Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3bcee8e0 authored by Achim Thesmann's avatar Achim Thesmann
Browse files

Use calling package name for CompatChange. 

For shared UID the calling package name is require to determine the
correct target SDK.

This keeps BAL enabled for system processes that were allowed to do BAL
before U.

Change-Id: Ib4576f8e229a1fcd870ef7d2f02943d24839e4fe
Test: atest BackgroundActivityLaunchTest ActivityStarterTests
Bug: 281124275
parent 3ef3a815

services/core/java/com/android/server/am/PendingIntentRecord.java

+11 −8
Original line number Diff line number Diff line
@@ -349,21 +349,22 @@ public final class PendingIntentRecord extends IIntentSender.Stub { 
     * use caller's BAL permission.

     */

    public static BackgroundStartPrivileges getBackgroundStartPrivilegesAllowedByCaller(

            @Nullable ActivityOptions activityOptions, int callingUid) {

            @Nullable ActivityOptions activityOptions, int callingUid,

            @Nullable String callingPackage) {

        if (activityOptions == null) {

            // since the ActivityOptions were not created by the app itself, determine the default

            // for the app

            return getDefaultBackgroundStartPrivileges(callingUid);

            return getDefaultBackgroundStartPrivileges(callingUid, callingPackage);

        }

        return getBackgroundStartPrivilegesAllowedByCaller(activityOptions.toBundle(),

                callingUid);

                callingUid, callingPackage);

    }



    private static BackgroundStartPrivileges getBackgroundStartPrivilegesAllowedByCaller(

            @Nullable Bundle options, int callingUid) {

            @Nullable Bundle options, int callingUid, @Nullable String callingPackage) {

        if (options == null || !options.containsKey(

                        ActivityOptions.KEY_PENDING_INTENT_BACKGROUND_ACTIVITY_ALLOWED)) {

            return getDefaultBackgroundStartPrivileges(callingUid);

            return getDefaultBackgroundStartPrivileges(callingUid, callingPackage);

        }

        return options.getBoolean(ActivityOptions.KEY_PENDING_INTENT_BACKGROUND_ACTIVITY_ALLOWED)

                ? BackgroundStartPrivileges.ALLOW_BAL
@@ -382,7 +383,7 @@ public final class PendingIntentRecord extends IIntentSender.Stub { 
                    android.Manifest.permission.LOG_COMPAT_CHANGE

            })

    public static BackgroundStartPrivileges getDefaultBackgroundStartPrivileges(

            int callingUid) {

            int callingUid, @Nullable String callingPackage) {

        if (UserHandle.getAppId(callingUid) == Process.SYSTEM_UID) {

            // We temporarily allow BAL for system processes, while we verify that all valid use

            // cases are opted in explicitly to grant their BAL permission.
@@ -391,7 +392,9 @@ public final class PendingIntentRecord extends IIntentSender.Stub { 
            // as soon as that app is upgraded (or removed) BAL would be blocked. (b/283138430)

            return BackgroundStartPrivileges.ALLOW_BAL;

        }

        boolean isChangeEnabledForApp = CompatChanges.isChangeEnabled(

        boolean isChangeEnabledForApp = callingPackage != null ? CompatChanges.isChangeEnabled(

                DEFAULT_RESCIND_BAL_PRIVILEGES_FROM_PENDING_INTENT_SENDER, callingPackage,

                UserHandle.getUserHandleForUid(callingUid)) : CompatChanges.isChangeEnabled(

                DEFAULT_RESCIND_BAL_PRIVILEGES_FROM_PENDING_INTENT_SENDER, callingUid);

        if (isChangeEnabledForApp) {

            return BackgroundStartPrivileges.ALLOW_FGS;
@@ -647,7 +650,7 @@ public final class PendingIntentRecord extends IIntentSender.Stub { 
        // temporarily allow receivers and services to open activities from background if the

        // PendingIntent.send() caller was foreground at the time of sendInner() call

        if (uid != callingUid && controller.mAtmInternal.isUidForeground(callingUid)) {

            return getBackgroundStartPrivilegesAllowedByCaller(options, callingUid);

            return getBackgroundStartPrivilegesAllowedByCaller(options, callingUid, null);

        }

        return BackgroundStartPrivileges.NONE;

    }

services/core/java/com/android/server/wm/ActivityTaskManagerService.java

+27 −0
Original line number Diff line number Diff line
@@ -5337,6 +5337,12 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub { 
        return null;

    }



    /**

     * Returns the {@link WindowProcessController} for the app process for the given uid and pid.

     *

     * If no such {@link WindowProcessController} is found, it does not belong to an app, or the

     * pid does not match the uid {@code null} is returned.

