From 99750cdad043f627ad4d5d99adb992a8771b70e2 Mon Sep 17 00:00:00 2001 From: Tianshi Liu Date: Sun, 17 Nov 2024 09:23:05 +0800 Subject: [PATCH] add big data for no screen ublock after systemui unlock Change-Id: Id35544b5a2975f2ebbe797b154b8099718a8675f Signed-off-by: Tianshi Liu --- .../common/dfx/inc/hisysevent_adapter.h | 7 ++ .../common/dfx/src/hisysevent_adapter.cpp | 13 +++ hisysevent.yaml | 7 +- services/context/BUILD.gn | 1 + .../inc/screen_unlock_after_auth_monitor.h | 59 ++++++++++++ .../context/src/keyguard_status_listener.cpp | 2 + .../src/screen_unlock_after_auth_monitor.cpp | 96 +++++++++++++++++++ services/context/src/simple_auth_context.cpp | 7 ++ test/fuzztest/common_fuzzer/BUILD.gn | 1 + test/unittest/services/BUILD.gn | 1 + 10 files changed, 193 insertions(+), 1 deletion(-) create mode 100644 services/context/inc/screen_unlock_after_auth_monitor.h create mode 100644 services/context/src/screen_unlock_after_auth_monitor.cpp diff --git a/frameworks/native/common/dfx/inc/hisysevent_adapter.h b/frameworks/native/common/dfx/inc/hisysevent_adapter.h index 27cc37f92..205f925ae 100644 --- a/frameworks/native/common/dfx/inc/hisysevent_adapter.h +++ b/frameworks/native/common/dfx/inc/hisysevent_adapter.h @@ -104,6 +104,12 @@ struct RemoteConnectFaultTrace { bool ack = false; }; +struct ReportAuthSuccessNoUnlockTrace { + int32_t userId = 0; + int32_t authType = 0; + std::string receiveResultTime; +}; + void ReportSystemFault(const std::string &timeString, const std::string &moduleName); void ReportSecurityTemplateChange(const TemplateChangeTrace &info); void ReportBehaviorCredManager(const UserCredManagerTrace &info); @@ -113,6 +119,7 @@ void ReportSecurityUserAuthFwk(const UserAuthFwkTrace &info); void ReportRemoteExecuteProc(const RemoteExecuteTrace &info); void ReportRemoteConnectOpen(const RemoteConnectOpenTrace &info); void ReportConnectFaultTrace(const RemoteConnectFaultTrace &info); +void ReportAuthSuccessNoUnlock(const ReportAuthSuccessNoUnlockTrace &info); } // namespace UserAuth } // namespace UserIam } // namespace OHOS diff --git a/frameworks/native/common/dfx/src/hisysevent_adapter.cpp b/frameworks/native/common/dfx/src/hisysevent_adapter.cpp index fb12e5240..fbe1022bd 100644 --- a/frameworks/native/common/dfx/src/hisysevent_adapter.cpp +++ b/frameworks/native/common/dfx/src/hisysevent_adapter.cpp @@ -217,6 +217,19 @@ void ReportConnectFaultTrace(const RemoteConnectFaultTrace &info) << ", msgType:" << info.msgType << ", messageSeq" << "ack:" << info.ack; ReportSystemFault(Common::GetNowTimeString(), ss.str()); } + +void ReportAuthSuccessNoUnlock(const ReportAuthSuccessNoUnlockTrace &info) +{ + std::string operationTime = Common::GetNowTimeString(); + int32_t ret = HiSysEventWrite(HiSysEvent::Domain::USERIAM_FWK, "USERIAM_AUTH_SUCCESS_NO_UNLOCK", + HiSysEvent::EventType::FAULT, + STR_OPERATION_TIME, info.receiveResultTime, + STR_USER_ID, info.userId, + STR_AUTH_TYPE, info.authType); + if (ret != 0) { + IAM_LOGE("hisysevent write failed! ret %{public}d", ret); + } +} } // namespace UserAuth } // namespace UserIam } // namespace OHOS \ No newline at end of file diff --git a/hisysevent.yaml b/hisysevent.yaml index 2f73c5155..dd538d68a 100644 --- a/hisysevent.yaml +++ b/hisysevent.yaml @@ -96,4 +96,9 @@ USERIAM_REMOTE_CONNECT: TIME_SPAN: {type: UINT64, desc: time span} NETWORK_ID: {type: STRING, desc: network id} SOCKET_ID: {type: STRING, desc: socket id} - \ No newline at end of file + +USERIAM_AUTH_SUCCESS_NO_UNLOCK: + __BASE: {type: FAULT, level: CRITICAL, tag: UserAuth, desc: user auth success no unlock message} + OPERATION_TIME: {type: STRING, desc: operation time} + USER_ID: {type: INT32, desc: user id} + AUTH_TYPE: {type: INT32, desc: auth type} \ No newline at end of file diff --git a/services/context/BUILD.gn b/services/context/BUILD.gn index 9e73571d3..bcd4bbe58 100644 --- a/services/context/BUILD.gn +++ b/services/context/BUILD.gn @@ -53,6 +53,7 @@ ohos_source_set("userauth_service_context") { "src/remote_executor_stub.cpp", "src/remote_iam_callback.cpp", "src/schedule_holder_context.cpp", + "src/screen_unlock_after_auth_monitor.cpp", "src/simple_auth_context.cpp", "src/trace.cpp", "src/ui_extension_ability_connection.cpp", diff --git a/services/context/inc/screen_unlock_after_auth_monitor.h b/services/context/inc/screen_unlock_after_auth_monitor.h new file mode 100644 index 000000000..1daa297d3 --- /dev/null +++ b/services/context/inc/screen_unlock_after_auth_monitor.h @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SCREEN_UNLOCK_AFTER_AUTH_MONITOR_H +#define SCREEN_UNLOCK_AFTER_AUTH_MONITOR_H + +#include +#include +#include + +#include "nocopyable.h" + +#include "iam_common_defines.h" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +using time_point = std::chrono::steady_clock::time_point; + +struct AuthSuccessData { + int32_t userId; + int32_t authType; + std::string authSuccessTime; +}; + +class ScreenUnlockAfterAuthMonitor : public NoCopyable { +public: + static ScreenUnlockAfterAuthMonitor &GetInstance(); + + void OnScreenUnlocked(); + void OnAuthSuccess(const AuthSuccessData &data); + void OnTimeOut(); + +private: + ScreenUnlockAfterAuthMonitor() = default; + ~ScreenUnlockAfterAuthMonitor() override = default; + + std::recursive_mutex mutex_; + std::optional screenUnlockedTime_ = std::nullopt; + std::optional timerId_ = std::nullopt; + std::vector authSuccessData_; +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + +#endif // SCREEN_UNLOCK_AFTER_AUTH_MONITOR_H \ No newline at end of file diff --git a/services/context/src/keyguard_status_listener.cpp b/services/context/src/keyguard_status_listener.cpp index 017208213..b8ebd68c6 100644 --- a/services/context/src/keyguard_status_listener.cpp +++ b/services/context/src/keyguard_status_listener.cpp @@ -19,6 +19,7 @@ #include "common_event_subscribe_info.h" #include "iam_logger.h" #include "matching_skills.h" +#include "screen_unlock_after_auth_monitor.h" #include "singleton.h" #include "want.h" @@ -125,6 +126,7 @@ void KeyguardStatusListener::OnReceiveEvent(const OHOS::EventFwk::CommonEventDat ContextAppStateObserverManager::GetInstance().SetScreenLockState(true); } else if (action == EventFwk::CommonEventSupport::COMMON_EVENT_SCREEN_UNLOCKED) { ContextAppStateObserverManager::GetInstance().SetScreenLockState(false); + ScreenUnlockAfterAuthMonitor::GetInstance().OnScreenUnlocked(); } }; } // namespace UserAuth diff --git a/services/context/src/screen_unlock_after_auth_monitor.cpp b/services/context/src/screen_unlock_after_auth_monitor.cpp new file mode 100644 index 000000000..86ce578f6 --- /dev/null +++ b/services/context/src/screen_unlock_after_auth_monitor.cpp @@ -0,0 +1,96 