Loading core/proto/android/os/incident.proto +7 −0 Original line number Diff line number Diff line Loading @@ -48,6 +48,7 @@ import "frameworks/base/core/proto/android/service/notification.proto"; import "frameworks/base/core/proto/android/service/package.proto"; import "frameworks/base/core/proto/android/service/print.proto"; import "frameworks/base/core/proto/android/service/procstats.proto"; import "frameworks/base/core/proto/android/service/restricted_image.proto"; import "frameworks/base/core/proto/android/service/usb.proto"; import "frameworks/base/core/proto/android/util/event_log_tags.proto"; import "frameworks/base/core/proto/android/util/log.proto"; Loading Loading @@ -314,6 +315,12 @@ message IncidentProto { (section).args = "role --proto" ]; optional android.service.restricted_image.RestrictedImagesDumpProto restricted_images = 3025 [ (section).type = SECTION_DUMPSYS, (section).userdebug_and_eng_only = true, (section).args = "incidentcompanion --restricted_image" ]; // Reserved for OEMs. extensions 50000 to 100000; } core/proto/android/service/restricted_image.proto 0 → 100644 +58 −0 Original line number Diff line number Diff line /* * Copyright (C) 2017 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ syntax = "proto2"; package android.service.restricted_image; option java_multiple_files = true; option java_outer_classname = "RestrictedImage"; import "frameworks/base/core/proto/android/privacy.proto"; // Restricted Image proto is for collecting images from the user with their // permission for the purpose of debugging photos. message RestrictedImagesDumpProto { option (android.msg_privacy).dest = DEST_EXPLICIT; repeated RestrictedImageSetProto sets = 1; } message RestrictedImageSetProto { option (android.msg_privacy).dest = DEST_EXPLICIT; // Name of the service producing the data. optional string category = 1; // The images repeated RestrictedImageProto images = 2; // Additional metadata optional bytes metadata = 3; } message RestrictedImageProto { option (android.msg_privacy).dest = DEST_EXPLICIT; // Type of image data optional string mime_type = 1; // The image data optional bytes image_data = 2; // Metadata about the image. Typically this has another proto schema, // but it is undefined exactly what that is in AOSP code. optional bytes metadata = 3; } core/res/res/values/config.xml +2 −0 Original line number Diff line number Diff line Loading @@ -4012,4 +4012,6 @@ <item>system_server_wtf</item> </string-array> <!-- Which binder services to include in incident reports containing restricted images. --> <string-array name="config_restrictedImagesServices" translatable="false"/> </resources> core/res/res/values/symbols.xml +1 −0 Original line number Diff line number Diff line Loading @@ -3690,6 +3690,7 @@ <java-symbol type="integer" name="config_attentionApiTimeout" /> <java-symbol type="string" name="config_incidentReportApproverPackage" /> <java-symbol type="array" name="config_restrictedImagesServices" /> <!-- Display White-Balance --> <java-symbol type="integer" name="config_displayWhiteBalanceBrightnessSensorRate" /> Loading services/core/java/com/android/server/biometrics/face/FaceService.java +77 −1 Original line number Diff line number Diff line Loading @@ -39,12 +39,16 @@ import android.hardware.face.FaceManager; import android.hardware.face.IFaceService; import android.hardware.face.IFaceServiceReceiver; import android.os.Binder; import android.os.Build; import android.os.Environment; import android.os.IBinder; import android.os.RemoteException; import android.os.SELinux; import android.os.UserHandle; import android.os.UserManager; import android.service.restricted_image.RestrictedImagesDumpProto; import android.service.restricted_image.RestrictedImageProto; import android.service.restricted_image.RestrictedImageSetProto; import android.util.Slog; import android.util.proto.ProtoOutputStream; Loading Loading @@ -281,7 +285,9 @@ public class FaceService extends BiometricServiceBase { final long ident = Binder.clearCallingIdentity(); try { if (args.length > 0 && "--proto".equals(args[0])) { if (args.length == 1 && "--restricted_image".equals(args[0])) { dumpRestrictedImage(fd); } else if (args.length > 0 && "--proto".equals(args[0])) { dumpProto(fd); } else { dumpInternal(pw); Loading Loading @@ -1063,4 +1069,74 @@ public class FaceService extends BiometricServiceBase { mPerformanceMap.clear(); mCryptoPerformanceMap.clear(); } private void dumpRestrictedImage(FileDescriptor fd) { // WARNING: CDD restricts image data from leaving TEE unencrypted on // production devices: // [C-1-10] MUST not allow unencrypted access to identifiable biometric // data or any data derived from it (such as embeddings) to the // Application Processor outside the context of the TEE. // As such, this API should only be enabled for testing purposes on // engineering and userdebug builds. All modules in the software stack // MUST enforce final build products do NOT have this functionality. // Additionally, the following check MUST NOT be removed. if (!