UserController.java revision c94c2493717264641bdfd205fd1f023193caa535
1/* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License 15 */ 16 17package com.android.server.am; 18 19import static android.Manifest.permission.INTERACT_ACROSS_USERS; 20import static android.Manifest.permission.INTERACT_ACROSS_USERS_FULL; 21import static android.app.ActivityManager.USER_OP_ERROR_IS_SYSTEM; 22import static android.app.ActivityManager.USER_OP_ERROR_RELATED_USERS_CANNOT_STOP; 23import static android.app.ActivityManager.USER_OP_IS_CURRENT; 24import static android.app.ActivityManager.USER_OP_SUCCESS; 25import static android.content.Context.KEYGUARD_SERVICE; 26import static android.os.Process.SYSTEM_UID; 27 28import static com.android.server.am.ActivityManagerDebugConfig.DEBUG_MU; 29import static com.android.server.am.ActivityManagerDebugConfig.TAG_AM; 30import static com.android.server.am.ActivityManagerDebugConfig.TAG_WITH_CLASS_NAME; 31import static com.android.server.am.ActivityManagerService.ALLOW_FULL_ONLY; 32import static com.android.server.am.ActivityManagerService.ALLOW_NON_FULL; 33import static com.android.server.am.ActivityManagerService.ALLOW_NON_FULL_IN_PROFILE; 34import static com.android.server.am.ActivityManagerService.MY_PID; 35import static com.android.server.am.ActivityManagerService.REPORT_USER_SWITCH_COMPLETE_MSG; 36import static com.android.server.am.ActivityManagerService.REPORT_USER_SWITCH_MSG; 37import static com.android.server.am.ActivityManagerService.SYSTEM_USER_CURRENT_MSG; 38import static com.android.server.am.ActivityManagerService.SYSTEM_USER_START_MSG; 39import static com.android.server.am.ActivityManagerService.SYSTEM_USER_UNLOCK_MSG; 40import static com.android.server.am.ActivityManagerService.USER_SWITCH_TIMEOUT_MSG; 41import static com.android.server.am.UserState.STATE_BOOTING; 42import static com.android.server.am.UserState.STATE_RUNNING_LOCKED; 43import static com.android.server.am.UserState.STATE_RUNNING_UNLOCKED; 44import static com.android.server.am.UserState.STATE_RUNNING_UNLOCKING; 45 46import android.annotation.NonNull; 47import android.annotation.UserIdInt; 48import android.app.ActivityManager; 49import android.app.AppOpsManager; 50import android.app.Dialog; 51import android.app.IStopUserCallback; 52import android.app.IUserSwitchObserver; 53import android.app.KeyguardManager; 54import android.content.Context; 55import android.content.IIntentReceiver; 56import android.content.Intent; 57import android.content.pm.PackageManager; 58import android.content.pm.UserInfo; 59import android.os.BatteryStats; 60import android.os.Binder; 61import android.os.Build; 62import android.os.Bundle; 63import android.os.Debug; 64import android.os.Handler; 65import android.os.IBinder; 66import android.os.IProgressListener; 67import android.os.IRemoteCallback; 68import android.os.IUserManager; 69import android.os.Process; 70import android.os.RemoteCallbackList; 71import android.os.RemoteException; 72import android.os.ServiceManager; 73import android.os.UserHandle; 74import android.os.UserManager; 75import android.os.UserManagerInternal; 76import android.os.storage.IMountService; 77import android.os.storage.StorageManager; 78import android.util.IntArray; 79import android.util.Pair; 80import android.util.Slog; 81import android.util.SparseArray; 82import android.util.SparseIntArray; 83 84import com.android.internal.R; 85import com.android.internal.annotations.GuardedBy; 86import com.android.internal.util.ArrayUtils; 87import com.android.internal.widget.LockPatternUtils; 88import com.android.server.LocalServices; 89import com.android.server.pm.UserManagerService; 90 91import java.io.PrintWriter; 92import java.util.ArrayList; 93import java.util.Arrays; 94import java.util.HashSet; 95import java.util.List; 96import java.util.Objects; 97import java.util.Set; 98 99/** 100 * Helper class for {@link ActivityManagerService} responsible for multi-user functionality. 101 */ 102final class UserController { 103 private static final String TAG = TAG_WITH_CLASS_NAME ? "UserController" : TAG_AM; 104 105 // Maximum number of users we allow to be running at a time. 106 static final int MAX_RUNNING_USERS = 3; 107 108 // Amount of time we wait for observers to handle a user switch before 109 // giving up on them and unfreezing the screen. 110 static final int USER_SWITCH_TIMEOUT = 2 * 1000; 111 112 private final ActivityManagerService mService; 113 private final Handler mHandler; 114 115 // Holds the current foreground user's id 116 private int mCurrentUserId = UserHandle.USER_SYSTEM; 117 // Holds the target user's id during a user switch 118 private int mTargetUserId = UserHandle.USER_NULL; 119 120 /** 121 * Which users have been started, so are allowed to run code. 122 */ 123 @GuardedBy("mService") 124 private final SparseArray<UserState> mStartedUsers = new SparseArray<>(); 125 126 /** 127 * LRU list of history of current users. Most recently current is at the end. 128 */ 129 private final ArrayList<Integer> mUserLru = new ArrayList<>(); 130 131 /** 132 * Constant array of the users that are currently started. 133 */ 134 private int[] mStartedUserArray = new int[] { 0 }; 135 136 // If there are multiple profiles for the current user, their ids are here 137 // Currently only the primary user can have managed profiles 138 private int[] mCurrentProfileIds = new int[] {}; 139 140 /** 141 * Mapping from each known user ID to the profile group ID it is associated with. 142 */ 143 private final SparseIntArray mUserProfileGroupIdsSelfLocked = new SparseIntArray(); 144 145 /** 146 * Registered observers of the user switching mechanics. 147 */ 148 private final RemoteCallbackList<IUserSwitchObserver> mUserSwitchObservers 149 = new RemoteCallbackList<>(); 150 151 /** 152 * Currently active user switch. 153 */ 154 Object mCurUserSwitchCallback; 155 156 private volatile UserManagerService mUserManager; 157 158 private final LockPatternUtils mLockPatternUtils; 159 160 UserController(ActivityManagerService service) { 161 mService = service; 162 mHandler = mService.mHandler; 163 // User 0 is the first and only user that runs at boot. 164 final UserState uss = new UserState(UserHandle.SYSTEM); 165 mStartedUsers.put(UserHandle.USER_SYSTEM, uss); 166 mUserLru.add(UserHandle.USER_SYSTEM); 167 mLockPatternUtils = new LockPatternUtils(mService.mContext); 168 updateStartedUserArrayLocked(); 169 } 170 171 void finishUserSwitch(UserState uss) { 172 synchronized (mService) { 173 finishUserBoot(uss); 174 175 startProfilesLocked(); 176 stopRunningUsersLocked(MAX_RUNNING_USERS); 177 } 178 } 179 180 void stopRunningUsersLocked(int maxRunningUsers) { 181 int num = mUserLru.size(); 182 int i = 0; 183 while (num > maxRunningUsers && i < mUserLru.size()) { 184 Integer oldUserId = mUserLru.get(i); 185 UserState oldUss = mStartedUsers.get(oldUserId); 186 if (oldUss == null) { 187 // Shouldn't happen, but be sane if it does. 188 mUserLru.remove(i); 189 num--; 190 continue; 191 } 192 if (oldUss.state == UserState.STATE_STOPPING 193 || oldUss.state == UserState.STATE_SHUTDOWN) { 194 // This user is already stopping, doesn't count. 