1 /* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License 15 */ 16 17 package com.android.server.am; 18 19 import static android.Manifest.permission.INTERACT_ACROSS_USERS; 20 import static android.Manifest.permission.INTERACT_ACROSS_USERS_FULL; 21 import static android.app.ActivityManager.USER_OP_ERROR_IS_SYSTEM; 22 import static android.app.ActivityManager.USER_OP_ERROR_RELATED_USERS_CANNOT_STOP; 23 import static android.app.ActivityManager.USER_OP_IS_CURRENT; 24 import static android.app.ActivityManager.USER_OP_SUCCESS; 25 import static android.app.ActivityManagerInternal.ALLOW_FULL_ONLY; 26 import static android.app.ActivityManagerInternal.ALLOW_NON_FULL; 27 import static android.app.ActivityManagerInternal.ALLOW_NON_FULL_IN_PROFILE; 28 import static android.os.Process.SHELL_UID; 29 import static android.os.Process.SYSTEM_UID; 30 31 import static com.android.server.am.ActivityManagerDebugConfig.DEBUG_MU; 32 import static com.android.server.am.ActivityManagerDebugConfig.TAG_AM; 33 import static com.android.server.am.ActivityManagerDebugConfig.TAG_WITH_CLASS_NAME; 34 import static com.android.server.am.ActivityManagerService.MY_PID; 35 import static com.android.server.am.UserState.STATE_BOOTING; 36 import static com.android.server.am.UserState.STATE_RUNNING_LOCKED; 37 import static com.android.server.am.UserState.STATE_RUNNING_UNLOCKED; 38 import static com.android.server.am.UserState.STATE_RUNNING_UNLOCKING; 39 40 import android.annotation.NonNull; 41 import android.annotation.Nullable; 42 import android.annotation.UserIdInt; 43 import android.app.ActivityManager; 44 import android.app.AppGlobals; 45 import android.app.AppOpsManager; 46 import android.app.Dialog; 47 import android.app.IStopUserCallback; 48 import android.app.IUserSwitchObserver; 49 import android.app.KeyguardManager; 50 import android.app.usage.UsageEvents; 51 import android.appwidget.AppWidgetManagerInternal; 52 import android.content.Context; 53 import android.content.IIntentReceiver; 54 import android.content.Intent; 55 import android.content.pm.IPackageManager; 56 import android.content.pm.PackageManager; 57 import android.content.pm.UserInfo; 58 import android.os.BatteryStats; 59 import android.os.Binder; 60 import android.os.Build; 61 import android.os.Bundle; 62 import android.os.Debug; 63 import android.os.Handler; 64 import android.os.IBinder; 65 import android.os.IProgressListener; 66 import android.os.IRemoteCallback; 67 import android.os.IUserManager; 68 import android.os.Looper; 69 import android.os.Message; 70 import android.os.Process; 71 import android.os.RemoteCallbackList; 72 import android.os.RemoteException; 73 import android.os.ServiceManager; 74 import android.os.SystemClock; 75 import android.os.Trace; 76 import android.os.UserHandle; 77 import android.os.UserManager; 78 import android.os.UserManagerInternal; 79 import android.os.storage.IStorageManager; 80 import android.os.storage.StorageManager; 81 import android.text.format.DateUtils; 82 import android.util.ArraySet; 83 import android.util.IntArray; 84 import android.util.Pair; 85 import android.util.Slog; 86 import android.util.SparseArray; 87 import android.util.SparseIntArray; 88 import android.util.TimingsTraceLog; 89 import android.util.proto.ProtoOutputStream; 90 91 import com.android.internal.R; 92 import com.android.internal.annotations.GuardedBy; 93 import com.android.internal.annotations.VisibleForTesting; 94 import com.android.internal.logging.MetricsLogger; 95 import com.android.internal.util.ArrayUtils; 96 import com.android.internal.util.Preconditions; 97 import com.android.internal.widget.LockPatternUtils; 98 import com.android.server.FgThread; 99 import com.android.server.LocalServices; 100 import com.android.server.SystemServiceManager; 101 import com.android.server.am.UserState.KeyEvictedCallback; 102 import com.android.server.pm.UserManagerService; 103 import com.android.server.wm.ActivityTaskManagerInternal; 104 import com.android.server.wm.WindowManagerService; 105 106 import java.io.PrintWriter; 107 import java.util.ArrayList; 108 import java.util.Arrays; 109 import java.util.Iterator; 110 import java.util.List; 111 import java.util.Objects; 112 import java.util.concurrent.atomic.AtomicInteger; 113 114 /** 115 * Helper class for {@link ActivityManagerService} responsible for multi-user functionality. 116 * 117 * <p>This class use {@link #mLock} to synchronize access to internal state. Methods that require 118 * {@link #mLock} to be held should have "LU" suffix in the name. 119 * 120 * <p><strong>Important:</strong> Synchronized code, i.e. one executed inside a synchronized(mLock) 121 * block or inside LU method, should only access internal state of this class or make calls to 122 * other LU methods. Non-LU method calls or calls to external classes are discouraged as they 123 * may cause lock inversion. 124 */ 125 class UserController implements Handler.Callback { 126 private static final String TAG = TAG_WITH_CLASS_NAME ? "UserController" : TAG_AM; 127 128 // Amount of time we wait for observers to handle a user switch before 129 // giving up on them and unfreezing the screen. 130 static final int USER_SWITCH_TIMEOUT_MS = 3 * 1000; 131 132 // ActivityManager thread message constants 133 static final int REPORT_USER_SWITCH_MSG = 10; 134 static final int CONTINUE_USER_SWITCH_MSG = 20; 135 static final int USER_SWITCH_TIMEOUT_MSG = 30; 136 static final int START_PROFILES_MSG = 40; 137 static final int SYSTEM_USER_START_MSG = 50; 138 static final int SYSTEM_USER_CURRENT_MSG = 60; 139 static final int FOREGROUND_PROFILE_CHANGED_MSG = 70; 140 static final int REPORT_USER_SWITCH_COMPLETE_MSG = 80; 141 static final int USER_SWITCH_CALLBACKS_TIMEOUT_MSG = 90; 142 static final int SYSTEM_USER_UNLOCK_MSG = 100; 143 static final int REPORT_LOCKED_BOOT_COMPLETE_MSG = 110; 144 static final int START_USER_SWITCH_FG_MSG = 120; 145 146 // UI thread message constants 147 static final int START_USER_SWITCH_UI_MSG = 1000; 148 149 // If a callback wasn't called within USER_SWITCH_CALLBACKS_TIMEOUT_MS after 150 // USER_SWITCH_TIMEOUT_MS, an error is reported. Usually it indicates a problem in the observer 151 // when it never calls back. 152 private static final int USER_SWITCH_CALLBACKS_TIMEOUT_MS = 5 * 1000; 153 154 /** 155 * Maximum number of users we allow to be running at a time, including system user. 156 * 157 * <p>This parameter only affects how many background users will be stopped when switching to a 158 * new user. It has no impact on {@link #startUser(int, boolean)} behavior. 159 * 160 * <p>Note: Current and system user (and their related profiles) are never stopped when 161 * switching users. Due to that, the actual number of running users can exceed mMaxRunningUsers 162 */ 163 int mMaxRunningUsers; 164 165 // Lock for internal state. 166 private final Object mLock = new Object(); 167 168 private final Injector mInjector; 169 private final Handler mHandler; 170 private final Handler mUiHandler; 171 172 // Holds the current foreground user's id. Use mLock when updating 173 @GuardedBy("mLock") 174 private volatile int mCurrentUserId = UserHandle.USER_SYSTEM; 175 // Holds the target user's id during a user switch. The value of mCurrentUserId will be updated 176 // once target user goes into the foreground. Use mLock when updating 177 @GuardedBy("mLock") 178 private volatile int mTargetUserId = UserHandle.USER_NULL; 179 180 /** 181 * Which users have been started, so are allowed to run code. 182 */ 183 @GuardedBy("mLock") 184 private final SparseArray<UserState> mStartedUsers = new SparseArray<>(); 185 186 /** 187 * LRU list of history of current users. Most recently current is at the end. 188 */ 189 @GuardedBy("mLock") 190 private final ArrayList<Integer> mUserLru = new ArrayList<>(); 191 192 /** 193 * Constant array of the users that are currently started. 194 */ 195 @GuardedBy("mLock") 196 private int[] mStartedUserArray = new int[] { 0 }; 197 198 // If there are multiple profiles for the current user, their ids are here 199 // Currently only the primary user can have managed profiles 200 @GuardedBy("mLock") 201 private int[] mCurrentProfileIds = new int[] {}; 202 203 /** 204 * Mapping from each known user ID to the profile group ID it is associated with. 205 */ 206 @GuardedBy("mLock") 207 private final SparseIntArray mUserProfileGroupIds = new SparseIntArray(); 208 209 /** 210 * Registered observers of the user switching mechanics. 211 */ 212 private final RemoteCallbackList<IUserSwitchObserver> mUserSwitchObservers 213 = new RemoteCallbackList<>(); 214 215 boolean mUserSwitchUiEnabled = true; 216 217 /** 218 * Currently active user switch callbacks. 219 */ 220 @GuardedBy("mLock") 221 private volatile ArraySet<String> mCurWaitingUserSwitchCallbacks; 222 223 /** 224 * Messages for for switching from {@link android.os.UserHandle#SYSTEM}. 225 */ 226 @GuardedBy("mLock") 227 private String mSwitchingFromSystemUserMessage; 228 229 /** 230 * Messages for for switching to {@link android.os.UserHandle#SYSTEM}. 231 */ 232 @GuardedBy("mLock") 233 private String mSwitchingToSystemUserMessage; 234 235 /** 236 * Callbacks that are still active after {@link #USER_SWITCH_TIMEOUT_MS} 237 */ 238 @GuardedBy("mLock") 239 private ArraySet<String> mTimeoutUserSwitchCallbacks; 240 241 private final LockPatternUtils mLockPatternUtils; 242 243 volatile boolean mBootCompleted; 244 245 /** 246 * In this mode, user is always stopped when switched out but locking of user data is 247 * postponed until total number of unlocked users in the system reaches mMaxRunningUsers. 248 * Once total number of unlocked users reach mMaxRunningUsers, least recentely used user 249 * will be locked. 250 */ 251 boolean mDelayUserDataLocking; 252 /** 253 * Keep track of last active users for mDelayUserDataLocking. 254 * The latest stopped user is placed in front while the least recently stopped user in back. 255 */ 256 @GuardedBy("mLock") 257 private final ArrayList<Integer> mLastActiveUsers = new ArrayList<>(); 258 UserController(ActivityManagerService service)259 UserController(ActivityManagerService service) { 260 this(new Injector(service)); 261 } 262 263 @VisibleForTesting UserController(Injector injector)264 UserController(Injector injector) { 265 mInjector = injector; 266 mHandler = mInjector.getHandler(this); 267 mUiHandler = mInjector.getUiHandler(this); 268 // User 0 is the first and only user that runs at boot. 269 final UserState uss = new UserState(UserHandle.SYSTEM); 270 uss.mUnlockProgress.addListener(new UserProgressListener()); 271 mStartedUsers.put(UserHandle.USER_SYSTEM, uss); 272 mUserLru.add(UserHandle.USER_SYSTEM); 273 mLockPatternUtils = mInjector.getLockPatternUtils(); 274 updateStartedUserArrayLU(); 275 } 276 finishUserSwitch(UserState uss)277 void finishUserSwitch(UserState uss) { 278 // This call holds the AM lock so we post to the handler. 279 mHandler.post(() -> { 280 finishUserBoot(uss); 281 startProfiles(); 282 synchronized (mLock) { 283 stopRunningUsersLU(mMaxRunningUsers); 284 } 285 }); 286 } 287 288 @GuardedBy("mLock") getRunningUsersLU()289 List<Integer> getRunningUsersLU() { 290 ArrayList<Integer> runningUsers = new ArrayList<>(); 291 for (Integer userId : mUserLru) { 292 UserState uss = mStartedUsers.get(userId); 293 if (uss == null) { 294 // Shouldn't happen, but be sane if it does. 295 continue; 296 } 297 if (uss.state == UserState.STATE_STOPPING 298 || uss.state == UserState.STATE_SHUTDOWN) { 299 // This user is already stopping, doesn't count. 