1 /* 2 * Copyright (C) 2022 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package com.android.server.adservices; 17 18 import static android.adservices.common.AdServicesPermissions.ACCESS_ADSERVICES_MANAGER; 19 import static android.app.adservices.AdServicesManager.AD_SERVICES_SYSTEM_SERVICE; 20 21 import android.adservices.common.AdServicesPermissions; 22 import android.annotation.NonNull; 23 import android.annotation.RequiresPermission; 24 import android.app.adservices.AdServicesManager; 25 import android.app.adservices.IAdServicesManager; 26 import android.app.adservices.consent.ConsentParcel; 27 import android.app.adservices.topics.TopicParcel; 28 import android.content.BroadcastReceiver; 29 import android.content.Context; 30 import android.content.Intent; 31 import android.content.IntentFilter; 32 import android.content.pm.PackageInfo; 33 import android.content.pm.PackageManager; 34 import android.content.pm.ResolveInfo; 35 import android.content.pm.VersionedPackage; 36 import android.content.rollback.PackageRollbackInfo; 37 import android.content.rollback.RollbackInfo; 38 import android.content.rollback.RollbackManager; 39 import android.os.Binder; 40 import android.os.Handler; 41 import android.os.HandlerThread; 42 import android.os.UserHandle; 43 import android.provider.DeviceConfig; 44 import android.util.ArrayMap; 45 import android.util.Dumpable; 46 47 import com.android.internal.annotations.GuardedBy; 48 import com.android.internal.annotations.VisibleForTesting; 49 import com.android.server.LocalManagerRegistry; 50 import com.android.server.SystemService; 51 import com.android.server.adservices.data.topics.TopicsDao; 52 import com.android.server.adservices.feature.PrivacySandboxFeatureType; 53 import com.android.server.sdksandbox.SdkSandboxManagerLocal; 54 55 import java.io.FileDescriptor; 56 import java.io.IOException; 57 import java.io.PrintWriter; 58 import java.util.List; 59 import java.util.Map; 60 import java.util.Objects; 61 62 /** @hide */ 63 // TODO(b/267667963): Offload methods from binder thread to background thread. 64 public class AdServicesManagerService extends IAdServicesManager.Stub { 65 // The base directory for AdServices System Service. 66 private static final String SYSTEM_DATA = "/data/system/"; 67 public static String ADSERVICES_BASE_DIR = SYSTEM_DATA + "adservices"; 68 private static final String ERROR_MESSAGE_NOT_PERMITTED_TO_CALL_ADSERVICESMANAGER_API = 69 "Unauthorized caller. Permission to call AdServicesManager API is not granted in System" 70 + " Server."; 71 private final Object mRegisterReceiverLock = new Object(); 72 private final Object mRollbackCheckLock = new Object(); 73 private final Object mSetPackageVersionLock = new Object(); 74 75 /** 76 * Broadcast send from the system service to the AdServices module when a package has been 77 * installed/uninstalled. This intent must match the intent defined in the AdServices manifest. 78 */ 79 private static final String PACKAGE_CHANGED_BROADCAST = 80 "com.android.adservices.PACKAGE_CHANGED"; 81 82 /** Key for designating the specific action. */ 83 private static final String ACTION_KEY = "action"; 84 85 /** Value if the package change was an uninstallation. */ 86 private static final String PACKAGE_FULLY_REMOVED = "package_fully_removed"; 87 88 /** Value if the package change was an installation. */ 89 private static final String PACKAGE_ADDED = "package_added"; 90 91 /** Value if the package has its data cleared. */ 92 private static final String PACKAGE_DATA_CLEARED = "package_data_cleared"; 93 94 private final Context mContext; 95 96 @GuardedBy("mRegisterReceiverLock") 97 private BroadcastReceiver mSystemServicePackageChangedReceiver; 98 99 @GuardedBy("mRegisterReceiverLock") 100 private BroadcastReceiver mSystemServiceUserActionReceiver; 101 102 @GuardedBy("mRegisterReceiverLock") 103 private HandlerThread mHandlerThread; 104 105 @GuardedBy("mRegisterReceiverLock") 106 private Handler mHandler; 107 108 @GuardedBy("mSetPackageVersionLock") 109 private int mAdServicesModuleVersion; 110 111 @GuardedBy("mSetPackageVersionLock") 112 private String mAdServicesModuleName; 113 114 @GuardedBy("mRollbackCheckLock") 115 private final Map<Integer, VersionedPackage> mAdServicesPackagesRolledBackFrom = 116 new ArrayMap<>(); 117 118 @GuardedBy("mRollbackCheckLock") 119 private final Map<Integer, VersionedPackage> mAdServicesPackagesRolledBackTo = new ArrayMap<>(); 120 121 // This will be triggered when there is a flag change. 122 private final DeviceConfig.OnPropertiesChangedListener mOnFlagsChangedListener = 123 properties -> { 124 if (!properties.getNamespace().equals(DeviceConfig.NAMESPACE_ADSERVICES)) { 125 return; 126 } 127 registerReceivers(); 128 setAdServicesApexVersion(); 129 setRollbackStatus(); 130 }; 131 132 private final UserInstanceManager mUserInstanceManager; 133 134 @VisibleForTesting AdServicesManagerService(Context context, UserInstanceManager userInstanceManager)135 AdServicesManagerService(Context context, UserInstanceManager userInstanceManager) { 136 mContext = context; 137 mUserInstanceManager = userInstanceManager; 138 139 DeviceConfig.addOnPropertiesChangedListener( 140 DeviceConfig.NAMESPACE_ADSERVICES, 141 mContext.getMainExecutor(), 142 mOnFlagsChangedListener); 143 144 registerReceivers(); 145 setAdServicesApexVersion(); 146 setRollbackStatus(); 147 } 148 149 /** @hide */ 150 public static final class Lifecycle extends SystemService implements Dumpable { 151 private final AdServicesManagerService mService; 152 153 /** @hide */ Lifecycle(Context context)154 public Lifecycle(Context context) { 155 this( 156 context, 157 new AdServicesManagerService( 158 context, 159 new UserInstanceManager( 160 TopicsDao.getInstance(context), ADSERVICES_BASE_DIR))); 161 } 162 163 /** @hide */ 164 @VisibleForTesting Lifecycle(Context context, AdServicesManagerService service)165 public Lifecycle(Context context, AdServicesManagerService service) { 166 super(context); 167 mService = service; 168 LogUtil.d("AdServicesManagerService constructed!"); 169 } 170 171 /** @hide */ 172 @Override onStart()173 public void onStart() { 174 LogUtil.d("AdServicesManagerService started!"); 175 176 boolean published = false; 177 178 try { 179 publishBinderService(); 180 published = true; 181 } catch (RuntimeException e) { 182 LogUtil.w( 183 e, 184 "Failed to publish %s service; will piggyback it into SdkSandbox anyways", 185 AD_SERVICES_SYSTEM_SERVICE); 186 } 187 188 // TODO(b/282239822): Remove this workaround (and try-catch above) on Android VIC 189 190 // Register the AdServicesManagerService with the SdkSandboxManagerService. 