195 num--; 196 i++; 197 continue; 198 } 199 if (oldUserId == UserHandle.USER_SYSTEM || oldUserId == mCurrentUserId) { 200 // Owner/System user and current user can't be stopped. We count it as running 201 // when it is not a pure system user. 202 if (UserInfo.isSystemOnly(oldUserId)) { 203 num--; 204 } 205 i++; 206 continue; 207 } 208 // This is a user to be stopped. 209 if (stopUsersLocked(oldUserId, false, null) != USER_OP_SUCCESS) { 210 num--; 211 } 212 num--; 213 i++; 214 } 215 } 216 217 private void finishUserBoot(UserState uss) { 218 finishUserBoot(uss, null); 219 } 220 221 private void finishUserBoot(UserState uss, IIntentReceiver resultTo) { 222 final int userId = uss.mHandle.getIdentifier(); 223 Slog.d(TAG, "Finishing user boot " + userId); 224 synchronized (mService) { 225 // Bail if we ended up with a stale user 226 if (mStartedUsers.get(userId) != uss) return; 227 228 // We always walk through all the user lifecycle states to send 229 // consistent developer events. We step into RUNNING_LOCKED here, 230 // but we might immediately step into RUNNING below if the user 231 // storage is already unlocked. 232 if (uss.setState(STATE_BOOTING, STATE_RUNNING_LOCKED)) { 233 Intent intent = new Intent(Intent.ACTION_LOCKED_BOOT_COMPLETED, null); 234 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 235 intent.addFlags(Intent.FLAG_RECEIVER_NO_ABORT 236 | Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND); 237 mService.broadcastIntentLocked(null, null, intent, null, resultTo, 0, null, null, 238 new String[] { android.Manifest.permission.RECEIVE_BOOT_COMPLETED }, 239 AppOpsManager.OP_NONE, null, true, false, MY_PID, SYSTEM_UID, userId); 240 } 241 242 // We need to delay unlocking managed profiles until the parent user 243 // is also unlocked. 244 if (getUserManager().isManagedProfile(userId)) { 245 final UserInfo parent = getUserManager().getProfileParent(userId); 246 if (parent != null 247 && isUserRunningLocked(parent.id, ActivityManager.FLAG_AND_UNLOCKED)) { 248 Slog.d(TAG, "User " + userId + " (parent " + parent.id 249 + "): attempting unlock because parent is unlocked"); 250 maybeUnlockUser(userId); 251 } else { 252 String parentId = (parent == null) ? "<null>" : String.valueOf(parent.id); 253 Slog.d(TAG, "User " + userId + " (parent " + parentId 254 + "): delaying unlock because parent is locked"); 255 } 256 } else { 257 maybeUnlockUser(userId); 258 } 259 } 260 } 261 262 /** 263 * Step from {@link UserState#STATE_RUNNING_LOCKED} to 264 * {@link UserState#STATE_RUNNING_UNLOCKING}. 265 */ 266 private void finishUserUnlocking(final UserState uss) { 267 final int userId = uss.mHandle.getIdentifier(); 268 synchronized (mService) { 269 // Bail if we ended up with a stale user 270 if (mStartedUsers.get(uss.mHandle.getIdentifier()) != uss) return; 271 272 // Only keep marching forward if user is actually unlocked 273 if (!isUserKeyUnlocked(userId)) return; 274 275 if (uss.setState(STATE_RUNNING_LOCKED, STATE_RUNNING_UNLOCKING)) { 276 uss.mUnlockProgress.start(); 277 278 // Prepare app storage before we go any further 279 uss.mUnlockProgress.setProgress(5, 280 mService.mContext.getString(R.string.android_start_title)); 281 mUserManager.onBeforeUnlockUser(userId); 282 uss.mUnlockProgress.setProgress(20); 283 284 // Dispatch unlocked to system services 285 mHandler.obtainMessage(SYSTEM_USER_UNLOCK_MSG, userId, 0, uss.mUnlockProgress) 286 .sendToTarget(); 287 288 // Dispatch unlocked to external apps 289 final Intent unlockedIntent = new Intent(Intent.ACTION_USER_UNLOCKED); 290 unlockedIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 291 unlockedIntent.addFlags( 292 Intent.FLAG_RECEIVER_REGISTERED_ONLY | Intent.FLAG_RECEIVER_FOREGROUND); 293 mService.broadcastIntentLocked(null, null, unlockedIntent, null, null, 0, null, 294 null, null, AppOpsManager.OP_NONE, null, false, false, MY_PID, SYSTEM_UID, 295 userId); 296 297 if (getUserInfo(userId).isManagedProfile()) { 298 UserInfo parent = getUserManager().getProfileParent(userId); 299 if (parent != null) { 300 final Intent profileUnlockedIntent = new Intent( 301 Intent.ACTION_MANAGED_PROFILE_UNLOCKED); 302 profileUnlockedIntent.putExtra(Intent.EXTRA_USER, UserHandle.of(userId)); 303 profileUnlockedIntent.addFlags( 304 Intent.FLAG_RECEIVER_REGISTERED_ONLY 305 | Intent.FLAG_RECEIVER_FOREGROUND); 306 mService.broadcastIntentLocked(null, null, profileUnlockedIntent, 307 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 308 null, false, false, MY_PID, SYSTEM_UID, 309 parent.id); 310 } 311 } 312 313 // Send PRE_BOOT broadcasts if fingerprint changed 314 final UserInfo info = getUserInfo(userId); 315 if (!Objects.equals(info.lastLoggedInFingerprint, Build.FINGERPRINT)) { 316 new PreBootBroadcaster(mService, userId, null) { 317 @Override 318 public void onFinished() { 319 finishUserUnlocked(uss); 320 } 321 }.sendNext(); 322 } else { 323 finishUserUnlocked(uss); 324 } 325 } 326 } 327 } 328 329 /** 330 * Step from {@link UserState#STATE_RUNNING_UNLOCKING} to 331 * {@link UserState#STATE_RUNNING_UNLOCKED}. 332 */ 333 private void finishUserUnlocked(UserState uss) { 334 final int userId = uss.mHandle.getIdentifier(); 335 synchronized (mService) { 336 // Bail if we ended up with a stale user 337 if (mStartedUsers.get(uss.mHandle.getIdentifier()) != uss) return; 338 final UserInfo userInfo = getUserInfo(userId); 339 if (userInfo == null) { 340 return; 341 } 342 343 // Only keep marching forward if user is actually unlocked 344 if (!isUserKeyUnlocked(userId)) return; 345 346 if (uss.setState(STATE_RUNNING_UNLOCKING, STATE_RUNNING_UNLOCKED)) { 347 // Remember that we logged in 348 mUserManager.onUserLoggedIn(userId); 349 350 if (!userInfo.isInitialized()) { 351 if (userId != UserHandle.USER_SYSTEM) { 352 Slog.d(TAG, "Initializing user #" + userId); 353 Intent intent = new Intent(Intent.ACTION_USER_INITIALIZE); 354 intent.addFlags(Intent.FLAG_RECEIVER_FOREGROUND); 355 mService.broadcastIntentLocked(null, null, intent, null, 356 new IIntentReceiver.Stub() { 357 @Override 358 public void performReceive(Intent intent, int resultCode, 359 String data, Bundle extras, boolean ordered, 360 boolean sticky, int sendingUser) { 361 // Note: performReceive is called with mService lock held 362 getUserManager().makeInitialized(userInfo.id); 363 } 364 }, 0, null, null, null, AppOpsManager.OP_NONE, 365 null, true, false, MY_PID, SYSTEM_UID, userId); 366 } 367 } 368 Slog.d(TAG, "Sending BOOT_COMPLETE user #" + userId); 369 final Intent bootIntent = new Intent(Intent.ACTION_BOOT_COMPLETED, null); 370 bootIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 371 bootIntent.addFlags(Intent.FLAG_RECEIVER_NO_ABORT 372 | Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND); 373 mService.broadcastIntentLocked(null, null, bootIntent, null, null, 0, null, null, 374 new String[] { android.Manifest.permission.RECEIVE_BOOT_COMPLETED }, 375 AppOpsManager.OP_NONE, null, true, false, MY_PID, SYSTEM_UID, userId); 376 } 377 } 378 } 379 380 int stopUser(final int userId, final boolean force, final IStopUserCallback callback) { 381 if (mService.