Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_base / b02f8680ff3e0f109fcad0aa9125c7109c584931^1..b02f8680ff3e0f109fcad0aa9125c7109c584931 / .
commitb02f8680ff3e0f109fcad0aa9125c7109c584931[log] [tgz]
authorPechetty Sravani (xWF) <pechetty@google.com>Wed Oct 09 05:46:39 2024 +0000
committerAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>Wed Oct 09 05:46:39 2024 +0000
tree881e66792e97f502a8e9a494eeb8f6ac1e75987e
parent3d96aedce9da24c468767f3d51bbf68e3a3acbfa [diff]
parent4bb1ff081d679e6d2b6498dee23b037b2ce3db84 [diff]
Merge "Revert "Stop logging the AppIntegrityManager related logs (namely, INTEGRITY_CHECK_RESULT_REPORTED and INTEGRITY_RULES_PUSHED) in preparation of the code clean-up of this deprecated component."" into main am: d45ece4672 am: 4bb1ff081d

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/3298177

Change-Id: I82ad2e3e09bcae168efefe8ac2b0d03f55590ed0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

diff --git a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java
index 48dab2f..5514ec7 100644
--- a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java
+++ b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java

@@ -214,6 +214,12 @@
                                         version, ruleProvider));
                     }
 
+                    FrameworkStatsLog.write(
+                            FrameworkStatsLog.INTEGRITY_RULES_PUSHED,
+                            success,
+                            ruleProvider,
+                            version);
+
                     Intent intent = new Intent();
                     intent.putExtra(EXTRA_STATUS, success ? STATUS_SUCCESS : STATUS_FAILURE);
                     try {
@@ -340,6 +346,15 @@
                                 packageName, result.getEffect(), result.getMatchedRules()));
             }
 
+            FrameworkStatsLog.write(
+                    FrameworkStatsLog.INTEGRITY_CHECK_RESULT_REPORTED,
+                    packageName,
+                    appCertificates.toString(),
+                    appInstallMetadata.getVersionCode(),
+                    installerPackageName,
+                    result.getLoggingResponse(),
+                    result.isCausedByAppCertRule(),
+                    result.isCausedByInstallerRule());
             mPackageManagerInternal.setIntegrityVerificationResult(
                     verificationId,
                     result.getEffect() == IntegrityCheckResult.Effect.ALLOW

diff --git a/services/core/java/com/android/server/integrity/model/IntegrityCheckResult.java b/services/core/java/com/android/server/integrity/model/IntegrityCheckResult.java
index 05186cd..1fa0670 100644
--- a/services/core/java/com/android/server/integrity/model/IntegrityCheckResult.java
+++ b/services/core/java/com/android/server/integrity/model/IntegrityCheckResult.java

@@ -82,6 +82,21 @@
         return new IntegrityCheckResult(Effect.DENY, ruleList);
     }
 
+    /**
+     * Returns the in value of the integrity check result for logging purposes.
+     */
+    public int getLoggingResponse() {
+        if (getEffect() == Effect.DENY) {
+            return FrameworkStatsLog.INTEGRITY_CHECK_RESULT_REPORTED__RESPONSE__REJECTED;
+        } else if (getEffect() == Effect.ALLOW && getMatchedRules().isEmpty()) {
+            return FrameworkStatsLog.INTEGRITY_CHECK_RESULT_REPORTED__RESPONSE__ALLOWED;
+        } else if (getEffect() == Effect.ALLOW && !getMatchedRules().isEmpty()) {
+            return FrameworkStatsLog.INTEGRITY_CHECK_RESULT_REPORTED__RESPONSE__FORCE_ALLOWED;
+        } else {
+            throw new IllegalStateException("IntegrityCheckResult is not valid.");
+        }
+    }
+
     /** Returns true when the {@code mEffect} is caused by an app certificate mismatch. */
     public boolean isCausedByAppCertRule() {
         return mRuleList.stream().anyMatch(rule -> rule.getFormula().isAppCertificateFormula());

diff --git a/services/tests/servicestests/src/com/android/server/integrity/model/IntegrityCheckResultTest.java b/services/tests/servicestests/src/com/android/server/integrity/model/IntegrityCheckResultTest.java
index c39378f..6c23ff6 100644
--- a/services/tests/servicestests/src/com/android/server/integrity/model/IntegrityCheckResultTest.java
+++ b/services/tests/servicestests/src/com/android/server/integrity/model/IntegrityCheckResultTest.java

@@ -40,6 +40,8 @@
 
         assertThat(allowResult.getEffect()).isEqualTo(IntegrityCheckResult.Effect.ALLOW);
         assertThat(allowResult.getMatchedRules()).isEmpty();
+        assertThat(allowResult.getLoggingResponse())
+                .isEqualTo(FrameworkStatsLog.INTEGRITY_CHECK_RESULT_REPORTED__RESPONSE__ALLOWED);
     }
 
     @Test
@@ -56,6 +58,9 @@
 
         assertThat(allowResult.getEffect()).isEqualTo(IntegrityCheckResult.Effect.ALLOW);
         assertThat(allowResult.getMatchedRules()).containsExactly(forceAllowRule);
+        assertThat(allowResult.getLoggingResponse())
+                .isEqualTo(
+                        FrameworkStatsLog.INTEGRITY_CHECK_RESULT_REPORTED__RESPONSE__FORCE_ALLOWED);
     }
 
     @Test
@@ -72,6 +77,8 @@
 
         assertThat(denyResult.getEffect()).isEqualTo(IntegrityCheckResult.Effect.DENY);
         assertThat(denyResult.getMatchedRules()).containsExactly(failedRule);
+        assertThat(denyResult.getLoggingResponse())
+                .isEqualTo(FrameworkStatsLog.INTEGRITY_CHECK_RESULT_REPORTED__RESPONSE__REJECTED);
     }
 
     @Test