300 continue; 301 } 302 if (userId == UserHandle.USER_SYSTEM) { 303 // We only count system user as running when it is not a pure system user. 304 if (UserInfo.isSystemOnly(userId)) { 305 continue; 306 } 307 } 308 runningUsers.add(userId); 309 } 310 return runningUsers; 311 } 312 313 @GuardedBy("mLock") stopRunningUsersLU(int maxRunningUsers)314 void stopRunningUsersLU(int maxRunningUsers) { 315 List<Integer> currentlyRunning = getRunningUsersLU(); 316 Iterator<Integer> iterator = currentlyRunning.iterator(); 317 while (currentlyRunning.size() > maxRunningUsers && iterator.hasNext()) { 318 Integer userId = iterator.next(); 319 if (userId == UserHandle.USER_SYSTEM || userId == mCurrentUserId) { 320 // Owner/System user and current user can't be stopped 321 continue; 322 } 323 if (stopUsersLU(userId, false, null, null) == USER_OP_SUCCESS) { 324 iterator.remove(); 325 } 326 } 327 } 328 329 /** 330 * Returns if more users can be started without stopping currently running users. 331 */ canStartMoreUsers()332 boolean canStartMoreUsers() { 333 synchronized (mLock) { 334 return getRunningUsersLU().size() < mMaxRunningUsers; 335 } 336 } 337 finishUserBoot(UserState uss)338 private void finishUserBoot(UserState uss) { 339 finishUserBoot(uss, null); 340 } 341 finishUserBoot(UserState uss, IIntentReceiver resultTo)342 private void finishUserBoot(UserState uss, IIntentReceiver resultTo) { 343 final int userId = uss.mHandle.getIdentifier(); 344 345 Slog.d(TAG, "Finishing user boot " + userId); 346 synchronized (mLock) { 347 // Bail if we ended up with a stale user 348 if (mStartedUsers.get(userId) != uss) { 349 return; 350 } 351 } 352 353 // We always walk through all the user lifecycle states to send 354 // consistent developer events. We step into RUNNING_LOCKED here, 355 // but we might immediately step into RUNNING below if the user 356 // storage is already unlocked. 357 if (uss.setState(STATE_BOOTING, STATE_RUNNING_LOCKED)) { 358 mInjector.getUserManagerInternal().setUserState(userId, uss.state); 359 // Do not report secondary users, runtime restarts or first boot/upgrade 360 if (userId == UserHandle.USER_SYSTEM 361 && !mInjector.isRuntimeRestarted() && !mInjector.isFirstBootOrUpgrade()) { 362 int uptimeSeconds = (int)(SystemClock.elapsedRealtime() / 1000); 363 MetricsLogger.histogram(mInjector.getContext(), 364 "framework_locked_boot_completed", uptimeSeconds); 365 final int MAX_UPTIME_SECONDS = 120; 366 if (uptimeSeconds > MAX_UPTIME_SECONDS) { 367 Slog.wtf("SystemServerTiming", 368 "finishUserBoot took too long. uptimeSeconds=" + uptimeSeconds); 369 } 370 } 371 372 mHandler.sendMessage(mHandler.obtainMessage(REPORT_LOCKED_BOOT_COMPLETE_MSG, 373 userId, 0)); 374 Intent intent = new Intent(Intent.ACTION_LOCKED_BOOT_COMPLETED, null); 375 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 376 intent.addFlags(Intent.FLAG_RECEIVER_NO_ABORT 377 | Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND); 378 mInjector.broadcastIntent(intent, null, resultTo, 0, null, null, 379 new String[]{android.Manifest.permission.RECEIVE_BOOT_COMPLETED}, 380 AppOpsManager.OP_NONE, null, true, false, MY_PID, SYSTEM_UID, 381 Binder.getCallingUid(), Binder.getCallingPid(), userId); 382 } 383 384 // We need to delay unlocking managed profiles until the parent user 385 // is also unlocked. 386 if (mInjector.getUserManager().isManagedProfile(userId)) { 387 final UserInfo parent = mInjector.getUserManager().getProfileParent(userId); 388 if (parent != null 389 && isUserRunning(parent.id, ActivityManager.FLAG_AND_UNLOCKED)) { 390 Slog.d(TAG, "User " + userId + " (parent " + parent.id 391 + "): attempting unlock because parent is unlocked"); 392 maybeUnlockUser(userId); 393 } else { 394 String parentId = (parent == null) ? "<null>" : String.valueOf(parent.id); 395 Slog.d(TAG, "User " + userId + " (parent " + parentId 396 + "): delaying unlock because parent is locked"); 397 } 398 } else { 399 maybeUnlockUser(userId); 400 } 401 } 402 403 /** 404 * Step from {@link UserState#STATE_RUNNING_LOCKED} to 405 * {@link UserState#STATE_RUNNING_UNLOCKING}. 406 */ finishUserUnlocking(final UserState uss)407 private boolean finishUserUnlocking(final UserState uss) { 408 final int userId = uss.mHandle.getIdentifier(); 409 // Only keep marching forward if user is actually unlocked 410 if (!StorageManager.isUserKeyUnlocked(userId)) return false; 411 synchronized (mLock) { 412 // Do not proceed if unexpected state or a stale user 413 if (mStartedUsers.get(userId) != uss || uss.state != STATE_RUNNING_LOCKED) { 414 return false; 415 } 416 } 417 uss.mUnlockProgress.start(); 418 419 // Prepare app storage before we go any further 420 uss.mUnlockProgress.setProgress(5, 421 mInjector.getContext().getString(R.string.android_start_title)); 422 423 // Call onBeforeUnlockUser on a worker thread that allows disk I/O 424 FgThread.getHandler().post(() -> { 425 if (!StorageManager.isUserKeyUnlocked(userId)) { 426 Slog.w(TAG, "User key got locked unexpectedly, leaving user locked."); 427 return; 428 } 429 mInjector.getUserManager().onBeforeUnlockUser(userId); 430 synchronized (mLock) { 431 // Do not proceed if unexpected state 432 if (!uss.setState(STATE_RUNNING_LOCKED, STATE_RUNNING_UNLOCKING)) { 433 return; 434 } 435 } 436 mInjector.getUserManagerInternal().setUserState(userId, uss.state); 437 438 uss.mUnlockProgress.setProgress(20); 439 440 // Dispatch unlocked to system services; when fully dispatched, 441 // that calls through to the next "unlocked" phase 442 mHandler.obtainMessage(SYSTEM_USER_UNLOCK_MSG, userId, 0, uss) 443 .sendToTarget(); 444 }); 445 return true; 446 } 447 448 /** 449 * Step from {@link UserState#STATE_RUNNING_UNLOCKING} to 450 * {@link UserState#STATE_RUNNING_UNLOCKED}. 451 */ finishUserUnlocked(final UserState uss)452 void finishUserUnlocked(final UserState uss) { 453 final int userId = uss.mHandle.getIdentifier(); 454 // Only keep marching forward if user is actually unlocked 455 if (!StorageManager.isUserKeyUnlocked(userId)) return; 456 synchronized (mLock) { 457 // Bail if we ended up with a stale user 458 if (mStartedUsers.get(uss.mHandle.getIdentifier()) != uss) return; 459 460 // Do not proceed if unexpected state 461 if (!uss.setState(STATE_RUNNING_UNLOCKING, STATE_RUNNING_UNLOCKED)) { 462 return; 463 } 464 } 465 mInjector.getUserManagerInternal().setUserState(userId, uss.state); 466 uss.mUnlockProgress.finish(); 467 468 // Get unaware persistent apps running and start any unaware providers 469 // in already-running apps that are partially aware 470 if (userId == UserHandle.USER_SYSTEM) { 471 mInjector.startPersistentApps(PackageManager.MATCH_DIRECT_BOOT_UNAWARE); 472 } 473 mInjector.installEncryptionUnawareProviders(userId); 474 475 // Dispatch unlocked to external apps 476 final Intent unlockedIntent = new Intent(Intent.ACTION_USER_UNLOCKED); 477 unlockedIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 478 unlockedIntent.addFlags( 479 Intent.FLAG_RECEIVER_REGISTERED_ONLY | Intent.FLAG_RECEIVER_FOREGROUND); 480 mInjector.broadcastIntent(unlockedIntent, null, null, 0, null, 481 null, null, AppOpsManager.OP_NONE, null, false, false, MY_PID, SYSTEM_UID, 482 Binder.getCallingUid(), Binder.getCallingPid(), userId); 483 484 if (getUserInfo(userId).isManagedProfile()) { 485 UserInfo parent = mInjector.getUserManager().getProfileParent(userId); 486 if (parent != null) { 487 final Intent profileUnlockedIntent = new Intent( 488 Intent.ACTION_MANAGED_PROFILE_UNLOCKED); 489 profileUnlockedIntent.putExtra(Intent.EXTRA_USER, UserHandle.of(userId)); 490 profileUnlockedIntent.addFlags( 491 Intent.FLAG_RECEIVER_REGISTERED_ONLY 492 | Intent.FLAG_RECEIVER_FOREGROUND); 493 mInjector.broadcastIntent(profileUnlockedIntent, 494 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 495 null, false, false, MY_PID, SYSTEM_UID, Binder.getCallingUid(), 496 Binder.getCallingPid(), parent.id); 497 } 498 } 499 500 // Send PRE_BOOT broadcasts if user fingerprint changed; we 501 // purposefully block sending BOOT_COMPLETED until after all 502 // PRE_BOOT receivers are finished to avoid ANR'ing apps 503 final UserInfo info = getUserInfo(userId); 504 if (!Objects.equals(info.lastLoggedInFingerprint, Build.FINGERPRINT)) { 505 // Suppress double notifications for managed profiles that 506 // were unlocked automatically as part of their parent user 507 // being unlocked. 508 final boolean quiet; 509 if (info.isManagedProfile()) { 510 quiet = !uss.tokenProvided 511 || !mLockPatternUtils.isSeparateProfileChallengeEnabled(userId); 512 } else { 513 quiet = false; 514 } 515 mInjector.sendPreBootBroadcast(userId, quiet, 516 () -> finishUserUnlockedCompleted(uss)); 517 } else { 518 finishUserUnlockedCompleted(uss); 519 } 520 } 521 finishUserUnlockedCompleted(UserState uss)522 private void finishUserUnlockedCompleted(UserState uss) { 523 final int userId = uss.mHandle.getIdentifier(); 524 synchronized (mLock) { 525 // Bail if we ended up with a stale user 526 if (mStartedUsers.get(uss.mHandle.getIdentifier()) != uss) return; 527 } 528 UserInfo userInfo = getUserInfo(userId); 529 if (userInfo == null) { 530 return; 531 } 532 // Only keep marching forward if user is actually unlocked 533 if (!StorageManager.isUserKeyUnlocked(userId)) return; 534 535 // Remember that we logged in 536 mInjector.getUserManager().onUserLoggedIn(userId); 537 538 if (!userInfo.isInitialized()) { 539 if (userId != UserHandle.USER_SYSTEM) { 540 Slog.d(TAG, "Initializing user #" + userId); 541 Intent intent = new Intent(Intent.ACTION_USER_INITIALIZE); 542 intent.addFlags(Intent.FLAG_RECEIVER_FOREGROUND 543 | Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND); 544 mInjector.broadcastIntent(intent, null, 545 new IIntentReceiver.Stub() { 546 @Override 547 public void performReceive(Intent intent, int resultCode, 548 String data, Bundle extras, boolean ordered, 549 boolean sticky, int sendingUser) { 550 // Note: performReceive is called with mService lock held 551 mInjector.getUserManager().makeInitialized(userInfo.id); 552 } 553 }, 0, null, null, null, AppOpsManager.OP_NONE, 554 null, true, false, MY_PID, SYSTEM_UID, Binder.getCallingUid(), 555 Binder.getCallingPid(), userId); 556 } 557 } 558 559 // Spin up app widgets prior to boot-complete, so they can be ready promptly 560 mInjector.startUserWidgets(userId); 561 562 Slog.i(TAG, "Posting BOOT_COMPLETED user #" + userId); 563 // Do not report secondary users, runtime restarts or first boot/upgrade 564 if (userId == UserHandle.USER_SYSTEM 565 && !mInjector.isRuntimeRestarted() && !mInjector.isFirstBootOrUpgrade()) { 566 int uptimeSeconds = (int) (SystemClock.elapsedRealtime() / 1000); 567 MetricsLogger.histogram(mInjector.getContext(), "framework_boot_completed", 568 uptimeSeconds); 569 } 570 final Intent bootIntent = new Intent(Intent.ACTION_BOOT_COMPLETED, null); 571 bootIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 572 bootIntent.addFlags(Intent.FLAG_RECEIVER_NO_ABORT 573 | Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND 574 | Intent.FLAG_RECEIVER_OFFLOAD); 575 // Widget broadcasts are outbound via FgThread, so to guarantee sequencing 576 // we also send the boot_completed broadcast from that thread. 