSharedLibraries.put(lname, lfile);
356 XmlUtils.skipCurrentTag(parser);
359 } else if ("feature".equals(name) && allowFeatures) {
360 String fname = parser.getAttributeValue(null, "name");
361 int fversion = XmlUtils.readIntAttribute(parser, "version", 0);
366 String notLowRam = parser.getAttributeValue(null, "notLowRam");
367 allowed = !"true".equals(notLowRam);
370 Slog.w(TAG, "<feature> without name in " + permFile + " at "
371 + parser.getPositionDescription());
372 } else if (allowed) {
373 addFeature(fname, fversion);
375 XmlUtils.skipCurrentTag(parser);
378 } else if ("unavailable-feature".equals(name) && allowFeatures) {
379 String fname = parser.getAttributeValue(null, "name");
381 Slog.w(TAG, "<unavailable-feature> without name in " + permFile + " at "
382 + parser.getPositionDescription());
384 mUnavailableFeatures.add(fname);
386 XmlUtils.skipCurrentTag(parser);
389 } else if ("allow-in-power-save-except-idle".equals(name) && allowAll) {
390 String pkgname = parser.getAttributeValue(null, "package");
391 if (pkgname == null) {
392 Slog.w(TAG, "<allow-in-power-save-except-idle> without package in "
393 + permFile + " at " + parser.getPositionDescription());
395 mAllowInPowerSaveExceptIdle.add(pkgname);
397 XmlUtils.skipCurrentTag(parser);
400 } else if ("allow-in-power-save".equals(name) && allowAll) {
401 String pkgname = parser.getAttributeValue(null, "package");
402 if (pkgname == null) {
403 Slog.w(TAG, "<allow-in-power-save> without package in " + permFile + " at "
404 + parser.getPositionDescription());
406 mAllowInPowerSave.add(pkgname);
408 XmlUtils.skipCurrentTag(parser);
411 } else if ("allow-in-data-usage-save".equals(name) && allowAll) {
412 String pkgname = parser.getAttributeValue(null, "package");
413 if (pkgname == null) {
414 Slog.w(TAG, "<allow-in-data-usage-save> without package in " + permFile
415 + " at " + parser.getPositionDescription());
417 mAllowInDataUsageSave.add(pkgname);
419 XmlUtils.skipCurrentTag(parser);
422 } else if ("app-link".equals(name) && allowAppConfigs) {
423 String pkgname = parser.getAttributeValue(null, "package");
424 if (pkgname == null) {
425 Slog.w(TAG, "<app-link> without package in " + permFile + " at "
426 + parser.getPositionDescription());
428 mLinkedApps.add(pkgname);
430 XmlUtils.skipCurrentTag(parser);
431 } else if ("system-user-whitelisted-app".equals(name) && allowAppConfigs) {
432 String pkgname = parser.getAttributeValue(null, "package");
433 if (pkgname == null) {
434 Slog.w(TAG, "<system-user-whitelisted-app> without package in " + permFile
435 + " at " + parser.getPositionDescription());
437 mSystemUserWhitelistedApps.add(pkgname);
439 XmlUtils.skipCurrentTag(parser);
440 } else if ("system-user-blacklisted-app".equals(name) && allowAppConfigs) {
441 String pkgname = parser.getAttributeValue(null, "package");
442 if (pkgname == null) {
443 Slog.w(TAG, "<system-user-blacklisted-app without package in " + permFile
444 + " at " + parser.getPositionDescription());
446 mSystemUserBlacklistedApps.add(pkgname);
448 XmlUtils.skipCurrentTag(parser);
449 } else if ("default-enabled-vr-app".equals(name) && allowAppConfigs) {
450 String pkgname = parser.getAttributeValue(null, "package");
451 String clsname = parser.getAttributeValue(null, "class");
452 if (pkgname == null) {
453 Slog.w(TAG, "<default-enabled-vr-app without package in " + permFile
454 + " at " + parser.getPositionDescription());
455 } else if (clsname == null) {
456 Slog.w(TAG, "<default-enabled-vr-app without class in " + permFile
457 + " at " + parser.getPositionDescription());
459 mDefaultVrComponents.add(new ComponentName(pkgname, clsname));
461 XmlUtils.skipCurrentTag(parser);
462 } else if ("backup-transport-whitelisted-service".equals(name) && allowFeatures) {
463 String serviceName = parser.getAttributeValue(null, "service");
464 if (serviceName == null) {
465 Slog.w(TAG, "<backup-transport-whitelisted-service> without service in "
466 + permFile + " at " + parser.getPositionDescription());
468 ComponentName cn = ComponentName.unflattenFromString(serviceName);
471 "<backup-transport-whitelisted-service> with invalid service name "
472 + serviceName + " in "+ permFile
473 + " at " + parser.getPositionDescription());
475 mBackupTransportWhitelist.add(cn);
478 XmlUtils.skipCurrentTag(parser);
480 XmlUtils.skipCurrentTag(parser);
484 } catch (XmlPullParserException e) {
485 Slog.w(TAG, "Got exception parsing permissions.", e);
486 } catch (IOException e) {
487 Slog.w(TAG, "Got exception parsing permissions.", e);
489 IoUtils.closeQuietly(permReader);
492 // Some devices can be field-converted to FBE, so offer to splice in
493 // those features if not already defined by the static config
494 if (StorageManager.isFileEncryptedNativeOnly()) {
495 addFeature(PackageManager.FEATURE_FILE_BASED_ENCRYPTION, 0);
496 addFeature(PackageManager.FEATURE_SECURELY_REMOVES_USERS, 0);
499 for (String featureName : mUnavailableFeatures) {
500 removeFeature(featureName);
504 private void addFeature(String name, int version) {
505 FeatureInfo fi = mAvailableFeatures.get(name);
507 fi = new FeatureInfo();
509 fi.version = version;
510 mAvailableFeatures.put(name, fi);
512 fi.version = Math.max(fi.version, version);
516 private void removeFeature(String name) {
517 if (mAvailableFeatures.remove(name) != null) {
518 Slog.d(TAG, "Removed unavailable feature " + name);
522 void readPermission(XmlPullParser parser, String name)
523 throws IOException, XmlPullParserException {
524 if (mPermissions.containsKey(name)) {
525 throw new IllegalStateException("Duplicate permission definition for " + name);
528 final boolean perUser = XmlUtils.readBooleanAttribute(parser, "perUser", false);
529 final PermissionEntry perm = new PermissionEntry(name, perUser);
530 mPermissions.put(name, perm);
532 int outerDepth = parser.getDepth();
534 while ((type=parser.next()) != XmlPullParser.END_DOCUMENT
535 && (type != XmlPullParser.END_TAG
536 || parser.getDepth() > outerDepth)) {
537 if (type == XmlPullParser.END_TAG
538 || type == XmlPullParser.TEXT) {
542 String tagName = parser.getName();
543 if ("group".equals(tagName)) {
544 String gidStr = parser.getAttributeValue(null, "gid");
545 if (gidStr != null) {
546 int gid = Process.getGidForName(gidStr);
547 perm.gids = appendInt(perm.gids, gid);
549 Slog.w(TAG, "<group> without gid at "
550 + parser.getPositionDescription());
553 XmlUtils.skipCurrentTag(parser);