1/*
2 * Copyright (C) 2023 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17syntax = "proto2";
18
19package android.os.statsd.sdksandbox;
20
21import "frameworks/proto_logging/stats/atom_field_options.proto";
22import "frameworks/proto_logging/stats/atoms.proto";
23
24option java_package = "com.android.os.sdksandbox";
25option java_multiple_files = true;
26
27extend Atom {
28  // Pushed atoms
29  optional SandboxApiCalled sandbox_api_called = 488 [(module) = "sdksandbox"];
30  optional SandboxActivityEventOccurred sandbox_activity_event_occurred = 735
31      [(module) = "sdksandbox", (truncate_timestamp) = true];
32  optional SdkSandboxRestrictedAccessInSession sdk_sandbox_restricted_access_in_session = 796
33      [(module) = "sdksandbox", (truncate_timestamp) = true];
34
35  // Pulled atoms
36  optional SandboxSdkStorage sandbox_sdk_storage = 10159 [(module) = "sdksandbox"];
37}
38
39// Logs when an API call from app to sandbox process is made
40// Next ID: 6
41message SandboxApiCalled {
42  // Next ID: 16
43  enum Method {
44    METHOD_UNSPECIFIED = 0;
45    LOAD_SDK = 1;
46    REQUEST_SURFACE_PACKAGE = 3;
47    // Api used by Apps via SdkSandboxManager
48    GET_SANDBOXED_SDKS = 5;
49    SYNC_DATA_FROM_CLIENT = 6;
50    UNLOAD_SDK = 7;
51    ADD_SDK_SANDBOX_LIFECYCLE_CALLBACK = 8;
52    REMOVE_SDK_SANDBOX_LIFECYCLE_CALLBACK = 9;
53    REGISTER_APP_OWNED_SDK_SANDBOX_INTERFACE = 11;
54    UNREGISTER_APP_OWNED_SDK_SANDBOX_INTERFACE = 12;
55    GET_APP_OWNED_SDK_SANDBOX_INTERFACES = 13;
56    // Api used by SDKs in the sandbox via SdkSandboxController
57    GET_SANDBOXED_SDKS_VIA_CONTROLLER = 10;
58    LOAD_SDK_VIA_CONTROLLER = 14;
59    GET_APP_OWNED_SDK_SANDBOX_INTERFACES_VIA_CONTROLLER = 15;
60
61    LOAD_SANDBOX_AND_SDK = 2 [deprecated = true];
62    SEND_DATA = 4 [deprecated = true];
63  }
64  // The method which was called
65  optional Method method = 1;
66
67  // Next ID: 12
68  enum Stage {
69    STAGE_UNSPECIFIED = 0;
70    APP_TO_SYSTEM_SERVER = 1;
71    SYSTEM_SERVER_APP_TO_SANDBOX = 2;
72    LOAD_SANDBOX = 3;
73    SYSTEM_SERVER_TO_SANDBOX = 4;
74    SANDBOX = 5;
75    SDK = 6;
76    SANDBOX_TO_SYSTEM_SERVER = 7;
77    SYSTEM_SERVER_SANDBOX_TO_APP = 8;
78    SYSTEM_SERVER_TO_APP = 9;
79    TOTAL = 10;
80    TOTAL_WITH_LOAD_SANDBOX = 11;
81  }
82  // The stage at which latency is being measured
83  optional Stage stage = 4;
84
85  // The success status of the call at stage
86  optional bool success = 3;
87
88  //Time taken from the initiation of the API till the callback was received
89  optional int32 latency_millis = 2;
90
91  // Uid of the app that made a call to sandbox
92  optional int32 uid = 5 [(is_uid) = true];
93
94  // Next ID: 7
95  enum ResultCode {
96    RESULT_CODE_UNSPECIFIED = 0;
97    LOAD_SDK_NOT_FOUND = 1;
98    LOAD_SDK_ALREADY_LOADED = 2;
99    LOAD_SDK_SDK_DEFINED_ERROR = 3;
100    LOAD_SDK_SDK_SANDBOX_DISABLED = 4;
101    LOAD_SDK_INTERNAL_ERROR = 5;
102    SDK_SANDBOX_PROCESS_NOT_AVAILABLE = 6;
103  }
104
105  // The result code of the overall call
106  optional ResultCode result_code = 6;
107}
108
109//Logs periodically the storage of SDKs used by the app
110message SandboxSdkStorage {
111
112  // Boolean value to specify if the storage belongs to SDK or is shared
113  optional bool shared = 1;
114
115  // Storage
116  optional int32 storage_kb = 2;
117
118  // Uid of the app that made a call to sandbox
119  optional int32 uid = 3 [(is_uid) = true];
120}
121
122
123/**
124 * Logs latency of API calls related to Sandbox Activity creation.
