Loading api/system-current.txt +10 −11 Original line number Diff line number Diff line Loading @@ -3079,16 +3079,15 @@ package android.location { } public final class GnssCapabilities { method public boolean hasCapability(int); field public static final int GEOFENCING = 2; // 0x2 field public static final int LOW_POWER_MODE = 0; // 0x0 field public static final int MEASUREMENTS = 3; // 0x3 field public static final int MEASUREMENT_CORRECTIONS = 5; // 0x5 field public static final int MEASUREMENT_CORRECTIONS_EXCESS_PATH_LENGTH = 7; // 0x7 field public static final int MEASUREMENT_CORRECTIONS_LOS_SATS = 6; // 0x6 field public static final int MEASUREMENT_CORRECTIONS_REFLECTING_PLANE = 8; // 0x8 field public static final int NAV_MESSAGES = 4; // 0x4 field public static final int SATELLITE_BLACKLIST = 1; // 0x1 method public boolean hasGeofencing(); method public boolean hasLowPowerMode(); method public boolean hasMeasurementCorrections(); method public boolean hasMeasurementCorrectionsExcessPathLength(); method public boolean hasMeasurementCorrectionsLosSats(); method public boolean hasMeasurementCorrectionsReflectingPane(); method public boolean hasMeasurements(); method public boolean hasNavMessages(); method public boolean hasSatelliteBlacklist(); } public final class GnssMeasurementCorrections implements android.os.Parcelable { Loading Loading @@ -3399,7 +3398,7 @@ package android.location { method @RequiresPermission(android.Manifest.permission.LOCATION_HARDWARE) public void flushGnssBatch(); method @Nullable public String getExtraLocationControllerPackage(); method @RequiresPermission(android.Manifest.permission.LOCATION_HARDWARE) public int getGnssBatchSize(); method @Nullable public android.location.GnssCapabilities getGnssCapabilities(); method @NonNull @RequiresPermission(android.Manifest.permission.ACCESS_FINE_LOCATION) public android.location.GnssCapabilities getGnssCapabilities(); method @RequiresPermission(android.Manifest.permission.ACCESS_FINE_LOCATION) public void injectGnssMeasurementCorrections(@NonNull android.location.GnssMeasurementCorrections); method public boolean isExtraLocationControllerPackageEnabled(); method public boolean isLocationEnabledForUser(@NonNull android.os.UserHandle); Loading cmds/incidentd/Android.bp +14 −0 Original line number Diff line number Diff line Loading @@ -59,6 +59,12 @@ cc_binary { "libservices", "libutils", "libprotobuf-cpp-lite", "libcrypto", "libkeystore_aidl", "libkeystore_binder", "libkeystore_parcelables", "android.hardware.keymaster@4.0", "libkeymaster4support", ], static_libs: [ Loading Loading @@ -111,6 +117,8 @@ cc_test { "src/incidentd_util.cpp", "src/proto_util.cpp", "src/report_directory.cpp", "src/cipher/IncidentKeyStore.cpp", "src/cipher/ProtoEncryption.cpp", "src/**/*.proto", ], Loading @@ -132,6 +140,12 @@ cc_test { "libprotoutil", "libservices", "libutils", "libcrypto", "libkeystore_aidl", "libkeystore_binder", "libkeystore_parcelables", "android.hardware.keymaster@4.0", "libkeymaster4support", ], target: { Loading cmds/incidentd/src/Privacy.cpp +2 −0 Original line number Diff line number Diff line Loading @@ -37,6 +37,8 @@ const Privacy* lookup(const Privacy* p, uint32_t fieldId) { return NULL; } bool sectionEncryption(int section_id) { return section_id == 3025 /*restricted image section*/; } static bool isAllowed(const uint8_t policy, const uint8_t check) { switch (check) { case PRIVACY_POLICY_LOCAL: Loading cmds/incidentd/src/Privacy.h +3 −0 Original line number Diff line number Diff line Loading @@ -87,6 +87,9 @@ private: uint8_t mPolicy; }; // TODO: Add privacy flag in incident.proto and auto generate it inside Privacy. bool sectionEncryption(int section_id); } // namespace incidentd } // namespace os } // namespace android Loading cmds/incidentd/src/PrivacyFilter.cpp +68 −21 Original line number Diff line number Diff line Loading @@ -16,15 +16,18 @@ #define DEBUG false #include "Log.h" #include "incidentd_util.h" #include "PrivacyFilter.h" #include "proto_util.h" #include <android-base/file.h> #include <android/util/protobuf.h> #include <android/util/ProtoFileReader.h> #include <android/util/protobuf.h> #include <log/log.h> #include "cipher/IncidentKeyStore.h" #include "cipher/ProtoEncryption.h" #include "incidentd_util.h" #include "proto_util.h" namespace android { namespace os { namespace incidentd { Loading Loading @@ -141,6 +144,8 @@ public: */ status_t writeData(int fd); sp<ProtoReader> getData() { return mData; } private: /** * The global set of field --> required privacy level mapping. Loading Loading @@ -247,8 +252,47 @@ void PrivacyFilter::addFd(const sp<FilterFd>& output) { mOutputs.push_back(output); } status_t PrivacyFilter::writeData(const FdBuffer& buffer, uint8_t bufferLevel, size_t* maxSize) { static void write_section_to_file(int sectionId, FieldStripper& fieldStripper, sp<FilterFd> output, bool encryptIfNeeded) { status_t err; if (sectionEncryption(sectionId) && encryptIfNeeded) { ProtoEncryptor encryptor(fieldStripper.getData()); size_t encryptedSize = encryptor.encrypt(); if (encryptedSize <= 0) { output->onWriteError(BAD_VALUE); return; } err = write_section_header(output->getFd(), sectionId, encryptedSize); VLOG("Encrypted: write section header size %lu", (unsigned long)encryptedSize); encryptor.flush(output->getFd()); if (err != NO_ERROR) { output->onWriteError(err); return; } } else { err = write_section_header(output->getFd(), sectionId, fieldStripper.dataSize()); VLOG("No encryption: write section header size %lu", (unsigned long)fieldStripper.dataSize()); if (err != NO_ERROR) { output->onWriteError(err); return; } err = fieldStripper.writeData(output->getFd()); if (err != NO_ERROR) { output->onWriteError(err); return; } } } status_t PrivacyFilter::writeData(const FdBuffer& buffer, uint8_t bufferLevel, size_t* maxSize, bool encryptIfNeeded) { status_t err; if (maxSize != NULL) { Loading Loading @@ -279,17 +323,7 @@ status_t PrivacyFilter::writeData(const FdBuffer& buffer, uint8_t bufferLevel, // Write the resultant buffer to the fd, along with the header. ssize_t dataSize = fieldStripper.dataSize(); if (dataSize > 0) { err = write_section_header(output->getFd(), mSectionId, dataSize); if (err != NO_ERROR) { output->onWriteError(err); continue; } err = fieldStripper.writeData(output->getFd()); if (err != NO_ERROR) { output->onWriteError(err); continue; } write_section_to_file(mSectionId, fieldStripper, output, encryptIfNeeded); } if (maxSize != NULL) { Loading Loading @@ -334,14 +368,25 @@ status_t filter_and_write_report(int to, int from, uint8_t bufferLevel, uint32_t fieldId = read_field_id(fieldTag); uint8_t wireType = read_wire_type(fieldTag); if (wireType == WIRE_TYPE_LENGTH_DELIMITED && args.containsSection(fieldId)) { VLOG("Read section %d", fieldId); // We need this field, but we need to strip it to the level provided in args. PrivacyFilter filter(fieldId, get_privacy_of_section(fieldId)); filter.addFd(new ReadbackFilterFd(args.getPrivacyPolicy(), to)); // Read this section from the reader into an FdBuffer size_t sectionSize = reader->readRawVarint(); FdBuffer sectionData; // Write data to FdBuffer, if the section was encrypted, decrypt first. if (sectionEncryption(fieldId)) { VLOG("sectionSize %lu", (unsigned long)sectionSize); ProtoDecryptor decryptor(reader, sectionSize); err = decryptor.decryptAndFlush(§ionData); } else { err = sectionData.write(reader, sectionSize); } if (err != NO_ERROR) { ALOGW("filter_and_write_report FdBuffer.write failed (this shouldn't happen): %s", strerror(-err)); Loading @@ -349,7 +394,8 @@ status_t filter_and_write_report(int to, int from, uint8_t bufferLevel, } // Do the filter and write. err = filter.writeData(sectionData, bufferLevel, nullptr); err = filter.writeData(sectionData, bufferLevel, nullptr, false /* do not encrypt again*/); if (err != NO_ERROR) { ALOGW("filter_and_write_report filter.writeData had an error: %s", strerror(-err)); return err; Loading @@ -358,6 +404,7 @@ status_t filter_and_write_report(int to, int from, uint8_t bufferLevel, // We don't need this field. Incident does not have any direct children // other than sections. So just skip them. write_field_or_skip(NULL, reader, fieldTag, true); VLOG("Skip this.... section %d", fieldId); } } Loading Loading
