Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_native / b573eb864d87e75d89d5cb01b59504a58c06e95d^! / . / cmds / dumpstate / dumpstate.cpp
commitb573eb864d87e75d89d5cb01b59504a58c06e95d[log] [tgz]
authorSteven Lee <stevenmhlee@google.com>Tue Nov 29 22:31:35 2022 +0800
committerSteven Lee <stevenmhlee@google.com>Wed Jan 18 11:53:33 2023 +0800
treebf29cbf909741f9ff5161929ddbc6ebf8be62a17
parent243f1f8fe2241b7bf0edaf3e6f162620f68015e2 [diff] [blame]
Implement consentless bugreport mechanism

When required conditions are met, bugreport could be approved silently:
 1. BugreportMode allows consentless bugreport.
 2. Current build type is "userdebug" or "eng".
 3. Caller has its OP_CAPTURE_CONSENTLESS_BUGREPORT_ON_USERDEBUG_BUILD App-Op ALLOWED.

 - Adds an IsConsentlessBugreportAllowed() function in dumpstate.cpp.
   The function checks BugreportMode and returns false when mode is BUGREPORT_MODE_TELEPHONY:
   BUGREPORT_MODE_TELEPHONY mode bug reports MUST obtain user consent every time.
 - In Dumpstate::MaybeCheckUserConsent(), pass the consentless bugreport allowance info to
   IncidentCompanionService.authorizeReport() through its flags param.

Ignore-AOSP-First: Consentless bugreport is a pixel-only feature at first.

Legal tracker bug: 262936053
Privacy tracker bug: 262936015
Security tracker bug: 265360498

Bug: 259436697
Bug: 262628255
Bug: 263163716
Test: builds
Test: Manual test
Change-Id: If4decae0c92b79d5157f421c0721b6a1db184ad4

diff --git a/cmds/dumpstate/dumpstate.cpp b/cmds/dumpstate/dumpstate.cpp
index fdee3e5..d77b458 100644
--- a/cmds/dumpstate/dumpstate.cpp
+++ b/cmds/dumpstate/dumpstate.cpp

@@ -2761,6 +2761,11 @@
     }
 }
 
+static bool IsConsentlessBugreportAllowed(const Dumpstate::DumpOptions& options) {
+    // only BUGREPORT_TELEPHONY does not allow using consentless bugreport
+    return !options.telephony_only;
+}
+
 static void SetOptionsFromMode(Dumpstate::BugreportMode mode, Dumpstate::DumpOptions* options,
                                bool is_screenshot_requested) {
     // Modify com.android.shell.BugreportProgressService#isDefaultScreenshotRequired as well for
@@ -3332,9 +3337,12 @@
     android::String16 package(calling_package.c_str());
     if (ics != nullptr) {
         MYLOGD("Checking user consent via incidentcompanion service\n");
+        int flags = 0x1; // IncidentManager.FLAG_CONFIRMATION_DIALOG
+        if (IsConsentlessBugreportAllowed(*options_)) {
+            flags |= 0x2; // IncidentManager.FLAG_ALLOW_CONSENTLESS_BUGREPORT
+        }
         android::interface_cast<android::os::IIncidentCompanion>(ics)->authorizeReport(
-            calling_uid, package, String16(), String16(),
-            0x1 /* FLAG_CONFIRMATION_DIALOG */, consent_callback_.get());
+            calling_uid, package, String16(), String16(), flags, consent_callback_.get());
     } else {
         MYLOGD("Unable to check user consent; incidentcompanion service unavailable\n");
     }