Skip user consent for subsequent reports
Bug: 340439309
Test: atest android.bugreport.cts_root.BugreportManagerTest
Change-Id: I1e6cabe599a3f52b4877ac1026ed4401fa86e6db
diff --git a/cmds/dumpstate/DumpstateService.cpp b/cmds/dumpstate/DumpstateService.cpp
index ba0a38a..a8d12a1 100644
--- a/cmds/dumpstate/DumpstateService.cpp
+++ b/cmds/dumpstate/DumpstateService.cpp
@@ -39,6 +39,7 @@
std::string calling_package;
int32_t user_id = -1;
bool keep_bugreport_on_retrieval = false;
+ bool skip_user_consent = false;
};
static binder::Status exception(uint32_t code, const std::string& msg,
@@ -62,7 +63,8 @@
[[noreturn]] static void* dumpstate_thread_retrieve(void* data) {
std::unique_ptr<DumpstateInfo> ds_info(static_cast<DumpstateInfo*>(data));
- ds_info->ds->Retrieve(ds_info->calling_uid, ds_info->calling_package, ds_info->keep_bugreport_on_retrieval);
+ ds_info->ds->Retrieve(ds_info->calling_uid, ds_info->calling_package,
+ ds_info->keep_bugreport_on_retrieval, ds_info->skip_user_consent);
MYLOGD("Finished retrieving a bugreport. Exiting.\n");
exit(0);
}
@@ -116,7 +118,8 @@
int bugreport_mode,
int bugreport_flags,
const sp<IDumpstateListener>& listener,
- bool is_screenshot_requested) {
+ bool is_screenshot_requested,
+ bool skip_user_consent) {
MYLOGI("startBugreport() with mode: %d\n", bugreport_mode);
// Ensure there is only one bugreport in progress at a time.
@@ -151,7 +154,7 @@
std::unique_ptr<Dumpstate::DumpOptions> options = std::make_unique<Dumpstate::DumpOptions>();
options->Initialize(static_cast<Dumpstate::BugreportMode>(bugreport_mode), bugreport_flags,
- bugreport_fd, screenshot_fd, is_screenshot_requested);
+ bugreport_fd, screenshot_fd, is_screenshot_requested, skip_user_consent);
if (bugreport_fd.get() == -1 || (options->do_screenshot && screenshot_fd.get() == -1)) {
MYLOGE("Invalid filedescriptor");
@@ -207,6 +210,7 @@
android::base::unique_fd bugreport_fd,
const std::string& bugreport_file,
const bool keep_bugreport_on_retrieval,
+ const bool skip_user_consent,
const sp<IDumpstateListener>& listener) {
ds_ = &(Dumpstate::GetInstance());
@@ -216,6 +220,7 @@
ds_info->calling_package = calling_package;
ds_info->user_id = user_id;
ds_info->keep_bugreport_on_retrieval = keep_bugreport_on_retrieval;
+ ds_info->skip_user_consent = skip_user_consent;
ds_->listener_ = listener;
std::unique_ptr<Dumpstate::DumpOptions> options = std::make_unique<Dumpstate::DumpOptions>();
// Use a /dev/null FD when initializing options since none is provided.