(Build.IS_ENG || Build.IS_USERDEBUG)) { return; } final ProtoOutputStream proto = new ProtoOutputStream(fd); final long setToken = proto.start(RestrictedImagesDumpProto.SETS); // Name of the service proto.write(RestrictedImageSetProto.CATEGORY, "face"); // Individual images for (int i = 0; i < 5; i++) { final long imageToken = proto.start(RestrictedImageSetProto.IMAGES); proto.write(RestrictedImageProto.MIME_TYPE, "image/png"); proto.write(RestrictedImageProto.IMAGE_DATA, new byte[] { // png image data -119, 80, 78, 71, 13, 10, 26, 10, 0, 0, 0, 13, 73, 72, 68, 82, 0, 0, 0, 100, 0, 0, 0, 100, 1, 3, 0, 0, 0, 74, 44, 7, 23, 0, 0, 0, 4, 103, 65, 77, 65, 0, 0, -79, -113, 11, -4, 97, 5, 0, 0, 0, 1, 115, 82, 71, 66, 0, -82, -50, 28, -23, 0, 0, 0, 6, 80, 76, 84, 69, -1, -1, -1, 0, 0, 0, 85, -62, -45, 126, 0, 0, 0, -115, 73, 68, 65, 84, 56, -53, -19, -46, -79, 17, -128, 32, 12, 5, -48, 120, 22, -106, -116, -32, 40, -84, 101, -121, -93, 57, 10, 35, 88, 82, 112, 126, 3, -60, 104, 6, -112, 70, 127, -59, -69, -53, 29, 33, -127, -24, 79, -49, -52, -15, 41, 36, 34, -105, 85, 124, -14, 88, 27, 6, 28, 68, 1, 82, 62, 22, -95, -108, 55, -95, 40, -9, -110, -12, 98, -107, 76, -41, -105, -62, -50, 111, -60, 46, -14, -4, 24, -89, 42, -103, 16, 63, -72, -11, -15, 48, -62, 102, -44, 102, -73, -56, 56, -21, -128, 92, -70, -124, 117, -46, -67, -77, 82, 80, 121, -44, -56, 116, 93, -45, -90, -5, -29, -24, -83, -75, 52, -34, 55, -22, 102, -21, -105, -124, -23, 71, 87, -7, -25, -59, -100, -73, -92, -122, -7, -109, -49, -80, -89, 0, 0, 0, 0, 73, 69, 78, 68, -82, 66, 96, -126 }); // proto.write(RestrictedImageProto.METADATA, flattened_protobuf); proto.end(imageToken); } // Face service metadata // proto.write(RestrictedImageSetProto.METADATA, flattened_protobuf); proto.end(setToken); proto.flush(); } } Loading
core/proto/android/os/incident.proto +7 −0 Original line number Diff line number Diff line Loading @@ -48,6 +48,7 @@ import "frameworks/base/core/proto/android/service/notification.proto"; import "frameworks/base/core/proto/android/service/package.proto"; import "frameworks/base/core/proto/android/service/print.proto"; import "frameworks/base/core/proto/android/service/procstats.proto"; import "frameworks/base/core/proto/android/service/restricted_image.proto"; import "frameworks/base/core/proto/android/service/usb.proto"; import "frameworks/base/core/proto/android/util/event_log_tags.proto"; import "frameworks/base/core/proto/android/util/log.proto"; Loading Loading @@ -314,6 +315,12 @@ message IncidentProto { (section).args = "role --proto" ]; optional android.service.restricted_image.RestrictedImagesDumpProto restricted_images = 3025 [ (section).type = SECTION_DUMPSYS, (section).userdebug_and_eng_only = true, (section).args = "incidentcompanion --restricted_image" ]; // Reserved for OEMs. extensions 50000 to 100000; }
core/proto/android/service/restricted_image.proto 0 → 100644 +58 −0 Original line number Diff line number Diff line /* * Copyright (C) 2017 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ syntax = "proto2"; package android.service.restricted_image; option java_multiple_files = true; option java_outer_classname = "RestrictedImage"; import "frameworks/base/core/proto/android/privacy.proto"; // Restricted Image proto is for collecting images from the user with their // permission for the purpose of debugging photos. message RestrictedImagesDumpProto { option (android.msg_privacy).dest = DEST_EXPLICIT; repeated RestrictedImageSetProto sets = 1; } message RestrictedImageSetProto { option (android.msg_privacy).dest = DEST_EXPLICIT; // Name of the service producing the data. optional string category = 1; // The images repeated RestrictedImageProto images = 2; // Additional metadata optional bytes metadata = 3; } message RestrictedImageProto { option (android.msg_privacy).dest = DEST_EXPLICIT; // Type of image data optional string mime_type = 1; // The image data optional bytes image_data = 2; // Metadata about the image. Typically this has another proto schema, // but it is undefined exactly what that is in AOSP code. optional bytes metadata = 3; }
