1 /*
2  * Copyright (C) 2022 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package com.android.server.devicelock;
18 
19 import static com.android.internal.annotations.VisibleForTesting.Visibility.PACKAGE;
20 
21 import android.annotation.NonNull;
22 import android.annotation.Nullable;
23 import android.content.Context;
24 import android.content.Intent;
25 import android.content.pm.ApplicationInfo;
26 import android.content.pm.PackageManager;
27 import android.content.pm.ResolveInfo;
28 import android.content.pm.ServiceInfo;
29 import android.content.res.Resources;
30 import android.os.UserHandle;
31 
32 import com.android.internal.annotations.VisibleForTesting;
33 
34 import java.util.List;
35 
36 /**
37  * Utility class to find properties of the device lock controller package.
38  */
39 public final class DeviceLockControllerPackageUtils {
40     private final Context mContext;
41 
42     @VisibleForTesting
43     static final String SERVICE_ACTION =
44             "android.app.action.DEVICE_LOCK_CONTROLLER_SERVICE";
45 
DeviceLockControllerPackageUtils(Context context)46     public DeviceLockControllerPackageUtils(Context context) {
47         mContext = context;
48     }
49 
50     private ServiceInfo mServiceInfo;
51 
52     private int mDeviceIdTypeBitmap = -1;
53 
54     /**
55      * Find the service for device lock controller.
56      *
57      * @param errorMessage Reason why the service could not be found.
58      * @return Service information or null for an error.
59      */
60     @VisibleForTesting(visibility = PACKAGE)
61     @Nullable
findService(@onNull StringBuilder errorMessage)62     public synchronized ServiceInfo findService(@NonNull StringBuilder errorMessage) {
63         errorMessage.setLength(0);
64 
65         if (mServiceInfo == null) {
66             mServiceInfo = findServiceInternal(errorMessage);
67         }
68 
69         return mServiceInfo;
70     }
71 
72     @Nullable
findServiceInternal(@onNull StringBuilder errorMessage)73     private ServiceInfo findServiceInternal(@NonNull StringBuilder errorMessage) {
74         final Intent intent = new Intent(SERVICE_ACTION);
75         final PackageManager pm = mContext.getPackageManager();
76 
77         errorMessage.setLength(0);
78 
79         final List<ResolveInfo> resolveInfoList = pm.queryIntentServicesAsUser(intent,
80                 PackageManager.MATCH_SYSTEM_ONLY | PackageManager.MATCH_DIRECT_BOOT_UNAWARE
81                         | PackageManager.MATCH_DIRECT_BOOT_AWARE
82                         | PackageManager.MATCH_DISABLED_COMPONENTS, UserHandle.SYSTEM);
83 
84         if (resolveInfoList == null || resolveInfoList.isEmpty()) {
85             errorMessage.append("Service with " + SERVICE_ACTION + " not found.");
86 
87             return null;
88         }
89 
90         ServiceInfo resultServiceInfo = null;
91 
92         for (ResolveInfo resolveInfo : resolveInfoList) {
93             final ServiceInfo serviceInfo = resolveInfo.serviceInfo;
94 
95             if ((serviceInfo.applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) == 0) {
96                 continue;
97             }
98 
99             if (resultServiceInfo != null) {
100                 errorMessage.append("Multiple system services handle " + SERVICE_ACTION + ".");
101 
102                 return null;
103             }
104 
105             resultServiceInfo = serviceInfo;
106         }
107 
108         if (!resultServiceInfo.applicationInfo.isPrivilegedApp()) {
109             errorMessage.append("Device lock controller must be a privileged app");
110 
111             return null;
112         }
113 
114         return resultServiceInfo;
115     }
116 
117     /**
118      * Get the allowed device id type bitmap or -1 if it cannot be determined.
119      */
120     @VisibleForTesting
getDeviceIdTypeBitmap(@onNull StringBuilder errorMessage)121     public synchronized int getDeviceIdTypeBitmap(@NonNull StringBuilder errorMessage) {
122         errorMessage.setLength(0);
123 
124         if (mDeviceIdTypeBitmap < 0) {
125             mDeviceIdTypeBitmap = getDeviceIdTypeBitmapInternal(errorMessage);
126         }
127 
128         return mDeviceIdTypeBitmap;
129     }
130 
getDeviceIdTypeBitmapInternal(@onNull StringBuilder errorMessage)131     private int getDeviceIdTypeBitmapInternal(@NonNull StringBuilder errorMessage) {
132         ServiceInfo serviceInfo = findService(errorMessage);
133 
134         if (serviceInfo == null) {
135             return -1;
136         }
137 
138         final String packageName = serviceInfo.packageName;
139 
140         final PackageManager pm = mContext.getPackageManager();
141         int deviceIdTypeBitmap = -1;
142         errorMessage.setLength(0);
143 
144         try {
145             final Resources resources = pm.getResourcesForApplication(packageName);
146             final int resId = resources.getIdentifier("device_id_type_bitmap", "integer",
147                     packageName);
148             if (resId == 0) {
149                 errorMessage.append("Cannot get device_id_type_bitmap from: " + packageName);
150 
151                 return -1;
152             }
153             deviceIdTypeBitmap = resources.getInteger(resId);
154         } catch (PackageManager.NameNotFoundException e) {
155             errorMessage.append("Cannot get resources for package: " + packageName);
156         }
157 
158         return deviceIdTypeBitmap;
159     }
160 }
161