From ee4d7be21948307a0fedc6ab75a21d41660aa0c5 Mon Sep 17 00:00:00 2001 From: Nikita Ioffe Date: Thu, 28 Feb 2019 21:35:02 +0000 Subject: Add a whitelist to control packages that can use Bugreporting API Test: checked SecurityException is thrown for my custom app Test: whiltelisted my custom app, checked no SecurityException is thrown Bug: 126541701 Change-Id: Id0b61ccc1adf40bcb455d3b59b640f4b160bdd84 Merged-In: Id0b61ccc1adf40bcb455d3b59b640f4b160bdd84 (cherry picked from commit 07964b49ac81b9955d9ecf5cf60c0bb1fc32c501) --- core/java/com/android/server/SystemConfig.java | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'core/java') diff --git a/core/java/com/android/server/SystemConfig.java b/core/java/com/android/server/SystemConfig.java index a07c96ceba2e..9632d0ddb157 100644 --- a/core/java/com/android/server/SystemConfig.java +++ b/core/java/com/android/server/SystemConfig.java @@ -175,6 +175,8 @@ public class SystemConfig { final ArrayMap> mOemPermissions = new ArrayMap<>(); + private final ArraySet mBugreportWhitelistedPackages = new ArraySet<>(); + public static SystemConfig getInstance() { synchronized (SystemConfig.class) { if (sInstance == null) { @@ -288,6 +290,10 @@ public class SystemConfig { return Collections.emptyMap(); } + public ArraySet getBugreportWhitelistedPackages() { + return mBugreportWhitelistedPackages; + } + SystemConfig() { // Read configuration from system readPermissions(Environment.buildPath( @@ -707,6 +713,15 @@ public class SystemConfig { mHiddenApiPackageWhitelist.add(pkgname); } XmlUtils.skipCurrentTag(parser); + } else if ("bugreport-whitelisted".equals(name)) { + String pkgname = parser.getAttributeValue(null, "package"); + if (pkgname == null) { + Slog.w(TAG, "<" + name + "> without package in " + permFile + + " at " + parser.getPositionDescription()); + } else { + mBugreportWhitelistedPackages.add(pkgname); + } + XmlUtils.skipCurrentTag(parser); } else { Slog.w(TAG, "Tag " + name + " is unknown or not allowed in " + permFile.getParent()); -- cgit v1.2.3