Implement Device Admin API for MMAC

Conflicts:
	api/current.txt
	core/java/android/app/admin/DevicePolicyManager.java

Change-Id: I1df507ced67fbcab8fdcde9cce78705b5e54e346

5 files changed, 179 insertions, 4 deletions

diff --git a/core/java/android/app/admin/DeviceAdminInfo.java b/core/java/android/app/admin/DeviceAdminInfo.java
index 85031cc..3ea4c7f 100644
--- a/core/java/android/app/admin/DeviceAdminInfo.java
+++ b/core/java/android/app/admin/DeviceAdminInfo.java
@@ -155,6 +155,16 @@ public final class DeviceAdminInfo implements Parcelable {
      */
     public static final int USES_POLICY_ENFORCE_SELINUX = 10;
 
+    /**
+     * @hide
+     * A type of policy that this device admin can use: enforce SE Android MMAC policy.
+     *
+     * <p>To control this policy, the device admin must have a "enforce-mmac" tag in the
+     * "uses-policies" section of its meta-data.
+     */
+    public static final int USES_POLICY_ENFORCE_MMAC = 11;
+
+
     /** @hide */
     public static class PolicyInfo {
         public final int ident;
@@ -209,6 +219,9 @@ public final class DeviceAdminInfo implements Parcelable {
         sPoliciesDisplayOrder.add(new PolicyInfo(USES_POLICY_ENFORCE_SELINUX, "enforce-selinux",
                 com.android.internal.R.string.policylab_enforceSelinux,
                 com.android.internal.R.string.policydesc_enforceSelinux));
+        sPoliciesDisplayOrder.add(new PolicyInfo(USES_POLICY_ENFORCE_MMAC, "enforce-mmac",
+                com.android.internal.R.string.policylab_enforceMmac,
+                com.android.internal.R.string.policydesc_enforceMmac));
 
         for (int i=0; i<sPoliciesDisplayOrder.size(); i++) {
             PolicyInfo pi = sPoliciesDisplayOrder.get(i);
@@ -401,7 +414,8 @@ public final class DeviceAdminInfo implements Parcelable {
      * {@link #USES_POLICY_RESET_PASSWORD}, {@link #USES_POLICY_FORCE_LOCK},
      * {@link #USES_POLICY_WIPE_DATA},
      * {@link #USES_POLICY_EXPIRE_PASSWORD}, {@link #USES_ENCRYPTED_STORAGE},
-     * {@link #USES_POLICY_DISABLE_CAMERA}, {@link #USES_POLICY_ENFORCE_SELINUX}.
+     * {@link #USES_POLICY_DISABLE_CAMERA}, {@link #USES_POLICY_ENFORCE_SELINUX},
+     * {@link #USES_POLICY_ENFORCE_MMAC}.
      */
     public boolean usesPolicy(int policyIdent) {
         return (mUsesPolicies & (1<<policyIdent)) != 0;
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index b0fe60b..fb186a6 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -1640,6 +1640,134 @@ public class DevicePolicyManager {
         return false;
     }
 