api/system-current.txt +10 −11 Original line number Diff line number Diff line Loading @@ -3079,16 +3079,15 @@ package android.location { } public final class GnssCapabilities { method public boolean hasCapability(int); field public static final int GEOFENCING = 2; // 0x2 field public static final int LOW_POWER_MODE = 0; // 0x0 field public static final int MEASUREMENTS = 3; // 0x3 field public static final int MEASUREMENT_CORRECTIONS = 5; // 0x5 field public static final int MEASUREMENT_CORRECTIONS_EXCESS_PATH_LENGTH = 7; // 0x7 field public static final int MEASUREMENT_CORRECTIONS_LOS_SATS = 6; // 0x6 field public static final int MEASUREMENT_CORRECTIONS_REFLECTING_PLANE = 8; // 0x8 field public static final int NAV_MESSAGES = 4; // 0x4 field public static final int SATELLITE_BLACKLIST = 1; // 0x1 method public boolean hasGeofencing(); method public boolean hasLowPowerMode(); method public boolean hasMeasurementCorrections(); method public boolean hasMeasurementCorrectionsExcessPathLength(); method public boolean hasMeasurementCorrectionsLosSats(); method public boolean hasMeasurementCorrectionsReflectingPane(); method public boolean hasMeasurements(); method public boolean hasNavMessages(); method public boolean hasSatelliteBlacklist(); } public final class GnssMeasurementCorrections implements android.os.Parcelable { Loading Loading @@ -3399,7 +3398,7 @@ package android.location { method @RequiresPermission(android.Manifest.permission.LOCATION_HARDWARE) public void flushGnssBatch(); method @Nullable public String getExtraLocationControllerPackage(); method @RequiresPermission(android.Manifest.permission.LOCATION_HARDWARE) public int getGnssBatchSize(); method @Nullable public android.location.GnssCapabilities getGnssCapabilities(); method @NonNull @RequiresPermission(android.Manifest.permission.ACCESS_FINE_LOCATION) public android.location.GnssCapabilities getGnssCapabilities(); method @RequiresPermission(android.Manifest.permission.ACCESS_FINE_LOCATION) public void injectGnssMeasurementCorrections(@NonNull android.location.GnssMeasurementCorrections); method public boolean isExtraLocationControllerPackageEnabled(); method public boolean isLocationEnabledForUser(@NonNull android.os.UserHandle); Loading
cmds/incidentd/Android.bp +14 −0 Original line number Diff line number Diff line Loading @@ -59,6 +59,12 @@ cc_binary { "libservices", "libutils", "libprotobuf-cpp-lite", "libcrypto", "libkeystore_aidl", "libkeystore_binder", "libkeystore_parcelables", "android.hardware.keymaster@4.0", "libkeymaster4support", ], static_libs: [ Loading Loading @@ -111,6 +117,8 @@ cc_test { "src/incidentd_util.cpp", "src/proto_util.cpp", "src/report_directory.cpp", "src/cipher/IncidentKeyStore.cpp", "src/cipher/ProtoEncryption.cpp", "src/**/*.proto", ], Loading @@ -132,6 +140,12 @@ cc_test { "libprotoutil", "libservices", "libutils", "libcrypto", "libkeystore_aidl", "libkeystore_binder", "libkeystore_parcelables", "android.hardware.keymaster@4.0", "libkeymaster4support", ], target: { Loading
cmds/incidentd/src/Privacy.cpp +2 −0 Original line number Diff line number Diff line Loading @@ -37,6 +37,8 @@ const Privacy* lookup(const Privacy* p, uint32_t fieldId) { return NULL; } bool sectionEncryption(int section_id) { return section_id == 3025 /*restricted image section*/; } static bool isAllowed(const uint8_t policy, const uint8_t check) { switch (check) { case PRIVACY_POLICY_LOCAL: Loading
cmds/incidentd/src/Privacy.h +3 −0 Original line number Diff line number Diff line Loading @@ -87,6 +87,9 @@ private: uint8_t mPolicy; }; // TODO: Add privacy flag in incident.proto and auto generate it inside Privacy. bool sectionEncryption(int section_id); } // namespace incidentd } // namespace os } // namespace android Loading