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 382 != PackageManager.PERMISSION_GRANTED) { 383 String msg = "Permission Denial: switchUser() from pid=" 384 + Binder.getCallingPid() 385 + ", uid=" + Binder.getCallingUid() 386 + " requires " + INTERACT_ACROSS_USERS_FULL; 387 Slog.w(TAG, msg); 388 throw new SecurityException(msg); 389 } 390 if (userId < 0 || userId == UserHandle.USER_SYSTEM) { 391 throw new IllegalArgumentException("Can't stop system user " + userId); 392 } 393 mService.enforceShellRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, 394 userId); 395 synchronized (mService) { 396 return stopUsersLocked(userId, force, callback); 397 } 398 } 399 400 /** 401 * Stops the user along with its related users. The method calls 402 * {@link #getUsersToStopLocked(int)} to determine the list of users that should be stopped. 403 */ 404 private int stopUsersLocked(final int userId, boolean force, final IStopUserCallback callback) { 405 if (userId == UserHandle.USER_SYSTEM) { 406 return USER_OP_ERROR_IS_SYSTEM; 407 } 408 if (isCurrentUserLocked(userId)) { 409 return USER_OP_IS_CURRENT; 410 } 411 int[] usersToStop = getUsersToStopLocked(userId); 412 // If one of related users is system or current, no related users should be stopped 413 for (int i = 0; i < usersToStop.length; i++) { 414 int relatedUserId = usersToStop[i]; 415 if ((UserHandle.USER_SYSTEM == relatedUserId) || isCurrentUserLocked(relatedUserId)) { 416 if (DEBUG_MU) Slog.i(TAG, "stopUsersLocked cannot stop related user " 417 + relatedUserId); 418 // We still need to stop the requested user if it's a force stop. 419 if (force) { 420 Slog.i(TAG, 421 "Force stop user " + userId + ". Related users will not be stopped"); 422 stopSingleUserLocked(userId, callback); 423 return USER_OP_SUCCESS; 424 } 425 return USER_OP_ERROR_RELATED_USERS_CANNOT_STOP; 426 } 427 } 428 if (DEBUG_MU) Slog.i(TAG, "stopUsersLocked usersToStop=" + Arrays.toString(usersToStop)); 429 for (int userIdToStop : usersToStop) { 430 stopSingleUserLocked(userIdToStop, userIdToStop == userId ? callback : null); 431 } 432 return USER_OP_SUCCESS; 433 } 434 435 private void stopSingleUserLocked(final int userId, final IStopUserCallback callback) { 436 if (DEBUG_MU) Slog.i(TAG, "stopSingleUserLocked userId=" + userId); 437 final UserState uss = mStartedUsers.get(userId); 438 if (uss == null) { 439 // User is not started, nothing to do... but we do need to 440 // callback if requested. 441 if (callback != null) { 442 mHandler.post(new Runnable() { 443 @Override 444 public void run() { 445 try { 446 callback.userStopped(userId); 447 } catch (RemoteException e) { 448 } 449 } 450 }); 451 } 452 return; 453 } 454 455 if (callback != null) { 456 uss.mStopCallbacks.add(callback); 457 } 458 459 if (uss.state != UserState.STATE_STOPPING 460 && uss.state != UserState.STATE_SHUTDOWN) { 461 uss.setState(UserState.STATE_STOPPING); 462 updateStartedUserArrayLocked(); 463 464 long ident = Binder.clearCallingIdentity(); 465 try { 466 // We are going to broadcast ACTION_USER_STOPPING and then 467 // once that is done send a final ACTION_SHUTDOWN and then 468 // stop the user. 469 final Intent stoppingIntent = new Intent(Intent.ACTION_USER_STOPPING); 470 stoppingIntent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); 471 stoppingIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 472 stoppingIntent.putExtra(Intent.EXTRA_SHUTDOWN_USERSPACE_ONLY, true); 473 // This is the result receiver for the initial stopping broadcast. 474 final IIntentReceiver stoppingReceiver = new IIntentReceiver.Stub() { 475 @Override 476 public void performReceive(Intent intent, int resultCode, String data, 477 Bundle extras, boolean ordered, boolean sticky, int sendingUser) { 478 mHandler.post(new Runnable() { 479 @Override 480 public void run() { 481 finishUserStopping(userId, uss); 482 } 483 }); 484 } 485 }; 486 // Kick things off. 487 mService.broadcastIntentLocked(null, null, stoppingIntent, 488 null, stoppingReceiver, 0, null, null, 489 new String[]{INTERACT_ACROSS_USERS}, AppOpsManager.OP_NONE, 490 null, true, false, MY_PID, SYSTEM_UID, UserHandle.USER_ALL); 491 } finally { 492 Binder.restoreCallingIdentity(ident); 493 } 494 } 495 } 496 497 void finishUserStopping(final int userId, final UserState uss) { 498 // On to the next. 499 final Intent shutdownIntent = new Intent(Intent.ACTION_SHUTDOWN); 500 // This is the result receiver for the final shutdown broadcast. 501 final IIntentReceiver shutdownReceiver = new IIntentReceiver.Stub() { 502 @Override 503 public void performReceive(Intent intent, int resultCode, String data, 504 Bundle extras, boolean ordered, boolean sticky, int sendingUser) { 505 mHandler.post(new Runnable() { 506 @Override 507 public void run() { 508 finishUserStopped(uss); 509 } 510 }); 511 } 512 }; 513 514 synchronized (mService) { 515 if (uss.state != UserState.STATE_STOPPING) { 516 // Whoops, we are being started back up. Abort, abort! 517 return; 518 } 519 uss.setState(UserState.STATE_SHUTDOWN); 520 } 521 522 mService.mBatteryStatsService.noteEvent( 523 BatteryStats.HistoryItem.EVENT_USER_RUNNING_FINISH, 524 Integer.toString(userId), userId); 525 mService.mSystemServiceManager.stopUser(userId); 526 527 synchronized (mService) { 528 mService.broadcastIntentLocked(null, null, shutdownIntent, 529 null, shutdownReceiver, 0, null, null, null, 530 AppOpsManager.OP_NONE, 531 null, true, false, MY_PID, SYSTEM_UID, userId); 532 } 533 } 534 535 void finishUserStopped(UserState uss) { 536 final int userId = uss.mHandle.getIdentifier(); 537 boolean stopped; 538 ArrayList<IStopUserCallback> callbacks; 539 synchronized (mService) { 540 callbacks = new ArrayList<>(uss.mStopCallbacks); 541 if (mStartedUsers.get(userId) != uss) { 542 stopped = false; 543 } else if (uss.state != UserState.STATE_SHUTDOWN) { 544 stopped = false; 545 } else { 546 stopped = true; 547 // User can no longer run. 548 mStartedUsers.remove(userId); 549 mUserLru.remove(Integer.valueOf(userId)); 550 updateStartedUserArrayLocked(); 551 552 mService.onUserStoppedLocked(userId); 553 // Clean up all state and processes associated with the user. 554 // Kill all the processes for the user. 555 forceStopUserLocked(userId, "finish user"); 556 } 557 } 558 559 for (int i = 0; i < callbacks.size(); i++) { 560 try { 561 if (stopped) callbacks.get(i).userStopped(userId); 562 else callbacks.get(i).userStopAborted(userId); 563 } catch (RemoteException e) { 564 } 565 } 566 567 if (stopped) { 568 mService.mSystemServiceManager.cleanupUser(userId); 569 synchronized (mService) { 570 mService.mStackSupervisor.removeUserLocked(userId); 571 } 572 // Remove the user if it is ephemeral. 