Replacing some explicit recents components checks with permission checks (4ee257ce) · Commits · e / os / android_frameworks_base

core/res/AndroidManifest.xml

+8 −8

Original line number	Diff line number	Diff line
		@@ -2541,7 +2541,7 @@
		<!-- Allows an application to start a task from a ActivityManager#RecentTaskInfo.
		@hide -->
		<permission android:name="android.permission.START_TASKS_FROM_RECENTS"
		android:protectionLevel="signature\|privileged" />
		android:protectionLevel="signature\|privileged\|recents" />

		<!-- @SystemApi @hide Allows an application to call APIs that allow it to do interactions
		across the users on the device, using singleton services and
		@@ -2606,7 +2606,7 @@

		<!-- @SystemApi @TestApi @hide Allows an application to change to remove/kill tasks -->
		<permission android:name="android.permission.REMOVE_TASKS"
		android:protectionLevel="signature\|documenter" />
		android:protectionLevel="signature\|documenter\|recents" />

		<!-- @deprecated Use MANAGE_ACTIVITY_TASKS instead.
		@SystemApi @TestApi @hide Allows an application to create/manage/remove stacks -->
		@@ -2615,7 +2615,7 @@

		<!-- @SystemApi @TestApi @hide Allows an application to create/manage/remove tasks -->
		<permission android:name="android.permission.MANAGE_ACTIVITY_TASKS"
		android:protectionLevel="signature" />
		android:protectionLevel="signature\|recents" />

		<!-- @SystemApi @TestApi @hide Allows an application to embed other activities -->
		<permission android:name="android.permission.ACTIVITY_EMBEDDING"
		@@ -3284,7 +3284,7 @@
		and its icons.
		<p>Not for use by third-party applications. -->
		<permission android:name="android.permission.STATUS_BAR"
		android:protectionLevel="signature\|privileged" />
		android:protectionLevel="signature\|privileged\|recents" />

		<!-- Allows an application to trigger bugreport via shell using the bugreport API.
		<p>Not for use by third-party applications.
		@@ -3451,7 +3451,7 @@
		critical UI such as the home screen.
		@hide -->
		<permission android:name="android.permission.STOP_APP_SWITCHES"
		android:protectionLevel="signature\|privileged" />
		android:protectionLevel="signature\|privileged\|recents" />

		<!-- @SystemApi Allows an application to retrieve private information about
		the current top activity, such as any assist context it can provide.
		@@ -3836,7 +3836,7 @@
		@hide
		-->
		<permission android:name="android.permission.SET_ORIENTATION"
		android:protectionLevel="signature" />
		android:protectionLevel="signature\|recents" />

		<!-- @SystemApi Allows low-level access to setting the pointer speed.
		<p>Not for use by third-party applications.
		@@ -4100,7 +4100,7 @@
		@hide
		@removed -->
		<permission android:name="android.permission.READ_FRAME_BUFFER"
		android:protectionLevel="signature" />
		android:protectionLevel="signature\|recents" />

		<!-- Allows an application to use InputFlinger's low level features.
		@hide -->
		@@ -5277,7 +5277,7 @@
		<!-- @SystemApi Allows modifying accessibility state.
		@hide -->
		<permission android:name="android.permission.MANAGE_ACCESSIBILITY"
		android:protectionLevel="signature\|setup" />
		android:protectionLevel="signature\|setup\|recents" />

		<!-- @SystemApi Allows an app to grant a profile owner access to device identifiers.
		<p>Not for use by third-party applications.

