Bug reporting flow to work for shell running on any user
In the existing implementation dumpstate prompts a consent for all
the bug reports triggered from sources whouse calling_uid is not
AID_SHELL(2000), but with the recent refactorings for headles shell
can be running on any user and have different calling UID than 2000.
Change all the calling_uid assertion of shell to app_id to match with
shell process running on any user.
Refactored sendBroadcast method to send broadcast to the calling user.
Bug: 260989962
Test: manually tested consents are not triggered for the bugreport
triggered from shell on a secondary user.
Ignore-AOSP-First: will do it later with other headless changes.
Change-Id: I37dd1c5fbe68b3888ecec19533e19728c3f7d858
diff --git a/cmds/dumpstate/dumpstate.cpp b/cmds/dumpstate/dumpstate.cpp
index 69a1df2..fdee3e5 100644
--- a/cmds/dumpstate/dumpstate.cpp
+++ b/cmds/dumpstate/dumpstate.cpp
@@ -74,6 +74,7 @@
#include <android/hidl/manager/1.0/IServiceManager.h>
#include <android/os/IIncidentCompanion.h>
#include <binder/IServiceManager.h>
+#include <cutils/multiuser.h>
#include <cutils/native_handle.h>
#include <cutils/properties.h>
#include <cutils/sockets.h>
@@ -2619,10 +2620,13 @@
return true;
}
-static void SendBroadcast(const std::string& action, const std::vector<std::string>& args) {
+static void SendBroadcast(const std::string& action,
+ const std::vector<std::string>& args,
+ int32_t user_id) {
// clang-format off
- std::vector<std::string> am = {"/system/bin/cmd", "activity", "broadcast", "--user", "0",
- "--receiver-foreground", "--receiver-include-background", "-a", action};
+ std::vector<std::string> am = {"/system/bin/cmd", "activity", "broadcast", "--user",
+ std::to_string(user_id), "--receiver-foreground",
+ "--receiver-include-background", "-a", action};
// clang-format on
am.insert(am.end(), args.begin(), args.end());
@@ -3057,7 +3061,8 @@
};
// clang-format on
// Send STARTED broadcast for apps that listen to bugreport generation events
- SendBroadcast("com.android.internal.intent.action.BUGREPORT_STARTED", am_args);
+ SendBroadcast("com.android.internal.intent.action.BUGREPORT_STARTED",
+ am_args, multiuser_get_user_id(calling_uid));
if (options_->progress_updates_to_socket) {
dprintf(control_socket_fd_, "BEGIN:%s\n", path_.c_str());
}
@@ -3305,7 +3310,7 @@
}
void Dumpstate::onUiIntensiveBugreportDumpsFinished(int32_t calling_uid) {
- if (calling_uid == AID_SHELL || !CalledByApi()) {
+ if (multiuser_get_app_id(calling_uid) == AID_SHELL || !CalledByApi()) {
return;
}
if (listener_ != nullptr) {
@@ -3316,7 +3321,7 @@
}
void Dumpstate::MaybeCheckUserConsent(int32_t calling_uid, const std::string& calling_package) {
- if (calling_uid == AID_SHELL || !CalledByApi()) {
+ if (multiuser_get_app_id(calling_uid) == AID_SHELL || !CalledByApi()) {
// No need to get consent for shell triggered dumpstates, or not through
// bugreporting API (i.e. no fd to copy back).
return;
@@ -3398,7 +3403,7 @@
// If the caller has asked to copy the bugreport over to their directory, we need explicit
// user consent (unless the caller is Shell).
UserConsentResult consent_result;
- if (calling_uid == AID_SHELL) {
+ if (multiuser_get_app_id(calling_uid) == AID_SHELL) {
consent_result = UserConsentResult::APPROVED;
} else {
consent_result = consent_callback_->getResult();