Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 15360dfe authored by Gabriele M's avatar Gabriele M
Browse files

Always hide protected apps from the recent tasks list 

If a protected app is started by a protected component manager, it
will be available in the recent tasks list. This allows to bypass
the protection since restarting an app from recents doesn't require
authentication. Fix this changing the flags of the activity so that
it's never added to the recent tasks list.

This change also ensures that apps don't add entries to the recent
tasks list: a protected component that starts a new instance of
itself it's treated like a protected component manager and therefore
its entries are not removed from the recent tasks list.

Change-Id: Ib44b392cc9c27ec2b7c8f16735c38ee45011be3e
parent c7589f7f

services/core/java/com/android/server/am/ActivityStarter.java

+34 −1
Original line number Diff line number Diff line
@@ -277,7 +277,7 @@ class ActivityStarter { 
            }

        }



        final int launchFlags = intent.getFlags();

        int launchFlags = intent.getFlags();



        if ((launchFlags & Intent.FLAG_ACTIVITY_FORWARD_RESULT) != 0 && sourceRecord != null) {

            // Transfer the result target from the source activity to the new
@@ -386,6 +386,16 @@ class ActivityStarter { 
            }

        }



        try {

            if (shouldExcludeFromRecents(intent, userId)) {

                launchFlags |= FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS;

                intent.setFlags(launchFlags);

            }

        } catch (RemoteException e) {

            Slog.w(TAG, "Failure checking protected apps status", e);

            err = ActivityManager.START_PROTECTED_APP;

        }



        final ActivityStack resultStack = resultRecord == null ? null : resultRecord.task.stack;



        if (err != START_SUCCESS) {
@@ -816,6 +826,15 @@ class ActivityStarter { 
                e.printStackTrace();

            }



            try {

                if (shouldExcludeFromRecents(intent, userId)) {

                    startFlags |= FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS;

                    intent.setFlags(startFlags);

                }

            } catch (RemoteException e) {

                Slog.w(TAG, "Failure checking protected apps status", e);

            }



            final int realCallingPid = Binder.getCallingPid();

            final int realCallingUid = Binder.getCallingUid();

            int callingPid;
@@ -1100,6 +1119,14 @@ class ActivityStarter { 
            e.printStackTrace();

        }



        try {

            if (shouldExcludeFromRecents(r.intent, r.userId)) {

                mLaunchFlags |= FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS;

            }

        } catch (RemoteException e) {

            Slog.w(TAG, "Failure checking protected apps status", e);

        }



        computeLaunchingTaskFlags();



        computeSourceStack();
@@ -2161,4 +2188,10 @@ class ActivityStarter { 
            }

        }

    }



    private boolean shouldExcludeFromRecents(final Intent intent, final int userId)

            throws RemoteException {

        return AppGlobals.getPackageManager().isComponentProtected(

                null, -1, intent.getComponent(), userId);

    }

}