diff options
| author | David Cheung <dacheung@google.com> | 2020-02-19 16:11:06 -0800 |
|---|---|---|
| committer | David Cheung <dacheung@google.com> | 2020-03-05 23:04:05 +0000 |
| commit | 2ead966e7b5ef649e77e068072a9cbaf1da0333c (patch) | |
| tree | 7487d085526a743a68535f1d23eed5a2a5a78b65 /core/java/android | |
| parent | e6750fd522b0cc06a1c78b584676c13f82181179 (diff) | |
Add permissions data validation in AppOpsService
Added functionality to collect noteOp noteProxyOp startOp operations for permissions data validation, this functionality is for
developers and can be enabled by modifying the flag. This data will be utilized to ensure permissions are
requested only when necessary.
Bug: 150890258
Test: Manually tested on crosshatch to ensure files are
written/formatted properly with the necessary data and does not
interfere with normal behavior
Design Document: https://docs.google.com/document/d/1RRs3cPgCzF5S1TkTD11MBKJedUp2DAUEGtCQXtrk0XQ/edit?usp=sharing
Change-Id: Ia7fba6ec5e47b7ddd13ca964ae5f6c1afa1cc186
Diffstat (limited to 'core/java/android')
| -rw-r--r-- | core/java/android/app/AppOpsManager.java | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/core/java/android/app/AppOpsManager.java b/core/java/android/app/AppOpsManager.java index 2399e374540d..f613df2ac595 100644 --- a/core/java/android/app/AppOpsManager.java +++ b/core/java/android/app/AppOpsManager.java @@ -385,6 +385,15 @@ public class AppOpsManager { */ public static final int WATCH_FOREGROUND_CHANGES = 1 << 0; + + /** + * Flag to determine whether we should log noteOp/startOp calls to make sure they + * are correctly used + * + * @hide + */ + public static final boolean NOTE_OP_COLLECTION_ENABLED = false; + /** * @hide */ @@ -7103,6 +7112,7 @@ public class AppOpsManager { public int noteOpNoThrow(int op, int uid, @Nullable String packageName, @Nullable String featureId, @Nullable String message) { try { + collectNoteOpCallsForValidation(op); int collectionMode = getNotedOpCollectionMode(uid, packageName, op); if (collectionMode == COLLECT_ASYNC) { if (message == null) { @@ -7263,6 +7273,7 @@ public class AppOpsManager { int myUid = Process.myUid(); try { + collectNoteOpCallsForValidation(op); int collectionMode = getNotedOpCollectionMode(proxiedUid, proxiedPackageName, op); if (collectionMode == COLLECT_ASYNC) { if (message == null) { @@ -7583,6 +7594,7 @@ public class AppOpsManager { public int startOpNoThrow(int op, int uid, @NonNull String packageName, boolean startIfModeDefault, @Nullable String featureId, @Nullable String message) { try { + collectNoteOpCallsForValidation(op); int collectionMode = getNotedOpCollectionMode(uid, packageName, op); if (collectionMode == COLLECT_ASYNC) { if (message == null) { @@ -8492,4 +8504,24 @@ public class AppOpsManager { public static int leftCircularDistance(int from, int to, int size) { return (to + size - from) % size; } + + /** + * Helper method for noteOp, startOp and noteProxyOp to call AppOpsService to collect/log + * stack traces + * + * <p> For each call, the stacktrace op code, package name and long version code will be + * passed along where it will be logged/collected + * + * @param op The operation to note + */ + private void collectNoteOpCallsForValidation(int op) { + if (NOTE_OP_COLLECTION_ENABLED) { + try { + mService.collectNoteOpCallsForValidation(getFormattedStackTrace(), + op, mContext.getOpPackageName(), mContext.getApplicationInfo().longVersionCode); + } catch (RemoteException e) { + // Swallow error, only meant for logging ops, should not affect flow of the code + } + } + } } |