Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1ac1ad28 authored by Gavin Corkery's avatar Gavin Corkery
Browse files

Make SDK sandbox BAL check multi-user aware 

The existing logic does not work for multi-user apps, as the
BAL logic checks whether the user 0 app uid has an active
visible window. Instead, use the multi-user uid for this check.

Test: Manual
Test: atest ActivityStarterTests
Bug: 287476371
Change-Id: I2e2bffb4c38ad43d50f48fa71345d9b7bb605272
Merged-In: I2e2bffb4c38ad43d50f48fa71345d9b7bb605272
parent 4a30c1d2

services/core/java/com/android/server/wm/BackgroundActivityStartController.java

+1 −1
Original line number Original line Diff line number Diff line
@@ -279,7 +279,7 @@ public class BackgroundActivityStartController { 
        // visible window.

        // visible window.

        if (Process.isSdkSandboxUid(realCallingUid)) {

        if (Process.isSdkSandboxUid(realCallingUid)) {

            int realCallingSdkSandboxUidToAppUid =

            int realCallingSdkSandboxUidToAppUid =

                    Process.getAppUidForSdkSandboxUid(UserHandle.getAppId(realCallingUid));

                    Process.getAppUidForSdkSandboxUid(realCallingUid);





            if (mService.hasActiveVisibleWindow(realCallingSdkSandboxUidToAppUid)) {

            if (mService.hasActiveVisibleWindow(realCallingSdkSandboxUidToAppUid)) {

                return logStartAllowedAndReturnCode(BAL_ALLOW_SDK_SANDBOX,

                return logStartAllowedAndReturnCode(BAL_ALLOW_SDK_SANDBOX,

services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java

+46 −1
Original line number Original line Diff line number Diff line
@@ -74,7 +74,6 @@ import static org.junit.Assert.assertFalse; 
import static org.junit.Assert.assertNotEquals;

import static org.junit.Assert.assertNotEquals;

import static org.junit.Assert.assertNotNull;

import static org.junit.Assert.assertNotNull;

import static org.junit.Assert.assertNull;

import static org.junit.Assert.assertNull;

import static org.junit.Assert.assertThat;

import static org.junit.Assert.assertTrue;

import static org.junit.Assert.assertTrue;

import static org.mockito.ArgumentMatchers.any;

import static org.mockito.ArgumentMatchers.any;

import static org.mockito.ArgumentMatchers.anyBoolean;

import static org.mockito.ArgumentMatchers.anyBoolean;
@@ -103,6 +102,7 @@ import android.os.Binder; 
import android.os.IBinder;

import android.os.IBinder;

import android.os.Process;

import android.os.Process;

import android.os.RemoteException;

import android.os.RemoteException;

import android.os.UserHandle;

import android.platform.test.annotations.Presubmit;

import android.platform.test.annotations.Presubmit;

import android.provider.DeviceConfig;

import android.provider.DeviceConfig;

import android.service.voice.IVoiceInteractionSession;

import android.service.voice.IVoiceInteractionSession;
@@ -159,6 +159,9 @@ public class ActivityStarterTests extends WindowTestsBase { 
    private static final String FAKE_CALLING_PACKAGE = "com.whatever.dude";

    private static final String FAKE_CALLING_PACKAGE = "com.whatever.dude";

    private static final int UNIMPORTANT_UID = 12345;

    private static final int UNIMPORTANT_UID = 12345;

    private static final int UNIMPORTANT_UID2 = 12346;

    private static final int UNIMPORTANT_UID2 = 12346;

    private static final int SDK_SANDBOX_UID = Process.toSdkSandboxUid(UNIMPORTANT_UID);

    private static final int SECONDARY_USER_SDK_SANDBOX_UID =

            UserHandle.getUid(10, SDK_SANDBOX_UID);

    private static final int CURRENT_IME_UID = 12347;

    private static final int CURRENT_IME_UID = 12347;





    protected final DeviceConfigStateHelper mDeviceConfig = new DeviceConfigStateHelper(

    protected final DeviceConfigStateHelper mDeviceConfig = new DeviceConfigStateHelper(
@@ -958,6 +961,48 @@ public class ActivityStarterTests extends WindowTestsBase { 
        mockingSession.finishMocking();

        mockingSession.finishMocking();

    }

    }







    @Test

    public void testBackgroundActivityStartsAllowed_sdkSandboxClientAppHasVisibleWindow() {

        doReturn(false).when(mAtm).isBackgroundActivityStartsEnabled();

        // The SDK's associated client app has a visible window

        doReturn(true).when(mAtm).hasActiveVisibleWindow(

                Process.getAppUidForSdkSandboxUid(SDK_SANDBOX_UID));

        runAndVerifyBackgroundActivityStartsSubtest(

                "allowed_sdkSandboxClientAppHasVisibleWindow", false, SDK_SANDBOX_UID,

                false, PROCESS_STATE_TOP, SDK_SANDBOX_UID, false,

                PROCESS_STATE_TOP, true, false, false,

                false, false, false, false, false);

    }



    @Test

    public void testBackgroundActivityStartsDisallowed_sdkSandboxClientHasNoVisibleWindow() {

        doReturn(false).when(mAtm).isBackgroundActivityStartsEnabled();

        // The SDK's associated client app does not have a visible window

        doReturn(false).when(mAtm).hasActiveVisibleWindow(

                Process.getAppUidForSdkSandboxUid(SDK_SANDBOX_UID));

        runAndVerifyBackgroundActivityStartsSubtest(

                "disallowed_sdkSandboxClientHasNoVisibleWindow", true, SDK_SANDBOX_UID,

                false, PROCESS_STATE_TOP, SDK_SANDBOX_UID, false,

                PROCESS_STATE_TOP, true, false, false,

                false, false, false, false, false);



    }



    @Test

    public void testBackgroundActivityStartsAllowed_sdkSandboxMultiUserClientHasVisibleWindow() {

        doReturn(false).when(mAtm).isBackgroundActivityStartsEnabled();

        // The SDK's associated client app has a visible window

        doReturn(true).when(mAtm).hasActiveVisibleWindow(

                Process.getAppUidForSdkSandboxUid(SECONDARY_USER_SDK_SANDBOX_UID));

        runAndVerifyBackgroundActivityStartsSubtest(

                "allowed_sdkSandboxMultiUserClientHasVisibleWindow", false,

                SECONDARY_USER_SDK_SANDBOX_UID, false, PROCESS_STATE_TOP,

                SECONDARY_USER_SDK_SANDBOX_UID, false, PROCESS_STATE_TOP,

                false, false, false, false,

                false, false, false, false);

    }



    private void runAndVerifyBackgroundActivityStartsSubtest(String name, boolean shouldHaveAborted,

    private void runAndVerifyBackgroundActivityStartsSubtest(String name, boolean shouldHaveAborted,

            int callingUid, boolean callingUidHasVisibleWindow, int callingUidProcState,

            int callingUid, boolean callingUidHasVisibleWindow, int callingUidProcState,

            int realCallingUid, boolean realCallingUidHasVisibleWindow, int realCallingUidProcState,

            int realCallingUid, boolean realCallingUidHasVisibleWindow, int realCallingUidProcState,