Loading cmds/dumpstate/DumpstateService.cpp +25 −4 Original line number Diff line number Diff line Loading @@ -39,8 +39,13 @@ struct DumpstateInfo { std::string calling_package; }; static binder::Status exception(uint32_t code, const std::string& msg) { static binder::Status exception(uint32_t code, const std::string& msg, const std::string& extra_msg = "") { if (extra_msg.empty()) { MYLOGE("%s (%d) ", msg.c_str(), code); } else { MYLOGE("%s %s (%d) ", msg.c_str(), extra_msg.c_str(), code); } return binder::Status::fromExceptionCode(code, String8(msg.c_str())); } Loading @@ -60,7 +65,7 @@ static binder::Status exception(uint32_t code, const std::string& msg) { } // namespace DumpstateService::DumpstateService() : ds_(nullptr) { DumpstateService::DumpstateService() : ds_(nullptr), calling_uid_(-1), calling_package_() { } char const* DumpstateService::getServiceName() { Loading Loading @@ -131,6 +136,10 @@ binder::Status DumpstateService::startBugreport(int32_t calling_uid, ds_->SetOptions(std::move(options)); ds_->listener_ = listener; // Track caller info for cancellation purposes. calling_uid_ = calling_uid; calling_package_ = calling_package; DumpstateInfo* ds_info = new DumpstateInfo(); ds_info->ds = ds_; ds_info->calling_uid = calling_uid; Loading @@ -149,8 +158,20 @@ binder::Status DumpstateService::startBugreport(int32_t calling_uid, return binder::Status::ok(); } binder::Status DumpstateService::cancelBugreport() { binder::Status DumpstateService::cancelBugreport(int32_t calling_uid, const std::string& calling_package) { std::lock_guard<std::mutex> lock(lock_); if (calling_uid != calling_uid_ || calling_package != calling_package_) { // Note: we use a SecurityException to prevent BugreportManagerServiceImpl from killing the // report in progress (from another caller). return exception( binder::Status::EX_SECURITY, StringPrintf("Cancellation requested by %d/%s does not match report in " "progress", calling_uid, calling_package.c_str()), // Sharing the owner of the BR is a (minor) leak, so leave it out of the app's exception StringPrintf("started by %d/%s", calling_uid_, calling_package_.c_str())); } ds_->Cancel(); return binder::Status::ok(); } Loading cmds/dumpstate/DumpstateService.h +3 −2 Original line number Diff line number Diff line Loading @@ -44,8 +44,7 @@ class DumpstateService : public BinderService<DumpstateService>, public BnDumpst const sp<IDumpstateListener>& listener, bool is_screenshot_requested) override; // No-op binder::Status cancelBugreport(); binder::Status cancelBugreport(int32_t calling_uid, const std::string& calling_package); private: // Dumpstate object which contains all the bugreporting logic. Loading @@ -53,6 +52,8 @@ class DumpstateService : public BinderService<DumpstateService>, public BnDumpst // one bugreport. // This service does not own this object. Dumpstate* ds_; int32_t calling_uid_; std::string calling_package_; std::mutex lock_; }; Loading cmds/dumpstate/binder/android/os/IDumpstate.aidl +15 −8 Original line number Diff line number Diff line /** /* * Copyright (c) 2016, The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); Loading Loading @@ -49,7 +49,7 @@ interface IDumpstate { // Default mode. const int BUGREPORT_MODE_DEFAULT = 6; /* /** * Starts a bugreport in the background. * * <p>Shows the user a dialog to get consent for sharing the bugreport with the calling Loading @@ -71,8 +71,15 @@ interface IDumpstate { int bugreportMode, IDumpstateListener listener, boolean isScreenshotRequested); /* /** * Cancels the bugreport currently in progress. * * <p>The caller must match the original caller of {@link #startBugreport} in order for the * report to actually be cancelled. A {@link SecurityException} is reported if a mismatch is * detected. * * @param callingUid UID of the original application that requested the cancellation. * @param callingPackage package of the original application that requested the cancellation. */ void cancelBugreport(); void cancelBugreport(int callingUid, @utf8InCpp String callingPackage); } Loading
