Loading core/java/android/content/Intent.java +1 −10 Original line number Diff line number Diff line Loading @@ -7720,7 +7720,6 @@ public class Intent implements Parcelable, Cloneable { @IntDef(flag = true, prefix = { "EXTENDED_FLAG_" }, value = { EXTENDED_FLAG_FILTER_MISMATCH, EXTENDED_FLAG_MISSING_CREATOR_OR_INVALID_TOKEN, EXTENDED_FLAG_NESTED_INTENT_KEYS_COLLECTED, }) @Retention(RetentionPolicy.SOURCE) public @interface ExtendedFlags {} Loading @@ -7741,13 +7740,6 @@ public class Intent implements Parcelable, Cloneable { */ public static final int EXTENDED_FLAG_MISSING_CREATOR_OR_INVALID_TOKEN = 1 << 1; /** * This flag indicates this intent called {@link #collectExtraIntentKeys()}. * * @hide */ public static final int EXTENDED_FLAG_NESTED_INTENT_KEYS_COLLECTED = 1 << 2; // --------------------------------------------------------------------- // --------------------------------------------------------------------- // toUri() and parseUri() options. Loading Loading @@ -12336,8 +12328,7 @@ public class Intent implements Parcelable, Cloneable { } private void collectNestedIntentKeysRecur(Set<Intent> visited) { addExtendedFlags(EXTENDED_FLAG_NESTED_INTENT_KEYS_COLLECTED); if (mExtras != null && !mExtras.isEmpty()) { if (mExtras != null && !mExtras.isParcelled() && !mExtras.isEmpty()) { for (String key : mExtras.keySet()) { Object value = mExtras.get(key); Loading core/java/android/security/responsible_apis_flags.aconfig +0 −15 Original line number Diff line number Diff line Loading @@ -95,21 +95,6 @@ flag { is_fixed_read_only: true } flag { name: "prevent_intent_redirect_throw_exception_if_nested_keys_not_collected" namespace: "responsible_apis" description: "Prevent intent redirect attacks by throwing exception if the intent does not collect nested keys" bug: "361143368" } flag { name: "prevent_intent_redirect_collect_nested_keys_on_server_if_not_collected" namespace: "responsible_apis" description: "Prevent intent redirect attacks by collecting nested keys on server if not yet collected" bug: "361143368" is_fixed_read_only: true } flag { name: "enable_intent_matching_flags" is_exported: true Loading services/core/java/com/android/server/am/ActivityManagerService.java +1 −30 Original line number Diff line number Diff line Loading @@ -131,9 +131,6 @@ import static android.provider.Settings.Global.ALWAYS_FINISH_ACTIVITIES; import static android.provider.Settings.Global.DEBUG_APP; import static android.provider.Settings.Global.WAIT_FOR_DEBUGGER; import static android.security.Flags.preventIntentRedirect; import static android.security.Flags.preventIntentRedirectCollectNestedKeysOnServerIfNotCollected; import static android.security.Flags.preventIntentRedirectShowToast; import static android.security.Flags.preventIntentRedirectThrowExceptionIfNestedKeysNotCollected; import static android.util.FeatureFlagUtils.SETTINGS_ENABLE_MONITOR_PHANTOM_PROCS; import static android.view.Display.INVALID_DISPLAY; Loading Loading @@ -390,7 +387,6 @@ import android.view.LayoutInflater; import android.view.View; import android.view.WindowManager; import android.view.autofill.AutofillManagerInternal; import android.widget.Toast; import com.android.internal.annotations.CompositeRWLock; import com.android.internal.annotations.GuardedBy; Loading Loading @@ -441,7 +437,6 @@ import com.android.server.SystemConfig; import com.android.server.SystemService; import com.android.server.SystemServiceManager; import com.android.server.ThreadPriorityBooster; import com.android.server.UiThread; import com.android.server.Watchdog; import com.android.server.am.LowMemDetector.MemFactor; import com.android.server.appop.AppOpsService; Loading Loading @@ -483,7 +478,6 @@ import com.android.server.wm.WindowProcessController; import dalvik.annotation.optimization.NeverCompile; import dalvik.system.VMRuntime; import libcore.util.EmptyArray; import java.io.File; Loading Loading @@ -19319,31 +19313,8 @@ public class ActivityManagerService extends IActivityManager.Stub */ public void addCreatorToken(@Nullable Intent intent, String creatorPackage) { if (!preventIntentRedirect()) return; if (intent == null) return; if ((intent.getExtendedFlags() & Intent.EXTENDED_FLAG_NESTED_INTENT_KEYS_COLLECTED) == 0) { Slog.wtf(TAG, "[IntentRedirect] The intent does not have its nested keys collected as a " + "preparation for creating intent creator tokens. Intent: " + intent + "; creatorPackage: " + creatorPackage); if (preventIntentRedirectShowToast()) { UiThread.getHandler().post( () -> Toast.makeText(mContext, "Nested keys not collected. go/report-bug-intentRedir to report a" + " bug", Toast.LENGTH_LONG).show()); } if (preventIntentRedirectThrowExceptionIfNestedKeysNotCollected()) { // this flag will be internal only, not ramped to public. throw new SecurityException( "The intent does not have its nested keys collected as a preparation for " + "creating intent creator tokens. Intent: " + intent + "; creatorPackage: " + creatorPackage); } if (preventIntentRedirectCollectNestedKeysOnServerIfNotCollected()) { // this flag will be ramped to public. intent.collectExtraIntentKeys(); } } if (intent == null) return; String targetPackage = intent.getComponent() != null ? intent.getComponent().getPackageName() Loading
