Jeff Brown | cbad976 | 2012-09-04 21:57:59 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2012 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.internal.util; |
| 18 | |
Jeff Sharkey | fe9a53b | 2017-03-31 14:08:23 -0600 | [diff] [blame] | 19 | import android.app.AppOpsManager; |
| 20 | import android.content.Context; |
| 21 | import android.content.pm.PackageManager; |
| 22 | import android.os.Binder; |
Jeff Brown | cbad976 | 2012-09-04 21:57:59 -0700 | [diff] [blame] | 23 | import android.os.Handler; |
Jeff Sharkey | fe9a53b | 2017-03-31 14:08:23 -0600 | [diff] [blame] | 24 | import android.util.Slog; |
Jeff Brown | cbad976 | 2012-09-04 21:57:59 -0700 | [diff] [blame] | 25 | |
| 26 | import java.io.PrintWriter; |
| 27 | import java.io.StringWriter; |
| 28 | |
| 29 | /** |
| 30 | * Helper functions for dumping the state of system services. |
| 31 | */ |
| 32 | public final class DumpUtils { |
Jeff Sharkey | fe9a53b | 2017-03-31 14:08:23 -0600 | [diff] [blame] | 33 | private static final String TAG = "DumpUtils"; |
Joe Onorato | 82ba91d | 2017-04-27 16:18:05 -0700 | [diff] [blame] | 34 | private static final boolean DEBUG = false; |
Jeff Sharkey | fe9a53b | 2017-03-31 14:08:23 -0600 | [diff] [blame] | 35 | |
Jeff Brown | cbad976 | 2012-09-04 21:57:59 -0700 | [diff] [blame] | 36 | private DumpUtils() { |
| 37 | } |
| 38 | |
| 39 | /** |
| 40 | * Helper for dumping state owned by a handler thread. |
| 41 | * |
| 42 | * Because the caller might be holding an important lock that the handler is |
| 43 | * trying to acquire, we use a short timeout to avoid deadlocks. The process |
| 44 | * is inelegant but this function is only used for debugging purposes. |
| 45 | */ |
Dianne Hackborn | ae6688b | 2015-02-11 17:02:41 -0800 | [diff] [blame] | 46 | public static void dumpAsync(Handler handler, final Dump dump, PrintWriter pw, |
| 47 | final String prefix, long timeout) { |
Jeff Brown | cbad976 | 2012-09-04 21:57:59 -0700 | [diff] [blame] | 48 | final StringWriter sw = new StringWriter(); |
| 49 | if (handler.runWithScissors(new Runnable() { |
| 50 | @Override |
| 51 | public void run() { |
Dianne Hackborn | 8c84109 | 2013-06-24 13:46:13 -0700 | [diff] [blame] | 52 | PrintWriter lpw = new FastPrintWriter(sw); |
Dianne Hackborn | ae6688b | 2015-02-11 17:02:41 -0800 | [diff] [blame] | 53 | dump.dump(lpw, prefix); |
Jeff Brown | cbad976 | 2012-09-04 21:57:59 -0700 | [diff] [blame] | 54 | lpw.close(); |
| 55 | } |
| 56 | }, timeout)) { |
| 57 | pw.print(sw.toString()); |
| 58 | } else { |
| 59 | pw.println("... timed out"); |
| 60 | } |
| 61 | } |
| 62 | |
| 63 | public interface Dump { |
Dianne Hackborn | ae6688b | 2015-02-11 17:02:41 -0800 | [diff] [blame] | 64 | void dump(PrintWriter pw, String prefix); |
Jeff Brown | cbad976 | 2012-09-04 21:57:59 -0700 | [diff] [blame] | 65 | } |
Jeff Sharkey | fe9a53b | 2017-03-31 14:08:23 -0600 | [diff] [blame] | 66 | |
| 67 | private static void logMessage(PrintWriter pw, String msg) { |
| 68 | if (DEBUG) Slog.v(TAG, msg); |
| 69 | pw.println(msg); |
| 70 | } |
| 71 | |
| 72 | /** |
| 73 | * Verify that caller holds {@link android.Manifest.permission#DUMP}. |
| 74 | * |
| 75 | * @return true if access should be granted. |
| 76 | * @hide |
| 77 | */ |
| 78 | public static boolean checkDumpPermission(Context context, String tag, PrintWriter pw) { |
| 79 | if (context.checkCallingOrSelfPermission(android.Manifest.permission.DUMP) |
| 80 | != PackageManager.PERMISSION_GRANTED) { |
| 81 | logMessage(pw, "Permission Denial: can't dump " + tag + " from from pid=" |
| 82 | + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid() |