cmds/incidentd/src/PrivacyFilter.cpp +68 −21 Original line number Diff line number Diff line Loading @@ -16,15 +16,18 @@ #define DEBUG false #include "Log.h" #include "incidentd_util.h" #include "PrivacyFilter.h" #include "proto_util.h" #include <android-base/file.h> #include <android/util/protobuf.h> #include <android/util/ProtoFileReader.h> #include <android/util/protobuf.h> #include <log/log.h> #include "cipher/IncidentKeyStore.h" #include "cipher/ProtoEncryption.h" #include "incidentd_util.h" #include "proto_util.h" namespace android { namespace os { namespace incidentd { Loading Loading @@ -141,6 +144,8 @@ public: */ status_t writeData(int fd); sp<ProtoReader> getData() { return mData; } private: /** * The global set of field --> required privacy level mapping. Loading Loading @@ -247,8 +252,47 @@ void PrivacyFilter::addFd(const sp<FilterFd>& output) { mOutputs.push_back(output); } status_t PrivacyFilter::writeData(const FdBuffer& buffer, uint8_t bufferLevel, size_t* maxSize) { static void write_section_to_file(int sectionId, FieldStripper& fieldStripper, sp<FilterFd> output, bool encryptIfNeeded) { status_t err; if (sectionEncryption(sectionId) && encryptIfNeeded) { ProtoEncryptor encryptor(fieldStripper.getData()); size_t encryptedSize = encryptor.encrypt(); if (encryptedSize <= 0) { output->onWriteError(BAD_VALUE); return; } err = write_section_header(output->getFd(), sectionId, encryptedSize); VLOG("Encrypted: write section header size %lu", (unsigned long)encryptedSize); encryptor.flush(output->getFd()); if (err != NO_ERROR) { output->onWriteError(err); return; } } else { err = write_section_header(output->getFd(), sectionId, fieldStripper.dataSize()); VLOG("No encryption: write section header size %lu", (unsigned long)fieldStripper.dataSize()); if (err != NO_ERROR) { output->onWriteError(err); return; } err = fieldStripper.writeData(output->getFd()); if (err != NO_ERROR) { output->onWriteError(err); return; } } } status_t PrivacyFilter::writeData(const FdBuffer& buffer, uint8_t bufferLevel, size_t* maxSize, bool encryptIfNeeded) { status_t err; if (maxSize != NULL) { Loading Loading @@ -279,17 +323,7 @@ status_t PrivacyFilter::writeData(const FdBuffer& buffer, uint8_t bufferLevel, // Write the resultant buffer to the fd, along with the header. ssize_t dataSize = fieldStripper.dataSize(); if (dataSize > 0) { err = write_section_header(output->getFd(), mSectionId, dataSize); if (err != NO_ERROR) { output->onWriteError(err); continue; } err = fieldStripper.writeData(output->getFd()); if (err != NO_ERROR) { output->onWriteError(err); continue; } write_section_to_file(mSectionId, fieldStripper, output, encryptIfNeeded); } if (maxSize != NULL) { Loading Loading @@ -334,14 +368,25 @@ status_t filter_and_write_report(int to, int from, uint8_t bufferLevel, uint32_t fieldId = read_field_id(fieldTag); uint8_t wireType = read_wire_type(fieldTag); if (wireType == WIRE_TYPE_LENGTH_DELIMITED && args.containsSection(fieldId)) { VLOG("Read section %d", fieldId); // We need this field, but we need to strip it to the level provided in args. PrivacyFilter filter(fieldId, get_privacy_of_section(fieldId)); filter.addFd(new ReadbackFilterFd(args.getPrivacyPolicy(), to)); // Read this section from the reader into an FdBuffer size_t sectionSize = reader->readRawVarint(); FdBuffer sectionData; // Write data to FdBuffer, if the section was encrypted, decrypt first. if (sectionEncryption(fieldId)) { VLOG("sectionSize %lu", (unsigned long)sectionSize); ProtoDecryptor decryptor(reader, sectionSize); err = decryptor.decryptAndFlush(§ionData); } else { err = sectionData.write(reader, sectionSize); } if (err != NO_ERROR) { ALOGW("filter_and_write_report FdBuffer.write failed (this shouldn't happen): %s", strerror(-err)); Loading @@ -349,7 +394,8 @@ status_t filter_and_write_report(int to, int from, uint8_t bufferLevel, } // Do the filter and write. err = filter.writeData(sectionData, bufferLevel, nullptr); err = filter.writeData(sectionData, bufferLevel, nullptr, false /* do not encrypt again*/); if (err != NO_ERROR) { ALOGW("filter_and_write_report filter.writeData had an error: %s", strerror(-err)); return err; Loading @@ -358,6 +404,7 @@ status_t filter_and_write_report(int to, int from, uint8_t bufferLevel, // We don't need this field. Incident does not have any direct children // other than sections. So just skip them. write_field_or_skip(NULL, reader, fieldTag, true); VLOG("Skip this.... section %d", fieldId); } } Loading