573 if (getUserInfo(userId).isEphemeral()) { 574 mUserManager.removeUser(userId); 575 } 576 } 577 } 578 579 /** 580 * Determines the list of users that should be stopped together with the specified 581 * {@code userId}. The returned list includes {@code userId}. 582 */ 583 private @NonNull int[] getUsersToStopLocked(int userId) { 584 int startedUsersSize = mStartedUsers.size(); 585 IntArray userIds = new IntArray(); 586 userIds.add(userId); 587 synchronized (mUserProfileGroupIdsSelfLocked) { 588 int userGroupId = mUserProfileGroupIdsSelfLocked.get(userId, 589 UserInfo.NO_PROFILE_GROUP_ID); 590 for (int i = 0; i < startedUsersSize; i++) { 591 UserState uss = mStartedUsers.valueAt(i); 592 int startedUserId = uss.mHandle.getIdentifier(); 593 // Skip unrelated users (profileGroupId mismatch) 594 int startedUserGroupId = mUserProfileGroupIdsSelfLocked.get(startedUserId, 595 UserInfo.NO_PROFILE_GROUP_ID); 596 boolean sameGroup = (userGroupId != UserInfo.NO_PROFILE_GROUP_ID) 597 && (userGroupId == startedUserGroupId); 598 // userId has already been added 599 boolean sameUserId = startedUserId == userId; 600 if (!sameGroup || sameUserId) { 601 continue; 602 } 603 userIds.add(startedUserId); 604 } 605 } 606 return userIds.toArray(); 607 } 608 609 private void forceStopUserLocked(int userId, String reason) { 610 mService.forceStopPackageLocked(null, -1, false, false, true, false, false, 611 userId, reason); 612 Intent intent = new Intent(Intent.ACTION_USER_STOPPED); 613 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 614 | Intent.FLAG_RECEIVER_FOREGROUND); 615 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 616 mService.broadcastIntentLocked(null, null, intent, 617 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 618 null, false, false, MY_PID, SYSTEM_UID, UserHandle.USER_ALL); 619 } 620 621 /** 622 * Stops the guest or ephemeral user if it has gone to the background. 623 */ 624 private void stopGuestOrEphemeralUserIfBackground() { 625 synchronized (mService) { 626 final int num = mUserLru.size(); 627 for (int i = 0; i < num; i++) { 628 Integer oldUserId = mUserLru.get(i); 629 UserState oldUss = mStartedUsers.get(oldUserId); 630 if (oldUserId == UserHandle.USER_SYSTEM || oldUserId == mCurrentUserId 631 || oldUss.state == UserState.STATE_STOPPING 632 || oldUss.state == UserState.STATE_SHUTDOWN) { 633 continue; 634 } 635 UserInfo userInfo = getUserInfo(oldUserId); 636 if (userInfo.isEphemeral()) { 637 LocalServices.getService(UserManagerInternal.class) 638 .onEphemeralUserStop(oldUserId); 639 } 640 if (userInfo.isGuest() || userInfo.isEphemeral()) { 641 // This is a user to be stopped. 642 stopUsersLocked(oldUserId, true, null); 643 break; 644 } 645 } 646 } 647 } 648 649 void startProfilesLocked() { 650 if (DEBUG_MU) Slog.i(TAG, "startProfilesLocked"); 651 List<UserInfo> profiles = getUserManager().getProfiles( 652 mCurrentUserId, false /* enabledOnly */); 653 List<UserInfo> profilesToStart = new ArrayList<>(profiles.size()); 654 for (UserInfo user : profiles) { 655 if ((user.flags & UserInfo.FLAG_INITIALIZED) == UserInfo.FLAG_INITIALIZED 656 && user.id != mCurrentUserId && !user.isQuietModeEnabled()) { 657 profilesToStart.add(user); 658 } 659 } 660 final int profilesToStartSize = profilesToStart.size(); 661 int i = 0; 662 for (; i < profilesToStartSize && i < (MAX_RUNNING_USERS - 1); ++i) { 663 startUser(profilesToStart.get(i).id, /* foreground= */ false); 664 } 665 if (i < profilesToStartSize) { 666 Slog.w(TAG, "More profiles than MAX_RUNNING_USERS"); 667 } 668 } 669 670 private UserManagerService getUserManager() { 671 UserManagerService userManager = mUserManager; 672 if (userManager == null) { 673 IBinder b = ServiceManager.getService(Context.USER_SERVICE); 674 userManager = mUserManager = (UserManagerService) IUserManager.Stub.asInterface(b); 675 } 676 return userManager; 677 } 678 679 private IMountService getMountService() { 680 return IMountService.Stub.asInterface(ServiceManager.getService("mount")); 681 } 682 683 private boolean isUserKeyUnlocked(int userId) { 684 final IMountService mountService = getMountService(); 685 if (mountService != null) { 686 try { 687 return mountService.isUserKeyUnlocked(userId); 688 } catch (RemoteException e) { 689 throw e.rethrowAsRuntimeException(); 690 } 691 } else { 692 Slog.w(TAG, "Mount service not published; guessing locked state based on property"); 693 return !StorageManager.isFileEncryptedNativeOrEmulated(); 694 } 695 } 696 697 /** 698 * Start user, if its not already running. 699 * <p>The user will be brought to the foreground, if {@code foreground} parameter is set. 700 * When starting the user, multiple intents will be broadcast in the following order:</p> 701 * <ul> 702 * <li>{@link Intent#ACTION_USER_STARTED} - sent to registered receivers of the new user 703 * <li>{@link Intent#ACTION_USER_BACKGROUND} - sent to registered receivers of the outgoing 704 * user and all profiles of this user. Sent only if {@code foreground} parameter is true 705 * <li>{@link Intent#ACTION_USER_FOREGROUND} - sent to registered receivers of the new 706 * user and all profiles of this user. Sent only if {@code foreground} parameter is true 707 * <li>{@link Intent#ACTION_USER_SWITCHED} - sent to registered receivers of the new user. 708 * Sent only if {@code foreground} parameter is true 709 * <li>{@link Intent#ACTION_USER_STARTING} - ordered broadcast sent to registered receivers 710 * of the new fg user 711 * <li>{@link Intent#ACTION_LOCKED_BOOT_COMPLETED} - ordered broadcast sent to receivers of 712 * the new user 713 * <li>{@link Intent#ACTION_USER_UNLOCKED} - sent to registered receivers of the new user 714 * <li>{@link Intent#ACTION_PRE_BOOT_COMPLETED} - ordered broadcast sent to receivers of the 715 * new user. Sent only when the user is booting after a system update. 716 * <li>{@link Intent#ACTION_USER_INITIALIZE} - ordered broadcast sent to receivers of the 717 * new user. Sent only the first time a user is starting. 718 * <li>{@link Intent#ACTION_BOOT_COMPLETED} - ordered broadcast sent to receivers of the new 719 * user. Indicates that the user has finished booting. 720 * </ul> 721 * 722 * @param userId ID of the user to start 723 * @param foreground true if user should be brought to the foreground 724 * @return true if the user has been successfully started 725 */ 726 boolean startUser(final int userId, final boolean foreground) { 727 if (mService.