191 // This is a workaround for b/262282035. 192 // This works since we start the SdkSandboxManagerService before the 193 // AdServicesManagerService in the SystemServer.java 194 SdkSandboxManagerLocal sdkSandboxManagerLocal = 195 LocalManagerRegistry.getManager(SdkSandboxManagerLocal.class); 196 if (sdkSandboxManagerLocal != null) { 197 sdkSandboxManagerLocal.registerAdServicesManagerService(mService, published); 198 } else { 199 throw new IllegalStateException( 200 "SdkSandboxManagerLocal not found when registering AdServicesManager!"); 201 } 202 } 203 204 // Need to encapsulate call to publishBinderService(...) because: 205 // - Superclass method is protected final (hence it cannot be mocked or extended) 206 // - Underlying method calls ServiceManager.addService(), which is hidden (and hence cannot 207 // be mocked by our tests) 208 @VisibleForTesting publishBinderService()209 void publishBinderService() { 210 publishBinderService(AD_SERVICES_SYSTEM_SERVICE, mService); 211 } 212 213 @Override getDumpableName()214 public String getDumpableName() { 215 return "AdServices"; 216 } 217 218 @Override dump(PrintWriter writer, String[] args)219 public void dump(PrintWriter writer, String[] args) { 220 // Usage: adb shell dumpsys system_server_dumper --name AdServices 221 mService.dump(/* fd= */ null, writer, args); 222 } 223 } 224 225 @Override 226 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) getConsent(@onsentParcel.ConsentApiType int consentApiType)227 public ConsentParcel getConsent(@ConsentParcel.ConsentApiType int consentApiType) { 228 enforceAdServicesManagerPermission(); 229 230 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 231 232 LogUtil.v("getConsent() for User Identifier %d", userIdentifier); 233 try { 234 return mUserInstanceManager 235 .getOrCreateUserConsentManagerInstance(userIdentifier) 236 .getConsent(consentApiType); 237 } catch (IOException e) { 238 LogUtil.e(e, "Failed to getConsent with exception. Return REVOKED!"); 239 return ConsentParcel.createRevokedConsent(consentApiType); 240 } 241 } 242 243 // Return the User Identifier from the CallingUid. getUserIdentifierFromBinderCallingUid()244 private int getUserIdentifierFromBinderCallingUid() { 245 return UserHandle.getUserHandleForUid(Binder.getCallingUid()).getIdentifier(); 246 } 247 248 @Override 249 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) setConsent(ConsentParcel consentParcel)250 public void setConsent(ConsentParcel consentParcel) { 251 enforceAdServicesManagerPermission(); 252 253 Objects.requireNonNull(consentParcel); 254 255 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 256 LogUtil.v("setConsent() for User Identifier %d", userIdentifier); 257 try { 258 mUserInstanceManager 259 .getOrCreateUserConsentManagerInstance(userIdentifier) 260 .setConsent(consentParcel); 261 } catch (IOException e) { 262 LogUtil.e(e, "Failed to persist the consent."); 263 } 264 } 265 266 @Override 267 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) recordNotificationDisplayed()268 public void recordNotificationDisplayed() { 269 enforceAdServicesManagerPermission(); 270 271 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 272 LogUtil.v("recordNotificationDisplayed() for User Identifier %d", userIdentifier); 273 try { 274 mUserInstanceManager 275 .getOrCreateUserConsentManagerInstance(userIdentifier) 276 .recordNotificationDisplayed(); 277 } catch (IOException e) { 278 LogUtil.e(e, "Failed to Record Notification Displayed."); 279 } 280 } 281 282 /** 283 * Record blocked topics. 284 * 285 * @param blockedTopicParcels the blocked topics to record 286 */ 287 @Override 288 @RequiresPermission(ACCESS_ADSERVICES_MANAGER) recordBlockedTopic(@onNull List<TopicParcel> blockedTopicParcels)289 public void recordBlockedTopic(@NonNull List<TopicParcel> blockedTopicParcels) { 290 enforceAdServicesManagerPermission(); 291 292 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 293 LogUtil.v("recordBlockedTopic() for User Identifier %d", userIdentifier); 294 mUserInstanceManager 295 .getOrCreateUserBlockedTopicsManagerInstance(userIdentifier) 296 .recordBlockedTopic(blockedTopicParcels); 297 } 298 299 /** 300 * Remove a blocked topic. 301 * 302 * @param blockedTopicParcel the blocked topic to remove 303 */ 304 @Override 305 @RequiresPermission(ACCESS_ADSERVICES_MANAGER) removeBlockedTopic(@onNull TopicParcel blockedTopicParcel)306 public void removeBlockedTopic(@NonNull TopicParcel blockedTopicParcel) { 307 enforceAdServicesManagerPermission(); 308 309 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 310 LogUtil.v("removeBlockedTopic() for User Identifier %d", userIdentifier); 311 mUserInstanceManager 312 .getOrCreateUserBlockedTopicsManagerInstance(userIdentifier) 313 .removeBlockedTopic(blockedTopicParcel); 314 } 315 316 /** 317 * Get all blocked topics. 318 * 319 * @return a {@code List} of all blocked topics. 320 */ 321 @Override 322 @RequiresPermission(ACCESS_ADSERVICES_MANAGER) retrieveAllBlockedTopics()323 public List<TopicParcel> retrieveAllBlockedTopics() { 324 enforceAdServicesManagerPermission(); 325 326 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 327 return mUserInstanceManager 328 .getOrCreateUserBlockedTopicsManagerInstance(userIdentifier) 329 .retrieveAllBlockedTopics(); 330 } 331 332 /** Clear all Blocked Topics */ 333 @Override 334 @RequiresPermission(ACCESS_ADSERVICES_MANAGER) clearAllBlockedTopics()335 public void clearAllBlockedTopics() { 336 enforceAdServicesManagerPermission(); 337 338 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 339 LogUtil.v("clearAllBlockedTopics() for User Identifier %d", userIdentifier); 340 mUserInstanceManager 341 .getOrCreateUserBlockedTopicsManagerInstance(userIdentifier) 342 .clearAllBlockedTopics(); 343 } 344 345 @Override 346 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) wasNotificationDisplayed()347 public boolean wasNotificationDisplayed() { 348 enforceAdServicesManagerPermission(); 349 350 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 351 LogUtil.v("wasNotificationDisplayed() for User Identifier %d", userIdentifier); 352 try { 353 return mUserInstanceManager 354 .getOrCreateUserConsentManagerInstance(userIdentifier) 355 .wasNotificationDisplayed(); 