diff --git a/init/device_usage_statistics_service.cfg b/init/device_usage_statistics_service.cfg index 2154baa1e2dff29beb89622ab33639c0a52f9337..b4f759b93b10564adedb2e9f463a3bd9ffb1711d 100644 --- a/init/device_usage_statistics_service.cfg +++ b/init/device_usage_statistics_service.cfg @@ -2,6 +2,7 @@ "jobs" : [{ "name" : "post-fs-data", "cmds" : [ + "mkdir /data/service/el1/public/bundle_usage 0711 device_usage_stats device_usage_stats", "start device_usage_stats_service" ] } @@ -9,8 +10,8 @@ "services" : [{ "name" : "device_usage_stats_service", "path" : ["/system/bin/sa_main", "/system/profile/device_usage_stats_service.xml"], - "uid" : "system", - "gid" : ["system", "shell"] + "uid" : "device_usage_stats", + "gid" : ["device_usage_stats", "shell"] } ] } \ No newline at end of file diff --git a/services/common/include/bundle_active_constant.h b/services/common/include/bundle_active_constant.h index 4a52803327774b4110e47e215d8cd8800ef2730d..9c00cafc275d3602371671e3c7a692eda4f24c1e 100644 --- a/services/common/include/bundle_active_constant.h +++ b/services/common/include/bundle_active_constant.h @@ -121,7 +121,7 @@ const std::string BUNDLE_ACTIVE_DB_BUNDLE_DAILY_TIMEOUT_TIME = "bundleDailyTimeo const std::string BUNDLE_ACTIVE_DB_BOOT_BASED_DURATION = "bootBasedDuration"; const std::string BUNDLE_ACTIVE_DB_SCREEN_ON_DURATION = "screenOnDuration"; const std::string REFRESH_DATABASE_RUNNER_NAME = "RefreshDatabase"; -const std::string BUNDLE_ACTIVE_DATABASE_DIR = "/data/system_ce/bundle_usage/"; +const std::string BUNDLE_ACTIVE_DATABASE_DIR = "/data/service/el1/public/bundle_usage/"; const std::string BUNDLE_ACTIVE_VERSION_FILE = "/version"; const std::string DATABASE_FILE_TABLE_NAME = "table"; const std::string SQLITE_MASTER_NAME = "name"; diff --git a/services/common/include/bundle_active_service.h b/services/common/include/bundle_active_service.h index b5898da431f4e786df03776dac21a078547cd10b..ceac5de6b8abb846cf331af0ec3a20ca58369680 100644 --- a/services/common/include/bundle_active_service.h +++ b/services/common/include/bundle_active_service.h @@ -124,7 +124,8 @@ private: void InitNecessaryState(); void InitService(); bool GetBundleMgrProxy(); - bool CheckBundleIsSystemAppAndHasPermission(const int uid, const int userId, int32_t& errCode); + bool CheckBundleIsSystemAppAndHasPermission(const int uid, OHOS::Security::AccessToken::AccessTokenID tokenId, + int32_t& errCode); void InitAppStateSubscriber(const std::shared_ptr& reportHandler); void InitContinuousSubscriber(const std::shared_ptr& reportHandler); bool SubscribeAppState(); diff --git a/services/common/src/bundle_active_service.cpp b/services/common/src/bundle_active_service.cpp index 4082055301cd06ca8619f28c4a45f267af3ac91f..11bd150bfa37b16cfb0f99444ae70ec65bdab728 100644 --- a/services/common/src/bundle_active_service.cpp +++ b/services/common/src/bundle_active_service.cpp @@ -32,8 +32,6 @@ static const int PERIOD_YEARLY_JS = 4; static const int PERIOD_BEST_SERVICE = 4; static const int DELAY_TIME = 2000; static const std::string PERMITTED_PROCESS_NAME = "foundation"; -const int SYSTEM_UID = 1000; -const int ROOT_UID = 0; REGISTER_SYSTEM_ABILITY_BY_ID(BundleActiveService, DEVICE_USAGE_STATISTICS_SYS_ABILITY_ID, true); const std::string NEEDED_PERMISSION = "ohos.permission.BUNDLE_ACTIVE_INFO"; @@ -214,7 +212,7 @@ int BundleActiveService::ReportEvent(BundleActiveEvent& event, const int userId) int callingUid = OHOS::IPCSkeleton::GetCallingUid(); BUNDLE_ACTIVE_LOGI("calling process name is %{public}s, uid is %{public}d", callingTokenInfo.processName.c_str(), callingUid); - if (callingTokenInfo.processName == PERMITTED_PROCESS_NAME && callingUid == SYSTEM_UID) { + if (callingTokenInfo.processName == PERMITTED_PROCESS_NAME) { BundleActiveReportHandlerObject tmpHandlerObject(userId, ""); tmpHandlerObject.event_ = event; sptr timer = MiscServices::TimeServiceClient::GetInstance(); @@ -261,6 +259,7 @@ std::vector BundleActiveService::QueryPackageStats(con std::vector result; // get uid int callingUid = OHOS::IPCSkeleton::GetCallingUid(); + AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); BUNDLE_ACTIVE_LOGI("QueryPackageStats UID is %{public}d", callingUid); if (userId == -1) { // get userid @@ -291,6 +290,7 @@ std::vector BundleActiveService::QueryEvents(const int64_t be std::vector result; // get uid int callingUid = OHOS::IPCSkeleton::GetCallingUid(); + AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); BUNDLE_ACTIVE_LOGI("QueryEvents UID is %{public}d", callingUid); if (userId == -1) { // get userid @@ -326,6 +326,7 @@ std::vector BundleActiveService::QueryCurrentPackageSt std::vector result; // get uid int callingUid = OHOS::IPCSkeleton::GetCallingUid(); + AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); BUNDLE_ACTIVE_LOGI("UID is %{public}d", callingUid); // get userid int userId = -1; @@ -339,7 +340,7 @@ std::vector BundleActiveService::QueryCurrentPackageSt std::string bundleName = ""; int32_t errCode = 0; sptrBundleMgr_->GetBundleNameForUid(callingUid, bundleName); - bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, userId, errCode); + bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, tokenId, errCode); if (!bundleName.empty() && isSystemAppAndHasPermission == true) { int convertedIntervalType = ConvertIntervalType(intervalType); result = bundleActiveCore_->QueryPackageStats(userId, convertedIntervalType, beginTime, endTime, @@ -439,7 +440,8 @@ int BundleActiveService::ConvertIntervalType(const int intervalType) return -1; } -bool BundleActiveService::CheckBundleIsSystemAppAndHasPermission(const int uid, const int userId, int32_t& errCode) +bool BundleActiveService::CheckBundleIsSystemAppAndHasPermission(const int uid, + OHOS::Security::AccessToken::AccessTokenID tokenId, int32_t& errCode) { if (!GetBundleMgrProxy()) { BUNDLE_ACTIVE_LOGE("Get bundle manager proxy failed!"); @@ -448,8 +450,6 @@ bool BundleActiveService::CheckBundleIsSystemAppAndHasPermission(const int uid, std::string bundleName = ""; sptrBundleMgr_->GetBundleNameForUid(uid, bundleName); bool bundleIsSystemApp = sptrBundleMgr_->CheckIsSystemAppByUid(uid); - AccessToken::AccessTokenID tokenId = AccessToken::AccessTokenKit::GetHapTokenID(userId, - bundleName, 0); int bundleHasPermission = AccessToken::AccessTokenKit::VerifyAccessToken(tokenId, NEEDED_PERMISSION); if (!bundleIsSystemApp) { errCode = BUNDLE_ACTIVE_FAIL; @@ -481,11 +481,11 @@ int BundleActiveService::QueryFormStatistics(int32_t maxNum, std::vectorQueryFormStatistics(maxNum, results, userId); for (auto& oneResult : results) { QueryModuleRecordInfos(oneResult);