577 final int callingUid = Binder.getCallingUid(); 578 final int callingPid = Binder.getCallingPid(); 579 FgThread.getHandler().post(() -> { 580 mInjector.broadcastIntent(bootIntent, null, 581 new IIntentReceiver.Stub() { 582 @Override 583 public void performReceive(Intent intent, int resultCode, String data, 584 Bundle extras, boolean ordered, boolean sticky, int sendingUser) 585 throws RemoteException { 586 Slog.i(UserController.TAG, "Finished processing BOOT_COMPLETED for u" 587 + userId); 588 mBootCompleted = true; 589 } 590 }, 0, null, null, 591 new String[]{android.Manifest.permission.RECEIVE_BOOT_COMPLETED}, 592 AppOpsManager.OP_NONE, null, true, false, MY_PID, SYSTEM_UID, 593 callingUid, callingPid, userId); 594 }); 595 } 596 restartUser(final int userId, final boolean foreground)597 int restartUser(final int userId, final boolean foreground) { 598 return stopUser(userId, /* force */ true, null, new KeyEvictedCallback() { 599 @Override 600 public void keyEvicted(@UserIdInt int userId) { 601 // Post to the same handler that this callback is called from to ensure the user 602 // cleanup is complete before restarting. 603 mHandler.post(() -> UserController.this.startUser(userId, foreground)); 604 } 605 }); 606 } 607 608 int stopUser(final int userId, final boolean force, final IStopUserCallback stopUserCallback, 609 KeyEvictedCallback keyEvictedCallback) { 610 if (mInjector.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 611 != PackageManager.PERMISSION_GRANTED) { 612 String msg = "Permission Denial: switchUser() from pid=" 613 + Binder.getCallingPid() 614 + ", uid=" + Binder.getCallingUid() 615 + " requires " + INTERACT_ACROSS_USERS_FULL; 616 Slog.w(TAG, msg); 617 throw new SecurityException(msg); 618 } 619 if (userId < 0 || userId == UserHandle.USER_SYSTEM) { 620 throw new IllegalArgumentException("Can't stop system user " + userId); 621 } 622 enforceShellRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, userId); 623 synchronized (mLock) { 624 return stopUsersLU(userId, force, stopUserCallback, keyEvictedCallback); 625 } 626 } 627 628 /** 629 * Stops the user along with its related users. The method calls 630 * {@link #getUsersToStopLU(int)} to determine the list of users that should be stopped. 631 */ 632 @GuardedBy("mLock") 633 private int stopUsersLU(final int userId, boolean force, 634 final IStopUserCallback stopUserCallback, KeyEvictedCallback keyEvictedCallback) { 635 if (userId == UserHandle.USER_SYSTEM) { 636 return USER_OP_ERROR_IS_SYSTEM; 637 } 638 if (isCurrentUserLU(userId)) { 639 return USER_OP_IS_CURRENT; 640 } 641 int[] usersToStop = getUsersToStopLU(userId); 642 // If one of related users is system or current, no related users should be stopped 643 for (int i = 0; i < usersToStop.length; i++) { 644 int relatedUserId = usersToStop[i]; 645 if ((UserHandle.USER_SYSTEM == relatedUserId) || isCurrentUserLU(relatedUserId)) { 646 if (DEBUG_MU) Slog.i(TAG, "stopUsersLocked cannot stop related user " 647 + relatedUserId); 648 // We still need to stop the requested user if it's a force stop. 649 if (force) { 650 Slog.i(TAG, 651 "Force stop user " + userId + ". Related users will not be stopped"); 652 stopSingleUserLU(userId, stopUserCallback, keyEvictedCallback); 653 return USER_OP_SUCCESS; 654 } 655 return USER_OP_ERROR_RELATED_USERS_CANNOT_STOP; 656 } 657 } 658 if (DEBUG_MU) Slog.i(TAG, "stopUsersLocked usersToStop=" + Arrays.toString(usersToStop)); 659 for (int userIdToStop : usersToStop) { 660 stopSingleUserLU(userIdToStop, 661 userIdToStop == userId ? stopUserCallback : null, 662 userIdToStop == userId ? keyEvictedCallback : null); 663 } 664 return USER_OP_SUCCESS; 665 } 666 667 @GuardedBy("mLock") 668 private void stopSingleUserLU(final int userId, final IStopUserCallback stopUserCallback, 669 KeyEvictedCallback keyEvictedCallback) { 670 if (DEBUG_MU) Slog.i(TAG, "stopSingleUserLocked userId=" + userId); 671 final UserState uss = mStartedUsers.get(userId); 672 if (uss == null) { 673 // User is not started, nothing to do... but we do need to 674 // callback if requested. 675 if (stopUserCallback != null) { 676 mHandler.post(() -> { 677 try { 678 stopUserCallback.userStopped(userId); 679 } catch (RemoteException e) { 680 } 681 }); 682 } 683 return; 684 } 685 686 if (stopUserCallback != null) { 687 uss.mStopCallbacks.add(stopUserCallback); 688 } 689 if (keyEvictedCallback != null) { 690 uss.mKeyEvictedCallbacks.add(keyEvictedCallback); 691 } 692 693 if (uss.state != UserState.STATE_STOPPING 694 && uss.state != UserState.STATE_SHUTDOWN) { 695 uss.setState(UserState.STATE_STOPPING); 696 mInjector.getUserManagerInternal().setUserState(userId, uss.state); 697 updateStartedUserArrayLU(); 698 699 // Post to handler to obtain amLock 700 mHandler.post(() -> { 701 // We are going to broadcast ACTION_USER_STOPPING and then 702 // once that is done send a final ACTION_SHUTDOWN and then 703 // stop the user. 704 final Intent stoppingIntent = new Intent(Intent.ACTION_USER_STOPPING); 705 stoppingIntent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); 706 stoppingIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 707 stoppingIntent.putExtra(Intent.EXTRA_SHUTDOWN_USERSPACE_ONLY, true); 708 // This is the result receiver for the initial stopping broadcast. 709 final IIntentReceiver stoppingReceiver = new IIntentReceiver.Stub() { 710 @Override 711 public void performReceive(Intent intent, int resultCode, String data, 712 Bundle extras, boolean ordered, boolean sticky, int sendingUser) { 713 mHandler.post(() -> finishUserStopping(userId, uss)); 714 } 715 }; 716 717 // Clear broadcast queue for the user to avoid delivering stale broadcasts 718 mInjector.clearBroadcastQueueForUser(userId); 719 // Kick things off. 720 mInjector.broadcastIntent(stoppingIntent, 721 null, stoppingReceiver, 0, null, null, 722 new String[]{INTERACT_ACROSS_USERS}, AppOpsManager.OP_NONE, 723 null, true, false, MY_PID, SYSTEM_UID, Binder.getCallingUid(), 724 Binder.getCallingPid(), UserHandle.USER_ALL); 725 }); 726 } 727 } 728 729 void finishUserStopping(final int userId, final UserState uss) { 730 // On to the next. 731 final Intent shutdownIntent = new Intent(Intent.ACTION_SHUTDOWN); 732 // This is the result receiver for the final shutdown broadcast. 733 final IIntentReceiver shutdownReceiver = new IIntentReceiver.Stub() { 734 @Override 735 public void performReceive(Intent intent, int resultCode, String data, 736 Bundle extras, boolean ordered, boolean sticky, int sendingUser) { 737 mHandler.post(new Runnable() { 738 @Override 739 public void run() { 740 finishUserStopped(uss); 741 } 742 }); 743 } 744 }; 745 746 synchronized (mLock) { 747 if (uss.state != UserState.STATE_STOPPING) { 748 // Whoops, we are being started back up. Abort, abort! 749 return; 750 } 751 uss.setState(UserState.STATE_SHUTDOWN); 752 } 753 mInjector.getUserManagerInternal().setUserState(userId, uss.state); 754 755 mInjector.batteryStatsServiceNoteEvent( 756 BatteryStats.HistoryItem.EVENT_USER_RUNNING_FINISH, 757 Integer.toString(userId), userId); 758 mInjector.getSystemServiceManager().stopUser(userId); 759 760 mInjector.broadcastIntent(shutdownIntent, 761 null, shutdownReceiver, 0, null, null, null, 762 AppOpsManager.OP_NONE, 763 null, true, false, MY_PID, SYSTEM_UID, Binder.getCallingUid(), 764 Binder.getCallingPid(), userId); 765 } 766 767 void finishUserStopped(UserState uss) { 768 final int userId = uss.mHandle.getIdentifier(); 769 final boolean stopped; 770 boolean lockUser = true; 771 final ArrayList<IStopUserCallback> stopCallbacks; 772 final ArrayList<KeyEvictedCallback> keyEvictedCallbacks; 773 int userIdToLock = userId; 774 synchronized (mLock) { 775 stopCallbacks = new ArrayList<>(uss.mStopCallbacks); 776 keyEvictedCallbacks = new ArrayList<>(uss.mKeyEvictedCallbacks); 777 if (mStartedUsers.get(userId) != uss || uss.state != UserState.STATE_SHUTDOWN) { 778 stopped = false; 779 } else { 780 stopped = true; 781 // User can no longer run. 782 mStartedUsers.remove(userId); 783 mUserLru.remove(Integer.valueOf(userId)); 784 updateStartedUserArrayLU(); 785 userIdToLock = updateUserToLockLU(userId); 786 if (userIdToLock == UserHandle.USER_NULL) { 787 lockUser = false; 788 } 789 } 790 } 791 if (stopped) { 792 mInjector.getUserManagerInternal().removeUserState(userId); 793 mInjector.activityManagerOnUserStopped(userId); 794 // Clean up all state and processes associated with the user. 795 // Kill all the processes for the user. 796 forceStopUser(userId, "finish user"); 797 } 798 799 for (final IStopUserCallback callback : stopCallbacks) { 800 try { 801 if (stopped) callback.userStopped(userId); 802 else callback.userStopAborted(userId); 803 } catch (RemoteException ignored) { 804 } 805 } 806 807 if (stopped) { 808 mInjector.systemServiceManagerCleanupUser(userId); 809 mInjector.stackSupervisorRemoveUser(userId); 810 // Remove the user if it is ephemeral. 811 if (getUserInfo(userId).isEphemeral()) { 812 mInjector.getUserManager().removeUserEvenWhenDisallowed(userId); 813 } 814 815 if (!lockUser) { 816 return; 817 } 818 final int userIdToLockF = userIdToLock; 819 // Evict the user's credential encryption key. Performed on FgThread to make it 820 // serialized with call to UserManagerService.onBeforeUnlockUser in finishUserUnlocking 821 // to prevent data corruption. 822 FgThread.getHandler().post(() -> { 823 synchronized (mLock) { 824 if (mStartedUsers.get(userIdToLockF) != null) { 825 Slog.w(TAG, "User was restarted, skipping key eviction"); 826 return; 827 } 828 } 829 try { 830 mInjector.getStorageManager().lockUserKey(userIdToLockF); 831 } catch (RemoteException re) { 832 throw re.rethrowAsRuntimeException(); 833 } 834 if (userIdToLockF == userId) { 835 for (final KeyEvictedCallback callback : keyEvictedCallbacks) { 836 callback.keyEvicted(userId); 837 } 838 } 839 }); 840 } 841 } 842 843 /** 844 * For mDelayUserDataLocking mode, storage once unlocked is kept unlocked. 845 * Total number of unlocked user storage is limited by mMaxRunningUsers. 846 * If there are more unlocked users, evict and lock the least recently stopped user and 847 * lock that user's data. Regardless of the mode, ephemeral user is always locked 848 * immediately. 849 * 850 * @return user id to lock. UserHandler.USER_NULL will be returned if no user should be locked. 851 */ 852 @GuardedBy("mLock") 853 private int updateUserToLockLU(int userId) { 854 int userIdToLock = userId; 855 if (mDelayUserDataLocking && !getUserInfo(userId).isEphemeral() 856 && !hasUserRestriction(UserManager.DISALLOW_RUN_IN_BACKGROUND, userId)) { 857 mLastActiveUsers.remove((Integer) userId); // arg should be object, not index 858 mLastActiveUsers.add(0, userId); 859 int totalUnlockedUsers = mStartedUsers.size() + mLastActiveUsers.size(); 860 if (totalUnlockedUsers > mMaxRunningUsers) { // should lock a user 861 userIdToLock = mLastActiveUsers.get(mLastActiveUsers.size() - 1); 862 mLastActiveUsers.remove(mLastActiveUsers.size() - 1); 863 Slog.i(TAG, "finishUserStopped, stopping user:" + userId 864 + " lock user:" + userIdToLock); 865 } else { 866 Slog.i(TAG, "finishUserStopped, user:" + userId 867 + ",skip locking"); 868 // do not lock 869 userIdToLock = UserHandle.USER_NULL; 870 871 } 872 } 873 return userIdToLock; 874 } 875 876 /** 877 * Determines the list of users that should be stopped together with the specified 878 * {@code userId}. The returned list includes {@code userId}. 