356 } catch (IOException e) { 357 LogUtil.e(e, "Failed to get the wasNotificationDisplayed."); 358 return false; 359 } 360 } 361 362 @Override 363 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) recordGaUxNotificationDisplayed()364 public void recordGaUxNotificationDisplayed() { 365 enforceAdServicesManagerPermission(); 366 367 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 368 LogUtil.v("recordGaUxNotificationDisplayed() for User Identifier %d", userIdentifier); 369 try { 370 mUserInstanceManager 371 .getOrCreateUserConsentManagerInstance(userIdentifier) 372 .recordGaUxNotificationDisplayed(); 373 } catch (IOException e) { 374 LogUtil.e(e, "Fail to Record GA UX Notification Displayed."); 375 } 376 } 377 378 @Override 379 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) recordDefaultConsent(boolean defaultConsent)380 public void recordDefaultConsent(boolean defaultConsent) { 381 enforceAdServicesManagerPermission(); 382 383 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 384 LogUtil.v("recordDefaultConsent() for User Identifier %d", userIdentifier); 385 try { 386 mUserInstanceManager 387 .getOrCreateUserConsentManagerInstance(userIdentifier) 388 .recordDefaultConsent(defaultConsent); 389 } catch (IOException e) { 390 LogUtil.e(e, "Fail to record default consent: " + e.getMessage()); 391 } 392 } 393 394 @Override 395 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) recordTopicsDefaultConsent(boolean defaultConsent)396 public void recordTopicsDefaultConsent(boolean defaultConsent) { 397 enforceAdServicesManagerPermission(); 398 399 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 400 LogUtil.v("recordTopicsDefaultConsent() for User Identifier %d", userIdentifier); 401 try { 402 mUserInstanceManager 403 .getOrCreateUserConsentManagerInstance(userIdentifier) 404 .recordTopicsDefaultConsent(defaultConsent); 405 } catch (IOException e) { 406 LogUtil.e(e, "Fail to record topics default consent: " + e.getMessage()); 407 } 408 } 409 410 @Override 411 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) recordFledgeDefaultConsent(boolean defaultConsent)412 public void recordFledgeDefaultConsent(boolean defaultConsent) { 413 enforceAdServicesManagerPermission(); 414 415 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 416 LogUtil.v("recordFledgeDefaultConsent() for User Identifier %d", userIdentifier); 417 try { 418 mUserInstanceManager 419 .getOrCreateUserConsentManagerInstance(userIdentifier) 420 .recordFledgeDefaultConsent(defaultConsent); 421 } catch (IOException e) { 422 LogUtil.e(e, "Fail to record fledge default consent: " + e.getMessage()); 423 } 424 } 425 426 @Override 427 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) recordMeasurementDefaultConsent(boolean defaultConsent)428 public void recordMeasurementDefaultConsent(boolean defaultConsent) { 429 enforceAdServicesManagerPermission(); 430 431 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 432 LogUtil.v("recordMeasurementDefaultConsent() for User Identifier %d", userIdentifier); 433 try { 434 mUserInstanceManager 435 .getOrCreateUserConsentManagerInstance(userIdentifier) 436 .recordMeasurementDefaultConsent(defaultConsent); 437 } catch (IOException e) { 438 LogUtil.e(e, "Fail to record measurement default consent: " + e.getMessage()); 439 } 440 } 441 442 @Override 443 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) recordDefaultAdIdState(boolean defaultAdIdState)444 public void recordDefaultAdIdState(boolean defaultAdIdState) { 445 enforceAdServicesManagerPermission(); 446 447 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 448 LogUtil.v("recordDefaultAdIdState() for User Identifier %d", userIdentifier); 449 try { 450 mUserInstanceManager 451 .getOrCreateUserConsentManagerInstance(userIdentifier) 452 .recordDefaultAdIdState(defaultAdIdState); 453 } catch (IOException e) { 454 LogUtil.e(e, "Fail to record default AdId state: " + e.getMessage()); 455 } 456 } 457 458 @Override 459 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) recordUserManualInteractionWithConsent(int interaction)460 public void recordUserManualInteractionWithConsent(int interaction) { 461 enforceAdServicesManagerPermission(); 462 463 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 464 LogUtil.v( 465 "recordUserManualInteractionWithConsent() for User Identifier %d, interaction %d", 466 userIdentifier, interaction); 467 try { 468 mUserInstanceManager 469 .getOrCreateUserConsentManagerInstance(userIdentifier) 470 .recordUserManualInteractionWithConsent(interaction); 471 } catch (IOException e) { 472 LogUtil.e( 473 e, "Fail to record default manual interaction with consent: " + e.getMessage()); 474 } 475 } 476 477 @Override 478 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) getTopicsDefaultConsent()479 public boolean getTopicsDefaultConsent() { 480 enforceAdServicesManagerPermission(); 481 482 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 483 LogUtil.v("getTopicsDefaultConsent() for User Identifier %d", userIdentifier); 484 try { 485 return mUserInstanceManager 486 .getOrCreateUserConsentManagerInstance(userIdentifier) 487 .getTopicsDefaultConsent(); 488 } catch (IOException e) { 489 LogUtil.e(e, "Fail to get topics default consent."); 490 return false; 491 } 492 } 493 494 @Override 495 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) getFledgeDefaultConsent()496 public boolean getFledgeDefaultConsent() { 497 enforceAdServicesManagerPermission(); 498 499 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 500 LogUtil.v("getFledgeDefaultConsent() for User Identifier %d", userIdentifier); 501 try { 502 return mUserInstanceManager 503 .getOrCreateUserConsentManagerInstance(userIdentifier) 504 .getFledgeDefaultConsent(); 505 } catch (IOException e) { 506 LogUtil.e(e, "Fail to get FLEDGE default consent."); 507 return false; 508 } 509 } 510 511 @Override 512 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) getMeasurementDefaultConsent()513 public boolean getMeasurementDefaultConsent() { 514 enforceAdServicesManagerPermission(); 515 516 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 517 LogUtil.v("getMeasurementDefaultConsent() for User Identifier %d", userIdentifier); 518 try { 519 return mUserInstanceManager 520 .getOrCreateUserConsentManagerInstance(userIdentifier) 521 .getMeasurementDefaultConsent(); 522 } catch (IOException e) { 523 LogUtil.e(e, "Fail to get measurement default