Merge "Add metrics for DevicePolicyManagerService methods (Part 1)"
diff --git a/core/java/android/app/admin/DevicePolicyEventLogger.java b/core/java/android/app/admin/DevicePolicyEventLogger.java
index f39a5f4..c89d868 100644
--- a/core/java/android/app/admin/DevicePolicyEventLogger.java
+++ b/core/java/android/app/admin/DevicePolicyEventLogger.java
@@ -16,6 +16,8 @@
package android.app.admin;
+import android.annotation.Nullable;
+import android.content.ComponentName;
import android.stats.devicepolicy.nano.StringList;
import android.util.StatsLog;
@@ -34,7 +36,7 @@
*
* DevicePolicyEventLogger
* .createEvent(DevicePolicyEnums.USER_RESTRICTION_CHANGED)
- * .setAdminPackageName(who)
+ * .setAdmin(who)
* .setString(key)
* .setBoolean(enabledFromThisOwner)
* .write();
@@ -170,12 +172,20 @@
/**
* Sets the package name of the admin application.
*/
- public DevicePolicyEventLogger setAdminPackageName(String packageName) {
+ public DevicePolicyEventLogger setAdmin(@Nullable String packageName) {
mAdminPackageName = packageName;
return this;
}
/**
+ * Retrieves the package name of the admin application from the {@link ComponentName}.
+ */
+ public DevicePolicyEventLogger setAdmin(@Nullable ComponentName componentName) {
+ mAdminPackageName = (componentName != null ? componentName.getPackageName() : null);
+ return this;
+ }
+
+ /**
* Returns the package name of the admin application.
*/
@VisibleForTesting
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 041d5d8..bfbaac9 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -111,6 +111,7 @@
import android.app.admin.DeviceAdminInfo;
import android.app.admin.DeviceAdminReceiver;
import android.app.admin.DevicePolicyCache;
+import android.app.admin.DevicePolicyEventLogger;
import android.app.admin.DevicePolicyManager;
import android.app.admin.DevicePolicyManagerInternal;
import android.app.admin.NetworkEvent;
@@ -197,6 +198,7 @@
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.ParcelableKeyGenParameterSpec;
import android.service.persistentdata.PersistentDataBlockManager;
+import android.stats.devicepolicy.DevicePolicyEnums;
import android.telephony.TelephonyManager;
import android.telephony.data.ApnSetting;
import android.text.TextUtils;
@@ -207,7 +209,6 @@
import android.util.Pair;
import android.util.Slog;
import android.util.SparseArray;
-import android.util.StatsLog;
import android.util.Xml;
import android.view.IWindowManager;
import android.view.accessibility.AccessibilityManager;
@@ -4053,6 +4054,12 @@
}
maybeLogPasswordComplexitySet(who, userId, parent, metrics);
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_PASSWORD_QUALITY)
+ .setAdmin(who)
+ .setInt(quality)
+ .setBoolean(parent)
+ .write();
}
/**
@@ -4166,6 +4173,11 @@
}
maybeLogPasswordComplexitySet(who, userId, parent, metrics);
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_PASSWORD_MINIMUM_LENGTH)
+ .setAdmin(who)
+ .setInt(length)
+ .write();
}
@Override
@@ -4393,6 +4405,11 @@
}
maybeLogPasswordComplexitySet(who, userId, parent, metrics);
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_PASSWORD_MINIMUM_UPPER_CASE)
+ .setAdmin(who)
+ .setInt(length)
+ .write();
}
@Override
@@ -4416,6 +4433,11 @@
}
maybeLogPasswordComplexitySet(who, userId, parent, metrics);
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_PASSWORD_MINIMUM_LOWER_CASE)
+ .setAdmin(who)
+ .setInt(length)
+ .write();
}
@Override
@@ -4442,6 +4464,11 @@
}
maybeLogPasswordComplexitySet(who, userId, parent, metrics);
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_PASSWORD_MINIMUM_LETTERS)
+ .setAdmin(who)
+ .setInt(length)
+ .write();
}
@Override
@@ -4468,6 +4495,11 @@
}
maybeLogPasswordComplexitySet(who, userId, parent, metrics);
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_PASSWORD_MINIMUM_NUMERIC)
+ .setAdmin(who)
+ .setInt(length)
+ .write();
}
@Override
@@ -4494,6 +4526,11 @@
}
maybeLogPasswordComplexitySet(who, userId, parent, metrics);
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_PASSWORD_MINIMUM_SYMBOLS)
+ .setAdmin(who)
+ .setInt(length)
+ .write();
}
@Override
@@ -4520,6 +4557,11 @@
}
maybeLogPasswordComplexitySet(who, userId, parent, metrics);
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_PASSWORD_MINIMUM_NON_LETTER)
+ .setAdmin(who)
+ .setInt(length)
+ .write();
}
@Override
@@ -5289,6 +5331,10 @@
mInjector.binderRestoreCallingIdentity(ident);
}
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.LOCK_NOW)
+ .setInt(flags)
+ .write();
}
@Override
@@ -5367,6 +5413,12 @@
final long id = mInjector.binderClearCallingIdentity();
try {
alias = mCertificateMonitor.installCaCert(userHandle, certBuffer);
