cmds/incidentd/src/PrivacyFilter.h - platform/frameworks/base - Git at Google

 /*
  * Copyright (C) 2017 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 #pragma once

 #ifndef PRIVACY_BUFFER_H
 #define PRIVACY_BUFFER_H

 #include "Privacy.h"

 #include "FdBuffer.h"

 #include <android/os/IncidentReportArgs.h>
 #include <android/util/ProtoOutputStream.h>
 #include <stdint.h>
 #include <utils/Errors.h>

 namespace android {
 namespace os {
 namespace incidentd {

 using namespace android::util;

 /**
  * Class to wrap a file descriptor, so callers of PrivacyFilter
  * can associate additional data with each fd for their own
  * purposes.
  */
 class FilterFd : public RefBase {
 public:
     FilterFd(uint8_t privacyPolicy, int fd);
     virtual ~FilterFd();

     uint8_t getPrivacyPolicy() const { return mPrivacyPolicy; }
     int getFd() { return mFd;}

     virtual void onWriteError(status_t err) = 0;

 private:
     uint8_t mPrivacyPolicy;
     int mFd;
 };

 /**
  * PrivacyFilter holds the original protobuf data and strips PII-sensitive fields
  * for several requests, streaming them to a set of corresponding file descriptors.
  */
 class PrivacyFilter {
 public:
     /**
      * Constructor, with the field --> privacy restrictions mapping.
      */
     PrivacyFilter(int sectionId, const Privacy* restrictions);

     ~PrivacyFilter();

     /**
      * Add a target file descriptor, and the privacy policy to which
      * it should be filtered.
      */
     void addFd(const sp<FilterFd>& output);

     /**
      * Write the data, filtered according to the privacy specs, to each of the
      * file descriptors.  Any non-NO_ERROR return codes are fatal to the whole
      * report.  Individual write errors to streams are reported via the callbacks
      * on the FilterFds.
      *
      * If maxSize is not NULL, it will be set to the maximum size buffer that
      * was written (i.e. after filtering).
      *
      * The buffer is assumed to have already been filtered to bufferLevel.
      */
     status_t writeData(const FdBuffer& buffer, uint8_t bufferLevel, size_t* maxSize);

 private:
     int mSectionId;
     const Privacy* mRestrictions;
     vector<sp<FilterFd>> mOutputs;
 };

 status_t filter_and_write_report(int to, int from, uint8_t bufferLevel,
         const IncidentReportArgs& args);

 }  // namespace incidentd
 }  // namespace os
 }  // namespace android

 #endif  // PRIVACY_BUFFER_H
	/*
	* Copyright (C) 2017 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	#pragma once

	#ifndef PRIVACY_BUFFER_H
	#define PRIVACY_BUFFER_H

	#include "Privacy.h"

	#include "FdBuffer.h"

	#include <android/os/IncidentReportArgs.h>
	#include <android/util/ProtoOutputStream.h>
	#include <stdint.h>
	#include <utils/Errors.h>

	namespace android {
	namespace os {
	namespace incidentd {

	using namespace android::util;

	/**
	* Class to wrap a file descriptor, so callers of PrivacyFilter
	* can associate additional data with each fd for their own
	* purposes.
	*/
	class FilterFd : public RefBase {
	public:
	FilterFd(uint8_t privacyPolicy, int fd);
	virtual ~FilterFd();

	uint8_t getPrivacyPolicy() const { return mPrivacyPolicy; }
	int getFd() { return mFd;}

	virtual void onWriteError(status_t err) = 0;

	private:
	uint8_t mPrivacyPolicy;
	int mFd;
	};

	/**
	* PrivacyFilter holds the original protobuf data and strips PII-sensitive fields
	* for several requests, streaming them to a set of corresponding file descriptors.
	*/
	class PrivacyFilter {
	public:
	/**
	* Constructor, with the field --> privacy restrictions mapping.
	*/
	PrivacyFilter(int sectionId, const Privacy* restrictions);

	~PrivacyFilter();

	/**
	* Add a target file descriptor, and the privacy policy to which
	* it should be filtered.
	*/
	void addFd(const sp<FilterFd>& output);

	/**
	* Write the data, filtered according to the privacy specs, to each of the
	* file descriptors. Any non-NO_ERROR return codes are fatal to the whole
	* report. Individual write errors to streams are reported via the callbacks
	* on the FilterFds.
	*
	* If maxSize is not NULL, it will be set to the maximum size buffer that
	* was written (i.e. after filtering).
	*
	* The buffer is assumed to have already been filtered to bufferLevel.
	*/
	status_t writeData(const FdBuffer& buffer, uint8_t bufferLevel, size_t* maxSize);

	private:
	int mSectionId;
	const Privacy* mRestrictions;
	vector<sp<FilterFd>> mOutputs;
	};

	status_t filter_and_write_report(int to, int from, uint8_t bufferLevel,
	const IncidentReportArgs& args);

	} // namespace incidentd
	} // namespace os
	} // namespace android

	#endif // PRIVACY_BUFFER_H