Loading core/java/android/app/ActivityManagerInternal.java +1 −1 Original line number Original line Diff line number Diff line Loading @@ -377,7 +377,7 @@ public abstract class ActivityManagerInternal { IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, @UserIdInt int userId, boolean allowBackgroundActivityStarts, @UserIdInt int userId, boolean allowBackgroundActivityStarts, @Nullable IBinder backgroundActivityStartsToken); @Nullable IBinder backgroundActivityStartsToken, @Nullable int[] broadcastAllowList); public abstract ComponentName startServiceInPackage(int uid, Intent service, public abstract ComponentName startServiceInPackage(int uid, Intent service, String resolvedType, boolean fgRequired, String callingPackage, String resolvedType, boolean fgRequired, String callingPackage, Loading services/core/java/android/content/pm/PackageManagerInternal.java +15 −0 Original line number Original line Diff line number Diff line Loading @@ -39,6 +39,7 @@ import android.os.HandlerExecutor; import android.os.IBinder; import android.os.IBinder; import android.os.Looper; import android.os.Looper; import android.os.PersistableBundle; import android.os.PersistableBundle; import android.os.Process; import android.util.ArrayMap; import android.util.ArrayMap; import android.util.ArraySet; import android.util.ArraySet; import android.util.SparseArray; import android.util.SparseArray; Loading Loading @@ -719,6 +720,20 @@ public abstract class PackageManagerInternal implements PackageSettingsSnapshotP */ */ public abstract boolean filterAppAccess(int uid, int callingUid); public abstract boolean filterAppAccess(int uid, int callingUid); /** * Fetches all app Ids that a given application is currently visible to the provided user. * * <p> * <strong>Note: </strong>This only includes UIDs >= {@link Process#FIRST_APPLICATION_UID} * as all other UIDs can already see all applications. * </p> * * If the app is visible to all UIDs, null is returned. If the app is not visible to any * applications, the int array will be empty. */ @Nullable public abstract int[] getVisibilityAllowList(@NonNull String packageName, int userId); /** Returns whether the given package was signed by the platform */ /** Returns whether the given package was signed by the platform */ public abstract boolean isPlatformSigned(String pkg); public abstract boolean isPlatformSigned(String pkg); Loading services/core/java/com/android/server/am/ActivityManagerService.java +10 −7 Original line number Original line Diff line number Diff line Loading @@ -3536,15 +3536,17 @@ public class ActivityManagerService extends IActivityManager.Stub intent.addFlags(Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND); intent.addFlags(Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND); intent.putExtra(Intent.EXTRA_UID, (appInfo != null) ? appInfo.uid : -1); intent.putExtra(Intent.EXTRA_UID, (appInfo != null) ? appInfo.uid : -1); intent.putExtra(Intent.EXTRA_USER_HANDLE, resolvedUserId); intent.putExtra(Intent.EXTRA_USER_HANDLE, resolvedUserId); final int[] visibilityAllowList = mPackageManagerInt.getVisibilityAllowList(packageName, resolvedUserId); if (isInstantApp) { if (isInstantApp) { intent.putExtra(Intent.EXTRA_PACKAGE_NAME, packageName); intent.putExtra(Intent.EXTRA_PACKAGE_NAME, packageName); broadcastIntentInPackage("android", null, SYSTEM_UID, uid, pid, intent, broadcastIntentInPackage("android", null, SYSTEM_UID, uid, pid, intent, null, null, 0, null, null, permission.ACCESS_INSTANT_APPS, null, null, null, 0, null, null, permission.ACCESS_INSTANT_APPS, null, false, false, resolvedUserId, false, null); false, false, resolvedUserId, false, null, visibilityAllowList); } else { } else { broadcastIntentInPackage("android", null, SYSTEM_UID, uid, pid, intent, broadcastIntentInPackage("android", null, SYSTEM_UID, uid, pid, intent, null, null, 0, null, null, null, null, false, false, resolvedUserId, null, null, 0, null, null, null, null, false, false, resolvedUserId, false, null); false, null, visibilityAllowList); } } if (observer != null) { if (observer != null) { Loading Loading @@ -13647,7 +13649,8 @@ public class ActivityManagerService extends IActivityManager.Stub IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, int userId, boolean allowBackgroundActivityStarts, int userId, boolean allowBackgroundActivityStarts, @Nullable IBinder backgroundActivityStartsToken) { @Nullable IBinder backgroundActivityStartsToken, @Nullable int[] broadcastAllowList) { synchronized(this) { synchronized(this) { intent = verifyBroadcastLocked(intent); intent = verifyBroadcastLocked(intent); Loading @@ -13659,8 +13662,7 @@ public class ActivityManagerService extends IActivityManager.Stub resultTo, resultCode, resultData, resultExtras, requiredPermissions, null, resultTo, resultCode, resultData, resultExtras, requiredPermissions, null, OP_NONE, bOptions, serialized, sticky, -1, uid, realCallingUid, OP_NONE, bOptions, serialized, sticky, -1, uid, realCallingUid, realCallingPid, userId, allowBackgroundActivityStarts, realCallingPid, userId, allowBackgroundActivityStarts, backgroundActivityStartsToken, backgroundActivityStartsToken, broadcastAllowList); null /* broadcastAllowList */); } finally { } finally { Binder.restoreCallingIdentity(origId); Binder.restoreCallingIdentity(origId); } } Loading Loading @@ -15845,13 +15847,14 @@ public class ActivityManagerService extends IActivityManager.Stub IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, int userId, boolean allowBackgroundActivityStarts, int userId, boolean allowBackgroundActivityStarts, @Nullable IBinder backgroundActivityStartsToken) { @Nullable IBinder backgroundActivityStartsToken, @Nullable int[] broadcastAllowList) { synchronized (ActivityManagerService.this) { synchronized (ActivityManagerService.this) { return ActivityManagerService.this.broadcastIntentInPackage(packageName, featureId, return ActivityManagerService.this.broadcastIntentInPackage(packageName, featureId, uid, realCallingUid, realCallingPid, intent, resolvedType, resultTo, uid, realCallingUid, realCallingPid, intent, resolvedType, resultTo, resultCode, resultData, resultExtras, requiredPermission, bOptions, resultCode, resultData, resultExtras, requiredPermission, bOptions, serialized, sticky, userId, allowBackgroundActivityStarts, serialized, sticky, userId, allowBackgroundActivityStarts, backgroundActivityStartsToken); backgroundActivityStartsToken, broadcastAllowList); } } } } services/core/java/com/android/server/am/PendingIntentRecord.java +2 −1 Original line number Original line Diff line number Diff line Loading @@ -481,7 +481,8 @@ public final class PendingIntentRecord extends IIntentSender.Stub { key.featureId, uid, callingUid, callingPid, finalIntent, key.featureId, uid, callingUid, callingPid, finalIntent, resolvedType, finishedReceiver, code, null, null, resolvedType, finishedReceiver, code, null, null, requiredPermission, options, (finishedReceiver != null), false, requiredPermission, options, (finishedReceiver != null), false, userId, allowedByToken || allowTrampoline, bgStartsToken); userId, allowedByToken || allowTrampoline, bgStartsToken, null /* broadcastAllowList */); if (sent == ActivityManager.BROADCAST_SUCCESS) { if (sent == ActivityManager.BROADCAST_SUCCESS) { sendFinish = false; sendFinish = false; } } Loading services/core/java/com/android/server/pm/PackageManagerService.java +17 −0 Original line number Original line Diff line number Diff line Loading @@ -27125,6 +27125,18 @@ public class PackageManagerService extends IPackageManager.Stub return mComputer.filterAppAccess(uid, callingUid); return mComputer.filterAppAccess(uid, callingUid); } } private int[] getVisibilityAllowList(@NonNull String packageName, int userId) { synchronized (mLock) { final PackageSetting ps = getPackageSettingInternal(packageName, Process.SYSTEM_UID); if (ps == null) { return null; } final SparseArray<int[]> visibilityAllowList = mAppsFilter.getVisibilityAllowList(ps, new int[]{userId}, mSettings.getPackagesLocked()); return visibilityAllowList != null ? visibilityAllowList.get(userId) : null; } } private class PackageManagerInternalImpl extends PackageManagerInternal { private class PackageManagerInternalImpl extends PackageManagerInternal { @Override @Override public List<ApplicationInfo> getInstalledApplications(int flags, int userId, public List<ApplicationInfo> getInstalledApplications(int flags, int userId, Loading Loading @@ -27212,6 +27224,11 @@ public class PackageManagerService extends IPackageManager.Stub return PackageManagerService.this.filterAppAccess(uid, callingUid); return PackageManagerService.this.filterAppAccess(uid, callingUid); } } @Nullable public int[] getVisibilityAllowList(@NonNull String packageName, int userId) { return PackageManagerService.this.getVisibilityAllowList(packageName, userId); } @Override @Override public AndroidPackage getPackage(String packageName) { public AndroidPackage getPackage(String packageName) { return PackageManagerService.this.getPackage(packageName); return PackageManagerService.this.getPackage(packageName); Loading
