Add mechanism for securely returning parameters though NativeDaemonConnector
If the first word in the response is {{sensitive}}, don't log the body of the
response.
Bug: 18260068
Change-Id: Ibfb5c6abab1d04b4321cdbcf6c7cf6f18f903146
diff --git a/services/core/java/com/android/server/NativeDaemonConnector.java b/services/core/java/com/android/server/NativeDaemonConnector.java
index 96f9ab0..d2dfc7b 100644
--- a/services/core/java/com/android/server/NativeDaemonConnector.java
+++ b/services/core/java/com/android/server/NativeDaemonConnector.java
@@ -174,14 +174,18 @@
for (int i = 0; i < count; i++) {
if (buffer[i] == 0) {
+ // Note - do not log this raw message since it may contain
+ // sensitive data
final String rawEvent = new String(
buffer, start, i - start, StandardCharsets.UTF_8);
- log("RCV <- {" + rawEvent + "}");
boolean releaseWl = false;
try {
final NativeDaemonEvent event = NativeDaemonEvent.parseRawEvent(
rawEvent);
+
+ log("RCV <- {" + event + "}");
+
if (event.isClassUnsolicited()) {
// TODO: migrate to sending NativeDaemonEvent instances
if (mCallbacks.onCheckHoldWakeLock(event.getCode())
@@ -197,7 +201,7 @@
mResponseQueue.add(event.getCmdNumber(), event);
}
} catch (IllegalArgumentException e) {
- log("Problem parsing message: " + rawEvent + " - " + e);
+ log("Problem parsing message " + e);
} finally {
if (releaseWl) {
mWakeLock.acquire();
@@ -207,9 +211,9 @@
start = i + 1;
}
}
+
if (start == 0) {
- final String rawEvent = new String(buffer, start, count, StandardCharsets.UTF_8);
- log("RCV incomplete <- {" + rawEvent + "}");
+ log("RCV incomplete");
}
// We should end at the amount we read. If not, compact then
diff --git a/services/core/java/com/android/server/NativeDaemonEvent.java b/services/core/java/com/android/server/NativeDaemonEvent.java
index 59d50bd..4e61c0b 100644
--- a/services/core/java/com/android/server/NativeDaemonEvent.java
+++ b/services/core/java/com/android/server/NativeDaemonEvent.java
@@ -33,16 +33,21 @@
private final int mCode;
private final String mMessage;
private final String mRawEvent;
+ private final String mLogMessage;
private String[] mParsed;
- private NativeDaemonEvent(int cmdNumber, int code, String message, String rawEvent) {
+ private NativeDaemonEvent(int cmdNumber, int code, String message,
+ String rawEvent, String logMessage) {
mCmdNumber = cmdNumber;
mCode = code;
mMessage = message;
mRawEvent = rawEvent;
+ mLogMessage = logMessage;
mParsed = null;
}
+ static public final String SENSITIVE_MARKER = "{{sensitive}}";
+
public int getCmdNumber() {
return mCmdNumber;
}
@@ -62,7 +67,7 @@
@Override
public String toString() {
- return mRawEvent;
+ return mLogMessage;
}
/**
@@ -151,9 +156,15 @@
}
}
+ String logMessage = rawEvent;
+ if (parsed.length > 2 && parsed[2].equals(SENSITIVE_MARKER)) {
+ skiplength += parsed[2].length() + 1;
+ logMessage = parsed[0] + " " + parsed[1] + " {}";
+ }
+
final String message = rawEvent.substring(skiplength);
- return new NativeDaemonEvent(cmdNumber, code, message, rawEvent);
+ return new NativeDaemonEvent(cmdNumber, code, message, rawEvent, logMessage);
}
/**