Loading services/core/java/com/android/server/wm/ActivityStarter.java +14 −18 Original line number Diff line number Diff line Loading @@ -80,8 +80,6 @@ import static com.android.server.wm.ActivityTaskManagerDebugConfig.TAG_WITH_CLAS import static com.android.server.wm.ActivityTaskManagerService.ANIMATE; import static com.android.server.wm.ActivityTaskSupervisor.DEFER_RESUME; import static com.android.server.wm.ActivityTaskSupervisor.ON_TOP; import static com.android.server.wm.BackgroundActivityStartController.BAL_ALLOW_DEFAULT; import static com.android.server.wm.BackgroundActivityStartController.BAL_BLOCK; import static com.android.server.wm.LaunchParamsController.LaunchParamsModifier.PHASE_BOUNDS; import static com.android.server.wm.LaunchParamsController.LaunchParamsModifier.PHASE_DISPLAY; import static com.android.server.wm.Task.REPARENT_MOVE_ROOT_TASK_TO_FRONT; Loading Loading @@ -151,7 +149,6 @@ import com.android.server.power.ShutdownCheckPoints; import com.android.server.statusbar.StatusBarManagerInternal; import com.android.server.uri.NeededUriGrants; import com.android.server.wm.ActivityMetricsLogger.LaunchingState; import com.android.server.wm.BackgroundActivityStartController.BalCode; import com.android.server.wm.BackgroundActivityStartController.BalVerdict; import com.android.server.wm.LaunchParamsController.LaunchParams; import com.android.server.wm.TaskFragment.EmbeddingCheckResult; Loading Loading @@ -216,10 +213,9 @@ class ActivityStarter { private int mRealCallingUid; private ActivityOptions mOptions; // If it is BAL_BLOCK, background activity can only be started in an existing task that contains // an activity with same uid, or if activity starts are enabled in developer options. @BalCode private int mBalCode; // If the code is BAL_BLOCK, background activity can only be started in an existing task that // contains an activity with same uid, or if activity starts are enabled in developer options. private BalVerdict mBalVerdict; private int mLaunchMode; private boolean mLaunchTaskBehind; Loading Loading @@ -748,7 +744,7 @@ class ActivityStarter { mCallingUid = starter.mCallingUid; mRealCallingUid = starter.mRealCallingUid; mOptions = starter.mOptions; mBalCode = starter.mBalCode; mBalVerdict = starter.mBalVerdict; mLaunchTaskBehind = starter.mLaunchTaskBehind; mLaunchFlags = starter.mLaunchFlags; Loading Loading @@ -1895,7 +1891,7 @@ class ActivityStarter { remoteTransition, null /* displayChange */); } else if (result == START_SUCCESS && mStartActivity.isState(RESUMED)) { // Do nothing if the activity is started and is resumed directly. } else if (isStarted && (mBalCode != BAL_BLOCK || mDoResume)) { } else if (isStarted && (mBalVerdict.allows() || mDoResume)) { // Make the collecting transition wait until this request is ready. if (transition != null) { transition.setReady(started, false); Loading @@ -1919,7 +1915,7 @@ class ActivityStarter { TaskFragment inTaskFragment, BalVerdict balVerdict, NeededUriGrants intentGrants, int realCallingUid) { setInitialState(r, options, inTask, inTaskFragment, startFlags, sourceRecord, voiceSession, voiceInteractor, balVerdict.getCode(), realCallingUid); voiceSession, voiceInteractor, balVerdict, realCallingUid); computeLaunchingTaskFlags(); mIntent.setFlags(mLaunchFlags); Loading Loading @@ -2282,7 +2278,7 @@ class ActivityStarter { || !targetTask.isUidPresent(mCallingUid) || (LAUNCH_SINGLE_INSTANCE == mLaunchMode && targetTask.inPinnedWindowingMode())); if (mBalCode == BAL_BLOCK && blockBalInTask if (mBalVerdict.blocks() && blockBalInTask && handleBackgroundActivityAbort(r)) { Slog.e(TAG, "Abort