diff options
| author | 2017-04-27 11:21:41 -0600 | |
|---|---|---|
| committer | 2017-04-27 11:33:39 -0600 | |
| commit | a4d34d971c9566a162a53e6b027ba2bc341ae5b4 (patch) | |
| tree | 69112edf49564387b09dadb878e6f01edcfbb9aa /services/usage/java | |
| parent | dd91a5636bec399be1f9e6af298bc667e0c25b09 (diff) | |
Respond to API council feedback.
Move aggressive allocation to @SystemApi, which means we can hide
the "flags" API variants.
Remove UUID APIs, since we should use existing Serializable APIs.
Relax permission checks to allow apps to ask for their own stats.
Improve docs.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.StorageHostTest
Bug: 37534687, 37534941, 37718184, 37738770
Change-Id: I6a763fb3ab3169c8d3329765bb31e1ee08d9ced7
Diffstat (limited to 'services/usage/java')
| -rw-r--r-- | services/usage/java/com/android/server/usage/StorageStatsService.java | 36 |
1 files changed, 25 insertions, 11 deletions
diff --git a/services/usage/java/com/android/server/usage/StorageStatsService.java b/services/usage/java/com/android/server/usage/StorageStatsService.java index 2ebf5fc1c533..e13665bed275 100644 --- a/services/usage/java/com/android/server/usage/StorageStatsService.java +++ b/services/usage/java/com/android/server/usage/StorageStatsService.java @@ -157,7 +157,7 @@ public class StorageStatsService extends IStorageStatsManager.Stub { @Override public long getTotalBytes(String volumeUuid, String callingPackage) { - enforcePermission(Binder.getCallingUid(), callingPackage); + // NOTE: No permissions required if (volumeUuid == StorageManager.UUID_PRIVATE_INTERNAL) { return FileUtils.roundStorageSize(mStorage.getPrimaryStorageSize()); @@ -173,7 +173,7 @@ public class StorageStatsService extends IStorageStatsManager.Stub { @Override public long getFreeBytes(String volumeUuid, String callingPackage) { - enforcePermission(Binder.getCallingUid(), callingPackage); + // NOTE: No permissions required long cacheBytes = 0; final long token = Binder.clearCallingIdentity(); @@ -187,14 +187,14 @@ public class StorageStatsService extends IStorageStatsManager.Stub { } if (volumeUuid == StorageManager.UUID_PRIVATE_INTERNAL) { - return Environment.getDataDirectory().getUsableSpace() + cacheBytes; + return Environment.getDataDirectory().getFreeSpace() + cacheBytes; } else { final VolumeInfo vol = mStorage.findVolumeByUuid(volumeUuid); if (vol == null) { throw new ParcelableException( new IOException("Failed to find storage device for UUID " + volumeUuid)); } - return vol.getPath().getUsableSpace() + cacheBytes; + return vol.getPath().getFreeSpace() + cacheBytes; } } @@ -213,7 +213,6 @@ public class StorageStatsService extends IStorageStatsManager.Stub { @Override public StorageStats queryStatsForPackage(String volumeUuid, String packageName, int userId, String callingPackage) { - enforcePermission(Binder.getCallingUid(), callingPackage); if (userId != UserHandle.getCallingUserId()) { mContext.enforceCallingOrSelfPermission( android.Manifest.permission.INTERACT_ACROSS_USERS, TAG); @@ -227,6 +226,12 @@ public class StorageStatsService extends IStorageStatsManager.Stub { throw new ParcelableException(e); } + if (Binder.getCallingUid() == appInfo.uid) { + // No permissions required when asking about themselves + } else { + enforcePermission(Binder.getCallingUid(), callingPackage); + } + if (mPackage.getPackagesForUid(appInfo.uid).length == 1) { // Only one package inside UID means we can fast-path return queryStatsForUid(volumeUuid, appInfo.uid, callingPackage); @@ -257,14 +262,19 @@ public class StorageStatsService extends IStorageStatsManager.Stub { @Override public StorageStats queryStatsForUid(String volumeUuid, int uid, String callingPackage) { - enforcePermission(Binder.getCallingUid(), callingPackage); - if (UserHandle.getUserId(uid) != UserHandle.getCallingUserId()) { + final int userId = UserHandle.getUserId(uid); + final int appId = UserHandle.getAppId(uid); + + if (userId != UserHandle.getCallingUserId()) { mContext.enforceCallingOrSelfPermission( android.Manifest.permission.INTERACT_ACROSS_USERS, TAG); } - final int userId = UserHandle.getUserId(uid); - final int appId = UserHandle.getAppId(uid); + if (Binder.getCallingUid() == uid) { + // No permissions required when asking about themselves + } else { + enforcePermission(Binder.getCallingUid(), callingPackage); + } final String[] packageNames = mPackage.getPackagesForUid(uid); final long[] ceDataInodes = new long[packageNames.length]; @@ -304,12 +314,14 @@ public class StorageStatsService extends IStorageStatsManager.Stub { @Override public StorageStats queryStatsForUser(String volumeUuid, int userId, String callingPackage) { - enforcePermission(Binder.getCallingUid(), callingPackage); if (userId != UserHandle.getCallingUserId()) { mContext.enforceCallingOrSelfPermission( android.Manifest.permission.INTERACT_ACROSS_USERS, TAG); } + // Always require permission to see user-level stats + enforcePermission(Binder.getCallingUid(), callingPackage); + final int[] appIds = getAppIds(userId); final PackageStats stats = new PackageStats(TAG); try { @@ -329,12 +341,14 @@ public class StorageStatsService extends IStorageStatsManager.Stub { @Override public ExternalStorageStats queryExternalStatsForUser(String volumeUuid, int userId, String callingPackage) { - enforcePermission(Binder.getCallingUid(), callingPackage); if (userId != UserHandle.getCallingUserId()) { mContext.enforceCallingOrSelfPermission( android.Manifest.permission.INTERACT_ACROSS_USERS, TAG); } + // Always require permission to see user-level stats + enforcePermission(Binder.getCallingUid(), callingPackage); + final int[] appIds = getAppIds(userId); final long[] stats; try { |