Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0a826908 authored by Christopher Tate's avatar Christopher Tate Committed by Chris Tate
Browse files

Guard pre-O apps from malicious startForegroundService() 

Don't enforce the startForegroundService() requirement to transition to
foreground when the app hosting the service doesn't yet target the API
level at which this semantic was introduced.

Bug: 79377529
Test: manual (ApiDemos is pre-O)
Test: atest CtsAndroidAppTestCases
Change-Id: Ib0b970211d4ee6a86e22c89aff47b05403907ed5
parent 3ec17d31

services/core/java/com/android/server/am/ActiveServices.java

+12 −0
Original line number Diff line number Diff line
@@ -501,6 +501,18 @@ public final class ActiveServices { 
            }

        }



        // At this point we've applied allowed-to-start policy based on whether this was

        // an ordinary startService() or a startForegroundService().  Now, only require that

        // the app follow through on the startForegroundService() -> startForeground()

        // contract if it actually targets O+.

        if (r.appInfo.targetSdkVersion < Build.VERSION_CODES.O && fgRequired) {

            if (DEBUG_BACKGROUND_CHECK || DEBUG_FOREGROUND_SERVICE) {

                Slog.i(TAG, "startForegroundService() but host targets "

                        + r.appInfo.targetSdkVersion + " - not requiring startForeground()");

            }

            fgRequired = false;

        }



        NeededUriGrants neededGrants = mAm.checkGrantUriPermissionFromIntentLocked(

                callingUid, r.packageName, service, service.getFlags(), null, r.userId);