Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a6763a31 authored by jovanak's avatar jovanak
Browse files

Improves framework logging for user management. 

1. Makes sure ActivityServices passed the callingPackage for logging. That
way when someone with lack of permissions calls bindServiceAsUser, we will
know at least which package is calling it.
2. Adds more logging to UserManagerService for user removal and creation

Fixes: 110999053
Test: Flash device, use adb to remove users and verify logging. Made sure that
bindServiceAsUser permission denial prints the name of the package.

Change-Id: Ieab750fdb6aee04f3880625374a9ab3633e76bc4
parent 7b2cd903

services/core/java/com/android/server/am/ActiveServices.java

+2 −1
Original line number Diff line number Diff line
@@ -1945,7 +1945,8 @@ public final class ActiveServices { 
                + " type=" + resolvedType + " callingUid=" + callingUid);



        userId = mAm.mUserController.handleIncomingUser(callingPid, callingUid, userId, false,

                ActivityManagerInternal.ALLOW_NON_FULL_IN_PROFILE, "service", null);

                ActivityManagerInternal.ALLOW_NON_FULL_IN_PROFILE, "service",

                callingPackage);



        ServiceMap smap = getServiceMapLocked(userId);

        final ComponentName comp;

services/core/java/com/android/server/pm/UserManagerService.java

+21 −5
Original line number Diff line number Diff line
@@ -100,6 +100,8 @@ import com.android.server.am.UserState; 
import com.android.server.storage.DeviceStorageMonitorInternal;

import com.android.server.wm.ActivityTaskManagerInternal;



import libcore.io.IoUtils;



import org.xmlpull.v1.XmlPullParser;

import org.xmlpull.v1.XmlPullParserException;

import org.xmlpull.v1.XmlSerializer;
@@ -121,8 +123,6 @@ import java.util.LinkedList; 
import java.util.List;

import java.util.Objects;



import libcore.io.IoUtils;



/**

 * Service for {@link UserManager}.

 *
@@ -2638,10 +2638,12 @@ public class UserManagerService extends IUserManager.Stub { 
                if (!isGuest && !isManagedProfile && !isDemo && isUserLimitReached()) {

                    // If we're not adding a guest/demo user or a managed profile and the limit has

                    // been reached, cannot add a user.

                    Log.e(LOG_TAG, "Cannot add user. Maximum user limit is reached.");

                    return null;

                }

                // If we're adding a guest and there already exists one, bail.

                if (isGuest && findCurrentGuestUser() != null) {

                    Log.e(LOG_TAG, "Cannot add guest user. Guest user already exists.");

                    return null;

                }

                // In legacy mode, restricted profile's parent can only be the owner user
@@ -2884,13 +2886,26 @@ public class UserManagerService extends IUserManager.Stub { 
            final UserData userData;

            int currentUser = ActivityManager.getCurrentUser();

            if (currentUser == userHandle) {

                Log.w(LOG_TAG, "Current user cannot be removed");

                Log.w(LOG_TAG, "Current user cannot be removed.");

                return false;

            }

            synchronized (mPackagesLock) {

                synchronized (mUsersLock) {

                    userData = mUsers.get(userHandle);

                    if (userHandle == 0 || userData == null || mRemovingUserIds.get(userHandle)) {

                    if (userHandle == UserHandle.USER_SYSTEM) {

                        Log.e(LOG_TAG, "System user cannot be removed.");

                        return false;

                    }



                    if (userData == null) {

                        Log.e(LOG_TAG, String.format(

                                "Cannot remove user %d, invalid user id provided.", userHandle));

                        return false;

                    }



                    if (mRemovingUserIds.get(userHandle)) {

                        Log.e(LOG_TAG, String.format(

                                "User %d is already scheduled for removal.", userHandle));

                        return false;

                    }
@@ -2909,7 +2924,7 @@ public class UserManagerService extends IUserManager.Stub { 
            try {

                mAppOpsService.removeUser(userHandle);

            } catch (RemoteException e) {

                Log.w(LOG_TAG, "Unable to notify AppOpsService of removing user", e);

                Log.w(LOG_TAG, "Unable to notify AppOpsService of removing user.", e);

            }



            if (userData.info.profileGroupId != UserInfo.NO_PROFILE_GROUP_ID
@@ -2933,6 +2948,7 @@ public class UserManagerService extends IUserManager.Stub { 
                            }

                        });

            } catch (RemoteException e) {

                Log.w(LOG_TAG, "Failed to stop user during removal.", e);

                return false;

            }

            return res == ActivityManager.USER_OP_SUCCESS;