commit 5a57d7989a527376c883565a6f54eca8d56bc96c
author Mike Ma <yanmin@google.com> Wed Aug 21 14:52:46 2019 -0700
committer Mike Ma <yanmin@google.com> Thu Aug 22 14:43:27 2019 -0700
tree c1949abfaceb1c750ee6b6c2e09a1553cd1dfecc
parent a68d5351996996da5a0b2f4aa7a4c568b550f292

Add an API to dump incident report for dumpstate

Instead of just relying on the regular iteration through the system
services inside dumpstate, add another API to IIncidentManager
dedicated for dumpstate.

- It is only callable by dumpstate() (check the calling uid)
- It has the same behavior as the current call inside dump()

Advantages:
- More explicit function name, right next to takeIncidentReport will
  make it easier to keep them in sync.
- Nobody else can call it, make security easier.
- If dumpstate calls it explicitly, it can skip the 10 second timeout
- The regular dump() call should provide debugging data about
  incidentd itself, for example timestamps for the most recent N
  incident reports taken and the current state of the work directory,
  allowing us to debug incidentd itself.

Bug: 137493082
Test: Manually trigger a bug report, and verify
      /proto/incident_log.proto in the zip file.

Change-Id: I19139c765b53ede63d3beb3ea3ac40ada1aba42d

cmds/incidentd/src/IncidentService.cpp

diff --git a/cmds/incidentd/src/IncidentService.cpp b/cmds/incidentd/src/IncidentService.cpp
index a527263..999936b 100644
--- a/cmds/incidentd/src/IncidentService.cpp
+++ b/cmds/incidentd/src/IncidentService.cpp
@@ -46,12 +46,11 @@
 #define DEFAULT_BYTES_SIZE_LIMIT (96 * 1024 * 1024)        // 96MB
 #define DEFAULT_REFACTORY_PERIOD_MS (24 * 60 * 60 * 1000)  // 1 Day
 
-// Skip these sections for dumpstate only. Dumpstate allows 10s max for each service to dump.
+// Skip these sections (for dumpstate only)
 // Skip logs (1100 - 1108) and traces (1200 - 1202) because they are already in the bug report.
-// Skip 3018 because it takes too long.
-#define SKIPPED_SECTIONS { 1100, 1101, 1102, 1103, 1104, 1105, 1106, 1107, 1108, /* Logs */ \
-                           1200, 1201, 1202, /* Native, hal, java traces */ \
-                           3018  /* "meminfo -a --proto" */ }
+#define SKIPPED_DUMPSTATE_SECTIONS { \
+            1100, 1101, 1102, 1103, 1104, 1105, 1106, 1107, 1108, /* Logs */ \
+            1200, 1201, 1202, /* Native, hal, java traces */ }
 
 namespace android {
 namespace os {
@@ -307,6 +306,39 @@
     return Status::ok();
 }
 
+Status IncidentService::reportIncidentToDumpstate(const unique_fd& stream,
+        const sp<IIncidentReportStatusListener>& listener) {
+    uid_t caller = IPCThreadState::self()->getCallingUid();
+    if (caller != AID_ROOT && caller != AID_SHELL) {
+        ALOGW("Calling uid %d does not have permission: only ROOT or SHELL allowed", caller);
+        return Status::fromExceptionCode(Status::EX_SECURITY, "Only ROOT or SHELL allowed");
+    }
+
+    ALOGD("Stream incident report to dumpstate");
+    IncidentReportArgs incidentArgs;
+    // Privacy policy for dumpstate incident reports is always EXPLICIT.
+    incidentArgs.setPrivacyPolicy(PRIVACY_POLICY_EXPLICIT);
+
+    int skipped[] = SKIPPED_DUMPSTATE_SECTIONS;
+    for (const Section** section = SECTION_LIST; *section; section++) {
+        const int id = (*section)->id;
+        if (std::find(std::begin(skipped), std::end(skipped), id) == std::end(skipped)
+                && !section_requires_specific_mention(id)) {
+            incidentArgs.addSection(id);
+        }
+    }
+
+    // The ReportRequest takes ownership of the fd, so we need to dup it.
+    int fd = dup(stream.get());
+    if (fd < 0) {
+        return Status::fromStatusT(-errno);
+    }
+
+    mHandler->scheduleStreamingReport(incidentArgs, listener, fd);
+
+    return Status::ok();
+}
+
 Status IncidentService::systemRunning() {
     if (IPCThreadState::self()->getCallingUid() != AID_SYSTEM) {
         return Status::fromExceptionCode(Status::EX_SECURITY,
@@ -551,43 +583,6 @@
     return NO_ERROR;
 }
 
-status_t IncidentService::dump(int fd, const Vector<String16>& args) {
-    if (std::find(args.begin(), args.end(), String16("--proto")) == args.end()) {
-        ALOGD("Skip dumping incident. Only proto format is supported.");
-        dprintf(fd, "Incident dump only supports proto version.\n");
-        return NO_ERROR;
-    }
-
-    ALOGD("Dump incident proto");
-    IncidentReportArgs incidentArgs;
-    incidentArgs.setPrivacyPolicy(PRIVACY_POLICY_EXPLICIT);
-    int skipped[] = SKIPPED_SECTIONS;
-    for (const Section** section = SECTION_LIST; *section; section++) {
-        const int id = (*section)->id;
-        if (std::find(std::begin(skipped), std::end(skipped), id) == std::end(skipped)
-                && !section_requires_specific_mention(id)) {
-            incidentArgs.addSection(id);
-        }
-    }
-
-    if (!checkIncidentPermissions(incidentArgs).isOk()) {
-        return PERMISSION_DENIED;
-    }
-
-    // The ReportRequest takes ownership of the fd, so we need to dup it.
-    int fd1 = dup(fd);
-    if (fd1 < 0) {
-        return -errno;
-    }
-
-    // TODO: Remove this.  Someone even dumpstate, wanting to get an incident report
-    // should use the API.  That will take making dumpstated call the API, which is a
-    // good thing.  It also means it won't be subject to the timeout.
-    mHandler->scheduleStreamingReport(incidentArgs, NULL, fd1);
-
-    return NO_ERROR;
-}
-
 }  // namespace incidentd
 }  // namespace os
 }  // namespace android