Add process capability as a new dimension.

Add new attribute capability to ProcessRecord, it represents what this
process is allowed to do. Capability is a separate dimension for
process state (ProcState).

In OomAdjuster.java, capabilities can be passed from client to service.

Add PROCESS_CAPABILITY_FOREGROUND_LOCATION to represent the capability
that can access location while-in-use.

For permission such as foreground location access, AppOpsService
checks for FOREGROUND_LOCATION capability, also checks if the process
is in one of the foreground process states, if both conditions meet,
the locaton operation is allowed.

Remove PROCESS_STATE_FOREGROUND_SERVICE_LOCATION.

Bug: 136274596
Test: atest CtsAppTestCases:ActivityManagerProcessStateTest
atest CtsAppTestCases:ActivityManagerApi29Test
atest frameworks/base/services/tests/mockingservicestests/src/com/android/server/appop/AppOpsServiceTest.java
Change-Id: Ie1c8e670fb0789208b753eb49b7e2fce6a2f211f

5 files changed, 89 insertions, 66 deletions

diff --git a/core/java/android/app/ActivityManager.java b/core/java/android/app/ActivityManager.java
index 7f597fef807a..7a3050281d1a 100644
--- a/core/java/android/app/ActivityManager.java
+++ b/core/java/android/app/ActivityManager.java
@@ -163,7 +163,7 @@ public class ActivityManager {
         }
 
         @Override
-        public void onUidStateChanged(int uid, int procState, long procStateSeq) {
+        public void onUidStateChanged(int uid, int procState, long procStateSeq, int capability) {
             mListener.onUidImportance(uid, RunningAppProcessInfo.procStateToImportanceForClient(
                     procState, mContext));
         }
@@ -432,7 +432,6 @@ public class ActivityManager {
     public static final int USER_OP_ERROR_RELATED_USERS_CANNOT_STOP = -4;
 
     /**
-     * @hide
      * Process states, describing the kind of state a particular process is in.
      * When updating these, make sure to also check all related references to the
      * constant in code, and update these arrays:
@@ -443,7 +442,34 @@ public class ActivityManager {
      * @see com.android.server.am.ProcessList#sSameAwakePssTimes
      * @see com.android.server.am.ProcessList#sTestFirstPssTimes
      * @see com.android.server.am.ProcessList#sTestSamePssTimes
+     * @hide
      */
+    @IntDef(flag = false, prefix = { "PROCESS_STATE_" }, value = {
+        PROCESS_STATE_UNKNOWN, // -1
+        PROCESS_STATE_PERSISTENT, // 0
+        PROCESS_STATE_PERSISTENT_UI,
+        PROCESS_STATE_TOP,
+        PROCESS_STATE_BOUND_TOP,
+        PROCESS_STATE_FOREGROUND_SERVICE,
+        PROCESS_STATE_BOUND_FOREGROUND_SERVICE,
+        PROCESS_STATE_IMPORTANT_FOREGROUND,
+        PROCESS_STATE_IMPORTANT_BACKGROUND,
+        PROCESS_STATE_TRANSIENT_BACKGROUND,
+        PROCESS_STATE_BACKUP,
+        PROCESS_STATE_SERVICE,
+        PROCESS_STATE_RECEIVER,
+        PROCESS_STATE_TOP_SLEEPING,
+        PROCESS_STATE_HEAVY_WEIGHT,
+        PROCESS_STATE_HOME,
+        PROCESS_STATE_LAST_ACTIVITY,
+        PROCESS_STATE_CACHED_ACTIVITY,
+        PROCESS_STATE_CACHED_ACTIVITY_CLIENT,
+        PROCESS_STATE_CACHED_RECENT,
+        PROCESS_STATE_CACHED_EMPTY,
+    })
+    @Retention(RetentionPolicy.SOURCE)
+    public @interface ProcessState {}
+
 