@@ -223,7 +228,7 @@
TEMP_FAILURE_RETRY(open("/dev/null", O_WRONLY | O_CLOEXEC)));
options->Initialize(Dumpstate::BugreportMode::BUGREPORT_DEFAULT,
- 0, bugreport_fd, devnull_fd, false);
+ 0, bugreport_fd, devnull_fd, false, skip_user_consent);
if (bugreport_fd.get() == -1) {
MYLOGE("Invalid filedescriptor");
diff --git a/cmds/dumpstate/DumpstateService.h b/cmds/dumpstate/DumpstateService.h
index 7b76c36..c99f70e 100644
--- a/cmds/dumpstate/DumpstateService.h
+++ b/cmds/dumpstate/DumpstateService.h
@@ -44,7 +44,7 @@
android::base::unique_fd bugreport_fd,
android::base::unique_fd screenshot_fd, int bugreport_mode,
int bugreport_flags, const sp<IDumpstateListener>& listener,
- bool is_screenshot_requested) override;
+ bool is_screenshot_requested, bool skip_user_consent) override;
binder::Status retrieveBugreport(int32_t calling_uid,
const std::string& calling_package,
@@ -52,6 +52,7 @@
android::base::unique_fd bugreport_fd,
const std::string& bugreport_file,
const bool keep_bugreport_on_retrieval,
+ const bool skip_user_consent,
const sp<IDumpstateListener>& listener)
override;
diff --git a/cmds/dumpstate/binder/android/os/IDumpstate.aidl b/cmds/dumpstate/binder/android/os/IDumpstate.aidl
index 97c470e..3b8fde9 100644
--- a/cmds/dumpstate/binder/android/os/IDumpstate.aidl
+++ b/cmds/dumpstate/binder/android/os/IDumpstate.aidl
@@ -96,7 +96,8 @@
void startBugreport(int callingUid, @utf8InCpp String callingPackage,
FileDescriptor bugreportFd, FileDescriptor screenshotFd,
int bugreportMode, int bugreportFlags,
- IDumpstateListener listener, boolean isScreenshotRequested);
+ IDumpstateListener listener, boolean isScreenshotRequested,
+ boolean skipUserConsent);
/**
* Cancels the bugreport currently in progress.
@@ -130,5 +131,6 @@
FileDescriptor bugreportFd,
@utf8InCpp String bugreportFile,
boolean keepBugreportOnRetrieval,
+ boolean skipUserConsent,
IDumpstateListener listener);
}
diff --git a/cmds/dumpstate/dumpstate.cpp b/cmds/dumpstate/dumpstate.cpp
index 6b9a0a0..d5125f0 100644
--- a/cmds/dumpstate/dumpstate.cpp
+++ b/cmds/dumpstate/dumpstate.cpp
@@ -2902,9 +2902,11 @@
int bugreport_flags,
const android::base::unique_fd& bugreport_fd_in,
const android::base::unique_fd& screenshot_fd_in,
- bool is_screenshot_requested) {
+ bool is_screenshot_requested,
+ bool skip_user_consent) {
this->use_predumped_ui_data = bugreport_flags & BugreportFlag::BUGREPORT_USE_PREDUMPED_UI_DATA;
this->is_consent_deferred = bugreport_flags & BugreportFlag::BUGREPORT_FLAG_DEFER_CONSENT;
+ this->skip_user_consent = skip_user_consent;
// Duplicate the fds because the passed in fds don't outlive the binder transaction.
bugreport_fd.reset(fcntl(bugreport_fd_in.get(), F_DUPFD_CLOEXEC, 0));
screenshot_fd.reset(fcntl(screenshot_fd_in.get(), F_DUPFD_CLOEXEC, 0));
@@ -2992,46 +2994,52 @@
}
Dumpstate::RunStatus Dumpstate::Retrieve(int32_t calling_uid, const std::string& calling_package,
- const bool keep_bugreport_on_retrieval) {
+ const bool keep_bugreport_on_retrieval,
+ const bool skip_user_consent) {
Dumpstate::RunStatus status = RetrieveInternal(calling_uid, calling_package,
- keep_bugreport_on_retrieval);
+ keep_bugreport_on_retrieval,
+ skip_user_consent);
HandleRunStatus(status);
return status;
}
Dumpstate::RunStatus Dumpstate::RetrieveInternal(int32_t calling_uid,
const std::string& calling_package,
- const bool keep_bugreport_on_retrieval) {
- consent_callback_ = new ConsentCallback();
- const String16 incidentcompanion("incidentcompanion");
