Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8a267381 authored by Richard MacGregor's avatar Richard MacGregor
Browse files

Add SensitiveNotificationAppProtectionSession logs 

Bug: 331946904
Test: statsd_testdrive 830
Test: statsd_testdrive 831
Test: atest SensitiveContentProtectionManagerServiceNotificationTest
Flag: android.permission.flags.sensitive_content_improvements
Change-Id: Icf8e1d65d2c0e7cbe99d67d575d64aeb75584814
parent 553ca7e5

services/core/java/com/android/server/SensitiveContentProtectionManagerService.java

+57 −3
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ 


package com.android.server;



import static android.permission.flags.Flags.sensitiveContentImprovements;

import static android.permission.flags.Flags.sensitiveNotificationAppProtection;

import static android.provider.Settings.Global.DISABLE_SCREEN_SHARE_PROTECTIONS_FOR_APPS_AND_NOTIFICATIONS;

import static android.view.flags.Flags.sensitiveContentAppProtection;
@@ -24,6 +25,7 @@ import static com.android.internal.util.FrameworkStatsLog.SENSITIVE_CONTENT_MEDI 
import static com.android.internal.util.FrameworkStatsLog.SENSITIVE_CONTENT_MEDIA_PROJECTION_SESSION__SOURCE__FRAMEWORKS;

import static com.android.internal.util.FrameworkStatsLog.SENSITIVE_CONTENT_MEDIA_PROJECTION_SESSION__STATE__START;

import static com.android.internal.util.FrameworkStatsLog.SENSITIVE_CONTENT_MEDIA_PROJECTION_SESSION__STATE__STOP;

import static com.android.internal.util.FrameworkStatsLog.SENSITIVE_NOTIFICATION_APP_PROTECTION_SESSION;



import android.annotation.NonNull;

import android.annotation.Nullable;
@@ -91,9 +93,11 @@ public final class SensitiveContentProtectionManagerService extends SystemServic 
    private boolean mProjectionActive = false;



    private static class MediaProjectionSession {

        final int mUid;

        final long mSessionId;

        final boolean mIsExempted;

        private final int mUid;

        private final long mSessionId;

        private final boolean mIsExempted;

        private final ArraySet<String> mAllSeenNotificationKeys = new ArraySet<>();

        private final ArraySet<String> mSeenOtpNotificationKeys = new ArraySet<>();



        MediaProjectionSession(int uid, boolean isExempted, long sessionId) {

            mUid = uid;
@@ -123,6 +127,14 @@ public final class SensitiveContentProtectionManagerService extends SystemServic 
            );

        }



        public void logAppNotificationsProtected() {

            FrameworkStatsLog.write(

                    SENSITIVE_NOTIFICATION_APP_PROTECTION_SESSION,

                    mSessionId,

                    mAllSeenNotificationKeys.size(),

                    mSeenOtpNotificationKeys.size());

        }



        public void logAppBlocked(int uid) {

            FrameworkStatsLog.write(

                    FrameworkStatsLog.SENSITIVE_CONTENT_APP_PROTECTION,
@@ -142,6 +154,32 @@ public final class SensitiveContentProtectionManagerService extends SystemServic 
                    FrameworkStatsLog.SENSITIVE_CONTENT_APP_PROTECTION__STATE__UNBLOCKED

            );

        }



        private void addSeenNotificationKey(String key) {

            mAllSeenNotificationKeys.add(key);

        }



        private void addSeenOtpNotificationKey(String key) {

            mAllSeenNotificationKeys.add(key);

            mSeenOtpNotificationKeys.add(key);

        }



        public void addSeenNotifications(

                @NonNull StatusBarNotification[] notifications,

                @NonNull RankingMap rankingMap) {

            for (StatusBarNotification sbn : notifications) {

                if (sbn == null) {

                    Log.w(TAG, "Unable to parse null notification");

                    continue;

                }



                if (notificationHasSensitiveContent(sbn, rankingMap)) {

                    addSeenOtpNotificationKey(sbn.getKey());

                } else {

                    addSeenNotificationKey(sbn.getKey());

                }

            }

        }

    }



    private final MediaProjectionManager.Callback mProjectionCallback =
@@ -297,6 +335,9 @@ public final class SensitiveContentProtectionManagerService extends SystemServic 
            mProjectionActive = false;

            if (mMediaProjectionSession != null) {

                mMediaProjectionSession.logProjectionSessionStop();

                if (sensitiveContentImprovements()) {

                    mMediaProjectionSession.logAppNotificationsProtected();

                }

                mMediaProjectionSession = null;

            }
@@ -334,9 +375,14 @@ public final class SensitiveContentProtectionManagerService extends SystemServic 
            notifications = new StatusBarNotification[0];

        }



        if (sensitiveContentImprovements() && mMediaProjectionSession != null) {

            mMediaProjectionSession.addSeenNotifications(notifications, rankingMap);

        }



        // notify windowmanager of any currently posted sensitive content notifications

        ArraySet<PackageInfo> packageInfos =

                getSensitivePackagesFromNotifications(notifications, rankingMap);



        if (packageInfos.size() > 0) {

            mWindowManager.addBlockScreenCaptureForApps(packageInfos);

        }
@@ -420,6 +466,14 @@ public final class SensitiveContentProtectionManagerService extends SystemServic 
                        mWindowManager.addBlockScreenCaptureForApps(

                                new ArraySet(Set.of(packageInfo)));

                    }



                    if (sensitiveContentImprovements() && mMediaProjectionSession != null) {

                        if (packageInfo != null) {

                            mMediaProjectionSession.addSeenOtpNotificationKey(sbn.getKey());

                        } else {

                            mMediaProjectionSession.addSeenNotificationKey(sbn.getKey());

                        }

                    }

                }

            } finally {

                Trace.traceEnd(Trace.TRACE_TAG_SYSTEM_SERVER);