From 78edd5023bb485951619b241833609ec26fed25a Mon Sep 17 00:00:00 2001 From: houdisheng Date: Thu, 21 Apr 2022 13:54:51 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E8=AE=BE=E5=A4=87=E4=BD=BF=E7=94=A8?= =?UTF-8?q?=E4=BF=A1=E6=81=AF=E7=BB=9F=E8=AE=A1=E9=99=8D=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: houdisheng --- init/device_usage_statistics_service.cfg | 3 +++ .../common/include/bundle_active_constant.h | 2 +- .../common/include/bundle_active_service.h | 3 ++- services/common/src/bundle_active_service.cpp | 25 ++++++++++--------- 4 files changed, 19 insertions(+), 14 deletions(-) diff --git a/init/device_usage_statistics_service.cfg b/init/device_usage_statistics_service.cfg index 2154baa..626fd62 100644 --- a/init/device_usage_statistics_service.cfg +++ b/init/device_usage_statistics_service.cfg @@ -2,6 +2,7 @@ "jobs" : [{ "name" : "post-fs-data", "cmds" : [ + "mkdir /data/service/el1/public/bundle_usage 0711 device_usage_stats device_usage_stats", "start device_usage_stats_service" ] } @@ -11,6 +12,8 @@ "path" : ["/system/bin/sa_main", "/system/profile/device_usage_stats_service.xml"], "uid" : "system", "gid" : ["system", "shell"] + "uid" : "device_usage_stats", + "gid" : ["device_usage_stats", "shell"] } ] } \ No newline at end of file diff --git a/services/common/include/bundle_active_constant.h b/services/common/include/bundle_active_constant.h index 4a52803..9c00caf 100644 --- a/services/common/include/bundle_active_constant.h +++ b/services/common/include/bundle_active_constant.h @@ -121,7 +121,7 @@ const std::string BUNDLE_ACTIVE_DB_BUNDLE_DAILY_TIMEOUT_TIME = "bundleDailyTimeo const std::string BUNDLE_ACTIVE_DB_BOOT_BASED_DURATION = "bootBasedDuration"; const std::string BUNDLE_ACTIVE_DB_SCREEN_ON_DURATION = "screenOnDuration"; const std::string REFRESH_DATABASE_RUNNER_NAME = "RefreshDatabase"; -const std::string BUNDLE_ACTIVE_DATABASE_DIR = "/data/system_ce/bundle_usage/"; +const std::string BUNDLE_ACTIVE_DATABASE_DIR = "/data/service/el1/public/bundle_usage/"; const std::string BUNDLE_ACTIVE_VERSION_FILE = "/version"; const std::string DATABASE_FILE_TABLE_NAME = "table"; const std::string SQLITE_MASTER_NAME = "name"; diff --git a/services/common/include/bundle_active_service.h b/services/common/include/bundle_active_service.h index b5898da..ceac5de 100644 --- a/services/common/include/bundle_active_service.h +++ b/services/common/include/bundle_active_service.h @@ -124,7 +124,8 @@ private: void InitNecessaryState(); void InitService(); bool GetBundleMgrProxy(); - bool CheckBundleIsSystemAppAndHasPermission(const int uid, const int userId, int32_t& errCode); + bool CheckBundleIsSystemAppAndHasPermission(const int uid, OHOS::Security::AccessToken::AccessTokenID tokenId, + int32_t& errCode); void InitAppStateSubscriber(const std::shared_ptr& reportHandler); void InitContinuousSubscriber(const std::shared_ptr& reportHandler); bool SubscribeAppState(); diff --git a/services/common/src/bundle_active_service.cpp b/services/common/src/bundle_active_service.cpp index 4082055..01dfab1 100644 --- a/services/common/src/bundle_active_service.cpp +++ b/services/common/src/bundle_active_service.cpp @@ -32,8 +32,6 @@ static const int PERIOD_YEARLY_JS = 4; static const int PERIOD_BEST_SERVICE = 4; static const int DELAY_TIME = 2000; static const std::string PERMITTED_PROCESS_NAME = "foundation"; -const int SYSTEM_UID = 1000; -const int ROOT_UID = 0; REGISTER_SYSTEM_ABILITY_BY_ID(BundleActiveService, DEVICE_USAGE_STATISTICS_SYS_ABILITY_ID, true); const std::string NEEDED_PERMISSION = "ohos.permission.BUNDLE_ACTIVE_INFO"; @@ -214,7 +212,7 @@ int BundleActiveService::ReportEvent(BundleActiveEvent& event, const int userId) int callingUid = OHOS::IPCSkeleton::GetCallingUid(); BUNDLE_ACTIVE_LOGI("calling process name is %{public}s, uid is %{public}d", callingTokenInfo.processName.c_str(), callingUid); - if (callingTokenInfo.processName == PERMITTED_PROCESS_NAME && callingUid == SYSTEM_UID) { + if (callingTokenInfo.processName == PERMITTED_PROCESS_NAME) { BundleActiveReportHandlerObject tmpHandlerObject(userId, ""); tmpHandlerObject.event_ = event; sptr timer = MiscServices::TimeServiceClient::GetInstance(); @@ -261,6 +259,7 @@ std::vector BundleActiveService::QueryPackageStats(con std::vector result; // get uid int callingUid = OHOS::IPCSkeleton::GetCallingUid(); + AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); BUNDLE_ACTIVE_LOGI("QueryPackageStats