879 */ 880 @GuardedBy("mLock") 881 private @NonNull int[] getUsersToStopLU(int userId) { 882 int startedUsersSize = mStartedUsers.size(); 883 IntArray userIds = new IntArray(); 884 userIds.add(userId); 885 int userGroupId = mUserProfileGroupIds.get(userId, UserInfo.NO_PROFILE_GROUP_ID); 886 for (int i = 0; i < startedUsersSize; i++) { 887 UserState uss = mStartedUsers.valueAt(i); 888 int startedUserId = uss.mHandle.getIdentifier(); 889 // Skip unrelated users (profileGroupId mismatch) 890 int startedUserGroupId = mUserProfileGroupIds.get(startedUserId, 891 UserInfo.NO_PROFILE_GROUP_ID); 892 boolean sameGroup = (userGroupId != UserInfo.NO_PROFILE_GROUP_ID) 893 && (userGroupId == startedUserGroupId); 894 // userId has already been added 895 boolean sameUserId = startedUserId == userId; 896 if (!sameGroup || sameUserId) { 897 continue; 898 } 899 userIds.add(startedUserId); 900 } 901 return userIds.toArray(); 902 } 903 904 private void forceStopUser(int userId, String reason) { 905 mInjector.activityManagerForceStopPackage(userId, reason); 906 Intent intent = new Intent(Intent.ACTION_USER_STOPPED); 907 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 908 | Intent.FLAG_RECEIVER_FOREGROUND); 909 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 910 mInjector.broadcastIntent(intent, 911 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 912 null, false, false, MY_PID, SYSTEM_UID, Binder.getCallingUid(), 913 Binder.getCallingPid(), UserHandle.USER_ALL); 914 } 915 916 /** 917 * Stops the guest or ephemeral user if it has gone to the background. 918 */ 919 private void stopGuestOrEphemeralUserIfBackground(int oldUserId) { 920 if (DEBUG_MU) Slog.i(TAG, "Stop guest or ephemeral user if background: " + oldUserId); 921 synchronized(mLock) { 922 UserState oldUss = mStartedUsers.get(oldUserId); 923 if (oldUserId == UserHandle.USER_SYSTEM || oldUserId == mCurrentUserId || oldUss == null 924 || oldUss.state == UserState.STATE_STOPPING 925 || oldUss.state == UserState.STATE_SHUTDOWN) { 926 return; 927 } 928 } 929 930 UserInfo userInfo = getUserInfo(oldUserId); 931 if (userInfo.isEphemeral()) { 932 LocalServices.getService(UserManagerInternal.class).onEphemeralUserStop(oldUserId); 933 } 934 if (userInfo.isGuest() || userInfo.isEphemeral()) { 935 // This is a user to be stopped. 936 synchronized (mLock) { 937 stopUsersLU(oldUserId, true, null, null); 938 } 939 } 940 } 941 942 void scheduleStartProfiles() { 943 // Parent user transition to RUNNING_UNLOCKING happens on FgThread, so it is busy, there is 944 // a chance the profile will reach RUNNING_LOCKED while parent is still locked, so no 945 // attempt will be made to unlock the profile. If we go via FgThread, this will be executed 946 // after the parent had chance to unlock fully. 947 FgThread.getHandler().post(() -> { 948 if (!mHandler.hasMessages(START_PROFILES_MSG)) { 949 mHandler.sendMessageDelayed(mHandler.obtainMessage(START_PROFILES_MSG), 950 DateUtils.SECOND_IN_MILLIS); 951 } 952 }); 953 } 954 955 void startProfiles() { 956 int currentUserId = getCurrentUserId(); 957 if (DEBUG_MU) Slog.i(TAG, "startProfilesLocked"); 958 List<UserInfo> profiles = mInjector.getUserManager().getProfiles( 959 currentUserId, false /* enabledOnly */); 960 List<UserInfo> profilesToStart = new ArrayList<>(profiles.size()); 961 for (UserInfo user : profiles) { 962 if ((user.flags & UserInfo.FLAG_INITIALIZED) == UserInfo.FLAG_INITIALIZED 963 && user.id != currentUserId && !user.isQuietModeEnabled()) { 964 profilesToStart.add(user); 965 } 966 } 967 final int profilesToStartSize = profilesToStart.size(); 968 int i = 0; 969 for (; i < profilesToStartSize && i < (mMaxRunningUsers - 1); ++i) { 970 startUser(profilesToStart.get(i).id, /* foreground= */ false); 971 } 972 if (i < profilesToStartSize) { 973 Slog.w(TAG, "More profiles than MAX_RUNNING_USERS"); 974 } 975 } 976 977 boolean startUser(final int userId, final boolean foreground) { 978 return startUser(userId, foreground, null); 979 } 980 981 /** 982 * Start user, if its not already running. 983 * <p>The user will be brought to the foreground, if {@code foreground} parameter is set. 984 * When starting the user, multiple intents will be broadcast in the following order:</p> 985 * <ul> 986 * <li>{@link Intent#ACTION_USER_STARTED} - sent to registered receivers of the new user 987 * <li>{@link Intent#ACTION_USER_BACKGROUND} - sent to registered receivers of the outgoing 988 * user and all profiles of this user. Sent only if {@code foreground} parameter is true 989 * <li>{@link Intent#ACTION_USER_FOREGROUND} - sent to registered receivers of the new 990 * user and all profiles of this user. Sent only if {@code foreground} parameter is true 991 * <li>{@link Intent#ACTION_USER_SWITCHED} - sent to registered receivers of the new user. 992 * Sent only if {@code foreground} parameter is true 993 * <li>{@link Intent#ACTION_USER_STARTING} - ordered broadcast sent to registered receivers 994 * of the new fg user 995 * <li>{@link Intent#ACTION_LOCKED_BOOT_COMPLETED} - ordered broadcast sent to receivers of 996 * the new user 997 * <li>{@link Intent#ACTION_USER_UNLOCKED} - sent to registered receivers of the new user 998 * <li>{@link Intent#ACTION_PRE_BOOT_COMPLETED} - ordered broadcast sent to receivers of the 999 * new user. Sent only when the user is booting after a system update. 1000 * <li>{@link Intent#ACTION_USER_INITIALIZE} - ordered broadcast sent to receivers of the 1001 * new user. Sent only the first time a user is starting. 1002 * <li>{@link Intent#ACTION_BOOT_COMPLETED} - ordered broadcast sent to receivers of the new 1003 * user. Indicates that the user has finished booting. 1004 * </ul> 1005 * 1006 * @param userId ID of the user to start 1007 * @param foreground true if user should be brought to the foreground 1008 * @param unlockListener Listener to be informed when the user has started and unlocked. 1009 * @return true if the user has been successfully started 1010 */ 1011 boolean startUser( 1012 final int userId, 1013 final boolean foreground, 1014 @Nullable IProgressListener unlockListener) { 1015 if (mInjector.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 1016 != PackageManager.PERMISSION_GRANTED) { 1017 String msg = "Permission Denial: switchUser() from pid=" 1018 + Binder.getCallingPid() 1019 + ", uid=" + Binder.getCallingUid() 1020 + " requires " + INTERACT_ACROSS_USERS_FULL; 1021 Slog.w(TAG, msg); 1022 throw new SecurityException(msg); 1023 } 1024 1025 Slog.i(TAG, "Starting userid:" + userId + " fg:" + foreground); 1026 1027 final int callingUid = Binder.getCallingUid(); 1028 final int callingPid = Binder.getCallingPid(); 1029 final long ident = Binder.clearCallingIdentity(); 1030 try { 1031 final int oldUserId = getCurrentUserId(); 1032 if (oldUserId == userId) { 1033 final UserState state = getStartedUserState(userId); 1034 if (state == null) { 1035 Slog.wtf(TAG, "Current user has no UserState"); 1036 // continue starting. 1037 } else { 1038 if (userId == UserHandle.USER_SYSTEM && state.state == STATE_BOOTING) { 1039 // system user start explicitly requested. should continue starting as it 1040 // is not in running state. 1041 } else { 1042 if (state.state == STATE_RUNNING_UNLOCKED) { 1043 // We'll skip all later code, so we must tell listener it's already 1044 // unlocked. 1045 notifyFinished(userId, unlockListener); 1046 } 1047 return true; 1048 } 1049 } 1050 } 1051 1052 if (foreground) { 1053 mInjector.clearAllLockedTasks("startUser"); 1054 } 1055 1056 final UserInfo userInfo = getUserInfo(userId); 1057 if (userInfo == null) { 1058 Slog.w(TAG, "No user info for user #" + userId); 1059 return false; 1060 } 1061 if (foreground && userInfo.isManagedProfile()) { 1062 Slog.w(TAG, "Cannot switch to User #" + userId + ": not a full user"); 1063 return false; 1064 } 1065 1066 if (foreground && mUserSwitchUiEnabled) { 1067 mInjector.getWindowManager().startFreezingScreen( 1068 R.anim.screen_user_exit, R.anim.screen_user_enter); 1069 } 1070 1071 boolean needStart = false; 1072 boolean updateUmState = false; 1073 UserState uss; 1074 1075 // If the user we are switching to is not currently started, then 1076 // we need to start it now. 1077 synchronized (mLock) { 1078 uss = mStartedUsers.get(userId); 1079 if (uss == null) { 1080 uss = new UserState(UserHandle.of(userId)); 1081 uss.mUnlockProgress.addListener(new UserProgressListener()); 1082 mStartedUsers.put(userId, uss); 1083 updateStartedUserArrayLU(); 1084 needStart = true; 1085 updateUmState = true; 1086 } else if (uss.state == UserState.STATE_SHUTDOWN && !isCallingOnHandlerThread()) { 1087 Slog.i(TAG, "User #" + userId 1088 + " is shutting down - will start after full stop"); 1089 mHandler.post(() -> startUser(userId, foreground, unlockListener)); 1090 return true; 1091 } 1092 final Integer userIdInt = userId; 1093 mUserLru.remove(userIdInt); 1094 mUserLru.add(userIdInt); 1095 } 1096 if (unlockListener != null) { 1097 uss.mUnlockProgress.addListener(unlockListener); 1098 } 1099 if (updateUmState) { 1100 mInjector.getUserManagerInternal().setUserState(userId, uss.state); 1101 } 1102 if (foreground) { 1103 // Make sure the old user is no longer considering the display to be on. 1104 mInjector.reportGlobalUsageEventLocked(UsageEvents.Event.SCREEN_NON_INTERACTIVE); 1105 synchronized (mLock) { 1106 mCurrentUserId = userId; 1107 mTargetUserId = UserHandle.USER_NULL; // reset, mCurrentUserId has caught up 1108 } 1109 mInjector.updateUserConfiguration(); 1110 updateCurrentProfileIds(); 1111 mInjector.getWindowManager().setCurrentUser(userId, getCurrentProfileIds()); 1112 mInjector.reportCurWakefulnessUsageEvent(); 1113 // Once the internal notion of the active user has switched, we lock the device 1114 // with the option to show the user switcher on the keyguard. 1115 if (mUserSwitchUiEnabled) { 1116 mInjector.getWindowManager().setSwitchingUser(true); 1117 mInjector.getWindowManager().lockNow(null); 1118 } 1119 } else { 1120 final Integer currentUserIdInt = mCurrentUserId; 1121 updateCurrentProfileIds(); 1122 mInjector.getWindowManager().setCurrentProfileIds(getCurrentProfileIds()); 1123 synchronized (mLock) { 1124 mUserLru.remove(currentUserIdInt); 1125 mUserLru.add(currentUserIdInt); 1126 } 1127 } 1128 1129 // Make sure user is in the started state. If it is currently 1130 // stopping, we need to knock that off. 1131 if (uss.state == UserState.STATE_STOPPING) { 1132 // If we are stopping, we haven't sent ACTION_SHUTDOWN, 1133 // so we can just fairly silently bring the user back from 1134 // the almost-dead. 1135 uss.setState(uss.lastState); 1136 mInjector.getUserManagerInternal().setUserState(userId, uss.state); 1137 synchronized (mLock) { 1138 updateStartedUserArrayLU(); 1139 } 1140 needStart = true; 1141 } else if (uss.state == UserState.STATE_SHUTDOWN) { 1142 // This means ACTION_SHUTDOWN has been sent, so we will 1143 // need to treat this as a new boot of the user. 1144 uss.setState(UserState.STATE_BOOTING); 1145 mInjector.getUserManagerInternal().setUserState(userId, uss.state); 1146 synchronized (mLock) { 1147 updateStartedUserArrayLU(); 1148 } 1149 needStart = true; 1150 } 1151 1152 if (uss.state == UserState.STATE_BOOTING) { 1153 // Give user manager a chance to propagate user restrictions 1154 // to other services and prepare app storage 1155 mInjector.getUserManager().onBeforeStartUser(userId); 1156 1157 // Booting up a new user, need to tell system services about it. 1158 // Note that this is on the same handler as scheduling of broadcasts, 1159 // which is important because it needs to go first. 