cmds/dumpstate/DumpstateService.cpp +25 −4 Original line number Diff line number Diff line Loading @@ -39,8 +39,13 @@ struct DumpstateInfo { std::string calling_package; }; static binder::Status exception(uint32_t code, const std::string& msg) { static binder::Status exception(uint32_t code, const std::string& msg, const std::string& extra_msg = "") { if (extra_msg.empty()) { MYLOGE("%s (%d) ", msg.c_str(), code); } else { MYLOGE("%s %s (%d) ", msg.c_str(), extra_msg.c_str(), code); } return binder::Status::fromExceptionCode(code, String8(msg.c_str())); } Loading @@ -60,7 +65,7 @@ static binder::Status exception(uint32_t code, const std::string& msg) { } // namespace DumpstateService::DumpstateService() : ds_(nullptr) { DumpstateService::DumpstateService() : ds_(nullptr), calling_uid_(-1), calling_package_() { } char const* DumpstateService::getServiceName() { Loading Loading @@ -131,6 +136,10 @@ binder::Status DumpstateService::startBugreport(int32_t calling_uid, ds_->SetOptions(std::move(options)); ds_->listener_ = listener; // Track caller info for cancellation purposes. calling_uid_ = calling_uid; calling_package_ = calling_package; DumpstateInfo* ds_info = new DumpstateInfo(); ds_info->ds = ds_; ds_info->calling_uid = calling_uid; Loading @@ -149,8 +158,20 @@ binder::Status DumpstateService::startBugreport(int32_t calling_uid, return binder::Status::ok(); } binder::Status DumpstateService::cancelBugreport() { binder::Status DumpstateService::cancelBugreport(int32_t calling_uid, const std::string& calling_package) { std::lock_guard<std::mutex> lock(lock_); if (calling_uid != calling_uid_ || calling_package != calling_package_) { // Note: we use a SecurityException to prevent BugreportManagerServiceImpl from killing the // report in progress (from another caller). return exception( binder::Status::EX_SECURITY, StringPrintf("Cancellation requested by %d/%s does not match report in " "progress", calling_uid, calling_package.c_str()), // Sharing the owner of the BR is a (minor) leak, so leave it out of the app's exception StringPrintf("started by %d/%s", calling_uid_, calling_package_.c_str())); } ds_->Cancel(); return binder::Status::ok(); } Loading
cmds/dumpstate/DumpstateService.h +3 −2 Original line number Diff line number Diff line Loading @@ -44,8 +44,7 @@ class DumpstateService : public BinderService<DumpstateService>, public BnDumpst const sp<IDumpstateListener>& listener, bool is_screenshot_requested) override; // No-op binder::Status cancelBugreport(); binder::Status cancelBugreport(int32_t calling_uid, const std::string& calling_package); private: // Dumpstate object which contains all the bugreporting logic. Loading @@ -53,6 +52,8 @@ class DumpstateService : public BinderService<DumpstateService>, public BnDumpst // one bugreport. // This service does not own this object. Dumpstate* ds_; int32_t calling_uid_; std::string calling_package_; std::mutex lock_; }; Loading
cmds/dumpstate/binder/android/os/IDumpstate.aidl +15 −8 Original line number Diff line number Diff line /** /* * Copyright (c) 2016, The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); Loading Loading @@ -49,7 +49,7 @@ interface IDumpstate { // Default mode. const int BUGREPORT_MODE_DEFAULT = 6; /* /** * Starts a bugreport in the background. * * <p>Shows the user a dialog to get consent for sharing the bugreport with the calling Loading @@ -71,8 +71,15 @@ interface IDumpstate { int bugreportMode, IDumpstateListener listener, boolean isScreenshotRequested); /* /** * Cancels the bugreport currently in progress. * * <p>The caller must match the original caller of {@link #startBugreport} in order for the * report to actually be cancelled. A {@link SecurityException} is reported if a mismatch is * detected. * * @param callingUid UID of the original application that requested the cancellation. * @param callingPackage package of the original application that requested the cancellation. */ void cancelBugreport(); void cancelBugreport(int callingUid, @utf8InCpp String callingPackage); }