- sp<android::IBinder> ics(
- defaultServiceManager()->checkService(incidentcompanion));
- android::String16 package(calling_package.c_str());
- if (ics != nullptr) {
- MYLOGD("Checking user consent via incidentcompanion service\n");
- android::interface_cast<android::os::IIncidentCompanion>(ics)->authorizeReport(
- calling_uid, package, String16(), String16(),
- 0x1 /* FLAG_CONFIRMATION_DIALOG */, consent_callback_.get());
- } else {
- MYLOGD(
- "Unable to check user consent; incidentcompanion service unavailable\n");
- return RunStatus::USER_CONSENT_TIMED_OUT;
- }
- UserConsentResult consent_result = consent_callback_->getResult();
- int timeout_ms = 30 * 1000;
- while (consent_result == UserConsentResult::UNAVAILABLE &&
- consent_callback_->getElapsedTimeMs() < timeout_ms) {
- sleep(1);
- consent_result = consent_callback_->getResult();
- }
- if (consent_result == UserConsentResult::DENIED) {
- return RunStatus::USER_CONSENT_DENIED;
- }
- if (consent_result == UserConsentResult::UNAVAILABLE) {
- MYLOGD("Canceling user consent request via incidentcompanion service\n");
- android::interface_cast<android::os::IIncidentCompanion>(ics)->cancelAuthorization(
- consent_callback_.get());
- return RunStatus::USER_CONSENT_TIMED_OUT;
+ const bool keep_bugreport_on_retrieval,
+ const bool skip_user_consent) {
+ if (!android::app::admin::flags::onboarding_consentless_bugreports() || !skip_user_consent) {
+ consent_callback_ = new ConsentCallback();
+ const String16 incidentcompanion("incidentcompanion");
+ sp<android::IBinder> ics(
+ defaultServiceManager()->checkService(incidentcompanion));
+ android::String16 package(calling_package.c_str());
+ if (ics != nullptr) {
+ MYLOGD("Checking user consent via incidentcompanion service\n");
+
+ android::interface_cast<android::os::IIncidentCompanion>(ics)->authorizeReport(
+ calling_uid, package, String16(), String16(),
+ 0x1 /* FLAG_CONFIRMATION_DIALOG */, consent_callback_.get());
+ } else {
+ MYLOGD(
+ "Unable to check user consent; incidentcompanion service unavailable\n");
+ return RunStatus::USER_CONSENT_TIMED_OUT;
+ }
+ UserConsentResult consent_result = consent_callback_->getResult();
+ int timeout_ms = 30 * 1000;
+ while (consent_result == UserConsentResult::UNAVAILABLE &&
+ consent_callback_->getElapsedTimeMs() < timeout_ms) {
+ sleep(1);
+ consent_result = consent_callback_->getResult();
+ }
+ if (consent_result == UserConsentResult::DENIED) {
+ return RunStatus::USER_CONSENT_DENIED;
+ }
+ if (consent_result == UserConsentResult::UNAVAILABLE) {
+ MYLOGD("Canceling user consent request via incidentcompanion service\n");
+ android::interface_cast<android::os::IIncidentCompanion>(ics)->cancelAuthorization(
+ consent_callback_.get());
+ return RunStatus::USER_CONSENT_TIMED_OUT;
+ }
}
bool copy_succeeded =
@@ -3510,7 +3518,9 @@
void Dumpstate::MaybeCheckUserConsent(int32_t calling_uid, const std::string& calling_package) {
if (multiuser_get_app_id(calling_uid) == AID_SHELL ||
- !CalledByApi() || options_->is_consent_deferred) {
+ !CalledByApi() || options_->is_consent_deferred ||
+ (android::app::admin::flags::onboarding_consentless_bugreports() &&
+ options_->skip_user_consent)) {
// No need to get consent for shell triggered dumpstates, or not
// through bugreporting API (i.e. no fd to copy back), or when consent
// is deferred.
@@ -3596,7 +3606,8 @@
// If the caller has asked to copy the bugreport over to their directory, we need explicit
// user consent (unless the caller is Shell).