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "screen_unlock_after_auth_monitor.h" + +#include "iam_check.h" +#include "iam_logger.h" +#include "relative_timer.h" +#include "hisysevent_adapter.h" + +#define LOG_TAG "USER_AUTH_SA" + +using namespace std::chrono; + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +ScreenUnlockAfterAuthMonitor &ScreenUnlockAfterAuthMonitor::GetInstance() +{ + static ScreenUnlockAfterAuthMonitor instance; + return instance; +} + +void ScreenUnlockAfterAuthMonitor::OnScreenUnlocked() +{ + IAM_LOGI("start"); + std::lock_guard lock(mutex_); + authSuccessData_.clear(); + screenUnlockedTime_ = steady_clock::now(); + if (timerId_.has_value()) { + RelativeTimer::GetInstance().Unregister(timerId_.value()); + timerId_ = std::nullopt; + } +} + +void ScreenUnlockAfterAuthMonitor::OnAuthSuccess(const AuthSuccessData &data) +{ + const int32_t SCREEN_UNLOCK_BEFORE_AUTH_TIME_LIMIT = 3000; // 3s + const int32_t SCREEN_UNLOCK_AFTER_AUTH_TIME_LIMIT = 3000; // 3s + + if (data.authType == FACE) { + return; + } + + std::lock_guard lock(mutex_); + + if (screenUnlockedTime_.has_value() && + (steady_clock::now() - screenUnlockedTime_.value() < milliseconds(SCREEN_UNLOCK_BEFORE_AUTH_TIME_LIMIT))) { + IAM_LOGI("screen unlocked before auth success, ignore"); + return; + } + + authSuccessData_.push_back(data); + IAM_LOGI("record auth success userId: %{public}d, authType: %{public}d", data.userId, data.authType); + if (!timerId_.has_value()) { + timerId_ = RelativeTimer::GetInstance().Register([this]() { OnTimeOut(); }, + SCREEN_UNLOCK_AFTER_AUTH_TIME_LIMIT); + } +} + +void ScreenUnlockAfterAuthMonitor::OnTimeOut() +{ + IAM_LOGI("start"); + std::lock_guard lock(mutex_); + if (authSuccessData_.empty()) { + IAM_LOGI("authSuccessData_ is empty"); + return; + } + + IAM_LOGE("screen not unlocked after auth success, auth success num %{public}zu", authSuccessData_.size()); + for (const auto &data : authSuccessData_) { + ReportAuthSuccessNoUnlockTrace trace = { + .userId = data.userId, + .authType = data.authType, + .receiveResultTime = data.authSuccessTime, + }; + ReportAuthSuccessNoUnlock(trace); + } + authSuccessData_.clear(); + timerId_ = std::nullopt; +} +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS \ No newline at end of file diff --git a/services/context/src/simple_auth_context.cpp b/services/context/src/simple_auth_context.cpp index 4326c3867..30ed50a2f 100644 --- a/services/context/src/simple_auth_context.cpp +++ b/services/context/src/simple_auth_context.cpp @@ -21,10 +21,12 @@ #include "iam_check.h" #include "iam_logger.h" #include "iam_para2str.h" +#include "iam_time.h" #include "resource_node.h" #include "resource_node_utils.h" #include "schedule_node.h" #include "schedule_node_callback.h" +#include "screen_unlock_after_auth_monitor.h" #define LOG_TAG "USER_AUTH_SA" namespace OHOS { @@ -143,6 +145,7 @@ bool SimpleAuthContext::OnStart() void SimpleAuthContext::OnResult(int32_t resultCode, const std::shared_ptr &scheduleResultAttr) { + const std::string SYSTEM_UI_CALLER_NAME = "com.ohos.sceneboard"; IAM_LOGI("%{public}s receive result code %{public}d", GetDescription(), resultCode); Authentication::AuthResultInfo resultInfo = {}; bool updateRet = UpdateScheduleResult(scheduleResultAttr, resultInfo); @@ -158,6 +161,10 @@ void SimpleAuthContext::OnResult(int32_t resultCode, const std::shared_ptr