Isolated processes must fail registering BRs. (43b8a91b) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/am/ActivityManagerService.java

+9 −4

Original line number	Diff line number	Diff line
		@@ -13500,12 +13500,17 @@ public class ActivityManagerService extends IActivityManager.Stub
		public Intent registerReceiverWithFeature(IApplicationThread caller, String callerPackage,
		String callerFeatureId, String receiverId, IIntentReceiver receiver,
		IntentFilter filter, String permission, int userId, int flags) {
		// Allow Sandbox process to register only unexported receivers.
		if ((flags & Context.RECEIVER_NOT_EXPORTED) != 0) {
		enforceNotIsolatedCaller("registerReceiver");
		} else if (mSdkSandboxSettings.isBroadcastReceiverRestrictionsEnforced()) {
		enforceNotIsolatedOrSdkSandboxCaller("registerReceiver");

		// Allow Sandbox process to register only unexported receivers.
		boolean unexported = (flags & Context.RECEIVER_NOT_EXPORTED) != 0;
		if (mSdkSandboxSettings.isBroadcastReceiverRestrictionsEnforced()
		&& Process.isSdkSandboxUid(Binder.getCallingUid())
		&& !unexported) {
		throw new SecurityException("SDK sandbox process not allowed to call "
		+ "registerReceiver");
		}

		ArrayList<Intent> stickyIntents = null;
		ProcessRecord callerApp = null;
		final boolean visibleToInstantApps