+    /**
+     * Checks whether an admin app has control over SE Android MMAC policy.
+     *
+     * <p>The calling device admin must have requested
+     * {@link DeviceAdminInfo#USES_POLICY_ENFORCE_MMAC} to be able to call
+     * this method; if it has not, a security exception will be thrown.
+     *
+     * @param admin Which {@link DeviceAdminReceiver} this request is associated,
+     * must be self
+     * @return true if admin app can control MMAC policy, false otherwise
+     * @hide
+     */
+    public boolean isMMACadmin(ComponentName admin) {
+        return isMMACadmin(admin, UserHandle.myUserId());
+    }
+
+    /** @hide per-user version */
+    public boolean isMMACadmin(ComponentName admin, int userHandle) {
+        if (mService != null) {
+            try {
+                return mService.isMMACadmin(admin, userHandle);
+            } catch (RemoteException e) {
+                Log.w(TAG, "Failed talking with device policy server", e);
+            }
+        }
+        return false;
+    }
+
+    /**
+     * Called by an application that is administering the device to start or stop
+     * controlling SE Android MMAC policies, enforcement, etc. When an admin
+     * app gives up control of MMAC policies, the policy in place prior to the app
+     * taking control will be applied.
+     *
+     * <p>The calling device admin must have requested
+     * {@link DeviceAdminInfo#USES_POLICY_ENFORCE_MMAC} to be able to call
+     * this method; if it has not, a security exception will be thrown.
+     *
+     * <p>When an application gains control of MMAC settings, it is called an
+     * MMAC administrator. Admistration applications will call this with true and
+     * ensure this method returned true before attempting to toggle MMAC settings.
+     * When apps intend to stop controlling MMAC settings, apps should call this
+     * with false.
+     *
+     * @param admin Which {@link DeviceAdminReceiver} this request is associated,
+     * must be self
+     * @param control true if the admin wishes to control MMAC, false if the admin
+     * wishes to give back control of MMAC
+     * @return true if the operation succeeded, false if the operation failed or
+     * MMAC was not enabled on the device.
+     * @hide
+     */
+    public boolean setMMACadmin(ComponentName admin, boolean control) {
+        return setMMACadmin(admin, control, UserHandle.myUserId());
+    }
+
+    /** @hide per-user version */
+    public boolean setMMACadmin(ComponentName admin, boolean control, int userHandle) {
+        if (mService != null) {
+            try {
+                return mService.setMMACadmin(admin, control, userHandle);
+            } catch (RemoteException e) {
+                Log.w(TAG, "Failed talking with device policy server", e);
+            }
+        }
+        return false;
+    }
+
+    /**
+     * Called by an application that is a SEAndroid MMAC admin to set MMAC
+     * protections into enforcing or permissive mode. The system requires a
+     * reboot for the protections to take effect.
+     *
+     * <p>The calling device admin must have requested
+     * {@link DeviceAdminInfo#USES_POLICY_ENFORCE_MMAC} to be able to call
+     * this method; if it has not, a security exception will be thrown.
+     *
+     * @param admin Which {@link DeviceAdminReceiver} this request is associated with.
+     * @param enforcing true for enforcing mode, false for permissive mode.
+     * @return false if Android was unable to set the desired mode
+     * @hide
+     */
+    public boolean setMMACenforcing(ComponentName admin, boolean enforcing) {
+        return setMMACenforcing(admin, enforcing, UserHandle.myUserId());
+    }
+
+    /** @hide per-user version */
+    public boolean setMMACenforcing(ComponentName admin, boolean enforcing, int userHandle) {
+        if (mService != null) {
+            try {
+                return mService.setMMACenforcing(admin, enforcing, userHandle);
+            } catch (RemoteException e) {
+                Log.w(TAG, "Failed talking with device policy server", e);
+            }
+        }
+        return false;
+    }
+
+    /**
+     * Determine whether SE Android MMAC policies are being enforced by the
+     * current admin.
+     *
+     * <p>The calling device admin must have requested
+     * {@link DeviceAdminInfo#USES_POLICY_ENFORCE_MMAC} to be able to call
+     * this method; if it has not, a security exception will be thrown.
+     *
+     * <p>The returned value is only meaningful if the current admin is a
+     * MMAC admin.
+     *
+     * @param admin Which {@link DeviceAdminReceiver} this request is associated with.
+     * @hide
+     */
+    public boolean getMMACenforcing(ComponentName admin) {
+        return getMMACenforcing(admin, UserHandle.myUserId());
+    }
+
+    /** @hide per-user version */
+    public boolean getMMACenforcing(ComponentName admin, int userHandle) {
+        if (mService != null) {
+            try {
+                return mService.getMMACenforcing(admin, userHandle);
+            } catch (RemoteException e) {
+                Log.w(TAG, "Failed talking with device policy server", e);
+            }
+        }
+        return false;
+    }
+
     // Before changing these values, be sure to update
     // DevicePolicyManagerService.java's POLICY_DESCRIPTIONS array.
     /** @hide */
@@ -1651,7 +1779,9 @@ public class DevicePolicyManager {
     /** @hide */
     public static final int SEPOLICY_FILE_SEAPPCTXS = 3;
     /** @hide */
-    public static final int SEPOLICY_FILE_COUNT = SEPOLICY_FILE_SEAPPCTXS+1;
+    public static final int MMAC_POLICY_FILE = 4;
+    /** @hide */
+    public static final int SEPOLICY_FILE_COUNT = MMAC_POLICY_FILE+1;
 
