Whitelist ResolveActivity for explicit instant intents (31426b26) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/am/ActivityManagerService.java

+3 −2

Original line number	Diff line number	Diff line
		@@ -37,9 +37,7 @@ import static android.app.ActivityManagerInternal.ASSIST_KEY_DATA;
		import static android.app.ActivityManagerInternal.ASSIST_KEY_RECEIVER_EXTRAS;
		import static android.app.ActivityManagerInternal.ASSIST_KEY_STRUCTURE;
		import static android.app.ActivityThread.PROC_START_SEQ_IDENT;
		import static android.app.AppOpsManager.OP_ASSIST_STRUCTURE;
		import static android.app.AppOpsManager.OP_NONE;
		import static android.app.WindowConfiguration.ACTIVITY_TYPE_HOME;
		import static android.app.WindowConfiguration.ACTIVITY_TYPE_STANDARD;
		import static android.app.WindowConfiguration.ACTIVITY_TYPE_UNDEFINED;
		import static android.app.WindowConfiguration.WINDOWING_MODE_FREEFORM;
		@@ -5128,6 +5126,7 @@ public class ActivityManagerService extends IActivityManager.Stub
		final ActivityRecord sourceRecord;
		final int targetUid;
		final String targetPackage;
		final boolean isResolver;
		synchronized (this) {
		if (resultTo == null) {
		throw new SecurityException("Must be called from an activity");
		@@ -5165,6 +5164,7 @@ public class ActivityManagerService extends IActivityManager.Stub
		}
		targetUid = sourceRecord.launchedFromUid;
		targetPackage = sourceRecord.launchedFromPackage;
		isResolver = sourceRecord.isResolverOrChildActivity();
		}

		if (userId == UserHandle.USER_NULL) {
		@@ -5184,6 +5184,7 @@ public class ActivityManagerService extends IActivityManager.Stub
		.setActivityOptions(bOptions)
		.setMayWait(userId)
		.setIgnoreTargetSecurity(ignoreTargetSecurity)
		.setFilterCallingUid(isResolver ? 0 /* system */ : targetUid)
		.execute();
		} catch (SecurityException e) {
		// XXX need to figure out how to propagate to original app.

services/core/java/com/android/server/am/ActivityRecord.java

+12 −0

Original line number	Diff line number	Diff line
		@@ -826,6 +826,18 @@ final class ActivityRecord extends ConfigurationContainer implements AppWindowCo
		return ResolverActivity.class.getName().equals(realActivity.getClassName());
		}

		boolean isResolverOrChildActivity() {
		if (!"android".equals(packageName)) {
		return false;
		}
		try {
		return ResolverActivity.class.isAssignableFrom(
		Object.class.getClassLoader().loadClass(realActivity.getClassName()));
		} catch (ClassNotFoundException e) {
		return false;
		}
		}

		ActivityRecord(ActivityManagerService _service, ProcessRecord _caller, int _launchedFromPid,
		int _launchedFromUid, String _launchedFromPackage, Intent _intent, String _resolvedType,
		ActivityInfo aInfo, Configuration _configuration,

services/core/java/com/android/server/am/ActivityStartController.java

+2 −1

Original line number	Diff line number	Diff line
		@@ -37,6 +37,7 @@ import android.os.Handler;
		import android.os.IBinder;
		import android.os.Looper;
		import android.os.Message;
		import android.os.UserHandle;
		import android.provider.Settings;
		import android.util.Slog;
		import android.view.RemoteAnimationAdapter;
		@@ -340,7 +341,7 @@ public class ActivityStartController {
		// Collect information about the target of the Intent.
		ActivityInfo aInfo = mSupervisor.resolveActivity(intent, resolvedTypes[i], 0,
		null, userId, ActivityStarter.computeResolveFilterUid(
		callingUid, realCallingUid));
		callingUid, realCallingUid, UserHandle.USER_NULL));
		// TODO: New, check if this is correct
		aInfo = mService.getActivityInfoForUser(aInfo, userId);

services/core/java/com/android/server/am/ActivityStarter.java

+23 −7

Original line number	Diff line number	Diff line
		@@ -312,6 +312,7 @@ class ActivityStarter {
		Configuration globalConfig;
		int userId;
		WaitResult waitResult;
		int filterCallingUid;