1160 mHandler.sendMessage( 1161 mHandler.obtainMessage(SYSTEM_USER_START_MSG, userId, 0)); 1162 } 1163 1164 if (foreground) { 1165 mHandler.sendMessage(mHandler.obtainMessage(SYSTEM_USER_CURRENT_MSG, userId, 1166 oldUserId)); 1167 mHandler.removeMessages(REPORT_USER_SWITCH_MSG); 1168 mHandler.removeMessages(USER_SWITCH_TIMEOUT_MSG); 1169 mHandler.sendMessage(mHandler.obtainMessage(REPORT_USER_SWITCH_MSG, 1170 oldUserId, userId, uss)); 1171 mHandler.sendMessageDelayed(mHandler.obtainMessage(USER_SWITCH_TIMEOUT_MSG, 1172 oldUserId, userId, uss), USER_SWITCH_TIMEOUT_MS); 1173 } 1174 1175 if (needStart) { 1176 // Send USER_STARTED broadcast 1177 Intent intent = new Intent(Intent.ACTION_USER_STARTED); 1178 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 1179 | Intent.FLAG_RECEIVER_FOREGROUND); 1180 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 1181 mInjector.broadcastIntent(intent, 1182 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 1183 null, false, false, MY_PID, SYSTEM_UID, callingUid, callingPid, userId); 1184 } 1185 1186 if (foreground) { 1187 moveUserToForeground(uss, oldUserId, userId); 1188 } else { 1189 finishUserBoot(uss); 1190 } 1191 1192 if (needStart) { 1193 Intent intent = new Intent(Intent.ACTION_USER_STARTING); 1194 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); 1195 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 1196 mInjector.broadcastIntent(intent, 1197 null, new IIntentReceiver.Stub() { 1198 @Override 1199 public void performReceive(Intent intent, int resultCode, 1200 String data, Bundle extras, boolean ordered, 1201 boolean sticky, 1202 int sendingUser) throws RemoteException { 1203 } 1204 }, 0, null, null, 1205 new String[]{INTERACT_ACROSS_USERS}, AppOpsManager.OP_NONE, 1206 null, true, false, MY_PID, SYSTEM_UID, callingUid, callingPid, 1207 UserHandle.USER_ALL); 1208 } 1209 } finally { 1210 Binder.restoreCallingIdentity(ident); 1211 } 1212 1213 return true; 1214 } 1215 1216 private boolean isCallingOnHandlerThread() { 1217 return Looper.myLooper() == mHandler.getLooper(); 1218 } 1219 1220 /** 1221 * Start user, if its not already running, and bring it to foreground. 1222 */ 1223 void startUserInForeground(final int targetUserId) { 1224 boolean success = startUser(targetUserId, /* foreground */ true); 1225 if (!success) { 1226 mInjector.getWindowManager().setSwitchingUser(false); 1227 } 1228 } 1229 1230 boolean unlockUser(final int userId, byte[] token, byte[] secret, IProgressListener listener) { 1231 if (mInjector.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 1232 != PackageManager.PERMISSION_GRANTED) { 1233 String msg = "Permission Denial: unlockUser() from pid=" 1234 + Binder.getCallingPid() 1235 + ", uid=" + Binder.getCallingUid() 1236 + " requires " + INTERACT_ACROSS_USERS_FULL; 1237 Slog.w(TAG, msg); 1238 throw new SecurityException(msg); 1239 } 1240 1241 final long binderToken = Binder.clearCallingIdentity(); 1242 try { 1243 return unlockUserCleared(userId, token, secret, listener); 1244 } finally { 1245 Binder.restoreCallingIdentity(binderToken); 1246 } 1247 } 1248 1249 /** 1250 * Attempt to unlock user without a credential token. This typically 1251 * succeeds when the device doesn't have credential-encrypted storage, or 1252 * when the credential-encrypted storage isn't tied to a user-provided 1253 * PIN or pattern. 1254 */ 1255 private boolean maybeUnlockUser(final int userId) { 1256 // Try unlocking storage using empty token 1257 return unlockUserCleared(userId, null, null, null); 1258 } 1259 1260 private static void notifyFinished(int userId, IProgressListener listener) { 1261 if (listener == null) return; 1262 try { 1263 listener.onFinished(userId, null); 1264 } catch (RemoteException ignored) { 1265 } 1266 } 1267 1268 private boolean unlockUserCleared(final int userId, byte[] token, byte[] secret, 1269 IProgressListener listener) { 1270 UserState uss; 1271 if (!StorageManager.isUserKeyUnlocked(userId)) { 1272 final UserInfo userInfo = getUserInfo(userId); 1273 final IStorageManager storageManager = mInjector.getStorageManager(); 1274 try { 1275 // We always want to unlock user storage, even user is not started yet 1276 storageManager.unlockUserKey(userId, userInfo.serialNumber, token, secret); 1277 } catch (RemoteException | RuntimeException e) { 1278 Slog.w(TAG, "Failed to unlock: " + e.getMessage()); 1279 } 1280 } 1281 synchronized (mLock) { 1282 // Register the given listener to watch for unlock progress 1283 uss = mStartedUsers.get(userId); 1284 if (uss != null) { 1285 uss.mUnlockProgress.addListener(listener); 1286 uss.tokenProvided = (token != null); 1287 } 1288 } 1289 // Bail if user isn't actually running 1290 if (uss == null) { 1291 notifyFinished(userId, listener); 1292 return false; 1293 } 1294 1295 if (!finishUserUnlocking(uss)) { 1296 notifyFinished(userId, listener); 1297 return false; 1298 } 1299 1300 // We just unlocked a user, so let's now attempt to unlock any 1301 // managed profiles under that user. 1302 1303 // First, get list of userIds. Requires mLock, so we cannot make external calls, e.g. to UMS 1304 int[] userIds; 1305 synchronized (mLock) { 1306 userIds = new int[mStartedUsers.size()]; 1307 for (int i = 0; i < userIds.length; i++) { 1308 userIds[i] = mStartedUsers.keyAt(i); 1309 } 1310 } 1311 for (int testUserId : userIds) { 1312 final UserInfo parent = mInjector.getUserManager().getProfileParent(testUserId); 1313 if (parent != null && parent.id == userId && testUserId != userId) { 1314 Slog.d(TAG, "User " + testUserId + " (parent " + parent.id 1315 + "): attempting unlock because parent was just unlocked"); 1316 maybeUnlockUser(testUserId); 1317 } 1318 } 1319 1320 return true; 1321 } 1322 1323 boolean switchUser(final int targetUserId) { 1324 enforceShellRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, targetUserId); 1325 int currentUserId = getCurrentUserId(); 1326 UserInfo targetUserInfo = getUserInfo(targetUserId); 1327 if (targetUserId == currentUserId) { 1328 Slog.i(TAG, "user #" + targetUserId + " is already the current user"); 1329 return true; 1330 } 1331 if (targetUserInfo == null) { 1332 Slog.w(TAG, "No user info for user #" + targetUserId); 1333 return false; 1334 } 1335 if (!targetUserInfo.supportsSwitchTo()) { 1336 Slog.w(TAG, "Cannot switch to User #" + targetUserId + ": not supported"); 1337 return false; 1338 } 1339 if (targetUserInfo.isManagedProfile()) { 1340 Slog.w(TAG, "Cannot switch to User #" + targetUserId + ": not a full user"); 1341 return false; 1342 } 1343 synchronized (mLock) { 1344 mTargetUserId = targetUserId; 1345 } 1346 if (mUserSwitchUiEnabled) { 1347 UserInfo currentUserInfo = getUserInfo(currentUserId); 1348 Pair<UserInfo, UserInfo> userNames = new Pair<>(currentUserInfo, targetUserInfo); 1349 mUiHandler.removeMessages(START_USER_SWITCH_UI_MSG); 1350 mUiHandler.sendMessage(mHandler.obtainMessage( 1351 START_USER_SWITCH_UI_MSG, userNames)); 1352 } else { 1353 mHandler.removeMessages(START_USER_SWITCH_FG_MSG); 1354 mHandler.sendMessage(mHandler.obtainMessage( 1355 START_USER_SWITCH_FG_MSG, targetUserId, 0)); 1356 } 1357 return true; 1358 } 1359 1360 private void showUserSwitchDialog(Pair<UserInfo, UserInfo> fromToUserPair) { 1361 // The dialog will show and then initiate the user switch by calling startUserInForeground 1362 mInjector.showUserSwitchingDialog(fromToUserPair.first, fromToUserPair.second, 1363 getSwitchingFromSystemUserMessage(), getSwitchingToSystemUserMessage()); 1364 } 1365 1366 private void dispatchForegroundProfileChanged(int userId) { 1367 final int observerCount = mUserSwitchObservers.beginBroadcast(); 1368 for (int i = 0; i < observerCount; i++) { 1369 try { 1370 mUserSwitchObservers.getBroadcastItem(i).onForegroundProfileSwitch(userId); 1371 } catch (RemoteException e) { 1372 // Ignore 1373 } 1374 } 1375 mUserSwitchObservers.finishBroadcast(); 1376 } 1377 1378 /** Called on handler thread */ 1379 void dispatchUserSwitchComplete(int userId) { 1380 mInjector.getWindowManager().setSwitchingUser(false); 1381 final int observerCount = mUserSwitchObservers.beginBroadcast(); 1382 for (int i = 0; i < observerCount; i++) { 1383 try { 1384 mUserSwitchObservers.getBroadcastItem(i).onUserSwitchComplete(userId); 1385 } catch (RemoteException e) { 1386 } 1387 } 1388 mUserSwitchObservers.finishBroadcast(); 1389 } 1390 1391 private void dispatchLockedBootComplete(int userId) { 1392 final int observerCount = mUserSwitchObservers.beginBroadcast(); 1393 for (int i = 0; i < observerCount; i++) { 1394 try { 1395 mUserSwitchObservers.getBroadcastItem(i).onLockedBootComplete(userId); 1396 } catch (RemoteException e) { 1397 // Ignore 1398 } 1399 } 1400 mUserSwitchObservers.finishBroadcast(); 1401 } 1402 1403 private void stopBackgroundUsersIfEnforced(int oldUserId) { 1404 // Never stop system user 1405 if (oldUserId == UserHandle.USER_SYSTEM) { 1406 return; 1407 } 1408 // If running in background is disabled or mDelayUserDataLocking mode, stop the user. 1409 boolean disallowRunInBg = hasUserRestriction(UserManager.DISALLOW_RUN_IN_BACKGROUND, 1410 oldUserId) || mDelayUserDataLocking; 1411 if (!disallowRunInBg) { 1412 return; 1413 } 1414 synchronized (mLock) { 1415 if (DEBUG_MU) Slog.i(TAG, "stopBackgroundUsersIfEnforced stopping " + oldUserId 1416 + " and related users"); 1417 stopUsersLU(oldUserId, false, null, null); 1418 } 1419 } 1420 1421 private void timeoutUserSwitch(UserState uss, int oldUserId, int newUserId) { 1422 synchronized (mLock) { 1423 Slog.e(TAG, "User switch timeout: from " + oldUserId + " to " + newUserId); 1424 mTimeoutUserSwitchCallbacks = mCurWaitingUserSwitchCallbacks; 1425 mHandler.removeMessages(USER_SWITCH_CALLBACKS_TIMEOUT_MSG); 1426 sendContinueUserSwitchLU(uss, oldUserId, newUserId); 1427 // Report observers that never called back (USER_SWITCH_CALLBACKS_TIMEOUT) 1428 mHandler.sendMessageDelayed(mHandler.obtainMessage(USER_SWITCH_CALLBACKS_TIMEOUT_MSG, 1429 oldUserId, newUserId), USER_SWITCH_CALLBACKS_TIMEOUT_MS); 1430 } 1431 } 1432 1433 private void timeoutUserSwitchCallbacks(int oldUserId, int newUserId) { 1434 synchronized (mLock) { 1435 if (mTimeoutUserSwitchCallbacks != null && !mTimeoutUserSwitchCallbacks.isEmpty()) { 1436 Slog.wtf(TAG, "User switch timeout: from " + oldUserId + " to " + newUserId 1437 + ". Observers that didn't respond: " + mTimeoutUserSwitchCallbacks); 1438 mTimeoutUserSwitchCallbacks = null; 1439 } 1440 } 1441 } 1442 1443 void dispatchUserSwitch(final UserState uss, final int oldUserId, final int newUserId) { 