     /**
      * Sets a new policy file and reloads it at the proper time.
@@ -1671,9 +1801,20 @@ public class DevicePolicyManager {
      * returned value is only meaingful if the current admin is a SELinux
      * admin.
      *
+     * <p>For {@link #MMAC_POLICY_FILE}, the admin must have requested
+     * {@link DeviceAdminInfo#USES_POLICY_ENFORCE_MMAC} before calling this
+     * method. If it has not, a security exception will be thrown.
+     *
+     * <p>For {@link #MMAC_POLICY_FILE}, the MMAC policy file is reloaded on
+     * reboot.
+     *
+     * <p>For {@link #MMAC_POLICY_FILE}, the returned value is only meaingful
+     * if the current admin is a MMAC admin.
+     *
      * @param admin which {@link DeviceAdminReceiver} this request is associated with
      * @param policyType one of {@link #SEPOLICY_FILE_SEPOLICY}, {@link #SEPOLICY_FILE_PROPCTXS},
-     * {@link #SEPOLICY_FILE_FILECTXS}, or {@link #SEPOLICY_FILE_SEAPPCTXS}
+     * {@link #SEPOLICY_FILE_FILECTXS}, {@link #SEPOLICY_FILE_SEAPPCTXS},
+     * or {@link #MMAC_POLICY_FILE}.
      * @param policy the new policy file in bytes, or null if you wish to revert to
      * the default policy
      * @return false if Android was unable to set the new policy
@@ -1709,9 +1850,17 @@ public class DevicePolicyManager {
      * returned value is only meaingful if the current admin is a SELinux
      * admin.
      *
+     * <p>For {@link #MMAC_POLICY_FILE}, the admin must have requested
+     * {@link DeviceAdminInfo#USES_POLICY_ENFORCE_MMAC} before calling this
+     * method. If it has not, a security exception will be thrown.
+     *
+     * <p>For {@link #MMAC_POLICY_FILE}, the returned value is only meaingful
+     * if the current admin is a MMAC admin.
+     *
      * @param admin which {@link DeviceAdminReceiver} this request is associated with
      * @param policyType one of {@link #SEPOLICY_FILE_SEPOLICY}, {@link #SEPOLICY_FILE_PROPCTXS},
-     * {@link #SEPOLICY_FILE_FILECTXS}, or {@link #SEPOLICY_FILE_SEAPPCTXS}
+     * {@link #SEPOLICY_FILE_FILECTXS}, {@link #SEPOLICY_FILE_SEAPPCTXS}, or
+     * {@link #MMAC_POLICY_FILE}
      * @return true if the admin set a custom policy file
      * @hide
      */
diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl
index 3e998fd..5a04604 100644
--- a/core/java/android/app/admin/IDevicePolicyManager.aidl
+++ b/core/java/android/app/admin/IDevicePolicyManager.aidl
@@ -103,6 +103,12 @@ interface IDevicePolicyManager {
     boolean getSELinuxBooleanValue(in ComponentName who, String name, int userHandle);
     boolean setSELinuxBooleanValue(in ComponentName who, String name, boolean value, int userHandle);
 
+    boolean isMMACadmin(in ComponentName who, int userHandle);
+    boolean setMMACadmin(in ComponentName who, boolean control, int userHandle);
+
+    boolean setMMACenforcing(in ComponentName who, boolean enforcing, int userHandle);
+    boolean getMMACenforcing(in ComponentName who, int userHandle);
+
     boolean setCustomPolicyFile(in ComponentName who, int policyType, in byte[] policy, int userHandle);
     boolean isCustomPolicyFile(in ComponentName who, int policyType, int userHandle);
 
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index f67e9b2..d71a24a 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -1824,6 +1824,10 @@
     <string name="policylab_enforceSelinux">Enforce SELinux</string>
     <!-- Description of policy access to start enforcing SELinux policy [CHAR LIMIT=110]-->
     <string name="policydesc_enforceSelinux">Toggle SELinux policy enforcing or permissive mode.</string>
+    <!-- Title of policy access to start enforcing SE Android MMAC policy [CHAR LIMIT=30]-->
+    <string name="policylab_enforceMmac">Enforce SE Android MMAC</string>
+    <!-- Description of policy access to start enforcing SE Android MMAC policy [CHAR LIMIT=110]-->
+    <string name="policydesc_enforceMmac">Toggle SE Android MMAC policy enforcing or permissive mode.</string>
 
     <!-- The order of these is important, don't reorder without changing Contacts.java --> <skip />
     <!-- Phone number types from android.provider.Contacts. This could be used when adding a new phone number for a contact, for example. -->
diff --git a/core/res/res/values/symbols.xml b/core/res/res/values/symbols.xml
index 06f9acb..ef66ddd 100644
--- a/core/res/res/values/symbols.xml
+++ b/core/res/res/values/symbols.xml
@@ -865,6 +865,8 @@
   <java-symbol type="string" name="owner_name" />
   <java-symbol type="string" name="policylab_enforceSelinux" />
   <java-symbol type="string" name="policydesc_enforceSelinux" />
+  <java-symbol type="string" name="policylab_enforceMmac" />
+  <java-symbol type="string" name="policydesc_enforceMmac" />
 
   <java-symbol type="plurals" name="abbrev_in_num_days" />
   <java-symbol type="plurals" name="abbrev_in_num_hours" />