consent."); 524 return false; 525 } 526 } 527 528 @Override 529 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) getDefaultAdIdState()530 public boolean getDefaultAdIdState() { 531 enforceAdServicesManagerPermission(); 532 533 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 534 LogUtil.v("getDefaultAdIdState() for User Identifier %d", userIdentifier); 535 try { 536 return mUserInstanceManager 537 .getOrCreateUserConsentManagerInstance(userIdentifier) 538 .getDefaultAdIdState(); 539 } catch (IOException e) { 540 LogUtil.e(e, "Fail to get default AdId state."); 541 return false; 542 } 543 } 544 545 @Override 546 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) getUserManualInteractionWithConsent()547 public int getUserManualInteractionWithConsent() { 548 enforceAdServicesManagerPermission(); 549 550 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 551 LogUtil.v( 552 "wasUserManualInteractionWithConsentRecorded() for User Identifier %d", 553 userIdentifier); 554 try { 555 return mUserInstanceManager 556 .getOrCreateUserConsentManagerInstance(userIdentifier) 557 .getUserManualInteractionWithConsent(); 558 } catch (IOException e) { 559 LogUtil.e(e, "Fail to get manual interaction with consent recorded."); 560 return 0; 561 } 562 } 563 564 @Override 565 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) wasGaUxNotificationDisplayed()566 public boolean wasGaUxNotificationDisplayed() { 567 enforceAdServicesManagerPermission(); 568 569 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 570 LogUtil.v("wasGaUxNotificationDisplayed() for User Identifier %d", userIdentifier); 571 try { 572 return mUserInstanceManager 573 .getOrCreateUserConsentManagerInstance(userIdentifier) 574 .wasGaUxNotificationDisplayed(); 575 } catch (IOException e) { 576 LogUtil.e(e, "Fail to get the wasGaUxNotificationDisplayed."); 577 return false; 578 } 579 } 580 581 /** retrieves the default consent of a user. */ 582 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) getDefaultConsent()583 public boolean getDefaultConsent() { 584 enforceAdServicesManagerPermission(); 585 586 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 587 LogUtil.v("getDefaultConsent() for User Identifier %d", userIdentifier); 588 try { 589 return mUserInstanceManager 590 .getOrCreateUserConsentManagerInstance(userIdentifier) 591 .getDefaultConsent(); 592 } catch (IOException e) { 593 LogUtil.e(e, "Fail to get the default consent: " + e.getMessage()); 594 return false; 595 } 596 } 597 598 /** Get the currently running privacy sandbox feature on device. */ 599 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) getCurrentPrivacySandboxFeature()600 public String getCurrentPrivacySandboxFeature() { 601 enforceAdServicesManagerPermission(); 602 603 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 604 LogUtil.v("getCurrentPrivacySandboxFeature() for User Identifier %d", userIdentifier); 605 try { 606 for (PrivacySandboxFeatureType featureType : PrivacySandboxFeatureType.values()) { 607 if (mUserInstanceManager 608 .getOrCreateUserConsentManagerInstance(userIdentifier) 609 .isPrivacySandboxFeatureEnabled(featureType)) { 610 return featureType.name(); 611 } 612 } 613 } catch (IOException e) { 614 LogUtil.e(e, "Fail to get the privacy sandbox feature state: " + e.getMessage()); 615 } 616 return PrivacySandboxFeatureType.PRIVACY_SANDBOX_UNSUPPORTED.name(); 617 } 618 619 /** Set the currently running privacy sandbox feature on device. */ 620 @Override 621 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) setCurrentPrivacySandboxFeature(String featureType)622 public void setCurrentPrivacySandboxFeature(String featureType) { 623 enforceAdServicesManagerPermission(); 624 625 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 626 LogUtil.v("setCurrentPrivacySandboxFeature() for User Identifier %d", userIdentifier); 627 try { 628 mUserInstanceManager 629 .getOrCreateUserConsentManagerInstance(userIdentifier) 630 .setCurrentPrivacySandboxFeature(featureType); 631 } catch (IOException e) { 632 LogUtil.e(e, "Fail to set current privacy sandbox feature: " + e.getMessage()); 633 } 634 } 635 636 @Override 637 @RequiresPermission getKnownAppsWithConsent(@onNull List<String> installedPackages)638 public List<String> getKnownAppsWithConsent(@NonNull List<String> installedPackages) { 639 enforceAdServicesManagerPermission(); 640 641 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 642 LogUtil.v("getKnownAppsWithConsent() for User Identifier %d", userIdentifier); 643 try { 644 return mUserInstanceManager 645 .getOrCreateUserAppConsentManagerInstance(userIdentifier) 646 .getKnownAppsWithConsent(installedPackages); 647 } catch (IOException e) { 648 LogUtil.e( 649 e, 650 "Failed to get the getKnownAppsWithConsent() for user identifier %d.", 651 userIdentifier); 652 return List.of(); 653 } 654 } 655 656 @Override 657 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) getAppsWithRevokedConsent(@onNull List<String> installedPackages)658 public List<String> getAppsWithRevokedConsent(@NonNull List<String> installedPackages) { 659 enforceAdServicesManagerPermission(); 660 661 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 662 LogUtil.v("getAppsWithRevokedConsent() for User Identifier %d", userIdentifier); 663 try { 664 return mUserInstanceManager 665 .getOrCreateUserAppConsentManagerInstance(userIdentifier) 666 .getAppsWithRevokedConsent(installedPackages); 667 } catch (IOException e) { 668 LogUtil.e( 669 e, 670 "Failed to getAppsWithRevokedConsent() for user identifier %d.", 671 userIdentifier); 672 return List.of(); 673 } 674 } 675 676 @Override 677 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) setConsentForApp( @onNull String packageName, int packageUid, boolean isConsentRevoked)678 public void setConsentForApp( 679 @NonNull String packageName, int packageUid, boolean isConsentRevoked) { 680 enforceAdServicesManagerPermission(); 681 682 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 683 684 LogUtil.v( 685 "setConsentForApp() for User Identifier %d, package name %s, and package uid %d to" 686 + " %s.", 687 userIdentifier, packageName, packageUid, isConsentRevoked); 688 try { 689 mUserInstanceManager 690 .getOrCreateUserAppConsentManagerInstance(userIdentifier) 691 .setConsentForApp(packageName, packageUid, isConsentRevoked); 692 } catch (IOException e) { 693 LogUtil.e( 694 e, 695 "Failed to setConsentForApp() for User Identifier %d, package name %s, and" 696 + " package uid %d to %s.", 697 userIdentifier, 698 packageName, 699 packageUid, 700 isConsentRevoked); 701 } 702 } 703 704 @Override 705 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) clearKnownAppsWithConsent()706 public void clearKnownAppsWithConsent() { 707 enforceAdServicesManagerPermission(); 708 709 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 710 LogUtil.v("clearKnownAppsWithConsent() for user identifier %d.", userIdentifier); 711 try { 712 mUserInstanceManager 713 .getOrCreateUserAppConsentManagerInstance(userIdentifier) 714 .clearKnownAppsWithConsent(); 715 } catch (IOException e) { 716 LogUtil.e( 717 e, 718 "Failed to clearKnownAppsWithConsent() for user identifier %d", 719 userIdentifier); 720 } 721 } 722 723 @Override 724 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) clearAllAppConsentData()725 public void clearAllAppConsentData() { 726 enforceAdServicesManagerPermission(); 727 728 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 729 LogUtil.v("clearAllAppConsentData() for user identifier %d.", userIdentifier); 730 731 try { 732 mUserInstanceManager 733 .getOrCreateUserAppConsentManagerInstance(userIdentifier) 734 .clearAllAppConsentData(); 735 } catch (IOException e) { 736 LogUtil.e( 737 e, "Failed to clearAllAppConsentData() for user identifier %d", userIdentifier); 738 } 739 } 740 741 @Override 742 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) isConsentRevokedForApp(@onNull String packageName, int packageUid)743 public boolean isConsentRevokedForApp(@NonNull String packageName, int packageUid) 744 throws IllegalArgumentException { 745 enforceAdServicesManagerPermission(); 746 747 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 748 LogUtil.v( 749 "isConsentRevokedForApp() for user identifier %d, package name %s, and package uid" 750 + " %d.", 751 userIdentifier, packageName, packageUid); 752 try { 753 return mUserInstanceManager 754 .getOrCreateUserAppConsentManagerInstance(userIdentifier) 755 .isConsentRevokedForApp(packageName, packageUid); 756 } catch (IOException e) { 757 LogUtil.e( 758 e, 759 "Failed to call isConsentRevokedForApp() for user identifier %d, package name" 760 + " %s, and package uid %d.", 761 userIdentifier, 762 packageName, 763 packageUid); 764 return true; 765 } 766 } 767 768 @Override 769 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) setConsentForAppIfNew( @onNull String packageName, int packageUid, boolean isConsentRevoked)770 public boolean setConsentForAppIfNew( 771 @NonNull String packageName, int packageUid, boolean isConsentRevoked) 772 throws IllegalArgumentException { 773 enforceAdServicesManagerPermission(); 774 775 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 776 LogUtil.v( 777 "setConsentForAppIfNew() for user identifier %d, package name" 778 + " %s, and package uid %d to %s.", 779 userIdentifier, packageName, packageUid, isConsentRevoked); 780 try { 781 return mUserInstanceManager 782 .getOrCreateUserAppConsentManagerInstance(userIdentifier) 783 .setConsentForAppIfNew(packageName, packageUid, isConsentRevoked); 784 } catch (IOException e) { 785 LogUtil.e( 786 e, 787 "Failed to setConsentForAppIfNew() for user identifier %d, package name" 788 + " %s, and package uid %d to %s.", 789 userIdentifier, 790 packageName, 791 packageUid, 792 isConsentRevoked); 793 return true; 794 } 795 } 796 797 @Override 798 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) clearConsentForUninstalledApp(@onNull String packageName, int packageUid)799 public void clearConsentForUninstalledApp(@NonNull String packageName, int packageUid) { 800 enforceAdServicesManagerPermission(); 801 802 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 803 LogUtil.v( 804 "clearConsentForUninstalledApp() for user identifier %d, package name" 805 + " %s, and package uid %d.", 806 userIdentifier, packageName, packageUid); 807 try { 808 mUserInstanceManager 809 .getOrCreateUserAppConsentManagerInstance(userIdentifier) 810 .clearConsentForUninstalledApp(packageName, packageUid); 811 } catch (IOException e) { 812 LogUtil.e( 813 e, 814 "Failed to clearConsentForUninstalledApp() for user identifier %d, package name" 815 + " %s, and package uid %d.", 816 userIdentifier, 817 packageName, 818 packageUid); 819 } 820 } 821 822 @Override 823 @RequiresPermission(android.Manifest.permission.DUMP) dump(FileDescriptor fd, PrintWriter pw, String[] args)824 protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) { 825 mContext.enforceCallingPermission(android.Manifest.permission.DUMP, /* message= */ null); 826 827 synchronized (mSetPackageVersionLock) { 828 pw.printf("mAdServicesModuleName: %s\n", mAdServicesModuleName); 829 pw.printf("mAdServicesModuleVersion: %d\n", mAdServicesModuleVersion); 830 } 831 synchronized (mRegisterReceiverLock) { 832 pw.printf("mHandlerThread: %s\n", mHandlerThread); 833 } 834 synchronized (mRollbackCheckLock) { 835 pw.printf("mAdServicesPackagesRolledBackFrom: %s\n", mAdServicesPackagesRolledBackFrom); 836 pw.printf("mAdServicesPackagesRolledBackTo: %s\n", mAdServicesPackagesRolledBackTo); 837 } 838 mUserInstanceManager.dump(pw, args); 839 } 840 841 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) recordAdServicesDeletionOccurred( @dServicesManager.DeletionApiType int deletionType)842 public void recordAdServicesDeletionOccurred( 843 @AdServicesManager.DeletionApiType int deletionType) { 844 enforceAdServicesManagerPermission(); 845 846 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 847 try { 848 LogUtil.v( 849 "recordAdServicesDeletionOccurred() for user identifier %d, api type %d", 850 userIdentifier, deletionType); 851 mUserInstanceManager 852 .getOrCreateUserRollbackHandlingManagerInstance( 853 userIdentifier, getAdServicesApexVersion()) 854 .recordAdServicesDataDeletion(deletionType); 855 } catch (IOException e) { 856 LogUtil.e(e, "Failed to persist the deletion status."); 857 } 858 } 859 needsToHandleRollbackReconciliation( @dServicesManager.DeletionApiType int deletionType)860 public boolean needsToHandleRollbackReconciliation( 861 @AdServicesManager.DeletionApiType int deletionType) { 862 // Check if there was at least one rollback of the AdServices module. 863 if (getAdServicesPackagesRolledBackFrom().isEmpty()) { 864 return false; 865 } 866 867 // Check if the deletion bit is set. 868 if (!hasAdServicesDeletionOccurred(deletionType)) { 869 return false; 870 } 871 872 // For each rollback, check if the rolled back from version matches the previously stored 873 // version and the rolled back to version matches the current version. 