From 7587e591415d12790fecd54d0ee1cd78dcbc150d Mon Sep 17 00:00:00 2001 From: houdisheng Date: Thu, 14 Apr 2022 15:57:05 +0800 Subject: [PATCH 1/3] =?UTF-8?q?=E8=AE=BE=E5=A4=87=E4=BD=BF=E7=94=A8?= =?UTF-8?q?=E4=BF=A1=E6=81=AF=E7=BB=9F=E8=AE=A1=E8=BF=9B=E7=A8=8B=E9=99=8D?= =?UTF-8?q?=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: houdisheng --- init/device_usage_statistics_service.cfg | 5 +++-- services/common/include/bundle_active_constant.h | 2 +- services/common/include/bundle_active_service.h | 3 ++- services/common/src/bundle_active_service.cpp | 16 +++++++++------- 4 files changed, 15 insertions(+), 11 deletions(-) diff --git a/init/device_usage_statistics_service.cfg b/init/device_usage_statistics_service.cfg index 2154baa..b4f759b 100644 --- a/init/device_usage_statistics_service.cfg +++ b/init/device_usage_statistics_service.cfg @@ -2,6 +2,7 @@ "jobs" : [{ "name" : "post-fs-data", "cmds" : [ + "mkdir /data/service/el1/public/bundle_usage 0711 device_usage_stats device_usage_stats", "start device_usage_stats_service" ] } @@ -9,8 +10,8 @@ "services" : [{ "name" : "device_usage_stats_service", "path" : ["/system/bin/sa_main", "/system/profile/device_usage_stats_service.xml"], - "uid" : "system", - "gid" : ["system", "shell"] + "uid" : "device_usage_stats", + "gid" : ["device_usage_stats", "shell"] } ] } \ No newline at end of file diff --git a/services/common/include/bundle_active_constant.h b/services/common/include/bundle_active_constant.h index 4a52803..9c00caf 100644 --- a/services/common/include/bundle_active_constant.h +++ b/services/common/include/bundle_active_constant.h @@ -121,7 +121,7 @@ const std::string BUNDLE_ACTIVE_DB_BUNDLE_DAILY_TIMEOUT_TIME = "bundleDailyTimeo const std::string BUNDLE_ACTIVE_DB_BOOT_BASED_DURATION = "bootBasedDuration"; const std::string BUNDLE_ACTIVE_DB_SCREEN_ON_DURATION = "screenOnDuration"; const std::string REFRESH_DATABASE_RUNNER_NAME = "RefreshDatabase"; -const std::string BUNDLE_ACTIVE_DATABASE_DIR = "/data/system_ce/bundle_usage/"; +const std::string BUNDLE_ACTIVE_DATABASE_DIR = "/data/service/el1/public/bundle_usage/"; const std::string BUNDLE_ACTIVE_VERSION_FILE = "/version"; const std::string DATABASE_FILE_TABLE_NAME = "table"; const std::string SQLITE_MASTER_NAME = "name"; diff --git a/services/common/include/bundle_active_service.h b/services/common/include/bundle_active_service.h index e892224..b8dd5d7 100644 --- a/services/common/include/bundle_active_service.h +++ b/services/common/include/bundle_active_service.h @@ -124,7 +124,8 @@ private: void InitNecessaryState(); void InitService(); bool GetBundleMgrProxy(); - bool CheckBundleIsSystemAppAndHasPermission(const int uid, const int userId, int32_t& errCode); + bool CheckBundleIsSystemAppAndHasPermission(const int uid, OHOS::Security::AccessToken::AccessTokenID tokenId, + int32_t& errCode); void InitAppStateSubscriber(const std::shared_ptr& reportHandler); void InitContinuousSubscriber(const std::shared_ptr& reportHandler); bool SubscribeAppState(); diff --git a/services/common/src/bundle_active_service.cpp b/services/common/src/bundle_active_service.cpp index cbaa5d2..0b6c182 100644 --- a/services/common/src/bundle_active_service.cpp +++ b/services/common/src/bundle_active_service.cpp @@ -260,13 +260,14 @@ std::vector BundleActiveService::QueryPackageStats(con std::vector result; // get uid int callingUid = OHOS::IPCSkeleton::GetCallingUid(); + AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); BUNDLE_ACTIVE_LOGI("QueryPackageStats UID is %{public}d", callingUid); // get userid int userId = -1; OHOS::ErrCode ret = OHOS::AccountSA::OsAccountManager::GetOsAccountLocalIdFromUid(callingUid, userId); if (ret == ERR_OK && userId != -1) { BUNDLE_ACTIVE_LOGI("QueryPackageStats user id is %{public}d", userId); - bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, userId, errCode); + bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, tokenId, errCode); if (isSystemAppAndHasPermission == true) { int convertedIntervalType = ConvertIntervalType(intervalType); result = bundleActiveCore_->QueryPackageStats(userId, convertedIntervalType, beginTime, endTime, ""); @@ -282,13 +283,14 @@ std::vector BundleActiveService::QueryEvents(const int64_t be std::vector result; // get uid int callingUid = OHOS::IPCSkeleton::GetCallingUid(); + AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); BUNDLE_ACTIVE_LOGI("QueryEvents UID is %{public}d", callingUid); // get userid int userId = -1; OHOS::ErrCode ret = OHOS::AccountSA::OsAccountManager::GetOsAccountLocalIdFromUid(callingUid, userId); if (ret == ERR_OK && userId != -1) { BUNDLE_ACTIVE_LOGI("QueryEvents userid is %{public}d", userId); - bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, userId, errCode); + bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, tokenId, errCode); if (isSystemAppAndHasPermission == true) { result = bundleActiveCore_->QueryEvents(userId, beginTime, endTime, ""); } @@ -309,6 +311,7 @@ std::vector BundleActiveService::QueryCurrentPackageSt std::vector result; // get uid int callingUid = OHOS::IPCSkeleton::GetCallingUid(); + AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); BUNDLE_ACTIVE_LOGI("UID is %{public}d", callingUid); // get userid int userId = -1; @@ -322,7 +325,7 @@ std::vector BundleActiveService::QueryCurrentPackageSt std::string bundleName = ""; int32_t errCode = 0; sptrBundleMgr_->GetBundleNameForUid(callingUid, bundleName); - bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, userId, errCode); + bool isSystemAppAndHasPermission = CheckBundleIsSystemAppAndHasPermission(callingUid, tokenId, errCode); if (!bundleName.empty() && isSystemAppAndHasPermission == true) { int convertedIntervalType = ConvertIntervalType(intervalType); result = bundleActiveCore_->QueryPackageStats(userId, convertedIntervalType, beginTime, endTime, @@ -418,7 +421,8 @@ int BundleActiveService::ConvertIntervalType(const int intervalType) return -1; } -bool BundleActiveService::CheckBundleIsSystemAppAndHasPermission(const int uid, const int userId, int32_t& errCode) +bool BundleActiveService::CheckBundleIsSystemAppAndHasPermission(const int uid, OHOS::Security::AccessToken::AccessTokenID tokenId, + int32_t& errCode) { if (!GetBundleMgrProxy()) { BUNDLE_ACTIVE_LOGE("Get bundle manager proxy failed!"); @@ -427,8 +431,6 @@ bool BundleActiveService::CheckBundleIsSystemAppAndHasPermission(const int uid, std::string bundleName = ""; sptrBundleMgr_->GetBundleNameForUid(uid, bundleName); bool bundleIsSystemApp = sptrBundleMgr_->CheckIsSystemAppByUid(uid); - AccessToken::AccessTokenID tokenId = AccessToken::AccessTokenKit::GetHapTokenID(userId, - bundleName, 0); int bundleHasPermission = AccessToken::AccessTokenKit::VerifyAccessToken(tokenId, NEEDED_PERMISSION); if (!bundleIsSystemApp) { errCode = BUNDLE_ACTIVE_FAIL; @@ -460,8 +462,8 @@ int BundleActiveService::QueryFormStatistics(int32_t maxNum, std::vector Date: Wed, 20 Apr 2022 16:32:20 +0800 Subject: [PATCH 2/3] =?UTF-8?q?codex=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: houdisheng --- services/common/src/bundle_active_service.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/common/src/bundle_active_service.cpp b/services/common/src/bundle_active_service.cpp index 0b6c182..1f4bc99 100644 --- a/services/common/src/bundle_active_service.cpp +++ b/services/common/src/bundle_active_service.cpp @@ -421,8 +421,8 @@ int BundleActiveService::ConvertIntervalType(const int intervalType) return -1; } -bool BundleActiveService::CheckBundleIsSystemAppAndHasPermission(const int uid, OHOS::Security::AccessToken::AccessTokenID tokenId, - int32_t& errCode) +bool BundleActiveService::CheckBundleIsSystemAppAndHasPermission(const int uid, + OHOS::Security::AccessToken::AccessTokenID tokenId, int32_t& errCode) { if (!GetBundleMgrProxy()) { BUNDLE_ACTIVE_LOGE("Get bundle manager proxy failed!"); -- Gitee From 48bbaacb2ec0f0041a683e466f621c82f7f56fb1 Mon Sep 17 00:00:00 2001 From: houdisheng Date: Wed, 20 Apr 2022 17:21:41 +0800 Subject: [PATCH 3/3] =?UTF-8?q?codex=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: houdisheng --- services/common/src/bundle_active_service.cpp | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/services/common/src/bundle_active_service.cpp b/services/common/src/bundle_active_service.cpp index 1f4bc99..06588ae 100644 --- a/services/common/src/bundle_active_service.cpp +++ b/services/common/src/bundle_active_service.cpp @@ -31,8 +31,6 @@ static const int PERIOD_YEARLY_JS = 4; static const int PERIOD_BEST_SERVICE = 4; static const int DELAY_TIME = 2000; static const std::string PERMITTED_PROCESS_NAME = "foundation"; -const int SYSTEM_UID = 1000; -const int ROOT_UID = 0; REGISTER_SYSTEM_ABILITY_BY_ID(BundleActiveService, DEVICE_USAGE_STATISTICS_SYS_ABILITY_ID, true); const std::string NEEDED_PERMISSION = "ohos.permission.BUNDLE_ACTIVE_INFO"; @@ -213,7 +211,7 @@ int BundleActiveService::ReportEvent(BundleActiveEvent& event, const int userId) int callingUid = OHOS::IPCSkeleton::GetCallingUid(); BUNDLE_ACTIVE_LOGI("calling process name is %{public}s, uid is %{public}d", callingTokenInfo.processName.c_str(), callingUid); - if (callingTokenInfo.processName == PERMITTED_PROCESS_NAME && callingUid == SYSTEM_UID) { + if (callingTokenInfo.processName == PERMITTED_PROCESS_NAME) { BundleActiveReportHandlerObject tmpHandlerObject(userId, ""); tmpHandlerObject.event_ = event; sptr timer = MiscServices::TimeServiceClient::GetInstance(); @@ -466,7 +464,7 @@ int BundleActiveService::QueryFormStatistics(int32_t maxNum, std::vectorQueryFormStatistics(maxNum, results, userId); for (auto& oneResult : results) { QueryModuleRecordInfos(oneResult); -- Gitee