core/res/res/values/config.xml +2 −0 Original line number Diff line number Diff line Loading @@ -4012,4 +4012,6 @@ <item>system_server_wtf</item> </string-array> <!-- Which binder services to include in incident reports containing restricted images. --> <string-array name="config_restrictedImagesServices" translatable="false"/> </resources>
core/res/res/values/symbols.xml +1 −0 Original line number Diff line number Diff line Loading @@ -3690,6 +3690,7 @@ <java-symbol type="integer" name="config_attentionApiTimeout" /> <java-symbol type="string" name="config_incidentReportApproverPackage" /> <java-symbol type="array" name="config_restrictedImagesServices" /> <!-- Display White-Balance --> <java-symbol type="integer" name="config_displayWhiteBalanceBrightnessSensorRate" /> Loading
services/core/java/com/android/server/biometrics/face/FaceService.java +77 −1 Original line number Diff line number Diff line Loading @@ -39,12 +39,16 @@ import android.hardware.face.FaceManager; import android.hardware.face.IFaceService; import android.hardware.face.IFaceServiceReceiver; import android.os.Binder; import android.os.Build; import android.os.Environment; import android.os.IBinder; import android.os.RemoteException; import android.os.SELinux; import android.os.UserHandle; import android.os.UserManager; import android.service.restricted_image.RestrictedImagesDumpProto; import android.service.restricted_image.RestrictedImageProto; import android.service.restricted_image.RestrictedImageSetProto; import android.util.Slog; import android.util.proto.ProtoOutputStream; Loading Loading @@ -281,7 +285,9 @@ public class FaceService extends BiometricServiceBase { final long ident = Binder.clearCallingIdentity(); try { if (args.length > 0 && "--proto".equals(args[0])) { if (args.length == 1 && "--restricted_image".equals(args[0])) { dumpRestrictedImage(fd); } else if (args.length > 0 && "--proto".equals(args[0])) { dumpProto(fd); } else { dumpInternal(pw); Loading Loading @@ -1063,4 +1069,74 @@ public class FaceService extends BiometricServiceBase { mPerformanceMap.clear(); mCryptoPerformanceMap.clear(); } private void dumpRestrictedImage(FileDescriptor fd) { // WARNING: CDD restricts image data from leaving TEE unencrypted on // production devices: // [C-1-10] MUST not allow unencrypted access to identifiable biometric // data or any data derived from it (such as embeddings) to the // Application Processor outside the context of the TEE. // As such, this API should only be enabled for testing purposes on // engineering and userdebug builds. All modules in the software stack // MUST enforce final build products do NOT have this functionality. // Additionally, the following check MUST NOT be removed. if (!(Build.IS_ENG || Build.IS_USERDEBUG)) { return; } final ProtoOutputStream proto = new ProtoOutputStream(fd); final long setToken = proto.start(RestrictedImagesDumpProto.SETS); // Name of the service proto.write(RestrictedImageSetProto.CATEGORY, "face"); // Individual images for (int i = 0; i < 5; i++) { final long imageToken = proto.start(RestrictedImageSetProto.IMAGES); proto.write(RestrictedImageProto.MIME_TYPE, "image/png"); proto.write(RestrictedImageProto.IMAGE_DATA, new byte[] { // png image data -119, 80, 78, 71, 13, 10, 26, 10, 0, 0, 0, 13, 73, 72, 68, 82, 0, 0, 0, 100, 0, 0, 0, 100, 1, 3, 0, 0, 0, 74, 44, 7, 23, 0, 0, 0, 4, 103, 65, 77, 65, 0, 0, -79, -113, 11, -4, 97, 5, 0, 0, 0, 1, 115, 82, 71, 66, 0, -82, -50, 28, -23, 0, 0, 0, 6, 80, 76, 84, 69, -1, -1, -1, 0, 0, 0, 85, -62, -45, 126, 0, 0, 0, -115, 73, 68, 65, 84, 56, -53, -19, -46, -79, 17, -128, 32, 12, 5, -48, 120, 22, -106, -116, -32, 40, -84, 101, -121, -93, 57, 10, 35, 88, 82, 112, 126, 3, -60, 104, 6, -112, 70, 127, -59, -69, -53, 29, 33, -127, -24, 79, -49, -52, -15, 41, 36, 34, -105, 85, 124, -14, 88, 27, 6, 28, 68, 1, 82, 62, 22, -95, -108, 55, -95, 40, -9, -110, -12, 98, -107, 76, -41, -105, -62, -50, 111, -60, 46, -14, -4, 24, -89, 42, -103, 16, 63, -72, -11, -15, 48, -62, 102, -44, 102, -73, -56, 56, -21, -128, 92, -70, -124, 117, -46, -67, -77, 82, 80, 121, -44, -56, 116, 93, -45, -90, -5, -29, -24, -83, -75, 52, -34, 55, -22, 102, -21, -105, -124, -23, 71, 87, -7, -25, -59, -100, -73, -92, -122, -7, -109, -49, -80, -89, 0, 0, 0, 0, 73, 69, 78, 68, -82, 66, 96, -126 }); // proto.write(RestrictedImageProto.METADATA, flattened_protobuf); proto.end(imageToken); } // Face service metadata // proto.write(RestrictedImageSetProto.METADATA, flattened_protobuf); proto.end(setToken); proto.flush(); } }
