Bug: 21589105 Rescoping SYSTEM_ALERT_WINDOW... (060275ff) · Commits · e / os / android_frameworks_base

core/java/android/app/AppOpsManager.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -765,7 +765,7 @@ public class AppOpsManager {
		AppOpsManager.MODE_ALLOWED,
		AppOpsManager.MODE_ALLOWED,
		AppOpsManager.MODE_ALLOWED,
		AppOpsManager.MODE_ALLOWED,
		AppOpsManager.MODE_DEFAULT, // OP_SYSTEM_ALERT_WINDOW
		AppOpsManager.MODE_ALLOWED,
		AppOpsManager.MODE_ALLOWED,
		AppOpsManager.MODE_ALLOWED,

services/core/java/com/android/server/policy/PhoneWindowManager.java

+20 −7

Original line number	Diff line number	Diff line
		@@ -123,6 +123,7 @@ import java.io.File;
		import java.io.FileReader;
		import java.io.IOException;
		import java.io.PrintWriter;
		import java.util.Arrays;
		import java.util.HashSet;
		import java.util.List;

		@@ -1827,21 +1828,33 @@ public class PhoneWindowManager implements WindowManagerPolicy {
		if (permission != null) {
		if (permission == android.Manifest.permission.SYSTEM_ALERT_WINDOW) {
		final int callingUid = Binder.getCallingUid();
		// check if this is a system uid first before bothering with
		// obtaining package name
		// system processes will be automatically allowed privilege to draw
		if (callingUid == Process.SYSTEM_UID) {
		return WindowManagerGlobal.ADD_OKAY;
		}

		// check if user has enabled this operation. SecurityException will be thrown if
		// this app has not been allowed by the user
		final int mode = mAppOpsManager.checkOp(outAppOp[0], callingUid,
		attrs.packageName);
		if (mode == AppOpsManager.MODE_DEFAULT) {
		switch (mode) {
		case AppOpsManager.MODE_ALLOWED:
		case AppOpsManager.MODE_IGNORED:
		// although we return ADD_OKAY for MODE_IGNORED, the added window will
		// actually be hidden in WindowManagerService
		return WindowManagerGlobal.ADD_OKAY;
		case AppOpsManager.MODE_ERRORED:
		return WindowManagerGlobal.ADD_PERMISSION_DENIED;
		default:
		// in the default mode, we will make a decision here based on
		// checkCallingPermission()
		if (mContext.checkCallingPermission(permission) !=
		PackageManager.PERMISSION_GRANTED) {
		return WindowManagerGlobal.ADD_PERMISSION_DENIED;
		} else {
		return WindowManagerGlobal.ADD_OKAY;
		}
		}
		return WindowManagerGlobal.ADD_OKAY;
		}

		if (mContext.checkCallingOrSelfPermission(permission)

services/core/java/com/android/server/wm/WindowManagerService.java

+6 −3

Original line number	Diff line number	Diff line
		@@ -2543,8 +2543,10 @@ public class WindowManagerService extends IWindowManager.Stub
		win.attach();
		mWindowMap.put(client.asBinder(), win);
		if (win.mAppOp != AppOpsManager.OP_NONE) {
		if (mAppOps.startOpNoThrow(win.mAppOp, win.getOwningUid(), win.getOwningPackage())
		!= AppOpsManager.MODE_ALLOWED) {
		int startOpResult = mAppOps.startOpNoThrow(win.mAppOp, win.getOwningUid(),
		win.getOwningPackage());
		if ((startOpResult != AppOpsManager.MODE_ALLOWED) &&
		(startOpResult != AppOpsManager.MODE_DEFAULT)) {
		win.setAppOpVisibilityLw(false);
		}
		}
		@@ -2899,7 +2901,8 @@ public class WindowManagerService extends IWindowManager.Stub
		if (win.mAppOp != AppOpsManager.OP_NONE) {
		final int mode = mAppOps.checkOpNoThrow(win.mAppOp, win.getOwningUid(),
		win.getOwningPackage());
		win.setAppOpVisibilityLw(mode == AppOpsManager.MODE_ALLOWED);
		win.setAppOpVisibilityLw(mode == AppOpsManager.MODE_ALLOWED \|\|
		mode == AppOpsManager.MODE_DEFAULT);
		}
		}
		}