Loading cmds/incidentd/README.md +2 −2 Original line number Diff line number Diff line Loading @@ -12,8 +12,8 @@ Run the test on a device manually ``` root$ mmm -j frameworks/base/cmds/incidentd && \ adb push $OUT/data/nativetest/incidentd_test/* /data/nativetest/incidentd_test/ && \ adb shell /data/nativetest/incidentd_test/incidentd_test 2>/dev/null adb push $OUT/data/nativetest/incidentd_test/* /data/nativetest/ && \ adb shell /data/nativetest/incidentd_test 2>/dev/null ``` Run the test via AndroidTest.xml Loading cmds/incidentd/incidentd.rc +1 −1 Original line number Diff line number Diff line Loading @@ -19,4 +19,4 @@ service incidentd /system/bin/incidentd on post-fs-data # Create directory for incidentd mkdir /data/misc/incidents 0770 root root mkdir /data/misc/incidents 0770 incidentd incidentd cmds/incidentd/src/FdBuffer.cpp +4 −0 Original line number Diff line number Diff line Loading @@ -63,12 +63,14 @@ FdBuffer::read(int fd, int64_t timeout) int64_t remainingTime = (mStartTime + timeout) - uptimeMillis(); if (remainingTime <= 0) { if (DEBUG) ALOGD("timed out due to long read"); mTimedOut = true; break; } int count = poll(&pfds, 1, remainingTime); if (count == 0) { if (DEBUG) ALOGD("timed out due to block calling poll"); mTimedOut = true; break; } else if (count < 0) { Loading Loading @@ -129,6 +131,7 @@ FdBuffer::readProcessedDataInStream(int fd, int toFd, int fromFd, int64_t timeou int64_t remainingTime = (mStartTime + timeoutMs) - uptimeMillis(); if (remainingTime <= 0) { if (DEBUG) ALOGD("timed out due to long read"); mTimedOut = true; break; } Loading @@ -136,6 +139,7 @@ FdBuffer::readProcessedDataInStream(int fd, int toFd, int fromFd, int64_t timeou // wait for any pfds to be ready to perform IO int count = poll(pfds, 3, remainingTime); if (count == 0) { if (DEBUG) ALOGD("timed out due to block calling poll"); mTimedOut = true; break; } else if (count < 0) { Loading cmds/incidentd/src/IncidentService.cpp +21 −6 Original line number Diff line number Diff line Loading @@ -43,8 +43,9 @@ String16 const DUMP_PERMISSION("android.permission.DUMP"); String16 const USAGE_STATS_PERMISSION("android.permission.PACKAGE_USAGE_STATS"); static Status checkIncidentPermissions() checkIncidentPermissions(const IncidentReportArgs& args) { // checking calling permission. if (!checkCallingPermission(DUMP_PERMISSION)) { ALOGW("Calling pid %d and uid %d does not have permission: android.permission.DUMP", IPCThreadState::self()->getCallingPid(), IPCThreadState::self()->getCallingUid()); Loading @@ -57,10 +58,24 @@ checkIncidentPermissions() return Status::fromExceptionCode(Status::EX_SECURITY, "Calling process does not have permission: android.permission.USAGE_STATS"); } // checking calling request uid permission. uid_t callingUid = IPCThreadState::self()->getCallingUid(); switch (args.dest()) { case DEST_LOCAL: if (callingUid != AID_SHELL || callingUid != AID_ROOT) { return Status::fromExceptionCode(Status::EX_SECURITY, "Calling process does not have permission to get local data."); } case DEST_EXPLICIT: if (callingUid != AID_SHELL || callingUid != AID_ROOT || callingUid != AID_STATSD || callingUid != AID_SYSTEM) { return Status::fromExceptionCode(Status::EX_SECURITY, "Calling process does not have permission to get explicit data."); } } return Status::ok(); } // ================================================================================ ReportRequestQueue::ReportRequestQueue() { Loading Loading @@ -196,7 +211,7 @@ IncidentService::reportIncident(const IncidentReportArgs& args) { ALOGI("reportIncident"); Status status = checkIncidentPermissions(); Status status = checkIncidentPermissions(args); if (!status.isOk()) { return status; } Loading @@ -212,7 +227,7 @@ IncidentService::reportIncidentToStream(const IncidentReportArgs& args, { ALOGI("reportIncidentToStream"); Status status = checkIncidentPermissions(); Status status = checkIncidentPermissions(args); if (!status.isOk()) { return status; } Loading cmds/incidentd/src/Reporter.cpp +1 −1 Original line number Diff line number Diff line Loading @@ -251,7 +251,7 @@ Reporter::create_file(int* fd) // Override umask. Not super critical. If it fails go on with life. chmod(filename, 0660); if (chown(filename, AID_SYSTEM, AID_SYSTEM)) { if (chown(filename, AID_INCIDENTD, AID_INCIDENTD)) { ALOGE("Unable to change ownership of incident file %s: %s\n", filename, strerror(errno)); status_t err = -errno; unlink(mFilename.c_str()); Loading Loading
