Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 54762b29 authored by Stanislav Zholnin's avatar Stanislav Zholnin
Browse files

Prevent developer provided strings from being uploaded through statsd. 

 - in situation when developer provides message when op is noted, do not
report it through stack trace collection infrastructure
 - collect only statcktraces for OP_FLAG_SELF and OP_FLAG_TRUSTED_PROXIED to
match collection of appops counts

Test: atest  android.app.appops.cts.RuntimeMessageCollectionTest
Fixes: 159433071
Change-Id: I1ab56a530832873a1f1f68aba5ab6eabc9e8a17a
parent 2a02c8e3

core/java/android/app/AppOpsManager.java

+11 −3
Original line number Diff line number Diff line
@@ -7370,15 +7370,17 @@ public class AppOpsManager { 
        try {

            collectNoteOpCallsForValidation(op);

            int collectionMode = getNotedOpCollectionMode(uid, packageName, op);

            boolean shouldCollectMessage = Process.myUid() == Process.SYSTEM_UID ? true : false;

            if (collectionMode == COLLECT_ASYNC) {

                if (message == null) {

                    // Set stack trace as default message

                    message = getFormattedStackTrace();

                    shouldCollectMessage = true;

                }

            }



            int mode = mService.noteOperation(op, uid, packageName, attributionTag,

                    collectionMode == COLLECT_ASYNC, message);

                    collectionMode == COLLECT_ASYNC, message, shouldCollectMessage);



            if (mode == MODE_ALLOWED) {

                if (collectionMode == COLLECT_SELF) {
@@ -7531,16 +7533,19 @@ public class AppOpsManager { 
        try {

            collectNoteOpCallsForValidation(op);

            int collectionMode = getNotedOpCollectionMode(proxiedUid, proxiedPackageName, op);

            boolean shouldCollectMessage = myUid == Process.SYSTEM_UID ? true : false;

            if (collectionMode == COLLECT_ASYNC) {

                if (message == null) {

                    // Set stack trace as default message

                    message = getFormattedStackTrace();

                    shouldCollectMessage = true;

                }

            }



            int mode = mService.noteProxyOperation(op, proxiedUid, proxiedPackageName,

                    proxiedAttributionTag, myUid, mContext.getOpPackageName(),

                    mContext.getAttributionTag(), collectionMode == COLLECT_ASYNC, message);

                    mContext.getAttributionTag(), collectionMode == COLLECT_ASYNC, message,

                    shouldCollectMessage);



            if (mode == MODE_ALLOWED) {

                if (collectionMode == COLLECT_SELF) {
@@ -7855,15 +7860,18 @@ public class AppOpsManager { 
        try {

            collectNoteOpCallsForValidation(op);

            int collectionMode = getNotedOpCollectionMode(uid, packageName, op);

            boolean shouldCollectMessage = Process.myUid() == Process.SYSTEM_UID ? true : false;

            if (collectionMode == COLLECT_ASYNC) {

                if (message == null) {

                    // Set stack trace as default message

                    message = getFormattedStackTrace();

                    shouldCollectMessage = true;

                }

            }



            int mode = mService.startOperation(getClientId(), op, uid, packageName,

                    attributionTag, startIfModeDefault, collectionMode == COLLECT_ASYNC, message);

                    attributionTag, startIfModeDefault, collectionMode == COLLECT_ASYNC, message,

                    shouldCollectMessage);



            if (mode == MODE_ALLOWED) {

                if (collectionMode == COLLECT_SELF) {

core/java/android/app/AppOpsManagerInternal.java

+4 −4
Original line number Diff line number Diff line
@@ -22,7 +22,7 @@ import android.util.SparseArray; 
import android.util.SparseIntArray;



import com.android.internal.app.IAppOpsCallback;

import com.android.internal.util.function.HexFunction;

import com.android.internal.util.function.HeptFunction;

import com.android.internal.util.function.QuadFunction;



/**
@@ -73,9 +73,9 @@ public abstract class AppOpsManagerInternal { 
         */

        int noteOperation(int code, int uid, @Nullable String packageName,

                @Nullable String featureId, boolean shouldCollectAsyncNotedOp,

                @Nullable String message,

                @NonNull HexFunction<Integer, Integer, String, String, Boolean, String, Integer>

                        superImpl);

                @Nullable String message, boolean shouldCollectMessage,

                @NonNull HeptFunction<Integer, Integer, String, String, Boolean, String, Boolean,

                        Integer> superImpl);

    }



    /**

core/java/com/android/internal/app/IAppOpsService.aidl

+4 −3
Original line number Diff line number Diff line
@@ -36,10 +36,10 @@ interface IAppOpsService { 
    // and not be reordered

    int checkOperation(int code, int uid, String packageName);

    int noteOperation(int code, int uid, String packageName, @nullable String attributionTag,

            boolean shouldCollectAsyncNotedOp, String message);

            boolean shouldCollectAsyncNotedOp, String message, boolean shouldCollectMessage);

    int startOperation(IBinder clientId, int code, int uid, String packageName,

            @nullable String attributionTag, boolean startIfModeDefault,

            boolean shouldCollectAsyncNotedOp, String message);

            boolean shouldCollectAsyncNotedOp, String message, boolean shouldCollectMessage);

