Protect system services with DUMP permission.

Change-Id: I5e53859f8b8e5473e54eca43ebd7de841f1a05ff

9 files changed, 19 insertions, 19 deletions

diff --git a/core/java/android/server/BluetoothA2dpService.java b/core/java/android/server/BluetoothA2dpService.java
index c4cb3a5..300bc68 100644
--- a/core/java/android/server/BluetoothA2dpService.java
+++ b/core/java/android/server/BluetoothA2dpService.java
@@ -588,6 +588,8 @@ public class BluetoothA2dpService extends IBluetoothA2dp.Stub {
 
     @Override
     protected synchronized void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
+        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.DUMP, TAG);
+
         if (mAudioDevices.isEmpty()) return;
         pw.println("Cached audio devices:");
         for (BluetoothDevice device : mAudioDevices.keySet()) {
diff --git a/core/java/android/server/BluetoothService.java b/core/java/android/server/BluetoothService.java
index 7a97455..a420734 100755
--- a/core/java/android/server/BluetoothService.java
+++ b/core/java/android/server/BluetoothService.java
@@ -1775,6 +1775,8 @@ public class BluetoothService extends IBluetooth.Stub {
 
     @Override
     protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
+        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.DUMP, TAG);
+
         if (getBluetoothStateInternal() != BluetoothAdapter.STATE_ON) {
             return;
         }
diff --git a/core/java/android/service/dreams/DreamManagerService.java b/core/java/android/service/dreams/DreamManagerService.java
index 8712fa2..4a14ced 100644
--- a/core/java/android/service/dreams/DreamManagerService.java
+++ b/core/java/android/service/dreams/DreamManagerService.java
@@ -169,6 +169,8 @@ public class DreamManagerService
     
     @Override
     protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
+        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.DUMP, TAG);
+
         pw.println("Dreamland:");
         pw.print("  component="); pw.println(mCurrentDreamComponent);
         pw.print("  token="); pw.println(mCurrentDreamToken);
diff --git a/media/java/android/media/AudioService.java b/media/java/android/media/AudioService.java
index 48d3712..afd2824 100644
--- a/media/java/android/media/AudioService.java
+++ b/media/java/android/media/AudioService.java
@@ -4085,6 +4085,8 @@ public class AudioService extends IAudioService.Stub {
 
     @Override
     protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
+        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.DUMP, TAG);
+
         // TODO probably a lot more to do here than just the audio focus and remote control stacks
         dumpFocusStack(pw);
         dumpRCStack(pw);
diff --git a/packages/SystemUI/src/com/android/systemui/SystemUIService.java b/packages/SystemUI/src/com/android/systemui/SystemUIService.java
index 1ae15be..ae568f8 100644
--- a/packages/SystemUI/src/com/android/systemui/SystemUIService.java
+++ b/packages/SystemUI/src/com/android/systemui/SystemUIService.java
@@ -111,14 +111,6 @@ public class SystemUIService extends Service {
 
     @Override
     protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
-        if (checkCallingOrSelfPermission(android.Manifest.permission.DUMP)
-                != PackageManager.PERMISSION_GRANTED) {
-            pw.println("Permission Denial: can't dump StatusBar from from pid="
-                    + Binder.getCallingPid()
-                    + ", uid=" + Binder.getCallingUid());
-            return;
-        }
-
         if (args == null || args.length == 0) {
             for (SystemUI ui: mServices) {
                 pw.println("dumping service: " + ui.getClass().getName());
diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java
index a0d5beb..a3768c6 100644
--- a/services/java/com/android/server/BackupManagerService.java
+++ b/services/java/com/android/server/BackupManagerService.java
@@ -5714,6 +5714,8 @@ class BackupManagerService extends IBackupManager.Stub {
 
     @Override
     public void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
+        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.DUMP, TAG);
+
         long identityToken = Binder.clearCallingIdentity();
         try {
             dumpInternal(pw);
@@ -5723,16 +5725,6 @@ class BackupManagerService extends IBackupManager.Stub {
     }
 
     private void dumpInternal(PrintWriter pw) {
-        if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.DUMP)
-                != PackageManager.PERMISSION_GRANTED) {
-            pw.println("Permission Denial: can't dump Backup Manager service from from pid="
-                    + Binder.getCallingPid()
-                    + ", uid=" + Binder.getCallingUid()
-                    + " without permission "
-                    + android.Manifest.permission.DUMP);
-            return;
-        }
-
         synchronized (mQueueLock) {
             pw.println("Backup Manager is " + (mEnabled ? "enabled" : "disabled")
                     + " / " + (!mProvisioned ? "not " : "") + "provisioned / "
diff --git a/services/java/com/android/server/CountryDetectorService.java b/services/java/com/android/server/CountryDetectorService.java
index 3112b50..fc76277 100644
--- a/services/java/com/android/server/CountryDetectorService.java
+++ b/services/java/com/android/server/CountryDetectorService.java
@@ -212,6 +212,8 @@ public class CountryDetectorService extends ICountryDetector.Stub implements Run
     @SuppressWarnings("unused")
     @Override
     protected void dump(FileDescriptor fd, PrintWriter fout, String[] args) {
+        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.DUMP, TAG);
+
         if (!DEBUG) return;
         try {
             final Printer p = new PrintWriterPrinter(fout);
diff --git a/services/java/com/android/server/DiskStatsService.java b/services/java/com/android/server/DiskStatsService.java
index 8ef974a..ac25dc5 100644
--- a/services/java/com/android/server/DiskStatsService.java
+++ b/services/java/com/android/server/DiskStatsService.java
@@ -34,6 +34,8 @@ import java.io.PrintWriter;
  * statistics about the status of the disk.
  */
 public class DiskStatsService extends Binder {
+    private static final String TAG = "DiskStatsService";
+
     private final Context mContext;
 
     public DiskStatsService(Context context) {
@@ -42,7 +44,7 @@ public class DiskStatsService extends Binder {
 
     @Override
     protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
-        // This data is accessible to any app -- no permission check needed.
+        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.DUMP, TAG);
 
         // Run a quick-and-dirty performance test: write 512 bytes
         byte[] junk = new byte[512];
diff --git a/services/java/com/android/server/SamplingProfilerService.java b/services/java/com/android/server/SamplingProfilerService.java
index 61267d0..0034d2c 100644
--- a/services/java/com/android/server/SamplingProfilerService.java
+++ b/services/java/com/android/server/SamplingProfilerService.java
@@ -39,9 +39,11 @@ public class SamplingProfilerService extends Binder {
     private static final boolean LOCAL_LOGV = false;
     public static final String SNAPSHOT_DIR = SamplingProfilerIntegration.SNAPSHOT_DIR;
 
+    private final Context mContext;
     private FileObserver snapshotObserver;
 
     public SamplingProfilerService(Context context) {
+        mContext = context;
         registerSettingObserver(context);
         startWorking(context);
     }
@@ -94,6 +96,8 @@ public class SamplingProfilerService extends Binder {
 
     @Override
     protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
+        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.DUMP, TAG);
+
         pw.println("SamplingProfilerService:");
         pw.println("Watching directory: " + SNAPSHOT_DIR);
     }