cmds/incidentd/README.md +2 −2 Original line number Diff line number Diff line Loading @@ -12,8 +12,8 @@ Run the test on a device manually ``` root$ mmm -j frameworks/base/cmds/incidentd && \ adb push $OUT/data/nativetest/incidentd_test/* /data/nativetest/incidentd_test/ && \ adb shell /data/nativetest/incidentd_test/incidentd_test 2>/dev/null adb push $OUT/data/nativetest/incidentd_test/* /data/nativetest/ && \ adb shell /data/nativetest/incidentd_test 2>/dev/null ``` Run the test via AndroidTest.xml Loading
cmds/incidentd/incidentd.rc +1 −1 Original line number Diff line number Diff line Loading @@ -19,4 +19,4 @@ service incidentd /system/bin/incidentd on post-fs-data # Create directory for incidentd mkdir /data/misc/incidents 0770 root root mkdir /data/misc/incidents 0770 incidentd incidentd
cmds/incidentd/src/FdBuffer.cpp +4 −0 Original line number Diff line number Diff line Loading @@ -63,12 +63,14 @@ FdBuffer::read(int fd, int64_t timeout) int64_t remainingTime = (mStartTime + timeout) - uptimeMillis(); if (remainingTime <= 0) { if (DEBUG) ALOGD("timed out due to long read"); mTimedOut = true; break; } int count = poll(&pfds, 1, remainingTime); if (count == 0) { if (DEBUG) ALOGD("timed out due to block calling poll"); mTimedOut = true; break; } else if (count < 0) { Loading Loading @@ -129,6 +131,7 @@ FdBuffer::readProcessedDataInStream(int fd, int toFd, int fromFd, int64_t timeou int64_t remainingTime = (mStartTime + timeoutMs) - uptimeMillis(); if (remainingTime <= 0) { if (DEBUG) ALOGD("timed out due to long read"); mTimedOut = true; break; } Loading @@ -136,6 +139,7 @@ FdBuffer::readProcessedDataInStream(int fd, int toFd, int fromFd, int64_t timeou // wait for any pfds to be ready to perform IO int count = poll(pfds, 3, remainingTime); if (count == 0) { if (DEBUG) ALOGD("timed out due to block calling poll"); mTimedOut = true; break; } else if (count < 0) { Loading
cmds/incidentd/src/IncidentService.cpp +21 −6 Original line number Diff line number Diff line Loading @@ -43,8 +43,9 @@ String16 const DUMP_PERMISSION("android.permission.DUMP"); String16 const USAGE_STATS_PERMISSION("android.permission.PACKAGE_USAGE_STATS"); static Status checkIncidentPermissions() checkIncidentPermissions(const IncidentReportArgs& args) { // checking calling permission. if (!checkCallingPermission(DUMP_PERMISSION)) { ALOGW("Calling pid %d and uid %d does not have permission: android.permission.DUMP", IPCThreadState::self()->getCallingPid(), IPCThreadState::self()->getCallingUid()); Loading @@ -57,10 +58,24 @@ checkIncidentPermissions() return Status::fromExceptionCode(Status::EX_SECURITY, "Calling process does not have permission: android.permission.USAGE_STATS"); } // checking calling request uid permission. uid_t callingUid = IPCThreadState::self()->getCallingUid(); switch (args.dest()) { case DEST_LOCAL: if (callingUid != AID_SHELL || callingUid != AID_ROOT) { return Status::fromExceptionCode(Status::EX_SECURITY, "Calling process does not have permission to get local data."); } case DEST_EXPLICIT: if (callingUid != AID_SHELL || callingUid != AID_ROOT || callingUid != AID_STATSD || callingUid != AID_SYSTEM) { return Status::fromExceptionCode(Status::EX_SECURITY, "Calling process does not have permission to get explicit data."); } } return Status::ok(); } // ================================================================================ ReportRequestQueue::ReportRequestQueue() { Loading Loading @@ -196,7 +211,7 @@ IncidentService::reportIncident(const IncidentReportArgs& args) { ALOGI("reportIncident"); Status status = checkIncidentPermissions(); Status status = checkIncidentPermissions(args); if (!status.isOk()) { return status; } Loading @@ -212,7 +227,7 @@ IncidentService::reportIncidentToStream(const IncidentReportArgs& args, { ALOGI("reportIncidentToStream"); Status status = checkIncidentPermissions(); Status status = checkIncidentPermissions(args); if (!status.isOk()) { return status; } Loading
cmds/incidentd/src/Reporter.cpp +1 −1 Original line number Diff line number Diff line Loading @@ -251,7 +251,7 @@ Reporter::create_file(int* fd) // Override umask. Not super critical. If it fails go on with life. chmod(filename, 0660); if (chown(filename, AID_SYSTEM, AID_SYSTEM)) { if (chown(filename, AID_INCIDENTD, AID_INCIDENTD)) { ALOGE("Unable to change ownership of incident file %s: %s\n", filename, strerror(errno)); status_t err = -errno; unlink(mFilename.c_str()); Loading