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 728 != PackageManager.PERMISSION_GRANTED) { 729 String msg = "Permission Denial: switchUser() from pid=" 730 + Binder.getCallingPid() 731 + ", uid=" + Binder.getCallingUid() 732 + " requires " + INTERACT_ACROSS_USERS_FULL; 733 Slog.w(TAG, msg); 734 throw new SecurityException(msg); 735 } 736 737 Slog.i(TAG, "Starting userid:" + userId + " fg:" + foreground); 738 739 final long ident = Binder.clearCallingIdentity(); 740 try { 741 synchronized (mService) { 742 final int oldUserId = mCurrentUserId; 743 if (oldUserId == userId) { 744 return true; 745 } 746 747 mService.mStackSupervisor.setLockTaskModeLocked(null, 748 ActivityManager.LOCK_TASK_MODE_NONE, "startUser", false); 749 750 final UserInfo userInfo = getUserInfo(userId); 751 if (userInfo == null) { 752 Slog.w(TAG, "No user info for user #" + userId); 753 return false; 754 } 755 if (foreground && userInfo.isManagedProfile()) { 756 Slog.w(TAG, "Cannot switch to User #" + userId + ": not a full user"); 757 return false; 758 } 759 760 if (foreground) { 761 mService.mWindowManager.startFreezingScreen( 762 R.anim.screen_user_exit, R.anim.screen_user_enter); 763 } 764 765 boolean needStart = false; 766 767 // If the user we are switching to is not currently started, then 768 // we need to start it now. 769 if (mStartedUsers.get(userId) == null) { 770 mStartedUsers.put(userId, new UserState(UserHandle.of(userId))); 771 updateStartedUserArrayLocked(); 772 needStart = true; 773 } 774 775 final UserState uss = mStartedUsers.get(userId); 776 final Integer userIdInt = userId; 777 mUserLru.remove(userIdInt); 778 mUserLru.add(userIdInt); 779 780 if (foreground) { 781 mCurrentUserId = userId; 782 mService.updateUserConfigurationLocked(); 783 mTargetUserId = UserHandle.USER_NULL; // reset, mCurrentUserId has caught up 784 updateCurrentProfileIdsLocked(); 785 mService.mWindowManager.setCurrentUser(userId, mCurrentProfileIds); 786 // Once the internal notion of the active user has switched, we lock the device 787 // with the option to show the user switcher on the keyguard. 788 mService.mWindowManager.lockNow(null); 789 } else { 790 final Integer currentUserIdInt = mCurrentUserId; 791 updateCurrentProfileIdsLocked(); 792 mService.mWindowManager.setCurrentProfileIds(mCurrentProfileIds); 793 mUserLru.remove(currentUserIdInt); 794 mUserLru.add(currentUserIdInt); 795 } 796 797 // Make sure user is in the started state. If it is currently 798 // stopping, we need to knock that off. 799 if (uss.state == UserState.STATE_STOPPING) { 800 // If we are stopping, we haven't sent ACTION_SHUTDOWN, 801 // so we can just fairly silently bring the user back from 802 // the almost-dead. 803 uss.setState(uss.lastState); 804 updateStartedUserArrayLocked(); 805 needStart = true; 806 } else if (uss.state == UserState.STATE_SHUTDOWN) { 807 // This means ACTION_SHUTDOWN has been sent, so we will 808 // need to treat this as a new boot of the user. 809 uss.setState(UserState.STATE_BOOTING); 810 updateStartedUserArrayLocked(); 811 needStart = true; 812 } 813 814 if (uss.state == UserState.STATE_BOOTING) { 815 // Give user manager a chance to propagate user restrictions 816 // to other services and prepare app storage 817 getUserManager().onBeforeStartUser(userId); 818 819 // Booting up a new user, need to tell system services about it. 820 // Note that this is on the same handler as scheduling of broadcasts, 821 // which is important because it needs to go first. 822 mHandler.sendMessage(mHandler.obtainMessage(SYSTEM_USER_START_MSG, userId, 0)); 823 } 824 825 if (foreground) { 826 mHandler.sendMessage(mHandler.obtainMessage(SYSTEM_USER_CURRENT_MSG, userId, 827 oldUserId)); 828 mHandler.removeMessages(REPORT_USER_SWITCH_MSG); 829 mHandler.removeMessages(USER_SWITCH_TIMEOUT_MSG); 830 mHandler.sendMessage(mHandler.obtainMessage(REPORT_USER_SWITCH_MSG, 831 oldUserId, userId, uss)); 832 mHandler.sendMessageDelayed(mHandler.obtainMessage(USER_SWITCH_TIMEOUT_MSG, 833 oldUserId, userId, uss), USER_SWITCH_TIMEOUT); 834 } 835 836 if (needStart) { 837 // Send USER_STARTED broadcast 838 Intent intent = new Intent(Intent.ACTION_USER_STARTED); 839 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 840 | Intent.FLAG_RECEIVER_FOREGROUND); 841 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 842 mService.broadcastIntentLocked(null, null, intent, 843 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 844 null, false, false, MY_PID, SYSTEM_UID, userId); 845 } 846 847 if (foreground) { 848 moveUserToForegroundLocked(uss, oldUserId, userId); 849 } else { 850 mService.mUserController.finishUserBoot(uss); 851 } 852 853 if (needStart) { 854 Intent intent = new Intent(Intent.ACTION_USER_STARTING); 855 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); 856 intent.putExtra(Intent.EXTRA_USER_HANDLE, userId); 857 mService.broadcastIntentLocked(null, null, intent, 858 null, new IIntentReceiver.Stub() { 859 @Override 860 public void performReceive(Intent intent, int resultCode, 861 String data, Bundle extras, boolean ordered, boolean sticky, 862 int sendingUser) throws RemoteException { 863 } 864 }, 0, null, null, 865 new String[] {INTERACT_ACROSS_USERS}, AppOpsManager.OP_NONE, 866 null, true, false, MY_PID, SYSTEM_UID, UserHandle.USER_ALL); 867 } 868 } 869 } finally { 870 Binder.restoreCallingIdentity(ident); 871 } 872 873 return true; 874 } 875 876 /** 877 * Start user, if its not already running, and bring it to foreground. 878 */ 879 boolean startUserInForeground(final int userId, Dialog dlg) { 880 boolean result = startUser(userId, /* foreground */ true); 881 dlg.dismiss(); 882 return result; 883 } 884 885 boolean unlockUser(final int userId, byte[] token, byte[] secret, IProgressListener listener) { 886 if (mService.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 887 != PackageManager.PERMISSION_GRANTED) { 888 String msg = "Permission Denial: unlockUser() from pid=" 889 + Binder.getCallingPid() 890 + ", uid=" + Binder.getCallingUid() 891 + " requires " + INTERACT_ACROSS_USERS_FULL; 892 Slog.w(TAG, msg); 893 throw new SecurityException(msg); 894 } 895 896 final long binderToken = Binder.clearCallingIdentity(); 897 try { 898 return unlockUserCleared(userId, token, secret, listener); 899 } finally { 900 Binder.restoreCallingIdentity(binderToken); 901 } 902 } 903 904 /** 905 * Attempt to unlock user without a credential token. This typically 906 * succeeds when the device doesn't have credential-encrypted storage, or 907 * when the the credential-encrypted storage isn't tied to a user-provided 908 * PIN or pattern. 