     /** @hide Not a real process state. */
     public static final int PROCESS_STATE_UNKNOWN = -1;
@@ -459,78 +485,98 @@ public class ActivityManager {
     @UnsupportedAppUsage
     public static final int PROCESS_STATE_TOP = 2;
 
-    /** @hide Process is hosting a foreground service with location type. */
-    public static final int PROCESS_STATE_FOREGROUND_SERVICE_LOCATION = 3;
-
     /** @hide Process is bound to a TOP app. This is ranked below SERVICE_LOCATION so that
      * it doesn't get the capability of location access while-in-use. */
-    public static final int PROCESS_STATE_BOUND_TOP = 4;
+    public static final int PROCESS_STATE_BOUND_TOP = 3;
 
     /** @hide Process is hosting a foreground service. */
     @UnsupportedAppUsage
-    public static final int PROCESS_STATE_FOREGROUND_SERVICE = 5;
+    public static final int PROCESS_STATE_FOREGROUND_SERVICE = 4;
 
     /** @hide Process is hosting a foreground service due to a system binding. */
     @UnsupportedAppUsage
-    public static final int PROCESS_STATE_BOUND_FOREGROUND_SERVICE = 6;
+    public static final int PROCESS_STATE_BOUND_FOREGROUND_SERVICE = 5;
 
     /** @hide Process is important to the user, and something they are aware of. */
-    public static final int PROCESS_STATE_IMPORTANT_FOREGROUND = 7;
+    public static final int PROCESS_STATE_IMPORTANT_FOREGROUND = 6;
 
     /** @hide Process is important to the user, but not something they are aware of. */
     @UnsupportedAppUsage
-    public static final int PROCESS_STATE_IMPORTANT_BACKGROUND = 8;
+    public static final int PROCESS_STATE_IMPORTANT_BACKGROUND = 7;
 
     /** @hide Process is in the background transient so we will try to keep running. */
-    public static final int PROCESS_STATE_TRANSIENT_BACKGROUND = 9;
+    public static final int PROCESS_STATE_TRANSIENT_BACKGROUND = 8;
 
     /** @hide Process is in the background running a backup/restore operation. */
-    public static final int PROCESS_STATE_BACKUP = 10;
+    public static final int PROCESS_STATE_BACKUP = 9;
 
     /** @hide Process is in the background running a service.  Unlike oom_adj, this level
      * is used for both the normal running in background state and the executing
      * operations state. */
     @UnsupportedAppUsage
-    public static final int PROCESS_STATE_SERVICE = 11;
+    public static final int PROCESS_STATE_SERVICE = 10;
 
     /** @hide Process is in the background running a receiver.   Note that from the
      * perspective of oom_adj, receivers run at a higher foreground level, but for our
      * prioritization here that is not necessary and putting them below services means
      * many fewer changes in some process states as they receive broadcasts. */
     @UnsupportedAppUsage
-    public static final int PROCESS_STATE_RECEIVER = 12;
+    public static final int PROCESS_STATE_RECEIVER = 11;
 
     /** @hide Same as {@link #PROCESS_STATE_TOP} but while device is sleeping. */
-    public static final int PROCESS_STATE_TOP_SLEEPING = 13;
+    public static final int PROCESS_STATE_TOP_SLEEPING = 12;
 
     /** @hide Process is in the background, but it can't restore its state so we want
      * to try to avoid killing it. */
-    public static final int PROCESS_STATE_HEAVY_WEIGHT = 14;
+    public static final int PROCESS_STATE_HEAVY_WEIGHT = 13;
 
     /** @hide Process is in the background but hosts the home activity. */
     @UnsupportedAppUsage
-    public static final int PROCESS_STATE_HOME = 15;
+    public static final int PROCESS_STATE_HOME = 14;
 
     /** @hide Process is in the background but hosts the last shown activity. */
-    public static final int PROCESS_STATE_LAST_ACTIVITY = 16;
+    public static final int PROCESS_STATE_LAST_ACTIVITY = 15;
 