core/java/android/app/ActivityManagerInternal.java +1 −1 Original line number Original line Diff line number Diff line Loading @@ -377,7 +377,7 @@ public abstract class ActivityManagerInternal { IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, @UserIdInt int userId, boolean allowBackgroundActivityStarts, @UserIdInt int userId, boolean allowBackgroundActivityStarts, @Nullable IBinder backgroundActivityStartsToken); @Nullable IBinder backgroundActivityStartsToken, @Nullable int[] broadcastAllowList); public abstract ComponentName startServiceInPackage(int uid, Intent service, public abstract ComponentName startServiceInPackage(int uid, Intent service, String resolvedType, boolean fgRequired, String callingPackage, String resolvedType, boolean fgRequired, String callingPackage, Loading
services/core/java/android/content/pm/PackageManagerInternal.java +15 −0 Original line number Original line Diff line number Diff line Loading @@ -39,6 +39,7 @@ import android.os.HandlerExecutor; import android.os.IBinder; import android.os.IBinder; import android.os.Looper; import android.os.Looper; import android.os.PersistableBundle; import android.os.PersistableBundle; import android.os.Process; import android.util.ArrayMap; import android.util.ArrayMap; import android.util.ArraySet; import android.util.ArraySet; import android.util.SparseArray; import android.util.SparseArray; Loading Loading @@ -719,6 +720,20 @@ public abstract class PackageManagerInternal implements PackageSettingsSnapshotP */ */ public abstract boolean filterAppAccess(int uid, int callingUid); public abstract boolean filterAppAccess(int uid, int callingUid); /** * Fetches all app Ids that a given application is currently visible to the provided user. * * <p> * <strong>Note: </strong>This only includes UIDs >= {@link Process#FIRST_APPLICATION_UID} * as all other UIDs can already see all applications. * </p> * * If the app is visible to all UIDs, null is returned. If the app is not visible to any * applications, the int array will be empty. */ @Nullable public abstract int[] getVisibilityAllowList(@NonNull String packageName, int userId); /** Returns whether the given package was signed by the platform */ /** Returns whether the given package was signed by the platform */ public abstract boolean isPlatformSigned(String pkg); public abstract boolean isPlatformSigned(String pkg); Loading
services/core/java/com/android/server/am/ActivityManagerService.java +10 −7 Original line number Original line Diff line number Diff line Loading @@ -3536,15 +3536,17 @@ public class ActivityManagerService extends IActivityManager.Stub intent.addFlags(Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND); intent.addFlags(Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND); intent.putExtra(Intent.EXTRA_UID, (appInfo != null) ? appInfo.uid : -1); intent.putExtra(Intent.EXTRA_UID, (appInfo != null) ? appInfo.uid : -1); intent.putExtra(Intent.EXTRA_USER_HANDLE, resolvedUserId); intent.putExtra(Intent.EXTRA_USER_HANDLE, resolvedUserId); final int[] visibilityAllowList = mPackageManagerInt.getVisibilityAllowList(packageName, resolvedUserId); if (isInstantApp) { if (isInstantApp) { intent.putExtra(Intent.EXTRA_PACKAGE_NAME, packageName); intent.putExtra(Intent.EXTRA_PACKAGE_NAME, packageName); broadcastIntentInPackage("android", null, SYSTEM_UID, uid, pid, intent, broadcastIntentInPackage("android", null, SYSTEM_UID, uid, pid, intent, null, null, 0, null, null, permission.ACCESS_INSTANT_APPS, null, null, null, 0, null, null, permission.ACCESS_INSTANT_APPS, null, false, false, resolvedUserId, false, null); false, false, resolvedUserId, false, null, visibilityAllowList); } else { } else { broadcastIntentInPackage("android", null, SYSTEM_UID, uid, pid, intent, broadcastIntentInPackage("android", null, SYSTEM_UID, uid, pid, intent, null, null, 0, null, null, null, null, false, false, resolvedUserId, null, null, 0, null, null, null, null, false, false, resolvedUserId, false, null); false, null, visibilityAllowList); } } if (observer != null) { if (observer != null) { Loading Loading @@ -13647,7 +13649,8 @@ public class ActivityManagerService extends IActivityManager.Stub IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, int userId, boolean allowBackgroundActivityStarts, int userId, boolean allowBackgroundActivityStarts, @Nullable IBinder backgroundActivityStartsToken) { @Nullable IBinder backgroundActivityStartsToken, @Nullable int[] broadcastAllowList) { synchronized(this) { synchronized(this) { intent = verifyBroadcastLocked(intent); intent = verifyBroadcastLocked(intent); Loading @@ -13659,8 +13662,7 @@ public class ActivityManagerService extends IActivityManager.Stub