UID is %{public}d", callingUid); if (userId == -1) { // get userid @@ -272,7 +271,7 @@ std::vector BundleActiveService::QueryPackageStats(con } if (userId != -1) { BUNDLE_ACTIVE_LOGI("QueryPackageStats user id is %{public}d", userId); - bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, userId, errCode); + bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, tokenId, errCode); AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); if (isSystemAppAndHasPermission == true || AccessToken::AccessTokenKit::GetTokenTypeFlag(tokenId) == @@ -291,6 +290,7 @@ std::vector BundleActiveService::QueryEvents(const int64_t be std::vector result; // get uid int callingUid = OHOS::IPCSkeleton::GetCallingUid(); + AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); BUNDLE_ACTIVE_LOGI("QueryEvents UID is %{public}d", callingUid); if (userId == -1) { // get userid @@ -302,7 +302,7 @@ std::vector BundleActiveService::QueryEvents(const int64_t be } if (userId != -1) { BUNDLE_ACTIVE_LOGI("QueryEvents userid is %{public}d", userId); - bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, userId, errCode); + bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, tokenId, errCode); AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); if (isSystemAppAndHasPermission == true || AccessToken::AccessTokenKit::GetTokenTypeFlag(tokenId) == @@ -326,6 +326,7 @@ std::vector BundleActiveService::QueryCurrentPackageSt std::vector result; // get uid int callingUid = OHOS::IPCSkeleton::GetCallingUid(); + AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); BUNDLE_ACTIVE_LOGI("UID is %{public}d", callingUid); // get userid int userId = -1; @@ -339,7 +340,7 @@ std::vector BundleActiveService::QueryCurrentPackageSt std::string bundleName = ""; int32_t errCode = 0; sptrBundleMgr_->GetBundleNameForUid(callingUid, bundleName); - bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, userId, errCode); + bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, tokenId, errCode); if (!bundleName.empty() && isSystemAppAndHasPermission == true) { int convertedIntervalType = ConvertIntervalType(intervalType); result = bundleActiveCore_->QueryPackageStats(userId, convertedIntervalType, beginTime, endTime, @@ -439,7 +440,8 @@ int BundleActiveService::ConvertIntervalType(const int intervalType) return -1; } -bool BundleActiveService::CheckBundleIsSystemAppAndHasPermission(const int uid, const int userId, int32_t& errCode) +bool BundleActiveService::CheckBundleIsSystemAppAndHasPermission(const int uid, + OHOS::Security::AccessToken::AccessTokenID tokenId, int32_t& errCode) { if (!GetBundleMgrProxy()) { BUNDLE_ACTIVE_LOGE("Get bundle manager proxy failed!"); @@ -448,8 +450,7 @@ bool BundleActiveService::CheckBundleIsSystemAppAndHasPermission(const int uid, std::string bundleName = ""; sptrBundleMgr_->GetBundleNameForUid(uid, bundleName); bool bundleIsSystemApp = sptrBundleMgr_->CheckIsSystemAppByUid(uid); - AccessToken::AccessTokenID tokenId = AccessToken::AccessTokenKit::GetHapTokenID(userId, - bundleName, 0); + int bundleHasPermission = AccessToken::AccessTokenKit::VerifyAccessToken(tokenId, NEEDED_PERMISSION); if (!bundleIsSystemApp) { errCode = BUNDLE_ACTIVE_FAIL; @@ -481,11 +482,11 @@ int BundleActiveService::QueryFormStatistics(int32_t maxNum, std::vectorQueryFormStatistics(maxNum, results, userId); for (auto& oneResult : results) { QueryModuleRecordInfos(oneResult); -- Gitee From 75d4745b48adb983f67752e37a972ccbf6880b7a Mon Sep 17 00:00:00 2001 From: houdisheng Date: Thu, 21 Apr 2022 14:54:05 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E8=AE=BE=E5=A4=87=E4=BD=BF=E7=94=A8?= =?UTF-8?q?=E4=BF=A1=E6=81=AF=E7=BB=9F=E8=AE=A1=E9=99=8D=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: houdisheng --- init/device_usage_statistics_service.cfg | 2 -- 1 file changed, 2 deletions(-) diff --git a/init/device_usage_statistics_service.cfg b/init/device_usage_statistics_service.cfg index 626fd62..b4f759b 100644 --- a/init/device_usage_statistics_service.cfg +++ b/init/device_usage_statistics_service.cfg @@ -10,8 +10,6 @@ "services" : [{ "name" : "device_usage_stats_service", "path" : ["/system/bin/sa_main", "/system/profile/device_usage_stats_service.xml"], - "uid" : "system", - "gid" : ["system", "shell"] "uid" : "device_usage_stats", "gid" : ["device_usage_stats", "shell"] } -- Gitee