Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3abd75ba authored by Kenny Root's avatar Kenny Root
Browse files

Add DUMP permission checks to services 

Some services have info that is not readily available any other way. Add
a permission check to those services.

Bug: 5389201
Change-Id: I5a9724ec89e1c11ef7813eeb52a6a05b3ea92af5
parent b9c13d09

core/java/android/accounts/AccountManagerService.java

+8 −0
Original line number Diff line number Diff line
@@ -1811,6 +1811,14 @@ public class AccountManagerService 
    }



    protected void dump(FileDescriptor fd, PrintWriter fout, String[] args) {

        if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.DUMP)

                != PackageManager.PERMISSION_GRANTED) {

            fout.println("Permission Denial: can't dump AccountsManager from from pid="

                    + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid()

                    + " without permission " + android.Manifest.permission.DUMP);

            return;

        }



        synchronized (mCacheLock) {

            final SQLiteDatabase db = mOpenHelper.getReadableDatabase();

services/java/com/android/server/am/ActivityManagerService.java

+24 −0
Original line number Diff line number Diff line
@@ -1318,6 +1318,14 @@ public final class ActivityManagerService extends ActivityManagerNative 














        @Override















        protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {













            if (mActivityManagerService.checkCallingPermission(android.Manifest.permission.DUMP)













                    != PackageManager.PERMISSION_GRANTED) {













                pw.println("Permission Denial: can't dump meminfo from from pid="













                        + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid()













                        + " without permission " + android.Manifest.permission.DUMP);













                return;













            }



























            mActivityManagerService.dumpApplicationMemoryUsage(fd, pw, "  ", args);















        }















    }









@@ -1330,6 +1338,14 @@ public final class ActivityManagerService extends ActivityManagerNative



























        @Override















        protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {













            if (mActivityManagerService.checkCallingPermission(android.Manifest.permission.DUMP)













                    != PackageManager.PERMISSION_GRANTED) {













                pw.println("Permission Denial: can't dump gfxinfo from from pid="













                        + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid()













                        + " without permission " + android.Manifest.permission.DUMP);













                return;













            }



























            mActivityManagerService.dumpGraphicsHardwareUsage(fd, pw, args);















        }















    }









@@ -1342,6 +1358,14 @@ public final class ActivityManagerService extends ActivityManagerNative



























        @Override















        protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {













            if (mActivityManagerService.checkCallingPermission(android.Manifest.permission.DUMP)













                    != PackageManager.PERMISSION_GRANTED) {













                pw.println("Permission Denial: can't dump cpuinfo from from pid="













                        + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid()













                        + " without permission " + android.Manifest.permission.DUMP);













                return;













            }



























            synchronized (mActivityManagerService.mProcessStatsThread) {















                pw.print(mActivityManagerService.mProcessStats.printCurrentLoad());















                pw.print(mActivityManagerService.mProcessStats.printCurrentState(

































services/java/com/android/server/am/BatteryStatsService.java



+9
−0




























Original line number
Diff line number
Diff line








@@ -21,6 +21,7 @@ import android.bluetooth.BluetoothHeadset;













import android.bluetooth.BluetoothProfile;















import android.content.Context;















import android.content.pm.ApplicationInfo;













import android.content.pm.PackageManager;















import android.os.Binder;















import android.os.IBinder;















import android.os.Parcel;










@@ -457,6 +458,14 @@ public final class BatteryStatsService extends IBatteryStats.Stub {





























    @Override















    protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {













        if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.DUMP)













                != PackageManager.PERMISSION_GRANTED) {













            pw.println("Permission Denial: can't dump BatteryStats from from pid="













                    + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid()













                    + " without permission " + android.Manifest.permission.DUMP);













            return;













        }





























        boolean isCheckin = false;















        boolean noOutput = false;















        if (args != null) {

































services/java/com/android/server/am/UsageStatsService.java



+9
−0




























Original line number
Diff line number
Diff line








@@ -19,6 +19,7 @@ package com.android.server.am;













import android.content.ComponentName;















import android.content.Context;















import android.content.pm.PackageInfo;













import android.content.pm.PackageManager;















import android.os.Binder;















import android.os.IBinder;















import android.os.FileUtils;










@@ -1034,6 +1035,14 @@ public final class UsageStatsService extends IUsageStats.Stub {













     * The data persisted to file is parsed and the stats are computed. 















     */















    protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {













        if (mContext.checkCallingPermission(android.Manifest.permission.DUMP)













                != PackageManager.PERMISSION_GRANTED) {













            pw.println("Permission Denial: can't dump UsageStats from from pid="













                    + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid()













                    + " without permission " + android.Manifest.permission.DUMP);













            return;













        }





























        final boolean isCheckinRequest = scanArgs(args, "--checkin");















        final boolean isCompactOutput = isCheckinRequest || scanArgs(args, "-c");















        final boolean deleteAfterPrint = isCheckinRequest || scanArgs(args, "-d");