874 int previousStoredVersion = getPreviousStoredVersion(deletionType); 875 for (Integer rollbackId : getAdServicesPackagesRolledBackFrom().keySet()) { 876 if (getAdServicesPackagesRolledBackFrom().get(rollbackId).getLongVersionCode() 877 == previousStoredVersion 878 && getAdServicesPackagesRolledBackTo().get(rollbackId).getLongVersionCode() 879 == getAdServicesApexVersion()) { 880 resetAdServicesDeletionOccurred(deletionType); 881 return true; 882 } 883 } 884 885 // None of the stored rollbacks match the versions. 886 return false; 887 } 888 889 @VisibleForTesting hasAdServicesDeletionOccurred(@dServicesManager.DeletionApiType int deletionType)890 boolean hasAdServicesDeletionOccurred(@AdServicesManager.DeletionApiType int deletionType) { 891 enforceAdServicesManagerPermission(); 892 893 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 894 try { 895 LogUtil.v( 896 "hasAdServicesDeletionOccurred() for user identifier %d, api type %d", 897 userIdentifier, deletionType); 898 return mUserInstanceManager 899 .getOrCreateUserRollbackHandlingManagerInstance( 900 userIdentifier, getAdServicesApexVersion()) 901 .wasAdServicesDataDeleted(deletionType); 902 } catch (IOException e) { 903 LogUtil.e(e, "Failed to retrieve the deletion status."); 904 return false; 905 } 906 } 907 908 @VisibleForTesting resetAdServicesDeletionOccurred(@dServicesManager.DeletionApiType int deletionType)909 void resetAdServicesDeletionOccurred(@AdServicesManager.DeletionApiType int deletionType) { 910 enforceAdServicesManagerPermission(); 911 912 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 913 try { 914 LogUtil.v("resetMeasurementDeletionOccurred() for user identifier %d", userIdentifier); 915 mUserInstanceManager 916 .getOrCreateUserRollbackHandlingManagerInstance( 917 userIdentifier, getAdServicesApexVersion()) 918 .resetAdServicesDataDeletion(deletionType); 919 } catch (IOException e) { 920 LogUtil.e(e, "Failed to remove the measurement deletion status."); 921 } 922 } 923 924 @VisibleForTesting getPreviousStoredVersion(@dServicesManager.DeletionApiType int deletionType)925 int getPreviousStoredVersion(@AdServicesManager.DeletionApiType int deletionType) { 926 enforceAdServicesManagerPermission(); 927 928 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 929 try { 930 return mUserInstanceManager 931 .getOrCreateUserRollbackHandlingManagerInstance( 932 userIdentifier, getAdServicesApexVersion()) 933 .getPreviousStoredVersion(deletionType); 934 } catch (IOException e) { 935 LogUtil.e(e, "Failed to get the previous version stored in the datastore file."); 936 return 0; 937 } 938 } 939 940 @VisibleForTesting registerReceivers()941 void registerReceivers() { 942 // There could be race condition between registerReceivers call 943 // in the AdServicesManagerService constructor and the mOnFlagsChangedListener. 944 synchronized (mRegisterReceiverLock) { 945 if (!FlagsFactory.getFlags().getAdServicesSystemServiceEnabled()) { 946 LogUtil.d("AdServicesSystemServiceEnabled is FALSE."); 947 // If there is a SystemServicePackageChangeReceiver, unregister it. 948 if (mSystemServicePackageChangedReceiver != null) { 949 LogUtil.d("Unregistering the existing SystemServicePackageChangeReceiver"); 950 mContext.unregisterReceiver(mSystemServicePackageChangedReceiver); 951 mSystemServicePackageChangedReceiver = null; 952 } 953 954 // If there is a SystemServiceUserActionReceiver, unregister it. 955 if (mSystemServiceUserActionReceiver != null) { 956 LogUtil.d("Unregistering the existing SystemServiceUserActionReceiver"); 957 mContext.unregisterReceiver(mSystemServiceUserActionReceiver); 958 mSystemServiceUserActionReceiver = null; 959 } 960 961 if (mHandler != null) { 962 mHandlerThread.quitSafely(); 963 mHandler = null; 964 } 965 return; 966 } 967 968 // Start the handler thread. 969 if (mHandler == null) { 970 mHandlerThread = new HandlerThread("AdServicesManagerServiceHandler"); 971 mHandlerThread.start(); 972 mHandler = new Handler(mHandlerThread.getLooper()); 973 } 974 registerPackagedChangedBroadcastReceiversLocked(); 975 registerUserActionBroadcastReceiverLocked(); 976 } 977 } 978 979 @VisibleForTesting 980 /** 981 * Stores the AdServices module version locally. Users other than the main user do not have the 982 * permission to get the version through the PackageManager, so we have to get the version when 983 * the AdServices system service starts. 984 */ setAdServicesApexVersion()985 void setAdServicesApexVersion() { 986 synchronized (mSetPackageVersionLock) { 987 if (!FlagsFactory.getFlags().getAdServicesSystemServiceEnabled()) { 988 LogUtil.d("AdServicesSystemServiceEnabled is FALSE."); 989 return; 990 } 991 992 PackageManager packageManager = mContext.getPackageManager(); 993 994 List<PackageInfo> installedPackages = 995 packageManager.getInstalledPackages( 996 PackageManager.PackageInfoFlags.of(PackageManager.MATCH_APEX)); 997 998 installedPackages.forEach( 999 packageInfo -> { 1000 if (packageInfo.packageName.contains("adservices") && packageInfo.isApex) { 1001 mAdServicesModuleName = packageInfo.packageName; 1002 mAdServicesModuleVersion = (int) packageInfo.getLongVersionCode(); 1003 } 1004 }); 1005 } 1006 } 1007 1008 @VisibleForTesting getAdServicesApexVersion()1009 int getAdServicesApexVersion() { 1010 return mAdServicesModuleVersion; 1011 } 1012 1013 @VisibleForTesting 1014 /** Checks the RollbackManager to see the rollback status of the AdServices module. */ setRollbackStatus()1015 void setRollbackStatus() { 1016 synchronized (mRollbackCheckLock) { 1017 if (!FlagsFactory.getFlags().getAdServicesSystemServiceEnabled()) { 1018 LogUtil.d("AdServicesSystemServiceEnabled is FALSE."); 1019 resetRollbackArraysRCLocked(); 1020 return; 1021 } 1022 1023 RollbackManager rollbackManager = mContext.getSystemService(RollbackManager.class); 1024 if (rollbackManager == null) { 1025 LogUtil.d("Failed to get the RollbackManager service."); 1026 resetRollbackArraysRCLocked(); 1027 return; 1028 } 1029 List<RollbackInfo> recentlyCommittedRollbacks = 1030 rollbackManager.getRecentlyCommittedRollbacks(); 1031 1032 for (RollbackInfo rollbackInfo : recentlyCommittedRollbacks) { 1033 for (PackageRollbackInfo packageRollbackInfo : rollbackInfo.getPackages()) { 1034 if (packageRollbackInfo.getPackageName().equals(mAdServicesModuleName)) { 1035 mAdServicesPackagesRolledBackFrom.put( 1036 rollbackInfo.getRollbackId(), 1037 packageRollbackInfo.getVersionRolledBackFrom()); 1038 mAdServicesPackagesRolledBackTo.put( 1039 rollbackInfo.getRollbackId(), 1040 packageRollbackInfo.getVersionRolledBackTo()); 1041 LogUtil.d( 1042 "Rollback of AdServices module occurred, " 1043 + "from version %d to version %d", 1044 packageRollbackInfo.getVersionRolledBackFrom().getLongVersionCode(), 1045 packageRollbackInfo.getVersionRolledBackTo().getLongVersionCode()); 1046 } 1047 } 1048 } 1049 } 1050 } 1051 1052 @GuardedBy("mRollbackCheckLock") resetRollbackArraysRCLocked()1053 private void resetRollbackArraysRCLocked() { 1054 mAdServicesPackagesRolledBackFrom.clear(); 1055 mAdServicesPackagesRolledBackTo.clear(); 1056 } 1057 1058 @VisibleForTesting getAdServicesPackagesRolledBackFrom()1059 Map<Integer, VersionedPackage> getAdServicesPackagesRolledBackFrom() { 1060 return mAdServicesPackagesRolledBackFrom; 1061 } 1062 1063 @VisibleForTesting getAdServicesPackagesRolledBackTo()1064 Map<Integer, VersionedPackage> getAdServicesPackagesRolledBackTo() { 1065 return mAdServicesPackagesRolledBackTo; 1066 } 1067 1068 /** 1069 * Registers a receiver for any broadcasts related to user profile removal for all users on the 1070 * device at boot up. After receiving the broadcast, we delete consent manager instance and 1071 * remove the user related data. 1072 */ registerUserActionBroadcastReceiverLocked()1073 private void registerUserActionBroadcastReceiverLocked() { 1074 if (mSystemServiceUserActionReceiver != null) { 1075 // We already register the receiver. 1076 LogUtil.d("SystemServiceUserActionReceiver is already registered."); 1077 return; 1078 } 1079 mSystemServiceUserActionReceiver = 1080 new BroadcastReceiver() { 1081 @Override 1082 public void onReceive(Context context, Intent intent) { 1083 mHandler.post(() -> onUserRemoved(intent)); 1084 } 1085 }; 1086 mContext.registerReceiverForAllUsers( 1087 mSystemServiceUserActionReceiver, 1088 new IntentFilter(Intent.ACTION_USER_REMOVED), 1089 /* broadcastPermission= */ null, 1090 mHandler); 1091 LogUtil.d("SystemServiceUserActionReceiver registered."); 1092 } 1093 1094 /** Deletes the user instance and remove the user consent related data. */ 1095 @VisibleForTesting onUserRemoved(@onNull Intent intent)1096 void onUserRemoved(@NonNull Intent intent) { 1097 Objects.requireNonNull(intent); 1098 if (Intent.ACTION_USER_REMOVED.equals(intent.getAction())) { 1099 UserHandle userHandle = intent.getParcelableExtra(Intent.EXTRA_USER, UserHandle.class); 1100 if (userHandle == null) { 1101 LogUtil.e("Extra " + Intent.EXTRA_USER + " is missing in the intent: " + intent); 1102 return; 1103 } 1104 LogUtil.d("Deleting user instance with user id: " + userHandle.getIdentifier()); 1105 try { 1106 mUserInstanceManager.deleteUserInstance(userHandle.getIdentifier()); 1107 } catch (Exception e) { 1108 LogUtil.e(e, "Failed to delete the consent manager directory"); 1109 } 1110 } 1111 } 1112 1113 /** 1114 * Registers a receiver for any broadcasts regarding changes to any packages for all users on 1115 * the device at boot up. After receiving the broadcast, send an explicit broadcast to the 1116 * AdServices module as that user. 1117 */ registerPackagedChangedBroadcastReceiversLocked()1118 private void registerPackagedChangedBroadcastReceiversLocked() { 1119 if (mSystemServicePackageChangedReceiver != null) { 1120 // We already register the receiver. 1121 LogUtil.d("SystemServicePackageChangedReceiver is already registered."); 1122 return; 1123 } 1124 1125 final IntentFilter packageChangedIntentFilter = new IntentFilter(); 1126 packageChangedIntentFilter.addAction(Intent.ACTION_PACKAGE_FULLY_REMOVED); 1127 packageChangedIntentFilter.addAction(Intent.ACTION_PACKAGE_DATA_CLEARED); 1128 packageChangedIntentFilter.addAction(Intent.ACTION_PACKAGE_ADDED); 1129 packageChangedIntentFilter.addDataScheme("package"); 1130 1131 mSystemServicePackageChangedReceiver = 1132 new BroadcastReceiver() { 1133 @Override 1134 public void onReceive(Context context, Intent intent) { 1135 UserHandle user = getSendingUser(); 1136 mHandler.post(() -> onPackageChange(intent, user)); 1137 } 1138 }; 1139 mContext.registerReceiverForAllUsers( 1140 mSystemServicePackageChangedReceiver, 1141 packageChangedIntentFilter, 1142 /* broadcastPermission */ null, 1143 mHandler); 1144 LogUtil.d("Package changed broadcast receivers registered."); 1145 } 1146 1147 /** Sends an explicit broadcast to the AdServices module when a package change occurs. */ 1148 @VisibleForTesting onPackageChange(Intent intent, UserHandle user)1149 public void onPackageChange(Intent intent, UserHandle user) { 1150 Intent explicitBroadcast = new Intent(); 1151 explicitBroadcast.setAction(PACKAGE_CHANGED_BROADCAST); 1152 explicitBroadcast.setData(intent.getData()); 1153 1154 final Intent i = new Intent(PACKAGE_CHANGED_BROADCAST); 1155 final List<ResolveInfo> resolveInfo = 1156 mContext.getPackageManager() 1157 .queryBroadcastReceiversAsUser( 1158 i, 1159 PackageManager.ResolveInfoFlags.of(PackageManager.GET_RECEIVERS), 1160 user); 1161 if (resolveInfo != null && !resolveInfo.isEmpty()) { 1162 for (ResolveInfo info : resolveInfo) { 1163 explicitBroadcast.setClassName( 1164 info.activityInfo.packageName, info.activityInfo.name); 1165 int uidChanged = intent.getIntExtra(Intent.EXTRA_UID, -1); 1166 LogUtil.v("Package changed with UID " + uidChanged); 1167 explicitBroadcast.putExtra(Intent.EXTRA_UID, uidChanged); 1168 switch (intent.getAction()) { 1169 case Intent.ACTION_PACKAGE_DATA_CLEARED: 1170 explicitBroadcast.putExtra(ACTION_KEY, PACKAGE_DATA_CLEARED); 1171 mContext.sendBroadcastAsUser(explicitBroadcast, user); 1172 break; 1173 case Intent.ACTION_PACKAGE_FULLY_REMOVED: 1174 // TODO (b/233373604): Propagate broadcast to users not currently running 1175 explicitBroadcast.putExtra(ACTION_KEY, PACKAGE_FULLY_REMOVED); 1176 mContext.sendBroadcastAsUser(explicitBroadcast, user); 1177 break; 1178 case Intent.ACTION_PACKAGE_ADDED: 1179 explicitBroadcast.putExtra(ACTION_KEY, PACKAGE_ADDED); 1180 // For users where the app is merely being updated rather than added, we 1181 // don't want to send the broadcast. 