     /** @hide Process is being cached for later use and contains activities. */
     @UnsupportedAppUsage
-    public static final int PROCESS_STATE_CACHED_ACTIVITY = 17;
+    public static final int PROCESS_STATE_CACHED_ACTIVITY = 16;
 
     /** @hide Process is being cached for later use and is a client of another cached
      * process that contains activities. */
-    public static final int PROCESS_STATE_CACHED_ACTIVITY_CLIENT = 18;
+    public static final int PROCESS_STATE_CACHED_ACTIVITY_CLIENT = 17;
 
     /** @hide Process is being cached for later use and has an activity that corresponds
      * to an existing recent task. */
-    public static final int PROCESS_STATE_CACHED_RECENT = 19;
+    public static final int PROCESS_STATE_CACHED_RECENT = 18;
 
     /** @hide Process is being cached for later use and is empty. */
-    public static final int PROCESS_STATE_CACHED_EMPTY = 20;
+    public static final int PROCESS_STATE_CACHED_EMPTY = 19;
 
     /** @hide Process does not exist. */
-    public static final int PROCESS_STATE_NONEXISTENT = 21;
+    public static final int PROCESS_STATE_NONEXISTENT = 20;
+
+    /**
+     * The set of flags for process capability.
+     * @hide
+     */
+    @IntDef(flag = true, prefix = { "PROCESS_CAPABILITY_" }, value = {
+            PROCESS_CAPABILITY_NONE,
+            PROCESS_CAPABILITY_FOREGROUND_LOCATION,
+    })
+    @Retention(RetentionPolicy.SOURCE)
+    public @interface ProcessCapability {}
+
+    /** @hide Process does not have any capability */
+    @TestApi
+    public static final int PROCESS_CAPABILITY_NONE = 0;
+
+    /** @hide Process can access location while in foreground */
+    @TestApi
+    public static final int PROCESS_CAPABILITY_FOREGROUND_LOCATION = 1 << 0;
+
+    /** @hide all capabilities, the ORing of all flags in {@link ProcessCapability}*/
+    @TestApi
+    public static final int PROCESS_CAPABILITY_ALL = PROCESS_CAPABILITY_FOREGROUND_LOCATION;
 
     // NOTE: If PROCESS_STATEs are added, then new fields must be added
     // to frameworks/base/core/proto/android/app/enums.proto and the following method must
@@ -557,7 +603,6 @@ public class ActivityManager {
                 return AppProtoEnums.PROCESS_STATE_TOP;
             case PROCESS_STATE_BOUND_TOP:
                 return AppProtoEnums.PROCESS_STATE_BOUND_TOP;
-            case PROCESS_STATE_FOREGROUND_SERVICE_LOCATION:
             case PROCESS_STATE_FOREGROUND_SERVICE:
                 return AppProtoEnums.PROCESS_STATE_FOREGROUND_SERVICE;
             case PROCESS_STATE_BOUND_FOREGROUND_SERVICE:
@@ -612,8 +657,7 @@ public class ActivityManager {
 
     /** @hide Is this a foreground service type? */
     public static boolean isForegroundService(int procState) {
-        return procState == PROCESS_STATE_FOREGROUND_SERVICE_LOCATION
-                || procState == PROCESS_STATE_FOREGROUND_SERVICE;
+        return procState == PROCESS_STATE_FOREGROUND_SERVICE;
     }
 