909 */ 910 boolean maybeUnlockUser(final int userId) { 911 // Try unlocking storage using empty token 912 return unlockUserCleared(userId, null, null, null); 913 } 914 915 private static void notifyFinished(int userId, IProgressListener listener) { 916 if (listener == null) return; 917 try { 918 listener.onFinished(userId, null); 919 } catch (RemoteException ignored) { 920 } 921 } 922 923 boolean unlockUserCleared(final int userId, byte[] token, byte[] secret, 924 IProgressListener listener) { 925 final UserState uss; 926 synchronized (mService) { 927 // Bail if user isn't actually running, otherwise register the given 928 // listener to watch for unlock progress 929 uss = mStartedUsers.get(userId); 930 if (uss == null) { 931 notifyFinished(userId, listener); 932 return false; 933 } else { 934 uss.mUnlockProgress.addListener(listener); 935 } 936 } 937 938 if (!isUserKeyUnlocked(userId)) { 939 final UserInfo userInfo = getUserInfo(userId); 940 final IMountService mountService = getMountService(); 941 try { 942 mountService.unlockUserKey(userId, userInfo.serialNumber, token, secret); 943 } catch (RemoteException | RuntimeException e) { 944 Slog.w(TAG, "Failed to unlock: " + e.getMessage()); 945 notifyFinished(userId, listener); 946 return false; 947 } 948 } 949 950 synchronized (mService) { 951 finishUserUnlocking(uss); 952 953 // We just unlocked a user, so let's now attempt to unlock any 954 // managed profiles under that user. 955 for (int i = 0; i < mStartedUsers.size(); i++) { 956 final int testUserId = mStartedUsers.keyAt(i); 957 final UserInfo parent = getUserManager().getProfileParent(testUserId); 958 if (parent != null && parent.id == userId && testUserId != userId) { 959 Slog.d(TAG, "User " + testUserId + " (parent " + parent.id 960 + "): attempting unlock because parent was just unlocked"); 961 maybeUnlockUser(testUserId); 962 } 963 } 964 } 965 966 return true; 967 } 968 969 void showUserSwitchDialog(Pair<UserInfo, UserInfo> fromToUserPair) { 970 // The dialog will show and then initiate the user switch by calling startUserInForeground 971 Dialog d = new UserSwitchingDialog(mService, mService.mContext, fromToUserPair.first, 972 fromToUserPair.second, true /* above system */); 973 d.show(); 974 } 975 976 void dispatchForegroundProfileChanged(int userId) { 977 final int observerCount = mUserSwitchObservers.beginBroadcast(); 978 for (int i = 0; i < observerCount; i++) { 979 try { 980 mUserSwitchObservers.getBroadcastItem(i).onForegroundProfileSwitch(userId); 981 } catch (RemoteException e) { 982 // Ignore 983 } 984 } 985 mUserSwitchObservers.finishBroadcast(); 986 } 987 988 /** Called on handler thread */ 989 void dispatchUserSwitchComplete(int userId) { 990 final int observerCount = mUserSwitchObservers.beginBroadcast(); 991 for (int i = 0; i < observerCount; i++) { 992 try { 993 mUserSwitchObservers.getBroadcastItem(i).onUserSwitchComplete(userId); 994 } catch (RemoteException e) { 995 } 996 } 997 mUserSwitchObservers.finishBroadcast(); 998 } 999 1000 private void stopBackgroundUsersIfEnforced(int oldUserId) { 1001 // Never stop system user 1002 if (oldUserId == UserHandle.USER_SYSTEM) { 1003 return; 1004 } 1005 // For now, only check for user restriction. Additional checks can be added here 1006 boolean disallowRunInBg = hasUserRestriction(UserManager.DISALLOW_RUN_IN_BACKGROUND, 1007 oldUserId); 1008 if (!disallowRunInBg) { 1009 return; 1010 } 1011 synchronized (mService) { 1012 if (DEBUG_MU) Slog.i(TAG, "stopBackgroundUsersIfEnforced stopping " + oldUserId 1013 + " and related users"); 1014 stopUsersLocked(oldUserId, false, null); 1015 } 1016 } 1017 1018 void timeoutUserSwitch(UserState uss, int oldUserId, int newUserId) { 1019 synchronized (mService) { 1020 Slog.wtf(TAG, "User switch timeout: from " + oldUserId + " to " + newUserId); 1021 sendContinueUserSwitchLocked(uss, oldUserId, newUserId); 1022 } 1023 } 1024 1025 void dispatchUserSwitch(final UserState uss, final int oldUserId, final int newUserId) { 1026 Slog.d(TAG, "Dispatch onUserSwitching oldUser #" + oldUserId + " newUser #" + newUserId); 1027 final int observerCount = mUserSwitchObservers.beginBroadcast(); 1028 if (observerCount > 0) { 1029 final IRemoteCallback callback = new IRemoteCallback.Stub() { 1030 int mCount = 0; 1031 @Override 1032 public void sendResult(Bundle data) throws RemoteException { 1033 synchronized (mService) { 1034 if (mCurUserSwitchCallback == this) { 1035 mCount++; 1036 if (mCount == observerCount) { 1037 sendContinueUserSwitchLocked(uss, oldUserId, newUserId); 1038 } 1039 } 1040 } 1041 } 1042 }; 1043 synchronized (mService) { 1044 uss.switching = true; 1045 mCurUserSwitchCallback = callback; 1046 } 1047 for (int i = 0; i < observerCount; i++) { 1048 try { 1049 mUserSwitchObservers.getBroadcastItem(i).onUserSwitching( 1050 newUserId, callback); 1051 } catch (RemoteException e) { 1052 } 1053 } 1054 } else { 1055 synchronized (mService) { 1056 sendContinueUserSwitchLocked(uss, oldUserId, newUserId); 1057 } 1058 } 1059 mUserSwitchObservers.finishBroadcast(); 1060 } 1061 1062 void sendContinueUserSwitchLocked(UserState uss, int oldUserId, int newUserId) { 1063 mCurUserSwitchCallback = null; 1064 mHandler.removeMessages(USER_SWITCH_TIMEOUT_MSG); 1065 mHandler.sendMessage(mHandler.obtainMessage(ActivityManagerService.CONTINUE_USER_SWITCH_MSG, 1066 oldUserId, newUserId, uss)); 1067 } 1068 1069 void continueUserSwitch(UserState uss, int oldUserId, int newUserId) { 1070 Slog.d(TAG, "Continue user switch oldUser #" + oldUserId + ", newUser #" + newUserId); 1071 synchronized (mService) { 1072 mService.mWindowManager.stopFreezingScreen(); 1073 } 1074 uss.switching = false; 1075 mHandler.removeMessages(REPORT_USER_SWITCH_COMPLETE_MSG); 1076 mHandler.sendMessage(mHandler.obtainMessage(REPORT_USER_SWITCH_COMPLETE_MSG, 1077 newUserId, 0)); 1078 stopGuestOrEphemeralUserIfBackground(); 1079 stopBackgroundUsersIfEnforced(oldUserId); 1080 } 1081 1082 void moveUserToForegroundLocked(UserState uss, int oldUserId, int newUserId) { 1083 boolean homeInFront = mService.mStackSupervisor.switchUserLocked(newUserId, uss); 1084 if (homeInFront) { 1085 mService.startHomeActivityLocked(newUserId, "moveUserToForeground"); 1086 } else { 1087 mService.mStackSupervisor.resumeFocusedStackTopActivityLocked(); 1088 } 1089 EventLogTags.writeAmSwitchUser(newUserId); 1090 sendUserSwitchBroadcastsLocked(oldUserId, newUserId); 1091 } 1092 1093 void sendUserSwitchBroadcastsLocked(int oldUserId, int newUserId) { 1094 long ident = Binder.clearCallingIdentity(); 1095 try { 1096 Intent intent; 1097 if (oldUserId >= 0) { 1098 // Send USER_BACKGROUND broadcast to all profiles of the outgoing user 1099 List<UserInfo> profiles = getUserManager().getProfiles(oldUserId, false); 1100 int count = profiles.size(); 1101 for (int i = 0; i < count; i++) { 1102 int profileUserId = profiles.get(i).id; 1103 intent = new Intent(Intent.ACTION_USER_BACKGROUND); 1104 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 1105 | Intent.FLAG_RECEIVER_FOREGROUND); 1106 intent.putExtra(Intent.EXTRA_USER_HANDLE, profileUserId); 1107 