resultTo, resultCode, resultData, resultExtras, requiredPermissions, null, resultTo, resultCode, resultData, resultExtras, requiredPermissions, null, OP_NONE, bOptions, serialized, sticky, -1, uid, realCallingUid, OP_NONE, bOptions, serialized, sticky, -1, uid, realCallingUid, realCallingPid, userId, allowBackgroundActivityStarts, realCallingPid, userId, allowBackgroundActivityStarts, backgroundActivityStartsToken, backgroundActivityStartsToken, broadcastAllowList); null /* broadcastAllowList */); } finally { } finally { Binder.restoreCallingIdentity(origId); Binder.restoreCallingIdentity(origId); } } Loading Loading @@ -15845,13 +15847,14 @@ public class ActivityManagerService extends IActivityManager.Stub IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, IIntentReceiver resultTo, int resultCode, String resultData, Bundle resultExtras, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, String requiredPermission, Bundle bOptions, boolean serialized, boolean sticky, int userId, boolean allowBackgroundActivityStarts, int userId, boolean allowBackgroundActivityStarts, @Nullable IBinder backgroundActivityStartsToken) { @Nullable IBinder backgroundActivityStartsToken, @Nullable int[] broadcastAllowList) { synchronized (ActivityManagerService.this) { synchronized (ActivityManagerService.this) { return ActivityManagerService.this.broadcastIntentInPackage(packageName, featureId, return ActivityManagerService.this.broadcastIntentInPackage(packageName, featureId, uid, realCallingUid, realCallingPid, intent, resolvedType, resultTo, uid, realCallingUid, realCallingPid, intent, resolvedType, resultTo, resultCode, resultData, resultExtras, requiredPermission, bOptions, resultCode, resultData, resultExtras, requiredPermission, bOptions, serialized, sticky, userId, allowBackgroundActivityStarts, serialized, sticky, userId, allowBackgroundActivityStarts, backgroundActivityStartsToken); backgroundActivityStartsToken, broadcastAllowList); } } } }
services/core/java/com/android/server/am/PendingIntentRecord.java +2 −1 Original line number Original line Diff line number Diff line Loading @@ -481,7 +481,8 @@ public final class PendingIntentRecord extends IIntentSender.Stub { key.featureId, uid, callingUid, callingPid, finalIntent, key.featureId, uid, callingUid, callingPid, finalIntent, resolvedType, finishedReceiver, code, null, null, resolvedType, finishedReceiver, code, null, null, requiredPermission, options, (finishedReceiver != null), false, requiredPermission, options, (finishedReceiver != null), false, userId, allowedByToken || allowTrampoline, bgStartsToken); userId, allowedByToken || allowTrampoline, bgStartsToken, null /* broadcastAllowList */); if (sent == ActivityManager.BROADCAST_SUCCESS) { if (sent == ActivityManager.BROADCAST_SUCCESS) { sendFinish = false; sendFinish = false; } } Loading
services/core/java/com/android/server/pm/PackageManagerService.java +17 −0 Original line number Original line Diff line number Diff line Loading @@ -27125,6 +27125,18 @@ public class PackageManagerService extends IPackageManager.Stub return mComputer.filterAppAccess(uid, callingUid); return mComputer.filterAppAccess(uid, callingUid); } } private int[] getVisibilityAllowList(@NonNull String packageName, int userId) { synchronized (mLock) { final PackageSetting ps = getPackageSettingInternal(packageName, Process.SYSTEM_UID); if (ps == null) { return null; } final SparseArray<int[]> visibilityAllowList = mAppsFilter.getVisibilityAllowList(ps, new int[]{userId}, mSettings.getPackagesLocked()); return visibilityAllowList != null ? visibilityAllowList.get(userId) : null; } } private class PackageManagerInternalImpl extends PackageManagerInternal { private class PackageManagerInternalImpl extends PackageManagerInternal { @Override @Override public List<ApplicationInfo> getInstalledApplications(int flags, int userId, public List<ApplicationInfo> getInstalledApplications(int flags, int userId, Loading Loading @@ -27212,6 +27224,11 @@ public class PackageManagerService extends IPackageManager.Stub return PackageManagerService.this.filterAppAccess(uid, callingUid); return PackageManagerService.this.filterAppAccess(uid, callingUid); } } @Nullable public int[] getVisibilityAllowList(@NonNull String packageName, int userId) { return PackageManagerService.this.getVisibilityAllowList(packageName, userId); } @Override @Override public AndroidPackage getPackage(String packageName) { public AndroidPackage getPackage(String packageName) { return PackageManagerService.this.getPackage(packageName); return PackageManagerService.this.getPackage(packageName);