core/java/android/content/Intent.java +1 −10 Original line number Diff line number Diff line Loading @@ -7720,7 +7720,6 @@ public class Intent implements Parcelable, Cloneable { @IntDef(flag = true, prefix = { "EXTENDED_FLAG_" }, value = { EXTENDED_FLAG_FILTER_MISMATCH, EXTENDED_FLAG_MISSING_CREATOR_OR_INVALID_TOKEN, EXTENDED_FLAG_NESTED_INTENT_KEYS_COLLECTED, }) @Retention(RetentionPolicy.SOURCE) public @interface ExtendedFlags {} Loading @@ -7741,13 +7740,6 @@ public class Intent implements Parcelable, Cloneable { */ public static final int EXTENDED_FLAG_MISSING_CREATOR_OR_INVALID_TOKEN = 1 << 1; /** * This flag indicates this intent called {@link #collectExtraIntentKeys()}. * * @hide */ public static final int EXTENDED_FLAG_NESTED_INTENT_KEYS_COLLECTED = 1 << 2; // --------------------------------------------------------------------- // --------------------------------------------------------------------- // toUri() and parseUri() options. Loading Loading @@ -12336,8 +12328,7 @@ public class Intent implements Parcelable, Cloneable { } private void collectNestedIntentKeysRecur(Set<Intent> visited) { addExtendedFlags(EXTENDED_FLAG_NESTED_INTENT_KEYS_COLLECTED); if (mExtras != null && !mExtras.isEmpty()) { if (mExtras != null && !mExtras.isParcelled() && !mExtras.isEmpty()) { for (String key : mExtras.keySet()) { Object value = mExtras.get(key); Loading
core/java/android/security/responsible_apis_flags.aconfig +0 −15 Original line number Diff line number Diff line Loading @@ -95,21 +95,6 @@ flag { is_fixed_read_only: true } flag { name: "prevent_intent_redirect_throw_exception_if_nested_keys_not_collected" namespace: "responsible_apis" description: "Prevent intent redirect attacks by throwing exception if the intent does not collect nested keys" bug: "361143368" } flag { name: "prevent_intent_redirect_collect_nested_keys_on_server_if_not_collected" namespace: "responsible_apis" description: "Prevent intent redirect attacks by collecting nested keys on server if not yet collected" bug: "361143368" is_fixed_read_only: true } flag { name: "enable_intent_matching_flags" is_exported: true Loading
services/core/java/com/android/server/am/ActivityManagerService.java +1 −30 Original line number Diff line number Diff line Loading @@ -131,9 +131,6 @@ import static android.provider.Settings.Global.ALWAYS_FINISH_ACTIVITIES; import static android.provider.Settings.Global.DEBUG_APP; import static android.provider.Settings.Global.WAIT_FOR_DEBUGGER; import static android.security.Flags.preventIntentRedirect; import static android.security.Flags.preventIntentRedirectCollectNestedKeysOnServerIfNotCollected; import static android.security.Flags.preventIntentRedirectShowToast; import static android.security.Flags.preventIntentRedirectThrowExceptionIfNestedKeysNotCollected; import static android.util.FeatureFlagUtils.SETTINGS_ENABLE_MONITOR_PHANTOM_PROCS; import static android.view.Display.INVALID_DISPLAY; Loading Loading @@ -390,7 +387,6 @@ import android.view.LayoutInflater; import android.view.View; import android.view.WindowManager; import android.view.autofill.AutofillManagerInternal; import android.widget.Toast; import com.android.internal.annotations.CompositeRWLock; import com.android.internal.annotations.GuardedBy; Loading Loading @@ -441,7 +437,6 @@ import com.android.server.SystemConfig; import com.android.server.SystemService; import com.android.server.SystemServiceManager; import com.android.server.ThreadPriorityBooster; import com.android.server.UiThread; import com.android.server.Watchdog; import com.android.server.am.LowMemDetector.MemFactor; import com.android.server.appop.AppOpsService; Loading Loading @@ -483,7 +478,6 @@ import com.android.server.wm.WindowProcessController; import dalvik.annotation.optimization.NeverCompile; import dalvik.system.VMRuntime; import libcore.util.EmptyArray; import java.io.File; Loading Loading @@ -19319,31 +19313,8 @@ public class ActivityManagerService extends IActivityManager.Stub */ public void addCreatorToken(@Nullable Intent intent, String creatorPackage) { if (!preventIntentRedirect()) return; if (intent == null) return; if ((intent.getExtendedFlags() & Intent.EXTENDED_FLAG_NESTED_INTENT_KEYS_COLLECTED) == 0) { Slog.wtf(TAG, "[IntentRedirect] The intent does not have its nested keys collected as a " + "preparation for creating intent creator tokens. Intent: " + intent + "; creatorPackage: " + creatorPackage); if (preventIntentRedirectShowToast()) { UiThread.getHandler().post( () -> Toast.makeText(mContext, "Nested keys not collected. go/report-bug-intentRedir to report a" + " bug", Toast.LENGTH_LONG).show()); } if (preventIntentRedirectThrowExceptionIfNestedKeysNotCollected()) { // this flag will be internal only, not ramped to public. throw new SecurityException( "The intent does not have its nested keys collected as a preparation for " + "creating intent creator tokens. Intent: " + intent + "; creatorPackage: " + creatorPackage); } if (preventIntentRedirectCollectNestedKeysOnServerIfNotCollected()) { // this flag will be ramped to public. intent.collectExtraIntentKeys(); } } if (intent == null) return; String targetPackage = intent.getComponent() != null ? intent.getComponent().getPackageName()