mService.broadcastIntentLocked(null, null, intent, 1108 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 1109 null, false, false, MY_PID, SYSTEM_UID, profileUserId); 1110 } 1111 } 1112 if (newUserId >= 0) { 1113 // Send USER_FOREGROUND broadcast to all profiles of the incoming user 1114 List<UserInfo> profiles = getUserManager().getProfiles(newUserId, false); 1115 int count = profiles.size(); 1116 for (int i = 0; i < count; i++) { 1117 int profileUserId = profiles.get(i).id; 1118 intent = new Intent(Intent.ACTION_USER_FOREGROUND); 1119 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 1120 | Intent.FLAG_RECEIVER_FOREGROUND); 1121 intent.putExtra(Intent.EXTRA_USER_HANDLE, profileUserId); 1122 mService.broadcastIntentLocked(null, null, intent, 1123 null, null, 0, null, null, null, AppOpsManager.OP_NONE, 1124 null, false, false, MY_PID, SYSTEM_UID, profileUserId); 1125 } 1126 intent = new Intent(Intent.ACTION_USER_SWITCHED); 1127 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY 1128 | Intent.FLAG_RECEIVER_FOREGROUND); 1129 intent.putExtra(Intent.EXTRA_USER_HANDLE, newUserId); 1130 mService.broadcastIntentLocked(null, null, intent, 1131 null, null, 0, null, null, 1132 new String[] {android.Manifest.permission.MANAGE_USERS}, 1133 AppOpsManager.OP_NONE, null, false, false, MY_PID, SYSTEM_UID, 1134 UserHandle.USER_ALL); 1135 } 1136 } finally { 1137 Binder.restoreCallingIdentity(ident); 1138 } 1139 } 1140 1141 1142 int handleIncomingUser(int callingPid, int callingUid, int userId, boolean allowAll, 1143 int allowMode, String name, String callerPackage) { 1144 final int callingUserId = UserHandle.getUserId(callingUid); 1145 if (callingUserId == userId) { 1146 return userId; 1147 } 1148 1149 // Note that we may be accessing mCurrentUserId outside of a lock... 1150 // shouldn't be a big deal, if this is being called outside 1151 // of a locked context there is intrinsically a race with 1152 // the value the caller will receive and someone else changing it. 1153 // We assume that USER_CURRENT_OR_SELF will use the current user; later 1154 // we will switch to the calling user if access to the current user fails. 1155 int targetUserId = unsafeConvertIncomingUserLocked(userId); 1156 1157 if (callingUid != 0 && callingUid != SYSTEM_UID) { 1158 final boolean allow; 1159 if (mService.checkComponentPermission(INTERACT_ACROSS_USERS_FULL, callingPid, 1160 callingUid, -1, true) == PackageManager.PERMISSION_GRANTED) { 1161 // If the caller has this permission, they always pass go. And collect $200. 1162 allow = true; 1163 } else if (allowMode == ALLOW_FULL_ONLY) { 1164 // We require full access, sucks to be you. 1165 allow = false; 1166 } else if (mService.checkComponentPermission(INTERACT_ACROSS_USERS, callingPid, 1167 callingUid, -1, true) != PackageManager.PERMISSION_GRANTED) { 1168 // If the caller does not have either permission, they are always doomed. 1169 allow = false; 1170 } else if (allowMode == ALLOW_NON_FULL) { 1171 // We are blanket allowing non-full access, you lucky caller! 1172 allow = true; 1173 } else if (allowMode == ALLOW_NON_FULL_IN_PROFILE) { 1174 // We may or may not allow this depending on whether the two users are 1175 // in the same profile. 1176 allow = isSameProfileGroup(callingUserId, targetUserId); 1177 } else { 1178 throw new IllegalArgumentException("Unknown mode: " + allowMode); 1179 } 1180 if (!allow) { 1181 if (userId == UserHandle.USER_CURRENT_OR_SELF) { 1182 // In this case, they would like to just execute as their 1183 // owner user instead of failing. 1184 targetUserId = callingUserId; 1185 } else { 1186 StringBuilder builder = new StringBuilder(128); 1187 builder.append("Permission Denial: "); 1188 builder.append(name); 1189 if (callerPackage != null) { 1190 builder.append(" from "); 1191 builder.append(callerPackage); 1192 } 1193 builder.append(" asks to run as user "); 1194 builder.append(userId); 1195 builder.append(" but is calling from user "); 1196 builder.append(UserHandle.getUserId(callingUid)); 1197 builder.append("; this requires "); 1198 builder.append(INTERACT_ACROSS_USERS_FULL); 1199 if (allowMode != ALLOW_FULL_ONLY) { 1200 builder.append(" or "); 1201 builder.append(INTERACT_ACROSS_USERS); 1202 } 1203 String msg = builder.toString(); 1204 Slog.w(TAG, msg); 1205 throw new SecurityException(msg); 1206 } 1207 } 1208 } 1209 if (!allowAll && targetUserId < 0) { 1210 throw new IllegalArgumentException( 1211 "Call does not support special user #" + targetUserId); 1212 } 1213 // Check shell permission 1214 if (callingUid == Process.SHELL_UID && targetUserId >= UserHandle.USER_SYSTEM) { 1215 if (hasUserRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, targetUserId)) { 1216 throw new SecurityException("Shell does not have permission to access user " 1217 + targetUserId + "\n " + Debug.getCallers(3)); 1218 } 1219 } 1220 return targetUserId; 1221 } 1222 1223 int unsafeConvertIncomingUserLocked(int userId) { 1224 return (userId == UserHandle.USER_CURRENT || userId == UserHandle.USER_CURRENT_OR_SELF) 1225 ? getCurrentUserIdLocked(): userId; 1226 } 1227 1228 void registerUserSwitchObserver(IUserSwitchObserver observer) { 1229 if (mService.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 1230 != PackageManager.PERMISSION_GRANTED) { 1231 final String msg = "Permission Denial: registerUserSwitchObserver() from pid=" 1232 + Binder.getCallingPid() 1233 + ", uid=" + Binder.getCallingUid() 1234 + " requires " + INTERACT_ACROSS_USERS_FULL; 1235 Slog.w(TAG, msg); 1236 throw new SecurityException(msg); 1237 } 1238 1239 mUserSwitchObservers.register(observer); 1240 } 1241 1242 void unregisterUserSwitchObserver(IUserSwitchObserver observer) { 1243 mUserSwitchObservers.unregister(observer); 1244 } 1245 1246 UserState getStartedUserStateLocked(int userId) { 1247 return mStartedUsers.get(userId); 1248 } 1249 1250 boolean hasStartedUserState(int userId) { 1251 return mStartedUsers.get(userId) != null; 1252 } 1253 1254 private void updateStartedUserArrayLocked() { 1255 int num = 0; 1256 for (int i = 0; i < mStartedUsers.size(); i++) { 1257 UserState uss = mStartedUsers.valueAt(i); 1258 // This list does not include stopping users. 1259 if (uss.state != UserState.STATE_STOPPING 1260 && uss.state != UserState.STATE_SHUTDOWN) { 1261 num++; 1262 } 1263 } 1264 mStartedUserArray = new int[num]; 1265 num = 0; 1266 for (int i = 0; i < mStartedUsers.size(); i++) { 1267 UserState uss = mStartedUsers.valueAt(i); 1268 if (uss.state != UserState.STATE_STOPPING 1269 && uss.state != UserState.STATE_SHUTDOWN) { 1270 mStartedUserArray[num++] = mStartedUsers.keyAt(i); 1271 } 1272 } 1273 } 1274 1275 void sendBootCompletedLocked(IIntentReceiver resultTo) { 1276 for (int i = 0; i < mStartedUsers.size(); i++) { 1277 UserState uss = mStartedUsers.valueAt(i); 1278 finishUserBoot(uss, resultTo); 1279 } 1280 } 1281 1282 void onSystemReady() { 1283 updateCurrentProfileIdsLocked(); 1284 } 1285 1286 /** 1287 * Refreshes the list of users related to the current user when either a 1288 * user switch happens or when a new related user is started in the 1289 * background. 