Enforce permission on native puller API
Test: m
Test: no security exceptions on boot
Test: atest LibStatsPullTests
Bug: 148955001
Change-Id: I4b06bfc41be2925270eaddd717f1499d98739dae
diff --git a/apex/aidl/android/os/IStatsd.aidl b/apex/aidl/android/os/IStatsd.aidl
index c8aec53..445ae1d 100644
--- a/apex/aidl/android/os/IStatsd.aidl
+++ b/apex/aidl/android/os/IStatsd.aidl
@@ -190,10 +190,12 @@
long timeoutMillis,in int[] additiveFields,
IPullAtomCallback pullerCallback);
- /**
- * Registers a puller callback function that, when invoked, pulls the data
- * for the specified atom tag.
- */
+ /**
+ * Registers a puller callback function that, when invoked, pulls the data
+ * for the specified atom tag.
+ *
+ * Enforces the REGISTER_STATS_PULL_ATOM permission.
+ */
oneway void registerNativePullAtomCallback(int atomTag, long coolDownNs, long timeoutNs,
in int[] additiveFields, IPullAtomCallback pullerCallback);
@@ -203,7 +205,9 @@
oneway void unregisterPullAtomCallback(int uid, int atomTag);
/**
- * Unregisters any pullAtomCallback for the given atom.
+ * Unregisters any pullAtomCallback for the given atom + caller.
+ *
+ * Enforces the REGISTER_STATS_PULL_ATOM permission.
*/
oneway void unregisterNativePullAtomCallback(int atomTag);
diff --git a/apex/tests/libstatspull/AndroidManifest.xml b/apex/tests/libstatspull/AndroidManifest.xml
index bffd400..0c669b0 100644
--- a/apex/tests/libstatspull/AndroidManifest.xml
+++ b/apex/tests/libstatspull/AndroidManifest.xml
@@ -21,6 +21,7 @@
<uses-permission android:name="android.permission.DUMP" />
<uses-permission android:name="android.permission.PACKAGE_USAGE_STATS" />
+ <uses-permission android:name="android.permission.REGISTER_STATS_PULL_ATOM" />
<instrumentation android:name="androidx.test.runner.AndroidJUnitRunner"
android:targetPackage="com.android.internal.os.statsd.libstats"