UserConsentResult consent_result;
- if (multiuser_get_app_id(calling_uid) == AID_SHELL) {
+ if (multiuser_get_app_id(calling_uid) == AID_SHELL || (options_->skip_user_consent
+ && android::app::admin::flags::onboarding_consentless_bugreports())) {
consent_result = UserConsentResult::APPROVED;
} else {
consent_result = consent_callback_->getResult();
diff --git a/cmds/dumpstate/dumpstate.h b/cmds/dumpstate/dumpstate.h
index 46d949e..fcb8cf3 100644
--- a/cmds/dumpstate/dumpstate.h
+++ b/cmds/dumpstate/dumpstate.h
@@ -364,7 +364,7 @@
* Initialize() dumpstate before calling this method.
*/
RunStatus Retrieve(int32_t calling_uid, const std::string& calling_package,
- const bool keep_bugreport_on_retrieval);
+ const bool keep_bugreport_on_retrieval, const bool skip_user_consent);
@@ -412,6 +412,7 @@
bool do_screenshot = false;
bool is_screenshot_copied = false;
bool is_consent_deferred = false;
+ bool skip_user_consent = false;
bool is_remote_mode = false;
bool show_header_only = false;
bool telephony_only = false;
@@ -448,7 +449,8 @@
void Initialize(BugreportMode bugreport_mode, int bugreport_flags,
const android::base::unique_fd& bugreport_fd,
const android::base::unique_fd& screenshot_fd,
- bool is_screenshot_requested);
+ bool is_screenshot_requested,
+ bool skip_user_consent);
/* Returns true if the options set so far are consistent. */
bool ValidateOptions() const;
@@ -564,7 +566,8 @@
private:
RunStatus RunInternal(int32_t calling_uid, const std::string& calling_package);
RunStatus RetrieveInternal(int32_t calling_uid, const std::string& calling_package,
- const bool keep_bugreport_on_retrieval);
+ const bool keep_bugreport_on_retrieval,
+ const bool skip_user_consent);
RunStatus DumpstateDefaultAfterCritical();
RunStatus dumpstate();
diff --git a/cmds/dumpstate/tests/dumpstate_smoke_test.cpp b/cmds/dumpstate/tests/dumpstate_smoke_test.cpp
index ccf64fe..a29923a 100644
--- a/cmds/dumpstate/tests/dumpstate_smoke_test.cpp
+++ b/cmds/dumpstate/tests/dumpstate_smoke_test.cpp
@@ -507,7 +507,7 @@
ds_binder->startBugreport(123, "com.example.package", std::move(bugreport_fd),
std::move(screenshot_fd),
Dumpstate::BugreportMode::BUGREPORT_INTERACTIVE, flags, listener,
- true);
+ true, false);
// startBugreport is an async call. Verify binder call succeeded first, then wait till listener
// gets expected callbacks.
EXPECT_TRUE(status.isOk());
@@ -545,7 +545,7 @@
android::binder::Status status =
ds_binder->startBugreport(123, "com.example.package", std::move(bugreport_fd),
std::move(screenshot_fd), 2000, // invalid bugreport mode
- flags, listener, false);
+ flags, listener, false, false);
EXPECT_EQ(listener->getErrorCode(), IDumpstateListener::BUGREPORT_ERROR_INVALID_INPUT);
// The service should have died, freeing itself up for a new invocation.
@@ -579,7 +579,7 @@
ds_binder->startBugreport(123, "com.example.package", std::move(bugreport_fd),
std::move(screenshot_fd),
Dumpstate::BugreportMode::BUGREPORT_INTERACTIVE, flags, listener1,
- true);
+ true, false);
EXPECT_TRUE(status.isOk());
// try to make another call to startBugreport. This should fail.