     */

    WindowProcessController getProcessController(int pid, int uid) {

        final WindowProcessController proc = mProcessMap.getProcess(pid);

        if (proc == null) return null;
@@ -5346,6 +5352,27 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub { 
        return null;

    }



    /**

     * Returns the package name if (and only if) the package name can be uniquely determined.

     * Otherwise returns {@code null}.

     *

     * The provided pid must match the provided uid, otherwise this also returns null.

     */

    @Nullable String getPackageNameIfUnique(int uid, int pid) {

        final WindowProcessController proc = mProcessMap.getProcess(pid);

        if (proc == null || proc.mUid != uid) {

            Slog.w(TAG, "callingPackage for (uid=" + uid + ", pid=" + pid + ") has no WPC");

            return null;

        }

        List<String> realCallingPackages = proc.getPackageList();

        if (realCallingPackages.size() != 1) {

            Slog.w(TAG, "callingPackage for (uid=" + uid + ", pid=" + pid + ") is ambiguous: "

                    + realCallingPackages);

            return null;

        }

        return realCallingPackages.get(0);

    }



    /** A uid is considered to be foreground if it has a visible non-toast window. */

    @HotPath(caller = HotPath.START_SERVICE)

    boolean hasActiveVisibleWindow(int uid) {

services/core/java/com/android/server/wm/BackgroundActivityStartController.java

+10 −4
Original line number Diff line number Diff line
@@ -180,7 +180,8 @@ public class BackgroundActivityStartController { 
            Intent intent,

            ActivityOptions checkedOptions) {

        return checkBackgroundActivityStart(callingUid, callingPid, callingPackage,

                realCallingUid, realCallingPid, callerApp, originatingPendingIntent,

                realCallingUid, realCallingPid,

                callerApp, originatingPendingIntent,

                backgroundStartPrivileges, intent, checkedOptions) == BAL_BLOCK;

    }
@@ -288,11 +289,13 @@ public class BackgroundActivityStartController { 
            }

        }



        String realCallingPackage = mService.getPackageNameIfUnique(realCallingUid, realCallingPid);



        // Legacy behavior allows to use caller foreground state to bypass BAL restriction.

        // The options here are the options passed by the sender and not those on the intent.

        final BackgroundStartPrivileges balAllowedByPiSender =

                PendingIntentRecord.getBackgroundStartPrivilegesAllowedByCaller(

                        checkedOptions, realCallingUid);

                        checkedOptions, realCallingUid, realCallingPackage);



        final boolean logVerdictChangeByPiDefaultChange = checkedOptions == null

                || checkedOptions.getPendingIntentBackgroundActivityStartMode()
@@ -460,8 +463,11 @@ public class BackgroundActivityStartController { 
        // If we are here, it means all exemptions not based on PI sender failed, so we'll block

        // unless resultIfPiSenderAllowsBal is an allow and the PI sender allows BAL



        String realCallingPackage = callingUid == realCallingUid ? callingPackage :

                mService.mContext.getPackageManager().getNameForUid(realCallingUid);

        if (realCallingPackage == null) {

            realCallingPackage = (callingUid == realCallingUid ? callingPackage :

                    mService.mContext.getPackageManager().getNameForUid(realCallingUid))

                    + "[debugOnly]";

        }



        String stateDumpLog = " [callingPackage: " + callingPackage

                + "; callingUid: " + callingUid

services/core/java/com/android/server/wm/WindowProcessController.java

+6 −0
Original line number Diff line number Diff line
@@ -721,6 +721,12 @@ public class WindowProcessController extends ConfigurationContainer<Configuratio 
        }

    }



    List<String> getPackageList() {

        synchronized (mPkgList) {

            return new ArrayList<>(mPkgList);

        }

    }



    void addActivityIfNeeded(ActivityRecord r) {

        // even if we already track this activity, note down that it has been launched

        setLastActivityLaunchTime(r);

services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java

+1 −1
Original line number Diff line number Diff line
@@ -944,7 +944,7 @@ public class ActivityStarterTests extends WindowTestsBase { 
                anyInt(), anyInt()));

        doReturn(BackgroundStartPrivileges.allowBackgroundActivityStarts(null)).when(

                () -> PendingIntentRecord.getBackgroundStartPrivilegesAllowedByCaller(

                anyObject(), anyInt()));

                anyObject(), anyInt(), anyObject()));

        runAndVerifyBackgroundActivityStartsSubtest(

                "allowed_notAborted", false,

                UNIMPORTANT_UID, false, PROCESS_STATE_BOUND_TOP,