Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1dfc8842 authored by Hani Kazmi's avatar Hani Kazmi
Browse files

Update BAL controller to return codes in priority order 

ASM uses BAL codes to restrict which activity launches are allowed.
BAL_ALLOW_BAL_PERMISSION is currrently allowed, whereas
BAL_ALLOW_GRACE_PERIOD is not. CTS Tests instrument with BAL permission
to launch activities from the background. However, due to the ordering
of checks, BAL_ALLOW_GRACE_PERIOD would be returned if the CTS app had
recently entered the background, rather than BAL_ALLOW_BAL_PERMISSION.

Bug: 267453720
Test: atest AccessibilityViewTreeReportingTest
Change-Id: I012fcf91301b022f57f078c80772e12bbce72581
parent 88631c7b

services/core/java/com/android/server/wm/BackgroundLaunchProcessController.java

+35 −34
Original line number Diff line number Diff line
@@ -102,41 +102,30 @@ class BackgroundLaunchProcessController { 
            boolean hasActivityInVisibleTask, boolean hasBackgroundActivityStartPrivileges,

            long lastStopAppSwitchesTime, long lastActivityLaunchTime,

            long lastActivityFinishTime) {

        // If app switching is not allowed, we ignore all the start activity grace period

        // exception so apps cannot start itself in onPause() after pressing home button.

        if (appSwitchState == APP_SWITCH_ALLOW) {

            // Allow if any activity in the caller has either started or finished very recently, and

            // it must be started or finished after last stop app switches time.

            final long now = SystemClock.uptimeMillis();

            if (now - lastActivityLaunchTime < ACTIVITY_BG_START_GRACE_PERIOD_MS

                    || now - lastActivityFinishTime < ACTIVITY_BG_START_GRACE_PERIOD_MS) {

                // If activity is started and finished before stop app switch time, we should not

                // let app to be able to start background activity even it's in grace period.

                if (lastActivityLaunchTime > lastStopAppSwitchesTime

                        || lastActivityFinishTime > lastStopAppSwitchesTime) {

        // Allow if the proc is instrumenting with background activity starts privs.

        if (hasBackgroundActivityStartPrivileges) {

            if (DEBUG_ACTIVITY_STARTS) {

                Slog.d(TAG, "[Process(" + pid

                                + ")] Activity start allowed: within "

                                + ACTIVITY_BG_START_GRACE_PERIOD_MS + "ms grace period");

                        + ")] Activity start allowed: process instrumenting with background "

                        + "activity starts privileges");

            }

                    return BAL_ALLOW_GRACE_PERIOD;

            return BAL_ALLOW_BAL_PERMISSION;

        }

        // Allow if the flag was explicitly set.

        if (isBackgroundStartAllowedByToken(uid, packageName, isCheckingForFgsStart)) {

            if (DEBUG_ACTIVITY_STARTS) {

                    Slog.d(TAG, "[Process(" + pid + ")] Activity start within "

                            + ACTIVITY_BG_START_GRACE_PERIOD_MS

                            + "ms grace period but also within stop app switch window");

                }



                Slog.d(TAG, "[Process(" + pid

                        + ")] Activity start allowed: process allowed by token");

            }

            return BAL_ALLOW_BAL_PERMISSION;

        }

        // Allow if the proc is instrumenting with background activity starts privs.

        if (hasBackgroundActivityStartPrivileges) {

        // Allow if the caller is bound by a UID that's currently foreground.

        if (isBoundByForegroundUid()) {

            if (DEBUG_ACTIVITY_STARTS) {

                Slog.d(TAG, "[Process(" + pid

                        + ")] Activity start allowed: process instrumenting with background "

                        + "activity starts privileges");

                        + ")] Activity start allowed: process bound by foreground uid");

            }

            return BAL_ALLOW_BAL_PERMISSION;

            return BAL_ALLOW_VISIBLE_WINDOW;

        }

        // Allow if the caller has an activity in any foreground task.

        if (hasActivityInVisibleTask
@@ -147,21 +136,33 @@ class BackgroundLaunchProcessController { 
            }

            return BAL_ALLOW_FOREGROUND;

        }

        // Allow if the caller is bound by a UID that's currently foreground.

        if (isBoundByForegroundUid()) {



        // If app switching is not allowed, we ignore all the start activity grace period

        // exception so apps cannot start itself in onPause() after pressing home button.

        if (appSwitchState == APP_SWITCH_ALLOW) {

            // Allow if any activity in the caller has either started or finished very recently, and

            // it must be started or finished after last stop app switches time.

            final long now = SystemClock.uptimeMillis();

            if (now - lastActivityLaunchTime < ACTIVITY_BG_START_GRACE_PERIOD_MS

                    || now - lastActivityFinishTime < ACTIVITY_BG_START_GRACE_PERIOD_MS) {

                // If activity is started and finished before stop app switch time, we should not

                // let app to be able to start background activity even it's in grace period.

                if (lastActivityLaunchTime > lastStopAppSwitchesTime

                        || lastActivityFinishTime > lastStopAppSwitchesTime) {

                    if (DEBUG_ACTIVITY_STARTS) {

                        Slog.d(TAG, "[Process(" + pid

                        + ")] Activity start allowed: process bound by foreground uid");

                                + ")] Activity start allowed: within "

                                + ACTIVITY_BG_START_GRACE_PERIOD_MS + "ms grace period");

                    }

            return BAL_ALLOW_VISIBLE_WINDOW;

                    return BAL_ALLOW_GRACE_PERIOD;

                }

        // Allow if the flag was explicitly set.

        if (isBackgroundStartAllowedByToken(uid, packageName, isCheckingForFgsStart)) {

                if (DEBUG_ACTIVITY_STARTS) {

                Slog.d(TAG, "[Process(" + pid

                        + ")] Activity start allowed: process allowed by token");

                    Slog.d(TAG, "[Process(" + pid + ")] Activity start within "

                            + ACTIVITY_BG_START_GRACE_PERIOD_MS

                            + "ms grace period but also within stop app switch window");

                }



            }

            return BAL_ALLOW_BAL_PERMISSION;

        }

        return BAL_BLOCK;

    }