1444 Slog.d(TAG, "Dispatch onUserSwitching oldUser #" + oldUserId + " newUser #" + newUserId); 1445 final int observerCount = mUserSwitchObservers.beginBroadcast(); 1446 if (observerCount > 0) { 1447 final ArraySet<String> curWaitingUserSwitchCallbacks = new ArraySet<>(); 1448 synchronized (mLock) { 1449 uss.switching = true; 1450 mCurWaitingUserSwitchCallbacks = curWaitingUserSwitchCallbacks; 1451 } 1452 final AtomicInteger waitingCallbacksCount = new AtomicInteger(observerCount); 1453 final long dispatchStartedTime = SystemClock.elapsedRealtime(); 1454 for (int i = 0; i < observerCount; i++) { 1455 try { 1456 // Prepend with unique prefix to guarantee that keys are unique 1457 final String name = "#" + i + " " + mUserSwitchObservers.getBroadcastCookie(i); 1458 synchronized (mLock) { 1459 curWaitingUserSwitchCallbacks.add(name); 1460 } 1461 final IRemoteCallback callback = new IRemoteCallback.Stub() { 1462 @Override 1463 public void sendResult(Bundle data) throws RemoteException { 1464 synchronized (mLock) { 1465 long delay = SystemClock.elapsedRealtime() - dispatchStartedTime; 1466 if (delay > USER_SWITCH_TIMEOUT_MS) { 1467 Slog.e(TAG, "User switch timeout: observer " + name 1468 + " sent result after " + delay + " ms"); 1469 } 1470 curWaitingUserSwitchCallbacks.remove(name); 1471 // Continue switching if all callbacks have been notified and 1472 // user switching session is still valid 1473 if (waitingCallbacksCount.decrementAndGet() == 0 1474 && (curWaitingUserSwitchCallbacks 1475 == mCurWaitingUserSwitchCallbacks)) { 1476 sendContinueUserSwitchLU(uss, oldUserId, newUserId); 1477 } 1478 } 1479 } 1480 }; 1481 mUserSwitchObservers.getBroadcastItem(i).onUserSwitching(newUserId, callback); 1482 } catch (RemoteException e) { 1483 } 1484 } 1485 } else { 1486 synchronized (mLock) { 1487 sendContinueUserSwitchLU(uss, oldUserId, newUserId); 1488 } 1489 } 1490 mUserSwitchObservers.finishBroadcast(); 1491 } 1492 1493 @GuardedBy("mLock") 1494 void sendContinueUserSwitchLU(UserState uss, int oldUserId, int newUserId) { 1495 mCurWaitingUserSwitchCallbacks = null; 1496 mHandler.removeMessages(USER_SWITCH_TIMEOUT_MSG); 1497 mHandler.sendMessage(mHandler.obtainMessage(CONTINUE_USER_SWITCH_MSG, 1498 oldUserId, newUserId, uss)); 1499 } 1500 1501 void continueUserSwitch(UserState uss, int oldUserId, int newUserId) { 1502 Slog.d(TAG, "Continue user switch oldUser #" + oldUserId + ", newUser #" + newUserId); 1503 if (mUserSwitchUiEnabled) { 1504 mInjector.getWindowManager().stopFreezingScreen(); 1505 } 1506 uss.switching = false; 1507 mHandler.removeMessages(REPORT_USER_SWITCH_COMPLETE_MSG); 1508 mHandler.sendMessage(mHandler.obtainMessage(REPORT_USER_SWITCH_COMPLETE_MSG, 1509 newUserId, 0)); 1510 stopGuestOrEphemeralUserIfBackground(oldUserId); 1511 stopBackgroundUsersIfEnforced(oldUserId); 1512 } 1513 1514 private void moveUserToForeground(UserState uss, int oldUserId, int newUserId) { 1515 boolean homeInFront = mInjector.stackSupervisorSwitchUser(newUserId, uss); 1516 if (homeInFront) { 1517 mInjector.startHomeActivity(newUserId, "moveUserToForeground"); 1518 } else { 1519 mInjector.stackSupervisorResumeFocusedStackTopActivity(); 1520 } 1521 EventLogTags.writeAmSwitchUser(newUserId); 1522 sendUserSwitchBroadcasts(oldUserId, newUserId); 1523 } 1524 1525 void sendUserSwitchBroadcasts(int oldUserId, int newUserId) { 1526 final int callingUid = Binder.getCallingUid(); 1527 final int callingPid = Binder.getCallingPid(); 1528 long ident = Binder.clearCallingIdentity(); 1529 try { 1530 Intent intent; 1531 if (oldUserId >= 0) { 1532 // Send USER_BACKGROUND broadcast to all profiles of the outgoing user 1533 List<UserInfo> profiles = mInjector.getUserManager().getProfiles(oldUserId, false); 1534 int count = profiles.size(); 1535 for (int i = 0; i < count; i++) { 1536 int profileUserId = profiles.get(i).id; 1537 intent = new Intent(Intent.ACTION_USER_BACKGROUND); 1538 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 1539 | Intent.FLAG_RECEIVER_FOREGROUND); 1540 intent.putExtra(Intent.EXTRA_USER_HANDLE, profileUserId); 1541 mInjector.broadcastIntent(intent, 1542 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 1543 null, false, false, MY_PID, SYSTEM_UID, callingUid, callingPid, 1544 profileUserId); 1545 } 1546 } 1547 if (newUserId >= 0) { 1548 // Send USER_FOREGROUND broadcast to all profiles of the incoming user 1549 List<UserInfo> profiles = mInjector.getUserManager().getProfiles(newUserId, false); 1550 int count = profiles.size(); 1551 for (int i = 0; i < count; i++) { 1552 int profileUserId = profiles.get(i).id; 1553 intent = new Intent(Intent.ACTION_USER_FOREGROUND); 1554 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 1555 | Intent.FLAG_RECEIVER_FOREGROUND); 1556 intent.putExtra(Intent.EXTRA_USER_HANDLE, profileUserId); 1557 mInjector.broadcastIntent(intent, 1558 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 1559 null, false, false, MY_PID, SYSTEM_UID, callingUid, callingPid, 1560 profileUserId); 1561 } 1562 intent = new Intent(Intent.ACTION_USER_SWITCHED); 1563 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 1564 | Intent.FLAG_RECEIVER_FOREGROUND); 1565 intent.putExtra(Intent.EXTRA_USER_HANDLE, newUserId); 1566 mInjector.broadcastIntent(intent, 1567 null, null, 0, null, null, 1568 new String[] {android.Manifest.permission.MANAGE_USERS}, 1569 AppOpsManager.OP_NONE, null, false, false, MY_PID, SYSTEM_UID, callingUid, 1570 callingPid, UserHandle.USER_ALL); 1571 } 1572 } finally { 1573 Binder.restoreCallingIdentity(ident); 1574 } 1575 } 1576 1577 1578 int handleIncomingUser(int callingPid, int callingUid, int userId, boolean allowAll, 1579 int allowMode, String name, String callerPackage) { 1580 final int callingUserId = UserHandle.getUserId(callingUid); 1581 if (callingUserId == userId) { 1582 return userId; 1583 } 1584 1585 // Note that we may be accessing mCurrentUserId outside of a lock... 1586 // shouldn't be a big deal, if this is being called outside 1587 // of a locked context there is intrinsically a race with 1588 // the value the caller will receive and someone else changing it. 1589 // We assume that USER_CURRENT_OR_SELF will use the current user; later 1590 // we will switch to the calling user if access to the current user fails. 1591 int targetUserId = unsafeConvertIncomingUser(userId); 1592 1593 if (callingUid != 0 && callingUid != SYSTEM_UID) { 1594 final boolean allow; 1595 if (mInjector.isCallerRecents(callingUid) 1596 && callingUserId == getCurrentUserId() 1597 && isSameProfileGroup(callingUserId, targetUserId)) { 1598 // If the caller is Recents and it is running in the current user, we then allow it 1599 // to access its profiles. 1600 allow = true; 1601 } else if (mInjector.checkComponentPermission(INTERACT_ACROSS_USERS_FULL, callingPid, 1602 callingUid, -1, true) == PackageManager.PERMISSION_GRANTED) { 1603 // If the caller has this permission, they always pass go. And collect $200. 1604 allow = true; 1605 } else if (allowMode == ALLOW_FULL_ONLY) { 1606 // We require full access, sucks to be you. 1607 allow = false; 1608 } else if (mInjector.checkComponentPermission(INTERACT_ACROSS_USERS, callingPid, 1609 callingUid, -1, true) != PackageManager.PERMISSION_GRANTED) { 1610 // If the caller does not have either permission, they are always doomed. 1611 allow = false; 1612 } else if (allowMode == ALLOW_NON_FULL) { 1613 // We are blanket allowing non-full access, you lucky caller! 1614 allow = true; 1615 } else if (allowMode == ALLOW_NON_FULL_IN_PROFILE) { 1616 // We may or may not allow this depending on whether the two users are 1617 // in the same profile. 1618 allow = isSameProfileGroup(callingUserId, targetUserId); 1619 } else { 1620 throw new IllegalArgumentException("Unknown mode: " + allowMode); 1621 } 1622 if (!allow) { 1623 if (userId == UserHandle.USER_CURRENT_OR_SELF) { 1624 // In this case, they would like to just execute as their 1625 // owner user instead of failing. 1626 targetUserId = callingUserId; 1627 } else { 1628 StringBuilder builder = new StringBuilder(128); 1629 builder.append("Permission Denial: "); 1630 builder.append(name); 1631 if (callerPackage != null) { 1632 builder.append(" from "); 1633 builder.append(callerPackage); 1634 } 1635 builder.append(" asks to run as user "); 1636 builder.append(userId); 1637 builder.append(" but is calling from uid "); 1638 UserHandle.formatUid(builder, callingUid); 1639 builder.append("; this requires "); 1640 builder.append(INTERACT_ACROSS_USERS_FULL); 1641 if (allowMode != ALLOW_FULL_ONLY) { 1642 builder.append(" or "); 1643 builder.append(INTERACT_ACROSS_USERS); 1644 } 1645 String msg = builder.toString(); 1646 Slog.w(TAG, msg); 1647 throw new SecurityException(msg); 1648 } 1649 } 1650 } 1651 if (!allowAll) { 1652 ensureNotSpecialUser(targetUserId); 1653 } 1654 // Check shell permission 1655 if (callingUid == Process.SHELL_UID && targetUserId >= UserHandle.USER_SYSTEM) { 1656 if (hasUserRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, targetUserId)) { 1657 throw new SecurityException("Shell does not have permission to access user " 1658 + targetUserId + "\n " + Debug.getCallers(3)); 1659 } 1660 } 1661 return targetUserId; 1662 } 1663 1664 int unsafeConvertIncomingUser(int userId) { 1665 return (userId == UserHandle.USER_CURRENT || userId == UserHandle.USER_CURRENT_OR_SELF) 1666 ? getCurrentUserId(): userId; 1667 } 1668 1669 void ensureNotSpecialUser(int userId) { 1670 if (userId >= 0) { 1671 return; 1672 } 1673 throw new IllegalArgumentException("Call does not support special user #" + userId); 1674 } 1675 1676 void registerUserSwitchObserver(IUserSwitchObserver observer, String name) { 1677 Preconditions.checkNotNull(name, "Observer name cannot be null"); 1678 if (mInjector.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 1679 != PackageManager.PERMISSION_GRANTED) { 1680 final String msg = "Permission Denial: registerUserSwitchObserver() from pid=" 1681 + Binder.getCallingPid() 1682 + ", uid=" + Binder.getCallingUid() 1683 + " requires " + INTERACT_ACROSS_USERS_FULL; 1684 Slog.w(TAG, msg); 1685 throw new SecurityException(msg); 1686 } 1687 mUserSwitchObservers.register(observer, name); 1688 } 1689 1690 void sendForegroundProfileChanged(int userId) { 1691 mHandler.removeMessages(FOREGROUND_PROFILE_CHANGED_MSG); 1692 mHandler.obtainMessage(FOREGROUND_PROFILE_CHANGED_MSG, userId, 0).sendToTarget(); 1693 } 1694 1695 void unregisterUserSwitchObserver(IUserSwitchObserver observer) { 1696 mUserSwitchObservers.unregister(observer); 1697 } 1698 1699 UserState getStartedUserState(int userId) { 1700 synchronized (mLock) { 1701 return mStartedUsers.get(userId); 1702 } 1703 } 1704 1705 boolean hasStartedUserState(int userId) { 1706 synchronized (mLock) { 1707 return mStartedUsers.get(userId) != null; 1708 } 1709 } 1710 1711 @GuardedBy("mLock") 1712 private void updateStartedUserArrayLU() { 1713 int num = 0; 1714 for (int i = 0; i < mStartedUsers.size(); i++) { 1715 UserState uss = mStartedUsers.valueAt(i); 1716 // This list does not include stopping users. 