1290 */ 1291 private void updateCurrentProfileIdsLocked() { 1292 final List<UserInfo> profiles = getUserManager().getProfiles(mCurrentUserId, 1293 false /* enabledOnly */); 1294 int[] currentProfileIds = new int[profiles.size()]; // profiles will not be null 1295 for (int i = 0; i < currentProfileIds.length; i++) { 1296 currentProfileIds[i] = profiles.get(i).id; 1297 } 1298 mCurrentProfileIds = currentProfileIds; 1299 1300 synchronized (mUserProfileGroupIdsSelfLocked) { 1301 mUserProfileGroupIdsSelfLocked.clear(); 1302 final List<UserInfo> users = getUserManager().getUsers(false); 1303 for (int i = 0; i < users.size(); i++) { 1304 UserInfo user = users.get(i); 1305 if (user.profileGroupId != UserInfo.NO_PROFILE_GROUP_ID) { 1306 mUserProfileGroupIdsSelfLocked.put(user.id, user.profileGroupId); 1307 } 1308 } 1309 } 1310 } 1311 1312 int[] getStartedUserArrayLocked() { 1313 return mStartedUserArray; 1314 } 1315 1316 boolean isUserRunningLocked(int userId, int flags) { 1317 UserState state = getStartedUserStateLocked(userId); 1318 if (state == null) { 1319 return false; 1320 } 1321 if ((flags & ActivityManager.FLAG_OR_STOPPED) != 0) { 1322 return true; 1323 } 1324 1325 final boolean unlocked; 1326 switch (state.state) { 1327 case UserState.STATE_STOPPING: 1328 case UserState.STATE_SHUTDOWN: 1329 default: 1330 return false; 1331 1332 case UserState.STATE_BOOTING: 1333 case UserState.STATE_RUNNING_LOCKED: 1334 unlocked = false; 1335 break; 1336 1337 case UserState.STATE_RUNNING_UNLOCKING: 1338 case UserState.STATE_RUNNING_UNLOCKED: 1339 unlocked = true; 1340 break; 1341 } 1342 1343 if ((flags & ActivityManager.FLAG_AND_LOCKED) != 0) { 1344 return !unlocked; 1345 } 1346 if ((flags & ActivityManager.FLAG_AND_UNLOCKED) != 0) { 1347 return unlocked; 1348 } 1349 1350 // One way or another, we're running! 1351 return true; 1352 } 1353 1354 UserInfo getCurrentUser() { 1355 if ((mService.checkCallingPermission(INTERACT_ACROSS_USERS) 1356 != PackageManager.PERMISSION_GRANTED) && ( 1357 mService.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) 1358 != PackageManager.PERMISSION_GRANTED)) { 1359 String msg = "Permission Denial: getCurrentUser() from pid=" 1360 + Binder.getCallingPid() 1361 + ", uid=" + Binder.getCallingUid() 1362 + " requires " + INTERACT_ACROSS_USERS; 1363 Slog.w(TAG, msg); 1364 throw new SecurityException(msg); 1365 } 1366 synchronized (mService) { 1367 return getCurrentUserLocked(); 1368 } 1369 } 1370 1371 UserInfo getCurrentUserLocked() { 1372 int userId = mTargetUserId != UserHandle.USER_NULL ? mTargetUserId : mCurrentUserId; 1373 return getUserInfo(userId); 1374 } 1375 1376 int getCurrentOrTargetUserIdLocked() { 1377 return mTargetUserId != UserHandle.USER_NULL ? mTargetUserId : mCurrentUserId; 1378 } 1379 1380 int getCurrentUserIdLocked() { 1381 return mCurrentUserId; 1382 } 1383 1384 private boolean isCurrentUserLocked(int userId) { 1385 return userId == getCurrentOrTargetUserIdLocked(); 1386 } 1387 1388 int setTargetUserIdLocked(int targetUserId) { 1389 return mTargetUserId = targetUserId; 1390 } 1391 1392 int[] getUsers() { 1393 UserManagerService ums = getUserManager(); 1394 return ums != null ? ums.getUserIds() : new int[] { 0 }; 1395 } 1396 1397 UserInfo getUserInfo(int userId) { 1398 return getUserManager().getUserInfo(userId); 1399 } 1400 1401 int[] getUserIds() { 1402 return getUserManager().getUserIds(); 1403 } 1404 1405 boolean exists(int userId) { 1406 return getUserManager().exists(userId); 1407 } 1408 1409 boolean hasUserRestriction(String restriction, int userId) { 1410 return getUserManager().hasUserRestriction(restriction, userId); 1411 } 1412 1413 Set<Integer> getProfileIds(int userId) { 1414 Set<Integer> userIds = new HashSet<>(); 1415 final List<UserInfo> profiles = getUserManager().getProfiles(userId, 1416 false /* enabledOnly */); 1417 for (UserInfo user : profiles) { 1418 userIds.add(user.id); 1419 } 1420 return userIds; 1421 } 1422 1423 boolean isSameProfileGroup(int callingUserId, int targetUserId) { 1424 synchronized (mUserProfileGroupIdsSelfLocked) { 1425 int callingProfile = mUserProfileGroupIdsSelfLocked.get(callingUserId, 1426 UserInfo.NO_PROFILE_GROUP_ID); 1427 int targetProfile = mUserProfileGroupIdsSelfLocked.get(targetUserId, 1428 UserInfo.NO_PROFILE_GROUP_ID); 1429 return callingProfile != UserInfo.NO_PROFILE_GROUP_ID 1430 && callingProfile == targetProfile; 1431 } 1432 } 1433 1434 boolean isCurrentProfileLocked(int userId) { 1435 return ArrayUtils.contains(mCurrentProfileIds, userId); 1436 } 1437 1438 int[] getCurrentProfileIdsLocked() { 1439 return mCurrentProfileIds; 1440 } 1441 1442 /** 1443 * Returns whether the given user requires credential entry at this time. This is used to 1444 * intercept activity launches for work apps when the Work Challenge is present. 1445 */ 1446 boolean shouldConfirmCredentials(int userId) { 1447 synchronized (mService) { 1448 if (mStartedUsers.get(userId) == null) { 1449 return false; 1450 } 1451 } 1452 if (!mLockPatternUtils.isSeparateProfileChallengeEnabled(userId)) { 1453 return false; 1454 } 1455 final KeyguardManager km = (KeyguardManager) mService.mContext 1456 .getSystemService(KEYGUARD_SERVICE); 1457 return km.isDeviceLocked(userId); 1458 } 1459 1460 boolean isLockScreenDisabled(@UserIdInt int userId) { 1461 return mLockPatternUtils.isLockScreenDisabled(userId); 1462 } 1463 1464 void dump(PrintWriter pw, boolean dumpAll) { 1465 pw.println(" mStartedUsers:"); 1466 for (int i = 0; i < mStartedUsers.size(); i++) { 1467 UserState uss = mStartedUsers.valueAt(i); 1468 pw.print(" User #"); pw.print(uss.mHandle.getIdentifier()); 1469 pw.print(": "); uss.dump("", pw); 1470 } 1471 pw.print(" mStartedUserArray: ["); 1472 for (int i = 0; i < mStartedUserArray.length; i++) { 1473 if (i > 0) pw.print(", "); 1474 pw.print(mStartedUserArray[i]); 1475 } 1476 pw.println("]"); 1477 pw.print(" mUserLru: ["); 1478 for (int i = 0; i < mUserLru.size(); i++) { 1479 if (i > 0) pw.print(", "); 1480 pw.print(mUserLru.get(i)); 1481 } 1482 pw.println("]"); 1483 if (dumpAll) { 1484 pw.print(" mStartedUserArray: "); pw.println(Arrays.toString(mStartedUserArray)); 1485 } 1486 synchronized (mUserProfileGroupIdsSelfLocked) { 1487 if (mUserProfileGroupIdsSelfLocked.size() > 0) { 1488 pw.println(" mUserProfileGroupIds:"); 1489 for (int i=0; i<mUserProfileGroupIdsSelfLocked.size(); i++) { 1490 pw.print(" User #"); 1491 pw.print(mUserProfileGroupIdsSelfLocked.keyAt(i)); 1492 pw.print(" -> profile #"); 1493 pw.println(mUserProfileGroupIdsSelfLocked.valueAt(i)); 1494 } 1495 } 1496 } 1497 } 1498} 1499