		/**
		* If set to {@code true}, allows this activity start to look into
		@@ -367,6 +368,7 @@ class ActivityStarter {
		mayWait = false;
		avoidMoveToFront = false;
		allowPendingRemoteAnimationRegistryLookup = true;
		filterCallingUid = UserHandle.USER_NULL;
		}

		/**
		@@ -404,6 +406,7 @@ class ActivityStarter {
		avoidMoveToFront = request.avoidMoveToFront;
		allowPendingRemoteAnimationRegistryLookup
		= request.allowPendingRemoteAnimationRegistryLookup;
		filterCallingUid = request.filterCallingUid;
		}
		}

		@@ -792,7 +795,8 @@ class ActivityStarter {
		callingPid = realCallingPid;

		rInfo = mSupervisor.resolveIntent(intent, resolvedType, userId, 0,
		computeResolveFilterUid(callingUid, realCallingUid));
		computeResolveFilterUid(
		callingUid, realCallingUid, mRequest.filterCallingUid));
		aInfo = mSupervisor.resolveActivity(intent, rInfo, startFlags,
		null /profilerInfo/);

		@@ -984,7 +988,9 @@ class ActivityStarter {
		}

		ResolveInfo rInfo = mSupervisor.resolveIntent(intent, resolvedType, userId,
		0 /* matchFlags */, computeResolveFilterUid(callingUid, realCallingUid));
		0 /* matchFlags */,
		computeResolveFilterUid(
		callingUid, realCallingUid, mRequest.filterCallingUid));
		if (rInfo == null) {
		UserInfo userInfo = mSupervisor.getUserInfo(userId);
		if (userInfo != null && userInfo.isManagedProfile()) {
		@@ -1006,7 +1012,8 @@ class ActivityStarter {
		rInfo = mSupervisor.resolveIntent(intent, resolvedType, userId,
		PackageManager.MATCH_DIRECT_BOOT_AWARE
		\| PackageManager.MATCH_DIRECT_BOOT_UNAWARE,
		computeResolveFilterUid(callingUid, realCallingUid));
		computeResolveFilterUid(
		callingUid, realCallingUid, mRequest.filterCallingUid));
		}
		}
		}
		@@ -1078,8 +1085,8 @@ class ActivityStarter {
		callingPid = Binder.getCallingPid();
		componentSpecified = true;
		rInfo = mSupervisor.resolveIntent(intent, null /resolvedType/, userId,
		0 /* matchFlags */, computeResolveFilterUid(callingUid,
		realCallingUid));
		0 /* matchFlags */, computeResolveFilterUid(
		callingUid, realCallingUid, mRequest.filterCallingUid));
		aInfo = rInfo != null ? rInfo.activityInfo : null;
		if (aInfo != null) {
		aInfo = mService.getActivityInfoForUser(aInfo, userId);
		@@ -1173,10 +1180,14 @@ class ActivityStarter {
		*
		* @param customCallingUid The UID on whose behalf to make the call.
		* @param actualCallingUid The UID actually making the call.
		* @param filterCallingUid The UID to be used to filter for instant apps.
		* @return The logical UID making the call.
		*/
		static int computeResolveFilterUid(int customCallingUid, int actualCallingUid) {
		return customCallingUid >= 0 ? customCallingUid : actualCallingUid;
		static int computeResolveFilterUid(int customCallingUid, int actualCallingUid,
		int filterCallingUid) {
		return filterCallingUid != UserHandle.USER_NULL
		? filterCallingUid
		: (customCallingUid >= 0 ? customCallingUid : actualCallingUid);
		}

		private int startActivity(final ActivityRecord r, ActivityRecord sourceRecord,
		@@ -2562,6 +2573,11 @@ class ActivityStarter {
		return this;
		}

		ActivityStarter setFilterCallingUid(int filterCallingUid) {
		mRequest.filterCallingUid = filterCallingUid;
		return this;
		}

		ActivityStarter setComponentSpecified(boolean componentSpecified) {
		mRequest.componentSpecified = componentSpecified;
		return this;