125 */
126message SandboxActivityEventOccurred {
127  enum Method {
128    STAGE_UNSPECIFIED = 0;
129    // Register/unregister activity handlers APIs
130    REGISTER_SDK_SANDBOX_ACTIVITY_HANDLER = 1;
131    UNREGISTER_SDK_SANDBOX_ACTIVITY_HANDLER = 2;
132    // Putting/removing handlers from the map
133    // Doesn't include repeated/non-existent handlers
134    PUT_SDK_SANDBOX_ACTIVITY_HANDLER = 3;
135    REMOVE_SDK_SANDBOX_SCTIVITY_HANDLER = 4;
136    // Start activity APIs
137    START_SDK_SANDBOX_ACTIVITY = 5;
138    ENFORCE_ALLOWED_TO_HOST_SANDBOXED_ACTIVITY = 6;
139    INTERCEPT_SANDBOX_ACTIVITY = 7;
140    CREATE_SANDBOXED_ACTIVITY = 8;
141    NOTIFY_SDK_ON_ACTIVITY_CREATION = 9;
142    TOTAL = 10;
143  }
144
145  enum CallResult {
146    CALL_RESULT_UNSPECIFIED = 0;
147    SUCCESS = 1;
148    FAILURE = 2;
149    // Validation check-specific failures
150    FAILURE_SECURITY_EXCEPTION = 3;
151    FAILURE_SECURITY_EXCEPTION_NO_SANDBOX_PROCESS = 4;
152    FAILURE_ILLEGAL_ARGUMENT_EXCEPTION = 5;
153  }
154
155  // Sandbox Activity API method that's being called
156  optional Method method = 1;
157
158  // Sandbox Activity API call result
159  optional CallResult call_result = 2;
160
161  // Time taken to complete the call
162  optional int32 latency_millis = 3;
163
164  // Uid of the client app for which the activity is created
165  optional int32 client_uid = 4;
166
167  // Uid of the SDK that's loaded into client's sandbox process and for which the activity is created
168  optional int32 sdk_uid = 5;
169}
170
171message ActivityStartRequest {
172  optional string intent_action = 1;
173  optional int32 access_count = 2;
174}
175
176message RepeatedActivityStartRequest {
177  repeated ActivityStartRequest activity_start_request = 1;
178}
179
180message ContentProviderAccessRequest {
181  optional string authority = 1;
182  optional int32 access_count = 2;
183}
184
185message RepeatedContentProviderAccessRequest {
186  repeated ContentProviderAccessRequest content_provider_access_request = 1;
187}
188
189message BroadcastReceiverRegisterRequest {
190  optional string intent_actions = 1;
191  optional int32 access_count = 2;
192}
193
194message RepeatedBroadcastReceiverRegisterRequest {
195  repeated BroadcastReceiverRegisterRequest broadcast_receiver_register_request = 1;
196}
197
198message ServiceStartOrBindRequest {
199  optional string action = 1;
200  optional string package_name = 2;
201  optional string component_class_name = 3;
202  optional string component_package_name = 4;
203  optional int32 access_count = 5;
204}
205
206message RepeatedServiceStartOrBindRequest {
207  repeated ServiceStartOrBindRequest service_start_or_bind_request = 1;
208}
209
210/**
211 * Logs information around SDKs using ContentProviders, BroadcastReceivers,
212 * Activities, and Services from their allow lists.
213 */
214message SdkSandboxRestrictedAccessInSession {
215  // List of all the SDKs that were loaded in that session
216  repeated string loaded_sdks = 1;
217  // The effective target SDK version
218  optional int32 effective_target_sdk_version = 2;
219  // List of all the ContentProviders that were requested to be accessed
220  optional RepeatedContentProviderAccessRequest content_providers_access_request = 3 [(log_mode) = MODE_BYTES];
221  // List of the broadcastReceivers that were requested to be registered
222  optional RepeatedBroadcastReceiverRegisterRequest broadcast_receivers_register_request = 4 [(log_mode) = MODE_BYTES];
223  // List of all the activities that were requested to be started
224  optional RepeatedActivityStartRequest activities_start_request = 5 [(log_mode) = MODE_BYTES];
225  // List of all the services that were requested to be started or bound
226  optional RepeatedServiceStartOrBindRequest services_start_or_bind_request = 6 [(log_mode) = MODE_BYTES];
227}
228