@@ -587,7 +587,7 @@
status = ds_binder->startBugreport(123, "com.example.package", std::move(bugreport_fd2),
std::move(screenshot_fd2),
Dumpstate::BugreportMode::BUGREPORT_INTERACTIVE, flags,
- listener2, true);
+ listener2, true, false);
EXPECT_FALSE(status.isOk());
WaitTillExecutionComplete(listener2.get());
EXPECT_EQ(listener2->getErrorCode(),
diff --git a/cmds/dumpstate/tests/dumpstate_test.cpp b/cmds/dumpstate/tests/dumpstate_test.cpp
index 2afabed..18c2f94 100644
--- a/cmds/dumpstate/tests/dumpstate_test.cpp
+++ b/cmds/dumpstate/tests/dumpstate_test.cpp
@@ -239,7 +239,7 @@
}
TEST_F(DumpOptionsTest, InitializeFullBugReport) {
- options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_FULL, 0, fd, fd, true);
+ options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_FULL, 0, fd, fd, true, false);
EXPECT_TRUE(options_.do_screenshot);
// Other options retain default values
@@ -253,7 +253,7 @@
}
TEST_F(DumpOptionsTest, InitializeInteractiveBugReport) {
- options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_INTERACTIVE, 0, fd, fd, true);
+ options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_INTERACTIVE, 0, fd, fd, true, false);
EXPECT_TRUE(options_.do_progress_updates);
EXPECT_TRUE(options_.do_screenshot);
@@ -267,7 +267,7 @@
}
TEST_F(DumpOptionsTest, InitializeRemoteBugReport) {
- options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_REMOTE, 0, fd, fd, false);
+ options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_REMOTE, 0, fd, fd, false, false);
EXPECT_TRUE(options_.is_remote_mode);
EXPECT_FALSE(options_.do_vibrate);
EXPECT_FALSE(options_.do_screenshot);
@@ -281,7 +281,7 @@
}
TEST_F(DumpOptionsTest, InitializeWearBugReport) {
- options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_WEAR, 0, fd, fd, true);
+ options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_WEAR, 0, fd, fd, true, false);
EXPECT_TRUE(options_.do_screenshot);
EXPECT_TRUE(options_.do_progress_updates);
@@ -296,7 +296,7 @@
}
TEST_F(DumpOptionsTest, InitializeTelephonyBugReport) {
- options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_TELEPHONY, 0, fd, fd, false);
+ options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_TELEPHONY, 0, fd, fd, false, false);
EXPECT_FALSE(options_.do_screenshot);
EXPECT_TRUE(options_.telephony_only);
EXPECT_TRUE(options_.do_progress_updates);
@@ -311,7 +311,7 @@
}
TEST_F(DumpOptionsTest, InitializeWifiBugReport) {
- options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_WIFI, 0, fd, fd, false);
+ options_.Initialize(Dumpstate::BugreportMode::BUGREPORT_WIFI, 0, fd, fd, false, false);
EXPECT_FALSE(options_.do_screenshot);
EXPECT_TRUE(options_.wifi_only);
@@ -491,12 +491,12 @@
int flags = Dumpstate::BugreportFlag::BUGREPORT_USE_PREDUMPED_UI_DATA |
Dumpstate::BugreportFlag::BUGREPORT_FLAG_DEFER_CONSENT;
options_.Initialize(
- Dumpstate::BugreportMode::BUGREPORT_FULL, flags, fd, fd, true);
+ Dumpstate::BugreportMode::BUGREPORT_FULL, flags, fd, fd, true, false);
EXPECT_TRUE(options_.is_consent_deferred);
EXPECT_TRUE(options_.use_predumped_ui_data);
options_.Initialize(
- Dumpstate::BugreportMode::BUGREPORT_FULL, 0, fd, fd, true);
+ Dumpstate::BugreportMode::BUGREPORT_FULL, 0, fd, fd, true, false);
EXPECT_FALSE(options_.is_consent_deferred);
EXPECT_FALSE(options_.use_predumped_ui_data);
}