Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7a294134 authored by Bernardo Rufino's avatar Bernardo Rufino
Browse files

Don't consider tasks with INITIALIZING top activity as visible 

To fix b/130645908, tasks with top activities in INITIALIZING state were
considered visible. This allowed apps to circumvent background activity
launch restriction by starting 2 activities when in a background stack.
The first activity will remain in INITIALIZING state (since it's in the
bg), so the second launch is permitted since top activity is
INITIALIZING.

Removing '|| topActivity.isState(INITIALIZING)' removes the
vulnerability and curiously still allow the legitimate use case of the
bug linked above to work, i.e. the test in ag/7088262 still passes. This
is because of 2 reasons:
1) Grace period introduced in ag/7638265.
2) Allow bg activity starts to put activity on top of bg task (instead of
   fg’ing it) in ag/7190176.

I verified (2) by removing the grace period check, reverting the linked
CL and verifying that the test failed.

This essentially reverts ag/7090415.

Test: atest BackgroundActivityLaunchTest \
          RootWindowContainerTests \
          WmTests:ActivityStarterTests \
          CtsWindowManagerDeviceTestCases:ActivityStarterTests
Bug: 138583650
Bug: 130645908
Change-Id: Iee4ba841c6c83888b55c5cb55fffc949048d2030
parent 00537efd

services/core/java/com/android/server/wm/WindowProcessController.java

+1 −9
Original line number Diff line number Diff line
@@ -23,7 +23,6 @@ import static android.view.Display.INVALID_DISPLAY; 
import static com.android.server.am.ActivityManagerService.MY_PID;

import static com.android.server.wm.ActivityStack.ActivityState.DESTROYED;

import static com.android.server.wm.ActivityStack.ActivityState.DESTROYING;

import static com.android.server.wm.ActivityStack.ActivityState.INITIALIZING;

import static com.android.server.wm.ActivityStack.ActivityState.PAUSED;

import static com.android.server.wm.ActivityStack.ActivityState.PAUSING;

import static com.android.server.wm.ActivityStack.ActivityState.RESUMED;
@@ -546,14 +545,7 @@ public class WindowProcessController extends ConfigurationContainer<Configuratio 
                continue;

            }

            ActivityRecord topActivity = task.getTopActivity();

            if (topActivity == null) {

                continue;

            }

            // If an activity has just been started it will not yet be visible, but

            // is expected to be soon. We treat this as if it were already visible.

            // This ensures a subsequent activity can be started even before this one

            // becomes visible.

            if (topActivity.visible || topActivity.isState(INITIALIZING)) {

            if (topActivity != null && topActivity.visible) {

                return true;

            }

        }