data/etc/com.android.launcher3.xml

+3 −0

Original line number	Diff line number	Diff line
		@@ -21,5 +21,8 @@
		<permission name="android.permission.GET_ACCOUNTS_PRIVILEGED"/>
		<permission name="android.permission.WRITE_SECURE_SETTINGS"/>
		<permission name="android.permission.BROADCAST_CLOSE_SYSTEM_DIALOGS"/>
		<permission name="android.permission.START_TASKS_FROM_RECENTS"/>
		<permission name="android.permission.STATUS_BAR"/>
		<permission name="android.permission.STOP_APP_SWITCHES"/>
		</privapp-permissions>
		</permissions>

services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java

+2 −8

Original line number	Diff line number	Diff line
		@@ -166,8 +166,6 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub
		// their capabilities are ready.
		private static final int WAIT_MOTION_INJECTOR_TIMEOUT_MILLIS = 1000;

		static final String FUNCTION_REGISTER_SYSTEM_ACTION = "registerSystemAction";
		static final String FUNCTION_UNREGISTER_SYSTEM_ACTION = "unregisterSystemAction";
		private static final String FUNCTION_REGISTER_UI_TEST_AUTOMATION_SERVICE =
		"registerUiTestAutomationService";

		@@ -748,9 +746,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub
		*/
		@Override
		public void registerSystemAction(RemoteAction action, int actionId) {
		mSecurityPolicy.enforceCallerIsRecentsOrHasPermission(
		Manifest.permission.MANAGE_ACCESSIBILITY,
		FUNCTION_REGISTER_SYSTEM_ACTION);
		mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY);
		getSystemActionPerformer().registerSystemAction(actionId, action);
		}

		@@ -761,9 +757,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub
		*/
		@Override
		public void unregisterSystemAction(int actionId) {
		mSecurityPolicy.enforceCallerIsRecentsOrHasPermission(
		Manifest.permission.MANAGE_ACCESSIBILITY,
		FUNCTION_UNREGISTER_SYSTEM_ACTION);
		mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY);
		getSystemActionPerformer().unregisterSystemAction(actionId);
		}

services/accessibility/java/com/android/server/accessibility/AccessibilitySecurityPolicy.java

+0 −13

Original line number	Diff line number	Diff line
		@@ -38,8 +38,6 @@ import android.util.Slog;
		import android.view.accessibility.AccessibilityEvent;

		import com.android.internal.util.ArrayUtils;
		import com.android.server.LocalServices;
		import com.android.server.wm.ActivityTaskManagerInternal;

		import libcore.util.EmptyArray;

		@@ -88,7 +86,6 @@ public class AccessibilitySecurityPolicy {

		private final AccessibilityUserManager mAccessibilityUserManager;
		private AccessibilityWindowManager mAccessibilityWindowManager;
		private final ActivityTaskManagerInternal mAtmInternal;

		/**
		* Constructor for AccessibilityManagerService.
		@@ -100,7 +97,6 @@ public class AccessibilitySecurityPolicy {
		mPackageManager = mContext.getPackageManager();
		mUserManager = (UserManager) mContext.getSystemService(Context.USER_SERVICE);
		mAppOpsManager = (AppOpsManager) context.getSystemService(Context.APP_OPS_SERVICE);
		mAtmInternal = LocalServices.getService(ActivityTaskManagerInternal.class);
		}

		/**
		@@ -572,13 +568,4 @@ public class AccessibilitySecurityPolicy {
		+ permission);
		}
		}

		/**
		* Enforcing permission check to IPC caller or grant it if it's recents.
		*
		* @param permission The permission to check
		*/
		public void enforceCallerIsRecentsOrHasPermission(@NonNull String permission, String func) {
		mAtmInternal.enforceCallerIsRecentsOrHasPermission(permission, func);
		}
		}

services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java

+0 −6

Original line number	Diff line number	Diff line
		@@ -278,12 +278,6 @@ public abstract class ActivityTaskManagerInternal {
		*/
		public abstract void cancelRecentsAnimation(boolean restoreHomeRootTaskPosition);

		/**
		* This enforces {@code func} can only be called if either the caller is Recents activity or
		* has {@code permission}.
		*/
		public abstract void enforceCallerIsRecentsOrHasPermission(String permission, String func);

		/**
		* Returns true if the app can close system dialogs. Otherwise it either throws a {@link
		* SecurityException} or returns false with a logcat message depending on whether the app