Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5f692e35 authored by Andrii Kulian's avatar Andrii Kulian
Browse files

Allow SYSTEM_UID to embed activities in trusted mode 

Bug: 197364677
Test: ActivityStarterTests
Change-Id: I506528d093d3e81ee214bcc961fb60491e7d9f8f
parent b86ec0a5

services/core/java/com/android/server/wm/TaskFragment.java

+7 −0
Original line number Original line Diff line number Diff line
@@ -31,6 +31,7 @@ import static android.content.res.Configuration.ORIENTATION_LANDSCAPE; 
import static android.content.res.Configuration.ORIENTATION_PORTRAIT;

import static android.content.res.Configuration.ORIENTATION_PORTRAIT;

import static android.content.res.Configuration.ORIENTATION_UNDEFINED;

import static android.content.res.Configuration.ORIENTATION_UNDEFINED;

import static android.os.Process.INVALID_UID;

import static android.os.Process.INVALID_UID;

import static android.os.Process.SYSTEM_UID;

import static android.os.UserHandle.USER_NULL;

import static android.os.UserHandle.USER_NULL;

import static android.view.Display.INVALID_DISPLAY;

import static android.view.Display.INVALID_DISPLAY;

import static android.view.WindowManager.TRANSIT_CLOSE;

import static android.view.WindowManager.TRANSIT_CLOSE;
@@ -82,6 +83,7 @@ import android.graphics.Point; 
import android.graphics.Rect;

import android.graphics.Rect;

import android.os.IBinder;

import android.os.IBinder;

import android.os.RemoteException;

import android.os.RemoteException;

import android.os.UserHandle;

import android.util.DisplayMetrics;

import android.util.DisplayMetrics;

import android.util.Slog;

import android.util.Slog;

import android.util.proto.ProtoOutputStream;

import android.util.proto.ProtoOutputStream;
@@ -530,6 +532,11 @@ class TaskFragment extends WindowContainer<WindowContainer> { 
     * certificate.</li>

     * certificate.</li>

     */

     */

    private boolean isAllowedToEmbedActivityInTrustedMode(@NonNull ActivityRecord a) {

    private boolean isAllowedToEmbedActivityInTrustedMode(@NonNull ActivityRecord a) {

        if (UserHandle.getAppId(mTaskFragmentOrganizerUid) == SYSTEM_UID) {

            // The system is trusted to embed other apps securely and for all users.

            return true;

        }



        if (mTaskFragmentOrganizerUid == a.getUid()) {

        if (mTaskFragmentOrganizerUid == a.getUid()) {

            // Activities from the same UID can be embedded freely by the host.

            // Activities from the same UID can be embedded freely by the host.

            return true;

            return true;

services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java

+29 −0
Original line number Original line Diff line number Diff line
@@ -39,6 +39,7 @@ import static android.content.Intent.FLAG_ACTIVITY_SINGLE_TOP; 
import static android.content.pm.ActivityInfo.LAUNCH_MULTIPLE;

import static android.content.pm.ActivityInfo.LAUNCH_MULTIPLE;

import static android.content.pm.ActivityInfo.LAUNCH_SINGLE_INSTANCE;

import static android.content.pm.ActivityInfo.LAUNCH_SINGLE_INSTANCE;

import static android.content.pm.ActivityInfo.LAUNCH_SINGLE_TASK;

import static android.content.pm.ActivityInfo.LAUNCH_SINGLE_TASK;

import static android.os.Process.SYSTEM_UID;





import static com.android.dx.mockito.inline.extended.ExtendedMockito.clearInvocations;

import static com.android.dx.mockito.inline.extended.ExtendedMockito.clearInvocations;

import static com.android.dx.mockito.inline.extended.ExtendedMockito.doAnswer;

import static com.android.dx.mockito.inline.extended.ExtendedMockito.doAnswer;
@@ -1140,6 +1141,34 @@ public class ActivityStarterTests extends WindowTestsBase { 
        assertFalse(taskFragment.hasChild());

        assertFalse(taskFragment.hasChild());

    }

    }





    @Test

    public void testStartActivityInner_inTaskFragment_allowedForSystemUid() {

        final ActivityStarter starter = prepareStarter(0, false);

        final ActivityRecord targetRecord = new ActivityBuilder(mAtm).build();

        final ActivityRecord sourceRecord = new ActivityBuilder(mAtm).setCreateTask(true).build();

        final TaskFragment taskFragment = new TaskFragment(mAtm, sourceRecord.token,

                true /* createdByOrganizer */);

        sourceRecord.getTask().addChild(taskFragment, POSITION_TOP);



        taskFragment.setTaskFragmentOrganizer(mock(TaskFragmentOrganizerToken.class), SYSTEM_UID,

                "system_uid");



        starter.startActivityInner(

                /* r */targetRecord,

                /* sourceRecord */ sourceRecord,

                /* voiceSession */null,

                /* voiceInteractor */ null,

                /* startFlags */ 0,

                /* doResume */true,

                /* options */null,

                /* inTask */null,

                /* inTaskFragment */ taskFragment,

                /* restrictedBgActivity */false,

                /* intentGrants */null);



        assertTrue(taskFragment.hasChild());

    }



    @Test

    @Test

    public void testStartActivityInner_inTaskFragment_allowedForSameUid() {

    public void testStartActivityInner_inTaskFragment_allowedForSameUid() {

        final ActivityStarter starter = prepareStarter(0, false);

        final ActivityStarter starter = prepareStarter(0, false);