1717 if (uss.state != UserState.STATE_STOPPING 1718 && uss.state != UserState.STATE_SHUTDOWN) { 1719 num++; 1720 } 1721 } 1722 mStartedUserArray = new int[num]; 1723 num = 0; 1724 for (int i = 0; i < mStartedUsers.size(); i++) { 1725 UserState uss = mStartedUsers.valueAt(i); 1726 if (uss.state != UserState.STATE_STOPPING 1727 && uss.state != UserState.STATE_SHUTDOWN) { 1728 mStartedUserArray[num++] = mStartedUsers.keyAt(i); 1729 } 1730 } 1731 } 1732 1733 void sendBootCompleted(IIntentReceiver resultTo) { 1734 // Get a copy of mStartedUsers to use outside of lock 1735 SparseArray<UserState> startedUsers; 1736 synchronized (mLock) { 1737 startedUsers = mStartedUsers.clone(); 1738 } 1739 for (int i = 0; i < startedUsers.size(); i++) { 1740 UserState uss = startedUsers.valueAt(i); 1741 finishUserBoot(uss, resultTo); 1742 } 1743 } 1744 1745 void onSystemReady() { 1746 updateCurrentProfileIds(); 1747 mInjector.reportCurWakefulnessUsageEvent(); 1748 } 1749 1750 /** 1751 * Refreshes the list of users related to the current user when either a 1752 * user switch happens or when a new related user is started in the 1753 * background. 1754 */ 1755 private void updateCurrentProfileIds() { 1756 final List<UserInfo> profiles = mInjector.getUserManager().getProfiles(getCurrentUserId(), 1757 false /* enabledOnly */); 1758 int[] currentProfileIds = new int[profiles.size()]; // profiles will not be null 1759 for (int i = 0; i < currentProfileIds.length; i++) { 1760 currentProfileIds[i] = profiles.get(i).id; 1761 } 1762 final List<UserInfo> users = mInjector.getUserManager().getUsers(false); 1763 synchronized (mLock) { 1764 mCurrentProfileIds = currentProfileIds; 1765 1766 mUserProfileGroupIds.clear(); 1767 for (int i = 0; i < users.size(); i++) { 1768 UserInfo user = users.get(i); 1769 if (user.profileGroupId != UserInfo.NO_PROFILE_GROUP_ID) { 1770 mUserProfileGroupIds.put(user.id, user.profileGroupId); 1771 } 1772 } 1773 } 1774 } 1775 1776 int[] getStartedUserArray() { 1777 synchronized (mLock) { 1778 return mStartedUserArray; 1779 } 1780 } 1781 1782 boolean isUserRunning(int userId, int flags) { 1783 UserState state = getStartedUserState(userId); 1784 if (state == null) { 1785 return false; 1786 } 1787 if ((flags & ActivityManager.FLAG_OR_STOPPED) != 0) { 1788 return true; 1789 } 1790 if ((flags & ActivityManager.FLAG_AND_LOCKED) != 0) { 1791 switch (state.state) { 1792 case UserState.STATE_BOOTING: 1793 case UserState.STATE_RUNNING_LOCKED: 1794 return true; 1795 default: 1796 return false; 1797 } 1798 } 1799 if ((flags & ActivityManager.FLAG_AND_UNLOCKING_OR_UNLOCKED) != 0) { 1800 switch (state.state) { 1801 case UserState.STATE_RUNNING_UNLOCKING: 1802 case UserState.STATE_RUNNING_UNLOCKED: 1803 return true; 1804 // In the stopping/shutdown state return unlock state of the user key 1805 case UserState.STATE_STOPPING: 1806 case UserState.STATE_SHUTDOWN: 1807 return StorageManager.isUserKeyUnlocked(userId); 1808 default: 1809 return false; 1810 } 1811 } 1812 if ((flags & ActivityManager.FLAG_AND_UNLOCKED) != 0) { 1813 switch (state.state) { 1814 case UserState.STATE_RUNNING_UNLOCKED: 1815 return true; 1816 // In the stopping/shutdown state return unlock state of the user key 1817 case UserState.STATE_STOPPING: 1818 case UserState.STATE_SHUTDOWN: 1819 return StorageManager.isUserKeyUnlocked(userId); 1820 default: 1821 return false; 1822 } 1823 } 1824 1825 return state.state != UserState.STATE_STOPPING && state.state != UserState.STATE_SHUTDOWN; 1826 } 1827 1828 /** 1829 * Check if system user is already started. Unlike other user, system user is in STATE_BOOTING 1830 * even if it is not explicitly started. So isUserRunning cannot give the right state 1831 * to check if system user is started or not. 1832 * @return true if system user is started. 1833 */ 1834 boolean isSystemUserStarted() { 1835 synchronized (mLock) { 1836 UserState uss = mStartedUsers.get(UserHandle.USER_SYSTEM); 1837 if (uss == null) { 1838 return false; 1839 } 1840 return uss.state == UserState.STATE_RUNNING_LOCKED 1841 || uss.state == UserState.STATE_RUNNING_UNLOCKING 1842 || uss.state == UserState.STATE_RUNNING_UNLOCKED; 1843 } 1844 } 1845 1846 UserInfo getCurrentUser() { 1847 if ((mInjector.checkCallingPermission(INTERACT_ACROSS_USERS) 1848 != PackageManager.PERMISSION_GRANTED) && ( 1849 mInjector.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 1850 != PackageManager.PERMISSION_GRANTED)) { 1851 String msg = "Permission Denial: getCurrentUser() from pid=" 1852 + Binder.getCallingPid() 1853 + ", uid=" + Binder.getCallingUid() 1854 + " requires " + INTERACT_ACROSS_USERS; 1855 Slog.w(TAG, msg); 1856 throw new SecurityException(msg); 1857 } 1858 1859 // Optimization - if there is no pending user switch, return current id 1860 if (mTargetUserId == UserHandle.USER_NULL) { 1861 return getUserInfo(mCurrentUserId); 1862 } 1863 synchronized (mLock) { 1864 return getCurrentUserLU(); 1865 } 1866 } 1867 1868 @GuardedBy("mLock") 1869 UserInfo getCurrentUserLU() { 1870 int userId = mTargetUserId != UserHandle.USER_NULL ? mTargetUserId : mCurrentUserId; 1871 return getUserInfo(userId); 1872 } 1873 1874 int getCurrentOrTargetUserId() { 1875 synchronized (mLock) { 1876 return mTargetUserId != UserHandle.USER_NULL ? mTargetUserId : mCurrentUserId; 1877 } 1878 } 1879 1880 @GuardedBy("mLock") 1881 int getCurrentOrTargetUserIdLU() { 1882 return mTargetUserId != UserHandle.USER_NULL ? mTargetUserId : mCurrentUserId; 1883 } 1884 1885 1886 @GuardedBy("mLock") 1887 int getCurrentUserIdLU() { 1888 return mCurrentUserId; 1889 } 1890 1891 int getCurrentUserId() { 1892 synchronized (mLock) { 1893 return mCurrentUserId; 1894 } 1895 } 1896 1897 @GuardedBy("mLock") 1898 private boolean isCurrentUserLU(int userId) { 1899 return userId == getCurrentOrTargetUserIdLU(); 1900 } 1901 1902 int[] getUsers() { 1903 UserManagerService ums = mInjector.getUserManager(); 1904 return ums != null ? ums.getUserIds() : new int[] { 0 }; 1905 } 1906 1907 private UserInfo getUserInfo(int userId) { 1908 return mInjector.getUserManager().getUserInfo(userId); 1909 } 1910 1911 int[] getUserIds() { 1912 return mInjector.getUserManager().getUserIds(); 1913 } 1914 1915 /** 1916 * If {@code userId} is {@link UserHandle#USER_ALL}, then return an array with all running user 1917 * IDs. Otherwise return an array whose only element is the given user id. 1918 * 1919 * It doesn't handle other special user IDs such as {@link UserHandle#USER_CURRENT}. 1920 */ 1921 int[] expandUserId(int userId) { 1922 if (userId != UserHandle.USER_ALL) { 1923 return new int[] {userId}; 1924 } else { 1925 return getUsers(); 1926 } 1927 } 1928 1929 boolean exists(int userId) { 1930 return mInjector.getUserManager().exists(userId); 1931 } 1932 1933 private void enforceShellRestriction(String restriction, int userHandle) { 1934 if (Binder.getCallingUid() == SHELL_UID) { 1935 if (userHandle < 0 || hasUserRestriction(restriction, userHandle)) { 1936 throw new SecurityException("Shell does not have permission to access user " 1937 + userHandle); 1938 } 1939 } 1940 } 1941 1942 boolean hasUserRestriction(String restriction, int userId) { 1943 return mInjector.getUserManager().hasUserRestriction(restriction, userId); 1944 } 1945 1946 boolean isSameProfileGroup(int callingUserId, int targetUserId) { 1947 if (callingUserId == targetUserId) { 1948 return true; 1949 } 1950 synchronized (mLock) { 1951 int callingProfile = mUserProfileGroupIds.get(callingUserId, 1952 UserInfo.NO_PROFILE_GROUP_ID); 1953 int targetProfile = mUserProfileGroupIds.get(targetUserId, 1954 UserInfo.NO_PROFILE_GROUP_ID); 1955 return callingProfile != UserInfo.NO_PROFILE_GROUP_ID 1956 && callingProfile == targetProfile; 1957 } 1958 } 1959 1960 boolean isUserOrItsParentRunning(int userId) { 1961 synchronized (mLock) { 1962 if (isUserRunning(userId, 0)) { 1963 return true; 1964 } 1965 final int parentUserId = mUserProfileGroupIds.get(userId, UserInfo.NO_PROFILE_GROUP_ID); 1966 if (parentUserId == UserInfo.NO_PROFILE_GROUP_ID) { 1967 return false; 1968 } 1969 return isUserRunning(parentUserId, 0); 1970 } 1971 } 1972 1973 boolean isCurrentProfile(int userId) { 1974 synchronized (mLock) { 1975 return ArrayUtils.contains(mCurrentProfileIds, userId); 1976 } 1977 } 1978 1979 int[] getCurrentProfileIds() { 1980 synchronized (mLock) { 1981 return mCurrentProfileIds; 1982 } 1983 } 1984 1985 void onUserRemoved(int userId) { 1986 synchronized (mLock) { 1987 int size = mUserProfileGroupIds.size(); 1988 for (int i = size - 1; i >= 0; i--) { 1989 if (mUserProfileGroupIds.keyAt(i) == userId 1990 || mUserProfileGroupIds.valueAt(i) == userId) { 1991 mUserProfileGroupIds.removeAt(i); 1992 1993 } 1994 } 1995 mCurrentProfileIds = ArrayUtils.removeInt(mCurrentProfileIds, userId); 1996 } 1997 } 1998 1999 /** 2000 * Returns whether the given user requires credential entry at this time. This is used to 2001 * intercept activity launches for work apps when the Work Challenge is present. 2002 */ 2003 protected boolean shouldConfirmCredentials(int userId) { 2004 synchronized (mLock) { 2005 if (mStartedUsers.get(userId) == null) { 2006 return false; 2007 } 2008 } 2009 if (!mLockPatternUtils.isSeparateProfileChallengeEnabled(userId)) { 2010 return false; 2011 } 2012 final KeyguardManager km = mInjector.getKeyguardManager(); 2013 return km.isDeviceLocked(userId) && km.isDeviceSecure(userId); 2014 } 2015 2016 boolean isLockScreenDisabled(@UserIdInt int userId) { 2017 return mLockPatternUtils.isLockScreenDisabled(userId); 2018 } 2019 2020 void setSwitchingFromSystemUserMessage(String switchingFromSystemUserMessage) { 2021 synchronized (mLock) { 2022 mSwitchingFromSystemUserMessage = switchingFromSystemUserMessage; 2023 } 2024 } 2025 2026 void setSwitchingToSystemUserMessage(String switchingToSystemUserMessage) { 2027 synchronized (mLock) { 2028 mSwitchingToSystemUserMessage = switchingToSystemUserMessage; 2029 } 2030 } 2031 2032 private String getSwitchingFromSystemUserMessage() { 2033 synchronized (mLock) { 2034 return mSwitchingFromSystemUserMessage; 2035 } 2036 } 2037 2038 private String getSwitchingToSystemUserMessage() { 2039 synchronized (mLock) { 2040 return mSwitchingToSystemUserMessage; 2041 } 2042 } 2043 2044 void writeToProto(ProtoOutputStream proto, long fieldId) { 2045 synchronized (mLock) { 2046 long token = proto.start(fieldId); 2047 for (int i = 0; i < mStartedUsers.size(); i++) { 2048 UserState uss = mStartedUsers.valueAt(i); 2049 final long uToken = proto.start(UserControllerProto.STARTED_USERS); 2050 proto.write(UserControllerProto.User.ID, uss.mHandle.getIdentifier()); 2051 uss.writeToProto(proto, UserControllerProto.User.STATE); 2052 proto.end(uToken); 2053 } 2054 for (int i = 0; i < mStartedUserArray.length; i++) { 2055 proto.write(UserControllerProto.STARTED_USER_ARRAY, mStartedUserArray[i]); 2056 } 2057 for (int i = 0; i < mUserLru.size(); i++) { 2058 proto.write(UserControllerProto.USER_LRU, mUserLru.get(i)); 2059 } 2060 if (mUserProfileGroupIds.size() > 0) { 2061 for (int i = 0; i < mUserProfileGroupIds.size(); i++) { 2062 final long uToken = proto.start(UserControllerProto.USER_PROFILE_GROUP_IDS); 2063 proto.write(UserControllerProto.UserProfile.USER, 2064 mUserProfileGroupIds.keyAt(i)); 2065 proto.write(UserControllerProto.UserProfile.PROFILE, 2066 mUserProfileGroupIds.valueAt(i)); 2067 proto.end(uToken); 2068 } 2069 } 2070 proto.end(token); 2071 } 2072 } 2073 2074 void dump(PrintWriter