Merge "Add IntrusionDetectionEventTransport class to provide a stable-API...

package android.security.intrusiondetection {

  @FlaggedApi("android.security.afl_api") public final class IntrusionDetectionEvent implements android.os.Parcelable {

    ctor public IntrusionDetectionEvent(@NonNull android.app.admin.SecurityLog.SecurityEvent);

    ctor public IntrusionDetectionEvent(@NonNull android.app.admin.DnsEvent);

    ctor public IntrusionDetectionEvent(@NonNull android.app.admin.ConnectEvent);

    method @FlaggedApi("android.security.afl_api") public int describeContents();

    method @NonNull public android.app.admin.ConnectEvent getConnectEvent();

    method @NonNull public android.app.admin.DnsEvent getDnsEvent();

    method @NonNull public android.app.admin.SecurityLog.SecurityEvent getSecurityEvent();

    method @NonNull public int getType();

    method public void writeToParcel(@NonNull android.os.Parcel, int);

    field @NonNull public static final android.os.Parcelable.Creator<android.security.intrusiondetection.IntrusionDetectionEvent> CREATOR;

    field public static final int NETWORK_EVENT_CONNECT = 2; // 0x2

    field public static final int NETWORK_EVENT_DNS = 1; // 0x1

    field public static final int SECURITY_EVENT = 0; // 0x0

  }

  @FlaggedApi("android.security.afl_api") public class IntrusionDetectionEventTransport {

    ctor public IntrusionDetectionEventTransport();

    method public boolean addData(@NonNull java.util.List<android.security.intrusiondetection.IntrusionDetectionEvent>);

    method @NonNull public android.os.IBinder getBinder();

    method public boolean initialize();

    method public boolean release();

  }

  @FlaggedApi("android.security.afl_api") public class IntrusionDetectionManager {

    method @RequiresPermission(android.Manifest.permission.READ_INTRUSION_DETECTION_STATE) public void addStateCallback(@NonNull java.util.concurrent.Executor, @NonNull java.util.function.Consumer<java.lang.Integer>);

    method @RequiresPermission(android.Manifest.permission.MANAGE_INTRUSION_DETECTION_STATE) public void disable(@NonNull java.util.concurrent.Executor, @NonNull android.security.intrusiondetection.IntrusionDetectionManager.CommandCallback);

 */

package android.security.intrusiondetection;

import android.security.intrusiondetection.IntrusionDetectionEvent;

import com.android.internal.infra.AndroidFuture;

    /**

     * Initialize the server side.

     */

    void initialize(in AndroidFuture<int> resultFuture);

    void initialize(in AndroidFuture<boolean> resultFuture);

    /**

     * Send intrusiondetection logging data to the backup destination.

     * Send intrusiondetection logging data to the transport destination.

     * The data is a list of IntrusionDetectionEvent.

     * The IntrusionDetectionEvent is an abstract class that represents

     * different type of events.

     * different types of events.

     */

    void addData(in List<IntrusionDetectionEvent> events, in AndroidFuture<int> resultFuture);

    void addData(

        in List<IntrusionDetectionEvent> events,

        in AndroidFuture<boolean> resultFuture);

    /**

     * Release the binder to the server.

     */

    void release(in AndroidFuture<int> resultFuture);

    void release(in AndroidFuture<boolean> resultFuture);

}

import android.app.admin.ConnectEvent;

import android.app.admin.DnsEvent;

import android.app.admin.SecurityLog.SecurityEvent;

import android.annotation.SystemApi;

import android.os.Parcel;

import android.os.Parcelable;

import android.security.Flags;

/**

 * A class that represents a intrusiondetection event.

 *

 * @hide

 */

@SystemApi

@FlaggedApi(Flags.FLAG_AFL_API)

public final class IntrusionDetectionEvent implements Parcelable {

    private static final String TAG = "IntrusionDetectionEvent";

    /**

     * Event type representing a security-related event.

     * This type is associated with a {@link SecurityEvent} object.

     *

     * @see SecurityEvent

     */

    public static final int SECURITY_EVENT = 0;

    /**

     * Event type representing a network DNS event.

     * This type is associated with a {@link DnsEvent} object.

     *

     * @see DnsEvent

     */

    public static final int NETWORK_EVENT_DNS = 1;

    /**

     * Event type representing a network connection event.

     * This type is associated with a {@link ConnectEvent} object.

     *

     * @see ConnectEvent

     */

    public static final int NETWORK_EVENT_CONNECT = 2;

    /** @hide */

                }

            };

    /**

     * Creates an IntrusionDetectionEvent object with a

     * {@link SecurityEvent} object as the event source.

     *

     * @param securityEvent The SecurityEvent object.

     */

    public IntrusionDetectionEvent(@NonNull SecurityEvent securityEvent) {

        mType = SECURITY_EVENT;

        mSecurityEvent = securityEvent;

        mNetworkEventConnect = null;

    }

    /**

     * Creates an IntrusionDetectionEvent object with a

     * {@link DnsEvent} object as the event source.

     *

     * @param dnsEvent The DnsEvent object.

     */

    public IntrusionDetectionEvent(@NonNull DnsEvent dnsEvent) {

        mType = NETWORK_EVENT_DNS;

        mNetworkEventDns = dnsEvent;

        mNetworkEventConnect = null;

    }

    /**

     * Creates an IntrusionDetectionEvent object with a

     * {@link ConnectEvent} object as the event source.

     *

     * @param connectEvent The ConnectEvent object.