    @UnsupportedAppUsage

    void finishOperation(IBinder clientId, int code, int uid, String packageName,

            @nullable String attributionTag);
@@ -54,7 +54,8 @@ interface IAppOpsService { 


    int noteProxyOperation(int code, int proxiedUid, String proxiedPackageName,

            String proxiedAttributionTag, int proxyUid, String proxyPackageName,

            String proxyAttributionTag, boolean shouldCollectAsyncNotedOp, String message);

            String proxyAttributionTag, boolean shouldCollectAsyncNotedOp, String message,

            boolean shouldCollectMessage);



    // Remaining methods are only used in Java.

    int checkPackage(int uid, String packageName);

services/core/java/com/android/server/am/ActiveServices.java

+2 −2
Original line number Diff line number Diff line
@@ -622,7 +622,7 @@ public final class ActiveServices { 
            }

            mAm.mAppOpsService.startOperation(AppOpsManager.getToken(mAm.mAppOpsService),

                    AppOpsManager.OP_START_FOREGROUND, r.appInfo.uid, r.packageName, null,

                    true, false, null);

                    true, false, null, false);

        }



        final ServiceMap smap = getServiceMapLocked(r.userId);
@@ -1464,7 +1464,7 @@ public final class ActiveServices { 
                        mAm.mAppOpsService.startOperation(

                                AppOpsManager.getToken(mAm.mAppOpsService),

                                AppOpsManager.OP_START_FOREGROUND, r.appInfo.uid, r.packageName,

                                null, true, false, "");

                                null, true, false, "", false);

                        FrameworkStatsLog.write(FrameworkStatsLog.FOREGROUND_SERVICE_STATE_CHANGED,

                                r.appInfo.uid, r.shortInstanceName,

                                FrameworkStatsLog.FOREGROUND_SERVICE_STATE_CHANGED__STATE__ENTER,

services/core/java/com/android/server/am/ActivityManagerService.java

+10 −12
Original line number Diff line number Diff line
@@ -335,7 +335,7 @@ import com.android.internal.util.FastPrintWriter; 
import com.android.internal.util.FrameworkStatsLog;

import com.android.internal.util.MemInfoReader;

import com.android.internal.util.Preconditions;

import com.android.internal.util.function.HexFunction;

import com.android.internal.util.function.HeptFunction;

import com.android.internal.util.function.QuadFunction;

import com.android.internal.util.function.TriFunction;

import com.android.server.AlarmManagerInternal;
@@ -405,9 +405,7 @@ import java.util.Locale; 
import java.util.Map;

import java.util.Objects;

import java.util.Set;

import java.util.concurrent.CompletableFuture;

import java.util.concurrent.CountDownLatch;

import java.util.concurrent.ExecutionException;

import java.util.concurrent.Executor;

import java.util.concurrent.atomic.AtomicBoolean;

import java.util.concurrent.atomic.AtomicInteger;
@@ -3272,7 +3270,7 @@ public class ActivityManagerService extends IActivityManager.Stub 














    private boolean hasUsageStatsPermission(String callingPackage) {















        final int mode = mAppOpsService.noteOperation(AppOpsManager.OP_GET_USAGE_STATS,













                Binder.getCallingUid(), callingPackage, null, false, "");













                Binder.getCallingUid(), callingPackage, null, false, "", false);















        if (mode == AppOpsManager.MODE_DEFAULT) {















            return checkCallingPermission(Manifest.permission.PACKAGE_USAGE_STATS)















                    == PackageManager.PERMISSION_GRANTED;










@@ -6100,7 +6098,7 @@ public class ActivityManagerService extends IActivityManager.Stub













            // TODO moltmann: Allow to specify featureId















            return mActivityManagerService.mAppOpsService















                    .noteOperation(AppOpsManager.strOpToOp(op), uid, packageName, null,













                            false, "");













                            false, "", false);















        }





























        @Override










@@ -20143,8 +20141,8 @@ public class ActivityManagerService extends IActivityManager.Stub













        private final int mTargetUid;















        private @Nullable String[] mPermissions;



























        ShellDelegate(String targetPacakgeName, int targetUid, @Nullable String[] permissions) {













            mTargetPackageName = targetPacakgeName;













        ShellDelegate(String targetPackageName, int targetUid, @Nullable String[] permissions) {













            mTargetPackageName = targetPackageName;















            mTargetUid = targetUid;















            mPermissions = permissions;















        }










@@ -20191,20 +20189,20 @@ public class ActivityManagerService extends IActivityManager.Stub













        @Override















        public int noteOperation(int code, int uid, @Nullable String packageName,















                @Nullable String featureId, boolean shouldCollectAsyncNotedOp,













                @Nullable String message,













                @NonNull HexFunction<Integer, Integer, String, String, Boolean, String, Integer>













                        superImpl) {













                @Nullable String message, boolean shouldCollectMessage,













                @NonNull HeptFunction<Integer, Integer, String, String, Boolean, String, Boolean,













                        Integer> superImpl) {















            if (uid == mTargetUid && isTargetOp(code)) {















                final long identity = Binder.clearCallingIdentity();















                try {















                    return superImpl.apply(code, Process.SHELL_UID, "com.android.shell", featureId,













                            shouldCollectAsyncNotedOp, message);













                            shouldCollectAsyncNotedOp, message, shouldCollectMessage);















                } finally {















                    Binder.restoreCallingIdentity(identity);















                }















            }















            return superImpl.apply(code, uid, packageName, featureId, shouldCollectAsyncNotedOp,













                    message);













                    message, shouldCollectMessage);















        }





























        @Override