1182 if (!intent.getExtras().getBoolean(Intent.EXTRA_REPLACING, false)) { 1183 mContext.sendBroadcastAsUser(explicitBroadcast, user); 1184 } 1185 break; 1186 } 1187 } 1188 } 1189 } 1190 1191 // Check if caller has permission to invoke AdServicesManager APIs. 1192 @VisibleForTesting enforceAdServicesManagerPermission()1193 void enforceAdServicesManagerPermission() { 1194 mContext.enforceCallingPermission( 1195 AdServicesPermissions.ACCESS_ADSERVICES_MANAGER, 1196 ERROR_MESSAGE_NOT_PERMITTED_TO_CALL_ADSERVICESMANAGER_API); 1197 } 1198 1199 @Override 1200 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) isAdIdEnabled()1201 public boolean isAdIdEnabled() { 1202 enforceAdServicesManagerPermission(); 1203 1204 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 1205 LogUtil.v("isAdIdEnabled() for User Identifier %d", userIdentifier); 1206 1207 try { 1208 return mUserInstanceManager 1209 .getOrCreateUserConsentManagerInstance(userIdentifier) 1210 .isAdIdEnabled(); 1211 } catch (IOException e) { 1212 LogUtil.e(e, "Failed to call isAdIdEnabled()."); 1213 return false; 1214 } 1215 } 1216 1217 @Override 1218 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) setAdIdEnabled(boolean isAdIdEnabled)1219 public void setAdIdEnabled(boolean isAdIdEnabled) { 1220 enforceAdServicesManagerPermission(); 1221 1222 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 1223 LogUtil.v("setAdIdEnabled() for User Identifier %d", userIdentifier); 1224 1225 try { 1226 mUserInstanceManager 1227 .getOrCreateUserConsentManagerInstance(userIdentifier) 1228 .setAdIdEnabled(isAdIdEnabled); 1229 } catch (IOException e) { 1230 LogUtil.e(e, "Failed to call setAdIdEnabled()."); 1231 } 1232 } 1233 1234 @Override 1235 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) isU18Account()1236 public boolean isU18Account() { 1237 enforceAdServicesManagerPermission(); 1238 1239 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 1240 LogUtil.v("isU18Account() for User Identifier %d", userIdentifier); 1241 1242 try { 1243 return mUserInstanceManager 1244 .getOrCreateUserConsentManagerInstance(userIdentifier) 1245 .isU18Account(); 1246 } catch (IOException e) { 1247 LogUtil.e(e, "Failed to call isU18Account()."); 1248 return false; 1249 } 1250 } 1251 1252 @Override 1253 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) setU18Account(boolean isU18Account)1254 public void setU18Account(boolean isU18Account) { 1255 enforceAdServicesManagerPermission(); 1256 1257 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 1258 LogUtil.v("setU18Account() for User Identifier %d", userIdentifier); 1259 1260 try { 1261 mUserInstanceManager 1262 .getOrCreateUserConsentManagerInstance(userIdentifier) 1263 .setU18Account(isU18Account); 1264 } catch (IOException e) { 1265 LogUtil.e(e, "Failed to call setU18Account()."); 1266 } 1267 } 1268 1269 @Override 1270 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) isEntryPointEnabled()1271 public boolean isEntryPointEnabled() { 1272 enforceAdServicesManagerPermission(); 1273 1274 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 1275 LogUtil.v("isEntryPointEnabled() for User Identifier %d", userIdentifier); 1276 1277 try { 1278 return mUserInstanceManager 1279 .getOrCreateUserConsentManagerInstance(userIdentifier) 1280 .isEntryPointEnabled(); 1281 } catch (IOException e) { 1282 LogUtil.e(e, "Failed to call isEntryPointEnabled()."); 1283 return false; 1284 } 1285 } 1286 1287 @Override 1288 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) setEntryPointEnabled(boolean isEntryPointEnabled)1289 public void setEntryPointEnabled(boolean isEntryPointEnabled) { 1290 enforceAdServicesManagerPermission(); 1291 1292 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 1293 LogUtil.v("setEntryPointEnabled() for User Identifier %d", userIdentifier); 1294 1295 try { 1296 mUserInstanceManager 1297 .getOrCreateUserConsentManagerInstance(userIdentifier) 1298 .setEntryPointEnabled(isEntryPointEnabled); 1299 } catch (IOException e) { 1300 LogUtil.e(e, "Failed to call setEntryPointEnabled()."); 1301 } 1302 } 1303 1304 @Override 1305 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) isAdultAccount()1306 public boolean isAdultAccount() { 1307 enforceAdServicesManagerPermission(); 1308 1309 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 1310 LogUtil.v("isAdultAccount() for User Identifier %d", userIdentifier); 1311 1312 try { 1313 return mUserInstanceManager 1314 .getOrCreateUserConsentManagerInstance(userIdentifier) 1315 .isAdultAccount(); 1316 } catch (IOException e) { 1317 LogUtil.e(e, "Failed to call isAdultAccount()."); 1318 return false; 1319 } 1320 } 1321 1322 @Override 1323 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) setAdultAccount(boolean isAdultAccount)1324 public void setAdultAccount(boolean isAdultAccount) { 1325 enforceAdServicesManagerPermission(); 1326 1327 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 1328 LogUtil.v("setAdultAccount() for User Identifier %d", userIdentifier); 1329 1330 try { 1331 mUserInstanceManager 1332 .getOrCreateUserConsentManagerInstance(userIdentifier) 1333 .setAdultAccount(isAdultAccount); 1334 } catch (IOException e) { 1335 LogUtil.e(e, "Failed to call setAdultAccount()."); 1336 } 1337 } 1338 1339 @Override 1340 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) wasU18NotificationDisplayed()1341 public boolean wasU18NotificationDisplayed() { 1342 enforceAdServicesManagerPermission(); 1343 1344 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 1345 LogUtil.v("wasU18NotificationDisplayed() for User Identifier %d", userIdentifier); 1346 1347 try { 1348 return mUserInstanceManager 1349 .getOrCreateUserConsentManagerInstance(userIdentifier) 1350 .wasU18NotificationDisplayed(); 1351 } catch (IOException e) { 1352 LogUtil.e(e, "Failed to call wasU18NotificationDisplayed()."); 1353 return false; 1354 } 1355 } 1356 1357 @Override 1358 @RequiresPermission(AdServicesPermissions.ACCESS_ADSERVICES_MANAGER) setU18NotificationDisplayed(boolean wasU18NotificationDisplayed)1359 public void setU18NotificationDisplayed(boolean wasU18NotificationDisplayed) { 1360 enforceAdServicesManagerPermission(); 1361 1362 final int userIdentifier = getUserIdentifierFromBinderCallingUid(); 1363 LogUtil.v("setU18NotificationDisplayed() for User Identifier %d", userIdentifier); 1364 1365 try { 1366 mUserInstanceManager 1367 .getOrCreateUserConsentManagerInstance(userIdentifier) 1368 .setU18NotificationDisplayed(wasU18NotificationDisplayed); 1369 } catch (IOException e) { 1370 LogUtil.e(e, "Failed to call setU18NotificationDisplayed()."); 1371 } 1372 } 1373 } 1374