     /** @hide requestType for assist context: only basic information. */
@@ -2930,7 +2974,7 @@ public class ActivityManager {
                 return IMPORTANCE_PERCEPTIBLE;
             } else if (procState >= PROCESS_STATE_IMPORTANT_FOREGROUND) {
                 return IMPORTANCE_VISIBLE;
-            } else if (procState >= PROCESS_STATE_FOREGROUND_SERVICE_LOCATION) {
+            } else if (procState >= PROCESS_STATE_FOREGROUND_SERVICE) {
                 return IMPORTANCE_FOREGROUND_SERVICE;
             } else {
                 return IMPORTANCE_FOREGROUND;
diff --git a/core/java/android/app/AppOpsManager.java b/core/java/android/app/AppOpsManager.java
index 8bca87e69ecc..765c358748a3 100644
--- a/core/java/android/app/AppOpsManager.java
+++ b/core/java/android/app/AppOpsManager.java
@@ -282,10 +282,14 @@ public class AppOpsManager {
     /**
      * Uid state: The UID is running a foreground service of location type.
      * The lower the UID state the more important the UID is for the user.
+     * This uid state is a counterpart to PROCESS_STATE_FOREGROUND_SERVICE_LOCATION which has been
+     * deprecated.
      * @hide
+     * @deprecated
      */
     @TestApi
     @SystemApi
+    @Deprecated
     public static final int UID_STATE_FOREGROUND_SERVICE_LOCATION = 300;
 
     /**
@@ -298,13 +302,6 @@ public class AppOpsManager {
     public static final int UID_STATE_FOREGROUND_SERVICE = 400;
 
     /**
-     * The max, which is min priority, UID state for which any app op
-     * would be considered as performed in the foreground.
-     * @hide
-     */
-    public static final int UID_STATE_MAX_LAST_NON_RESTRICTED = UID_STATE_FOREGROUND_SERVICE;
-
-    /**
      * Uid state: The UID is a foreground app. The lower the UID
      * state the more important the UID is for the user.
      * @hide
@@ -314,6 +311,13 @@ public class AppOpsManager {
     public static final int UID_STATE_FOREGROUND = 500;
 
     /**
+     * The max, which is min priority, UID state for which any app op
+     * would be considered as performed in the foreground.
+     * @hide
+     */
+    public static final int UID_STATE_MAX_LAST_NON_RESTRICTED = UID_STATE_FOREGROUND;
+
+    /**
      * Uid state: The UID is a background app. The lower the UID
      * state the more important the UID is for the user.
      * @hide
@@ -344,47 +348,25 @@ public class AppOpsManager {
     public static final int MIN_PRIORITY_UID_STATE = UID_STATE_CACHED;
 
     /**
-     * Resolves the first unrestricted state given an app op. Location is
-     * special as we want to allow its access only if a dedicated location
-     * foreground service is running. For other ops we consider any foreground
-     * service as a foreground state.
-     *
+     * Resolves the first unrestricted state given an app op.
      * @param op The op to resolve.
      * @return The last restricted UID state.
      *
      * @hide
      */
     public static int resolveFirstUnrestrictedUidState(int op) {
-        switch (op) {
-            case OP_FINE_LOCATION:
-            case OP_COARSE_LOCATION:
-            case OP_MONITOR_LOCATION:
-            case OP_MONITOR_HIGH_POWER_LOCATION: {
-                return UID_STATE_FOREGROUND_SERVICE_LOCATION;
-            }
-        }
-        return UID_STATE_FOREGROUND_SERVICE;
+        return UID_STATE_FOREGROUND;
     }
 
     /**
-     * Resolves the last restricted state given an app op. Location is
-     * special as we want to allow its access only if a dedicated location
-     * foreground service is running. For other ops we consider any foreground
-     * service as a foreground state.
-     *
+     * Resolves the last restricted state given an app op.
      * @param op The op to resolve.
      * @return The last restricted UID state.
      *
      * @hide
      */
     public static int resolveLastRestrictedUidState(int op) {
-        switch (op) {
-            case OP_FINE_LOCATION:
-            case OP_COARSE_LOCATION: {
-                return UID_STATE_FOREGROUND_SERVICE;
-            }
-        }
-        return UID_STATE_FOREGROUND;
+        return UID_STATE_BACKGROUND;
     }
 