+ final boolean isDelegate = (admin == null);
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.INSTALL_CA_CERT)
+ .setAdmin(callerPackage)
+ .setBoolean(isDelegate)
+ .write();
if (alias == null) {
Log.w(LOG_TAG, "Problem installing cert");
return false;
@@ -5426,6 +5478,12 @@
keyChain.setGrant(callingUid, alias, true);
}
keyChain.setUserSelectable(alias, isUserSelectable);
+ final boolean isDelegate = (who == null);
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.INSTALL_KEY_PAIR)
+ .setAdmin(callerPackage)
+ .setBoolean(isDelegate)
+ .write();
return true;
} catch (RemoteException e) {
Log.e(LOG_TAG, "Installing certificate", e);
@@ -6120,6 +6178,11 @@
synchronized (getLockObject()) {
admin = getActiveAdminForCallerLocked(null, DeviceAdminInfo.USES_POLICY_WIPE_DATA);
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.WIPE_DATA_WITH_REASON)
+ .setAdmin(admin.info.getComponent())
+ .setInt(flags)
+ .write();
String internalReason = "DevicePolicyManager.wipeDataWithReason() from "
+ admin.info.getComponent().flattenToShortString();
wipeDataNoLock(
@@ -7224,6 +7287,12 @@
SecurityLog.writeEvent(SecurityLog.TAG_KEYGUARD_DISABLED_FEATURES_SET,
who.getPackageName(), userHandle, affectedUserId, which);
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_KEYGUARD_DISABLED_FEATURES)
+ .setAdmin(who)
+ .setInt(which)
+ .setBoolean(parent)
+ .write();
}
/**
@@ -9470,7 +9539,14 @@
}
saveUserRestrictionsLocked(userHandle);
}
- StatsLog.write(StatsLog.USER_RESTRICTION_CHANGED, key, enabledFromThisOwner);
+ final int eventId = enabledFromThisOwner
+ ? DevicePolicyEnums.ADD_USER_RESTRICTION
+ : DevicePolicyEnums.REMOVE_USER_RESTRICTION;
+ DevicePolicyEventLogger
+ .createEvent(eventId)
+ .setAdmin(who)
+ .setStrings(key)
+ .write();
if (SecurityLog.isLoggingEnabled()) {
final int eventTag = enabledFromThisOwner
? SecurityLog.TAG_USER_RESTRICTION_ADDED
@@ -10242,6 +10318,11 @@
try {
setUserRestriction(who, UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES,
(Integer.parseInt(value) == 0) ? true : false);
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_SECURE_SETTING)
+ .setAdmin(who)
+ .setStrings(setting, value)
+ .write();
} catch (NumberFormatException exc) {
Slog.e(LOG_TAG, "Invalid value: " + value + " for setting " + setting);
}
@@ -10269,6 +10350,11 @@
mInjector.binderRestoreCallingIdentity(id);
}
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_SECURE_SETTING)
+ .setAdmin(who)
+ .setStrings(setting, value)
+ .write();
}
@Override
@@ -10627,6 +10713,10 @@
synchronized (getLockObject()) {
updateMaximumTimeToLockLocked(userId);
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SEPARATE_PROFILE_CHALLENGE_CHANGED)
+ .setBoolean(isSeparateProfileChallengeEnabled(userId))
+ .write();
}
@Override
@@ -10967,6 +11057,13 @@
saveSettingsLocked(userId);
}
}
+ final boolean isDelegate = (admin == null);
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_PERMISSION_POLICY)
+ .setAdmin(callerPackage)
+ .setInt(policy)
+ .setBoolean(isDelegate)
+ .write();
}
@Override
@@ -11018,7 +11115,6 @@
PackageManager.FLAG_PERMISSION_POLICY_FIXED, 0, user);
} break;
}
- return true;
} catch (SecurityException se) {
return false;
} catch (NameNotFoundException e) {
@@ -11027,6 +11123,15 @@
mInjector.binderRestoreCallingIdentity(ident);
}
}
+ final boolean isDelegate = (admin == null);
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_PERMISSION_GRANT_STATE)
+ .setAdmin(callerPackage)
+ .setStrings(permission)
+ .setInt(grantState)
+ .setBoolean(isDelegate)
+ .write();
+ return true;
}
@Override
@@ -11852,6 +11957,11 @@
mSecurityLogMonitor.stop();
}
}
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.SET_SECURITY_LOGGING_ENABLED)
+ .setAdmin(admin)
+ .setBoolean(enabled)
+ .write();
}
@Override
@@ -11889,13 +11999,17 @@
Preconditions.checkNotNull(admin);
ensureDeviceOwnerAndAllUsersAffiliated(admin);
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.RETRIEVE_PRE_REBOOT_SECURITY_LOGS)
+ .setAdmin(admin)
+ .write();
+
if (!mContext.getResources().getBoolean(R.bool.config_supportPreRebootSecurityLogs)
|| !mInjector.securityLogGetLoggingEnabledProperty()) {
return null;
}
recordSecurityLogRetrievalTime();
-
ArrayList<SecurityEvent> output = new ArrayList<SecurityEvent>();
try {
SecurityLog.readPreviousEvents(output);
@@ -11922,6 +12036,10 @@
recordSecurityLogRetrievalTime();
List<SecurityEvent> logs = mSecurityLogMonitor.retrieveLogs();
+ DevicePolicyEventLogger
+ .createEvent(DevicePolicyEnums.RETRIEVE_SECURITY_LOGS)
+ .setAdmin(admin)
+ .write();
return logs != null ? new ParceledListSlice<SecurityEvent>(logs) : null;
}