     */

    public IntrusionDetectionEvent(@NonNull ConnectEvent connectEvent) {

        mType = NETWORK_EVENT_CONNECT;

        mNetworkEventConnect = connectEvent;

/*

 * Copyright (C) 2024 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.security.intrusiondetection;

import android.annotation.FlaggedApi;

import android.annotation.NonNull;

import android.annotation.SystemApi;

import android.annotation.SuppressLint;

import android.content.ComponentName;

import android.content.Context;

import android.os.IBinder;

import android.util.CloseGuard;

import android.security.Flags;

import android.security.intrusiondetection.IntrusionDetectionEvent;

import android.security.intrusiondetection.IIntrusionDetectionEventTransport;

import com.android.internal.infra.AndroidFuture;

import java.lang.AutoCloseable;

import java.util.List;

/**

 * A class that provides a stable API for transporting intrusion detection events

 * to a transport location, such as a file or a network endpoint.

 *

 * This class acts as a bridge between the {@link IIntrusionDetectionEventTransport}

 * interface and its implementations. It allows system components to add intrusion

 * detection events ({@link IntrusionDetectionEvent}) to a transport queue,

 * which will then be delivered to the specified location.

 *

 * Usage:

 * 1. Obtain an instance of {@link IntrusionDetectionEventTransport} using the constructor.

 * 2. Initialize the transport by calling {@link #initialize()}.

 * 3. Add events to the transport queue using {@link #addData(List)}.

 * 4. Release the transport when finished by calling {@link #release()}.

 *

 * Key Components:

 * - {@link IIntrusionDetectionEventTransport}: The underlying AIDL interface

 *     for interacting with transport implementations.

 * - {@link IntrusionDetectionEvent}: Represents a single event.

 *

 * @hide

 */

@SystemApi

@FlaggedApi(Flags.FLAG_AFL_API)

@SuppressLint("NotCloseable")

public class IntrusionDetectionEventTransport {

    IIntrusionDetectionEventTransport mBinderImpl = new TransportImpl();

    /**

     * Returns the binder interface for this transport.

     */

    @NonNull

    public IBinder getBinder() {

        return mBinderImpl.asBinder();

    }

    /**

     * Initializes the transport.

     *

     * @return whether the initialization was successful.

     */

    public boolean initialize() {

        return false;

    }

    /**

     * Adds data to the transport.

     *

     * @param events the events to add.

     * @return whether the addition was successful.

     */

    public boolean addData(@NonNull List<IntrusionDetectionEvent> events) {

        return false;

    }

    /**

     * Releases the transport.

     *

     * The release() method is a callback implemented by the concrete transport

     * endpoint.

     * The "SuppressLint" annotation is used to allow the release() method to be

     * included in the API without requiring the class to implement AutoCloseable.

     *

     * @return whether the release was successful.

     */

    public boolean release() {

        return false;

    }

    /**

     * Bridge between the actual IIntrusionDetectionEventTransport implementation

     * and the stable API.  If the binder interface needs to change, we use this

     * layer to translate so that we can decouple those framework-side changes

     * from the IntrusionDetectionEventTransport implementations.

     */

    class TransportImpl extends IIntrusionDetectionEventTransport.Stub {

        @Override

        public void initialize(AndroidFuture<Boolean> resultFuture) {

            try {

                boolean result = IntrusionDetectionEventTransport.this.initialize();

                resultFuture.complete(result);

            } catch (RuntimeException e) {

                resultFuture.cancel(/* mayInterruptIfRunning */ true);

            }

        }

        @Override

        public void addData(

            List<IntrusionDetectionEvent> events,

            AndroidFuture<Boolean> resultFuture) {

            try {

                boolean result = IntrusionDetectionEventTransport.this.addData(events);

                resultFuture.complete(result);

            } catch (RuntimeException e) {

                resultFuture.cancel(/* mayInterruptIfRunning */ true);

            }

        }

        @Override

        public void release(AndroidFuture<Boolean> resultFuture) {

            try {

                boolean result = IntrusionDetectionEventTransport.this.release();

                resultFuture.complete(result);

            } catch (RuntimeException e) {

                resultFuture.cancel(/* mayInterruptIfRunning */ true);

            }

        }

    }

}

 No newline at end of file

        if (!bindService()) {

            return false;

        }

        AndroidFuture<Integer> resultFuture = new AndroidFuture<>();

        AndroidFuture<Boolean> resultFuture = new AndroidFuture<>();

        try {

            mService.initialize(resultFuture);

        } catch (RemoteException e) {

            unbindService();

            return false;

        }

        Integer result = getFutureResult(resultFuture);

        if (result != null && result == 0) {

        Boolean result = getFutureResult(resultFuture);

        if (result != null && result == true) {

            return true;

        } else {

            unbindService();

     * @return Whether the data is added to the binder service.

     */

    public boolean addData(List<IntrusionDetectionEvent> data) {

        AndroidFuture<Integer> resultFuture = new AndroidFuture<>();

        AndroidFuture<Boolean> resultFuture = new AndroidFuture<>();

        try {

            mService.addData(data, resultFuture);

        } catch (RemoteException e) {

            Slog.e(TAG, "Remote Exception", e);

            return false;

        }

        Integer result = getFutureResult(resultFuture);

        return result != null && result == 0;

        Boolean result = getFutureResult(resultFuture);

        return result != null && result == true;

    }

    /**

     * Release the BackupTransport binder service.

     */

    public void release() {

        AndroidFuture<Integer> resultFuture = new AndroidFuture<>();

        AndroidFuture<Boolean> resultFuture = new AndroidFuture<>();

        try {

            mService.release(resultFuture);

        } catch (RemoteException e) {