     /** @hide Note: Keep these sorted */
@@ -4603,7 +4585,6 @@ public class AppOpsManager {
          *
          * @param fromUidState The UID state from which to query. Could be one of
          * {@link #UID_STATE_PERSISTENT}, {@link #UID_STATE_TOP},
-         * {@link #UID_STATE_FOREGROUND_SERVICE_LOCATION},
          * {@link #UID_STATE_FOREGROUND_SERVICE}, {@link #UID_STATE_FOREGROUND},
          * {@link #UID_STATE_BACKGROUND}, {@link #UID_STATE_CACHED}.
          * @param toUidState The UID state to which to query.
@@ -4664,7 +4645,6 @@ public class AppOpsManager {
          *
          * @param fromUidState The UID state from which to query. Could be one of
          * {@link #UID_STATE_PERSISTENT}, {@link #UID_STATE_TOP},
-         * {@link #UID_STATE_FOREGROUND_SERVICE_LOCATION},
          * {@link #UID_STATE_FOREGROUND_SERVICE}, {@link #UID_STATE_FOREGROUND},
          * {@link #UID_STATE_BACKGROUND}, {@link #UID_STATE_CACHED}.
          * @param toUidState The UID state to which to query.
@@ -4728,7 +4708,6 @@ public class AppOpsManager {
          *
          * @param fromUidState The UID state from which to query. Could be one of
          * {@link #UID_STATE_PERSISTENT}, {@link #UID_STATE_TOP},
-         * {@link #UID_STATE_FOREGROUND_SERVICE_LOCATION},
          * {@link #UID_STATE_FOREGROUND_SERVICE}, {@link #UID_STATE_FOREGROUND},
          * {@link #UID_STATE_BACKGROUND}, {@link #UID_STATE_CACHED}.
          * @param toUidState The UID state from which to query.
diff --git a/core/java/android/app/IUidObserver.aidl b/core/java/android/app/IUidObserver.aidl
index e116d989ca75..7713e25d5ecd 100644
--- a/core/java/android/app/IUidObserver.aidl
+++ b/core/java/android/app/IUidObserver.aidl
@@ -50,8 +50,9 @@ oneway interface IUidObserver {
      * @param procState The updated process state for the uid.
      * @param procStateSeq The sequence no. associated with process state change of the uid,
      *                     see UidRecord.procStateSeq for details.
+     * @param capability the updated process capability for the uid.
      */
-    void onUidStateChanged(int uid, int procState, long procStateSeq);
+    void onUidStateChanged(int uid, int procState, long procStateSeq, int capability);
 
     // =============== End of transactions used on native side as well ============================
 
diff --git a/core/java/android/os/BatteryStats.java b/core/java/android/os/BatteryStats.java
index af0ec1188bc7..fa09cf0bb4e3 100644
--- a/core/java/android/os/BatteryStats.java
+++ b/core/java/android/os/BatteryStats.java
@@ -17,7 +17,6 @@
 package android.os;
 
 import static android.app.ActivityManager.PROCESS_STATE_BOUND_TOP;
-import static android.app.ActivityManager.PROCESS_STATE_FOREGROUND_SERVICE_LOCATION;
 
 import android.annotation.IntDef;
 import android.annotation.UnsupportedAppUsage;
@@ -923,7 +922,6 @@ public abstract class BatteryStats implements Parcelable {
          */
         public static final int[] CRITICAL_PROC_STATES = {
                 PROCESS_STATE_TOP,
-                PROCESS_STATE_FOREGROUND_SERVICE_LOCATION,
                 PROCESS_STATE_BOUND_TOP, PROCESS_STATE_FOREGROUND_SERVICE,
                 PROCESS_STATE_FOREGROUND
         };
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index aeed20db2850..199719428a66 100644
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -10632,6 +10632,7 @@ public final class Settings {
          * @hide
          * @see com.android.server.AppOpsService.Constants
          */
+        @TestApi
         public static final String APP_OPS_CONSTANTS = "app_ops_constants";
 
         /**