| 83 | + " due to missing android.permission.DUMP permission"); |
| 84 | return false; |
| 85 | } else { |
| 86 | return true; |
| 87 | } |
| 88 | } |
| 89 | |
| 90 | /** |
| 91 | * Verify that caller holds |
| 92 | * {@link android.Manifest.permission#PACKAGE_USAGE_STATS} and that they |
| 93 | * have {@link AppOpsManager#OP_GET_USAGE_STATS} access. |
| 94 | * |
| 95 | * @return true if access should be granted. |
| 96 | * @hide |
| 97 | */ |
| 98 | public static boolean checkUsageStatsPermission(Context context, String tag, PrintWriter pw) { |
| 99 | // System internals always get access |
| 100 | final int uid = Binder.getCallingUid(); |
| 101 | switch (uid) { |
| 102 | case android.os.Process.ROOT_UID: |
| 103 | case android.os.Process.SYSTEM_UID: |
| 104 | case android.os.Process.SHELL_UID: |
Yi Jin | 4bab3a1 | 2018-01-10 16:50:59 -0800 | [diff] [blame] | 105 | case android.os.Process.INCIDENTD_UID: |
Jeff Sharkey | fe9a53b | 2017-03-31 14:08:23 -0600 | [diff] [blame] | 106 | return true; |
| 107 | } |
| 108 | |
| 109 | // Caller always needs to hold permission |
| 110 | if (context.checkCallingOrSelfPermission(android.Manifest.permission.PACKAGE_USAGE_STATS) |
| 111 | != PackageManager.PERMISSION_GRANTED) { |
| 112 | logMessage(pw, "Permission Denial: can't dump " + tag + " from from pid=" |
| 113 | + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid() |
| 114 | + " due to missing android.permission.PACKAGE_USAGE_STATS permission"); |
| 115 | return false; |
| 116 | } |
| 117 | |
| 118 | // And finally, caller needs to have appops access; this is totally |
| 119 | // hacky, but it's the easiest way to wire this up without retrofitting |
| 120 | // Binder.dump() to pass through package names. |
| 121 | final AppOpsManager appOps = context.getSystemService(AppOpsManager.class); |
| 122 | final String[] pkgs = context.getPackageManager().getPackagesForUid(uid); |
| 123 | if (pkgs != null) { |
| 124 | for (String pkg : pkgs) { |
Jeff Sharkey | d931119 | 2018-04-16 16:50:34 +0000 | [diff] [blame] | 125 | switch (appOps.noteOpNoThrow(AppOpsManager.OP_GET_USAGE_STATS, uid, pkg)) { |
Jeff Sharkey | e5e2569 | 2017-04-13 19:43:34 -0600 | [diff] [blame] | 126 | case AppOpsManager.MODE_ALLOWED: |
| 127 | if (DEBUG) Slog.v(TAG, "Found package " + pkg + " with " |
| 128 | + "android:get_usage_stats allowed"); |
| 129 | return true; |
| 130 | case AppOpsManager.MODE_DEFAULT: |
| 131 | if (DEBUG) Slog.v(TAG, "Found package " + pkg + " with " |
| 132 | + "android:get_usage_stats default"); |
| 133 | return true; |
Jeff Sharkey | fe9a53b | 2017-03-31 14:08:23 -0600 | [diff] [blame] | 134 | } |
| 135 | } |
| 136 | } |
| 137 | |
| 138 | logMessage(pw, "Permission Denial: can't dump " + tag + " from from pid=" |
| 139 | + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid() |
| 140 | + " due to android:get_usage_stats app-op not allowed"); |
| 141 | return false; |
| 142 | } |
| 143 | |
| 144 | /** |
| 145 | * Verify that caller holds both {@link android.Manifest.permission#DUMP} |
| 146 | * and {@link android.Manifest.permission#PACKAGE_USAGE_STATS}, and that |
| 147 | * they have {@link AppOpsManager#OP_GET_USAGE_STATS} access. |
| 148 | * |
| 149 | * @return true if access should be granted. |
| 150 | * @hide |
| 151 | */ |
| 152 | public static boolean checkDumpAndUsageStatsPermission(Context context, String tag, |
| 153 | PrintWriter pw) { |
| 154 | return checkDumpPermission(context, tag, pw) && checkUsageStatsPermission(context, tag, pw); |
| 155 | } |
Jeff Brown | cbad976 | 2012-09-04 21:57:59 -0700 | [diff] [blame] | 156 | } |