Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2ca88f66 authored by Adnan Begovic's avatar Adnan Begovic Committed by Gerrit Code Review
Browse files

pm: Use sourcerecord if available for protected app validation. 

  A source record serves as a beneficial historical record to
  see if an activity start has been redirected numerous times.

  This fixes issues where applications that redirect implicitly
  and are protected would constantly spam to be authed.

Change-Id: Ibeb9eae4279a0cdd65635392316eabb485adfa27
TICKET: PAELLA-216 FEIJ-160 FEIJ-177
parent 955c97f8

services/core/java/com/android/server/am/ActivityStackSupervisor.java

+3 −2
Original line number Diff line number Diff line
@@ -1879,11 +1879,12 @@ public final class ActivityStackSupervisor implements DisplayListener { 
            //TODO: This needs to be a flushed out API in the future.

            boolean isProtected = intent.getComponent() != null

                    && AppGlobals.getPackageManager()

                    .isComponentProtected(null, r.launchedFromUid,

                    .isComponentProtected(sourceRecord == null ? "android" :

                                    sourceRecord.launchedFromPackage, r.launchedFromUid,

                            intent.getComponent(), r.userId) &&

                    (intent.getFlags()&Intent.FLAG_GRANT_READ_URI_PERMISSION) == 0;



            if (isProtected) {

            if (isProtected && r.state == INITIALIZING) {

                Message msg = mService.mHandler.obtainMessage(

                        ActivityManagerService.POST_COMPONENT_PROTECTED_MSG);

                //Store start flags, userid

services/core/java/com/android/server/pm/PackageManagerService.java

+3 −4
Original line number Diff line number Diff line
@@ -17307,10 +17307,9 @@ public class PackageManagerService extends IPackageManager.Stub { 
            }

        }









        if (callingPackage == null && (callingUid == Process.SYSTEM_UID









                || fromProtectedComponentUid)) {









            if (DEBUG_PROTECTED) Log.d(TAG, "Calling package is android and from system or " +









                    "protected manager, allow");









        if (TextUtils.equals(callingPackage, "android") && callingUid == Process.SYSTEM_UID









                || callingPackage == null && fromProtectedComponentUid) {









            if (DEBUG_PROTECTED) Log.d(TAG, "Calling package is android or manager, allow");









            return false;









        }