pw, boolean dumpAll) { 2075 synchronized (mLock) { 2076 pw.println(" mStartedUsers:"); 2077 for (int i = 0; i < mStartedUsers.size(); i++) { 2078 UserState uss = mStartedUsers.valueAt(i); 2079 pw.print(" User #"); 2080 pw.print(uss.mHandle.getIdentifier()); 2081 pw.print(": "); 2082 uss.dump("", pw); 2083 } 2084 pw.print(" mStartedUserArray: ["); 2085 for (int i = 0; i < mStartedUserArray.length; i++) { 2086 if (i > 0) 2087 pw.print(", "); 2088 pw.print(mStartedUserArray[i]); 2089 } 2090 pw.println("]"); 2091 pw.print(" mUserLru: ["); 2092 for (int i = 0; i < mUserLru.size(); i++) { 2093 if (i > 0) 2094 pw.print(", "); 2095 pw.print(mUserLru.get(i)); 2096 } 2097 pw.println("]"); 2098 if (mUserProfileGroupIds.size() > 0) { 2099 pw.println(" mUserProfileGroupIds:"); 2100 for (int i=0; i< mUserProfileGroupIds.size(); i++) { 2101 pw.print(" User #"); 2102 pw.print(mUserProfileGroupIds.keyAt(i)); 2103 pw.print(" -> profile #"); 2104 pw.println(mUserProfileGroupIds.valueAt(i)); 2105 } 2106 } 2107 pw.println(" mCurrentUserId:" + mCurrentUserId); 2108 pw.println(" mLastActiveUsers:" + mLastActiveUsers); 2109 } 2110 } 2111 2112 public boolean handleMessage(Message msg) { 2113 switch (msg.what) { 2114 case START_USER_SWITCH_FG_MSG: 2115 startUserInForeground(msg.arg1); 2116 break; 2117 case REPORT_USER_SWITCH_MSG: 2118 dispatchUserSwitch((UserState) msg.obj, msg.arg1, msg.arg2); 2119 break; 2120 case CONTINUE_USER_SWITCH_MSG: 2121 continueUserSwitch((UserState) msg.obj, msg.arg1, msg.arg2); 2122 break; 2123 case USER_SWITCH_TIMEOUT_MSG: 2124 timeoutUserSwitch((UserState) msg.obj, msg.arg1, msg.arg2); 2125 break; 2126 case USER_SWITCH_CALLBACKS_TIMEOUT_MSG: 2127 timeoutUserSwitchCallbacks(msg.arg1, msg.arg2); 2128 break; 2129 case START_PROFILES_MSG: 2130 startProfiles(); 2131 break; 2132 case SYSTEM_USER_START_MSG: 2133 mInjector.batteryStatsServiceNoteEvent( 2134 BatteryStats.HistoryItem.EVENT_USER_RUNNING_START, 2135 Integer.toString(msg.arg1), msg.arg1); 2136 mInjector.getSystemServiceManager().startUser(msg.arg1); 2137 break; 2138 case SYSTEM_USER_UNLOCK_MSG: 2139 final int userId = msg.arg1; 2140 mInjector.getSystemServiceManager().unlockUser(userId); 2141 // Loads recents on a worker thread that allows disk I/O 2142 FgThread.getHandler().post(() -> { 2143 mInjector.loadUserRecents(userId); 2144 }); 2145 finishUserUnlocked((UserState) msg.obj); 2146 break; 2147 case SYSTEM_USER_CURRENT_MSG: 2148 mInjector.batteryStatsServiceNoteEvent( 2149 BatteryStats.HistoryItem.EVENT_USER_FOREGROUND_FINISH, 2150 Integer.toString(msg.arg2), msg.arg2); 2151 mInjector.batteryStatsServiceNoteEvent( 2152 BatteryStats.HistoryItem.EVENT_USER_FOREGROUND_START, 2153 Integer.toString(msg.arg1), msg.arg1); 2154 2155 mInjector.getSystemServiceManager().switchUser(msg.arg1); 2156 break; 2157 case FOREGROUND_PROFILE_CHANGED_MSG: 2158 dispatchForegroundProfileChanged(msg.arg1); 2159 break; 2160 case REPORT_USER_SWITCH_COMPLETE_MSG: 2161 dispatchUserSwitchComplete(msg.arg1); 2162 break; 2163 case REPORT_LOCKED_BOOT_COMPLETE_MSG: 2164 dispatchLockedBootComplete(msg.arg1); 2165 break; 2166 case START_USER_SWITCH_UI_MSG: 2167 showUserSwitchDialog((Pair<UserInfo, UserInfo>) msg.obj); 2168 break; 2169 } 2170 return false; 2171 } 2172 2173 private static class UserProgressListener extends IProgressListener.Stub { 2174 private volatile long mUnlockStarted; 2175 @Override 2176 public void onStarted(int id, Bundle extras) throws RemoteException { 2177 Slog.d(TAG, "Started unlocking user " + id); 2178 mUnlockStarted = SystemClock.uptimeMillis(); 2179 } 2180 2181 @Override 2182 public void onProgress(int id, int progress, Bundle extras) throws RemoteException { 2183 Slog.d(TAG, "Unlocking user " + id + " progress " + progress); 2184 } 2185 2186 @Override 2187 public void onFinished(int id, Bundle extras) throws RemoteException { 2188 long unlockTime = SystemClock.uptimeMillis() - mUnlockStarted; 2189 2190 // Report system user unlock time to perf dashboard 2191 if (id == UserHandle.USER_SYSTEM) { 2192 new TimingsTraceLog("SystemServerTiming", Trace.TRACE_TAG_SYSTEM_SERVER) 2193 .logDuration("SystemUserUnlock", unlockTime); 2194 } else { 2195 new TimingsTraceLog("SystemServerTiming", Trace.TRACE_TAG_SYSTEM_SERVER) 2196 .logDuration("User" + id + "Unlock", unlockTime); 2197 } 2198 } 2199 }; 2200 2201 @VisibleForTesting 2202 static class Injector { 2203 private final ActivityManagerService mService; 2204 private UserManagerService mUserManager; 2205 private UserManagerInternal mUserManagerInternal; 2206 2207 Injector(ActivityManagerService service) { 2208 mService = service; 2209 } 2210 2211 protected Handler getHandler(Handler.Callback callback) { 2212 return new Handler(mService.mHandlerThread.getLooper(), callback); 2213 } 2214 2215 protected Handler getUiHandler(Handler.Callback callback) { 2216 return new Handler(mService.mUiHandler.getLooper(), callback); 2217 } 2218 2219 protected Context getContext() { 2220 return mService.mContext; 2221 } 2222 2223 protected LockPatternUtils getLockPatternUtils() { 2224 return new LockPatternUtils(getContext()); 2225 } 2226 2227 protected int broadcastIntent(Intent intent, String resolvedType, 2228 IIntentReceiver resultTo, int resultCode, String resultData, 2229 Bundle resultExtras, String[] requiredPermissions, int appOp, Bundle bOptions, 2230 boolean ordered, boolean sticky, int callingPid, int callingUid, int realCallingUid, 2231 int realCallingPid, int userId) { 2232 // TODO b/64165549 Verify that mLock is not held before calling AMS methods 2233 synchronized (mService) { 2234 return mService.broadcastIntentLocked(null, null, intent, resolvedType, resultTo, 2235 resultCode, resultData, resultExtras, requiredPermissions, appOp, bOptions, 2236 ordered, sticky, callingPid, callingUid, realCallingUid, realCallingPid, 2237 userId); 2238 } 2239 } 2240 2241 int checkCallingPermission(String permission) { 2242 return mService.checkCallingPermission(permission); 2243 } 2244 2245 WindowManagerService getWindowManager() { 2246 return mService.mWindowManager; 2247 } 2248 void activityManagerOnUserStopped(int userId) { 2249 LocalServices.getService(ActivityTaskManagerInternal.class).onUserStopped(userId); 2250 } 2251 2252 void systemServiceManagerCleanupUser(int userId) { 2253 mService.mSystemServiceManager.cleanupUser(userId); 2254 } 2255 2256 protected UserManagerService getUserManager() { 2257 if (mUserManager == null) { 2258 IBinder b = ServiceManager.getService(Context.USER_SERVICE); 2259 mUserManager = (UserManagerService) IUserManager.Stub.asInterface(b); 2260 } 2261 return mUserManager; 2262 } 2263 2264 UserManagerInternal getUserManagerInternal() { 2265 if (mUserManagerInternal == null) { 2266 mUserManagerInternal = LocalServices.getService(UserManagerInternal.class); 2267 } 2268 return mUserManagerInternal; 2269 } 2270 2271 KeyguardManager getKeyguardManager() { 2272 return mService.mContext.getSystemService(KeyguardManager.class); 2273 } 2274 2275 void batteryStatsServiceNoteEvent(int code, String name, int uid) { 2276 mService.mBatteryStatsService.noteEvent(code, name, uid); 2277 } 2278 2279 boolean isRuntimeRestarted() { 2280 return mService.mSystemServiceManager.isRuntimeRestarted(); 2281 } 2282 2283 SystemServiceManager getSystemServiceManager() { 2284 return mService.mSystemServiceManager; 2285 } 2286 2287 boolean isFirstBootOrUpgrade() { 2288 IPackageManager pm = AppGlobals.getPackageManager(); 2289 try { 2290 return pm.isFirstBoot() || pm.isDeviceUpgrading(); 2291 } catch (RemoteException e) { 2292 throw e.rethrowFromSystemServer(); 2293 } 2294 } 2295 2296 void sendPreBootBroadcast(int userId, boolean quiet, final Runnable onFinish) { 2297 new PreBootBroadcaster(mService, userId, null, quiet) { 2298 @Override 2299 public void onFinished() { 2300 onFinish.run(); 2301 } 2302 }.sendNext(); 2303 } 2304 2305 void activityManagerForceStopPackage(int userId, String reason) { 2306 synchronized (mService) { 2307 mService.forceStopPackageLocked(null, -1, false, false, true, false, false, 2308 userId, reason); 2309 } 2310 }; 2311 2312 int checkComponentPermission(String permission, int pid, int uid, int owningUid, 2313 boolean exported) { 2314 return mService.checkComponentPermission(permission, pid, uid, owningUid, exported); 2315 } 2316 2317 protected void startHomeActivity(int userId, String reason) { 2318 mService.mAtmInternal.startHomeActivity(userId, reason); 2319 } 2320 2321 void startUserWidgets(int userId) { 2322 AppWidgetManagerInternal awm = LocalServices.getService(AppWidgetManagerInternal.class); 2323 if (awm != null) { 2324 // Out of band, because this is called during a sequence with 2325 // sensitive cross-service lock management 2326 FgThread.getHandler().post(() -> { 2327 awm.unlockUser(userId); 2328 }); 2329 } 2330 } 2331 2332 void updateUserConfiguration() { 2333 mService.mAtmInternal.updateUserConfiguration(); 2334 } 2335 2336 void clearBroadcastQueueForUser(int userId) { 2337 synchronized (mService) { 2338 mService.clearBroadcastQueueForUserLocked(userId); 2339 } 2340 } 2341 2342 void loadUserRecents(int userId) { 2343 mService.mAtmInternal.loadRecentTasksForUser(userId); 2344 } 2345 2346 void startPersistentApps(int matchFlags) { 2347 mService.startPersistentApps(matchFlags); 2348 } 2349 2350 void installEncryptionUnawareProviders(int userId) { 2351 mService.installEncryptionUnawareProviders(userId); 2352 } 2353 2354 void showUserSwitchingDialog(UserInfo fromUser, UserInfo toUser, 2355 String switchingFromSystemUserMessage, String switchingToSystemUserMessage) { 2356 Dialog d; 2357 if (!mService.mContext.getPackageManager() 2358 .hasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE)) { 2359 d = new UserSwitchingDialog(mService, mService.mContext, fromUser, toUser, 2360 true /* above system */, switchingFromSystemUserMessage, 2361 switchingToSystemUserMessage); 2362 } else { 2363 d = new CarUserSwitchingDialog(mService, mService.mContext, fromUser, toUser, 2364 true /* above system */, switchingFromSystemUserMessage, 2365 switchingToSystemUserMessage); 2366 } 2367 2368 d.show(); 2369 } 2370 2371 void reportGlobalUsageEventLocked(int event) { 2372 synchronized (mService) { 2373 mService.reportGlobalUsageEventLocked(event); 2374 } 2375 } 2376 2377 void reportCurWakefulnessUsageEvent() { 2378 synchronized (mService) { 2379 mService.reportCurWakefulnessUsageEventLocked(); 2380 } 2381 } 2382 2383 void stackSupervisorRemoveUser(int userId) { 2384 mService.mAtmInternal.removeUser(userId); 2385 } 2386 2387 protected boolean stackSupervisorSwitchUser(int userId, UserState uss) { 2388 return mService.mAtmInternal.switchUser(userId, uss); 2389 } 2390 2391 protected void stackSupervisorResumeFocusedStackTopActivity() { 2392 mService.mAtmInternal.resumeTopActivities(false /* scheduleIdle */); 2393 } 2394 2395 protected void clearAllLockedTasks(String reason) { 2396 mService.mAtmInternal.clearLockedTasks(reason); 2397 } 2398 2399 protected boolean isCallerRecents(int callingUid) { 2400 return mService.mAtmInternal.isCallerRecents(callingUid); 2401 } 2402 2403 protected IStorageManager getStorageManager() { 2404 return IStorageManager.Stub.asInterface(ServiceManager.getService("mount")); 2405 } 2406 } 2407 } 2408