background activity starts from " + mCallingUid); return START_ABORTED; Loading Loading @@ -2344,8 +2340,8 @@ class ActivityStarter { } if (!mSupervisor.getBackgroundActivityLaunchController().checkActivityAllowedToStart( mSourceRecord, r, newTask, avoidMoveToFront(), targetTask, mLaunchFlags, mBalCode, mCallingUid, mRealCallingUid, mPreferredTaskDisplayArea)) { mSourceRecord, r, newTask, avoidMoveToFront(), targetTask, mLaunchFlags, mBalVerdict, mCallingUid, mRealCallingUid, mPreferredTaskDisplayArea)) { return START_ABORTED; } Loading Loading @@ -2438,7 +2434,7 @@ class ActivityStarter { if (mAddingToTask) { mSupervisor.getBackgroundActivityLaunchController().clearTopIfNeeded(targetTask, mSourceRecord, mStartActivity, mCallingUid, mRealCallingUid, mLaunchFlags, mBalCode); mBalVerdict); return START_SUCCESS; } Loading Loading @@ -2665,7 +2661,7 @@ class ActivityStarter { mCallingUid = -1; mRealCallingUid = -1; mOptions = null; mBalCode = BAL_ALLOW_DEFAULT; mBalVerdict = BalVerdict.ALLOW_BY_DEFAULT; mLaunchTaskBehind = false; mLaunchFlags = 0; Loading Loading @@ -2711,7 +2707,7 @@ class ActivityStarter { private void setInitialState(ActivityRecord r, ActivityOptions options, Task inTask, TaskFragment inTaskFragment, int startFlags, ActivityRecord sourceRecord, IVoiceInteractionSession voiceSession, IVoiceInteractor voiceInteractor, @BalCode int balCode, int realCallingUid) { IVoiceInteractor voiceInteractor, BalVerdict balVerdict, int realCallingUid) { reset(false /* clearRequest */); mStartActivity = r; Loading @@ -2723,7 +2719,7 @@ class ActivityStarter { mSourceRootTask = mSourceRecord != null ? mSourceRecord.getRootTask() : null; mVoiceSession = voiceSession; mVoiceInteractor = voiceInteractor; mBalCode = balCode; mBalVerdict = balVerdict; mLaunchParams.reset(); Loading Loading @@ -2880,7 +2876,7 @@ class ActivityStarter { mNoAnimation = (mLaunchFlags & FLAG_ACTIVITY_NO_ANIMATION) != 0; if (mBalCode == BAL_BLOCK && !mService.isBackgroundActivityStartsEnabled()) { if (mBalVerdict.blocks() && !mService.isBackgroundActivityStartsEnabled()) { mCanMoveToFrontCode = MOVE_TO_FRONT_AVOID_LEGACY; mDoResume = false; } Loading services/core/java/com/android/server/wm/BackgroundActivityStartController.java +32 −22 Original line number Diff line number Diff line Loading @@ -167,6 +167,9 @@ public class BackgroundActivityStartController { BAL_ALLOW_SDK_SANDBOX, BAL_ALLOW_TOKEN, BAL_ALLOW_VISIBLE_WINDOW, BAL_ALLOW_NON_APP_VISIBLE_WINDOW, BAL_ALLOW_WALLPAPER, BAL_ALLOW_NOTIFICATION_TOKEN, BAL_BLOCK }) public @interface BalCode {} Loading Loading @@ -1313,8 +1316,9 @@ public class BackgroundActivityStartController { */ boolean checkActivityAllowedToStart(@Nullable ActivityRecord sourceRecord, @NonNull ActivityRecord targetRecord, boolean newTask, boolean avoidMoveTaskToFront, @Nullable Task targetTask, int launchFlags, int balCode, int callingUid, @Nullable Task targetTask, int launchFlags, BalVerdict balVerdict, int callingUid, int realCallingUid, TaskDisplayArea preferredTaskDisplayArea) { @BalCode int balCode = balVerdict.getCode(); // BAL Exception allowed in all cases if (balCode == BAL_ALLOW_ALLOWLISTED_UID || (android.security.Flags.asmReintroduceGracePeriod() Loading @@ -1329,15 +1333,20 @@ public class BackgroundActivityStartController { // BAL exception only allowed for new tasks if (taskToFront) { if (balCode == BAL_ALLOW_ALLOWLISTED_COMPONENT || balCode == BAL_ALLOW_PERMISSION || balCode == BAL_ALLOW_PENDING_INTENT || balCode == BAL_ALLOW_SAW_PERMISSION || balCode == BAL_ALLOW_VISIBLE_WINDOW || balCode == BAL_ALLOW_NON_APP_VISIBLE_WINDOW || balCode == BAL_ALLOW_TOKEN || balCode == BAL_ALLOW_BOUND_BY_FOREGROUND) { switch (balCode) { case BAL_ALLOW_ALLOWLISTED_COMPONENT: case BAL_ALLOW_PERMISSION: case BAL_ALLOW_PENDING_INTENT: case BAL_ALLOW_SAW_PERMISSION: case BAL_ALLOW_VISIBLE_WINDOW: case BAL_ALLOW_NON_APP_VISIBLE_WINDOW: case BAL_ALLOW_WALLPAPER: case BAL_ALLOW_TOKEN: case BAL_ALLOW_NOTIFICATION_TOKEN: case BAL_ALLOW_BOUND_BY_FOREGROUND: return true; default: // not automatically allowed by user intent } } Loading Loading @@ -1391,13 +1400,13 @@ public class BackgroundActivityStartController { // ASM rules have failed. Log why return logAsmFailureAndCheckFeatureEnabled(sourceRecord, callingUid, realCallingUid, newTask, avoidMoveTaskToFront, targetTask, targetRecord, balCode, launchFlags, newTask, avoidMoveTaskToFront, targetTask, targetRecord, balVerdict, launchFlags, bas, taskToFront); } private boolean logAsmFailureAndCheckFeatureEnabled(ActivityRecord sourceRecord, int callingUid, int realCallingUid, boolean newTask, boolean avoidMoveTaskToFront, Task targetTask, ActivityRecord targetRecord, @BalCode int balCode, int launchFlags, ActivityRecord targetRecord, BalVerdict balVerdict, int launchFlags, BlockActivityStart bas, boolean taskToFront) { ActivityRecord targetTopActivity = targetTask == null ? null Loading @@ -1413,10 +1422,10 @@ public class BackgroundActivityStartController { && ActivitySecurityModelFeatureFlags.shouldRestrictActivitySwitch(callingUid); boolean allowedByGracePeriod = allowedByAsmGracePeriod(callingUid, sourceRecord, targetTask, balCode, taskToFront, avoidMoveTaskToFront); balVerdict, taskToFront, avoidMoveTaskToFront); String asmDebugInfo = getDebugInfoForActivitySecurity("Launch", sourceRecord, targetRecord, targetTask, targetTopActivity, realCallingUid, balCode, targetRecord, targetTask, targetTopActivity, realCallingUid, balVerdict, enforceBlock, taskToFront, avoidMoveTaskToFront, allowedByGracePeriod, bas.mActivityOptedIn); Loading Loading @@ -1448,7 +1457,7 @@ public class BackgroundActivityStartController { targetTask != null && sourceRecord != null && !targetTask.equals(sourceRecord.getTask()) && targetTask.isVisible(), /* bal_code */ balCode, balVerdict.getCode(), /* debug_info */ asmDebugInfo ); Loading @@ -1470,7 +1479,7 @@ public class BackgroundActivityStartController { + (sourceRecord != null ? sourceRecord : launchedFromPackageName) + " is in background. New task: " + newTask + ". Top activity: " + targetTopActivity + ". BAL Code: " + balCodeToString(balCode)); + ". BAL Code: " + balCodeToString(balVerdict.getCode())); return false; } Loading @@ -1491,9 +1500,9 @@ public class BackgroundActivityStartController { */ void clearTopIfNeeded(@NonNull Task targetTask, @Nullable ActivityRecord sourceRecord, @NonNull ActivityRecord targetRecord, int callingUid, int realCallingUid, int launchFlags, @BalCode int balCode) { int launchFlags, BalVerdict balVerdict) { if ((launchFlags & FLAG_ACTIVITY_NEW_TASK) != FLAG_ACTIVITY_NEW_TASK || balCode == BAL_ALLOW_ALLOWLISTED_UID) { || balVerdict.getCode() == BAL_ALLOW_ALLOWLISTED_UID) { // Launch is from the same task, (a top or privileged UID), or is directly privileged. return; } Loading Loading @@ -1538,7 +1547,7 @@ public class BackgroundActivityStartController { + ActivitySecurityModelFeatureFlags.DOC_LINK); Slog.i(TAG, getDebugInfoForActivitySecurity("Clear Top", sourceRecord, targetRecord, targetTask, targetTaskTop, realCallingUid, balCode, shouldBlockActivityStart, targetTask, targetTaskTop, realCallingUid, balVerdict, shouldBlockActivityStart, /* taskToFront */ true, /* avoidMoveTaskToFront */ false, /* allowedByAsmGracePeriod */ false, bas.mActivityOptedIn)); } Loading Loading @@ -1792,10 +1801,11 @@ public class BackgroundActivityStartController { private String getDebugInfoForActivitySecurity(@NonNull String action, @Nullable ActivityRecord sourceRecord, @NonNull ActivityRecord targetRecord, @Nullable Task targetTask, @Nullable ActivityRecord targetTopActivity, int realCallingUid, @BalCode int balCode, int realCallingUid, BalVerdict balVerdict, boolean enforceBlock, boolean taskToFront, boolean avoidMoveTaskToFront, boolean allowedByGracePeriod, ActivityRecord activityOptedIn) { @BalCode int balCode = balVerdict.getCode(); final String prefix = "[ASM] "; Function<ActivityRecord, String> recordToString = (ar) -> { if (ar == null) { Loading Loading @@ -1890,9 +1900,9 @@ public class BackgroundActivityStartController { } private boolean allowedByAsmGracePeriod(int callingUid, @Nullable ActivityRecord sourceRecord, @Nullable Task targetTask, @BalCode int balCode, boolean taskToFront, @Nullable Task targetTask, BalVerdict balVerdict, boolean taskToFront, boolean avoidMoveTaskToFront) { if (balCode == BAL_ALLOW_GRACE_PERIOD) { if (balVerdict.getCode() == BAL_ALLOW_GRACE_PERIOD) { // Allow if launching into new task, and caller matches most recently finished activity if (taskToFront && mTopFinishedActivity != null && mTopFinishedActivity.mUid == callingUid) { Loading Loading
services/core/java/com/android/server/wm/ActivityStarter.java +14 −18 Original line number Diff line number Diff line Loading @@ -80,8 +80,6 @@ import static com.android.server.wm.ActivityTaskManagerDebugConfig.TAG_WITH_CLAS import static com.android.server.wm.ActivityTaskManagerService.ANIMATE; import static com.android.server.wm.ActivityTaskSupervisor.DEFER_RESUME; import static com.android.server.wm.ActivityTaskSupervisor.ON_TOP; import static com.android.server.wm.BackgroundActivityStartController.BAL_ALLOW_DEFAULT; import static com.android.server.wm.BackgroundActivityStartController.BAL_BLOCK; import static com.android.server.wm.LaunchParamsController.LaunchParamsModifier.PHASE_BOUNDS; import static com.android.server.wm.LaunchParamsController.LaunchParamsModifier.PHASE_DISPLAY; import static com.android.server.wm.Task.REPARENT_MOVE_ROOT_TASK_TO_FRONT; Loading Loading @@ -151,7 +149,6 @@ import com.android.server.power.ShutdownCheckPoints; import com.android.server.statusbar.StatusBarManagerInternal; import com.android.server.uri.NeededUriGrants; import com.android.server.wm.ActivityMetricsLogger.LaunchingState; import com.android.server.wm.BackgroundActivityStartController.BalCode; import com.android.server.wm.BackgroundActivityStartController.BalVerdict; import com.android.server.wm.LaunchParamsController.LaunchParams; import com.android.server.wm.TaskFragment.EmbeddingCheckResult; Loading Loading @@ -216,10 +213,9 @@ class ActivityStarter { private int mRealCallingUid; private ActivityOptions mOptions; // If it is BAL_BLOCK, background activity can only be started in an existing task that contains // an activity with same uid, or if activity starts are enabled in developer options. @BalCode private int mBalCode; // If the code is BAL_BLOCK, background activity can only be started in an existing task that // contains an activity with same uid, or if activity starts are enabled in developer options. private BalVerdict mBalVerdict; private int mLaunchMode; private boolean mLaunchTaskBehind; Loading Loading @@ -748,7 +744,7 @@ class ActivityStarter { mCallingUid = starter.mCallingUid; mRealCallingUid = starter.mRealCallingUid; mOptions = starter.mOptions; mBalCode = starter.mBalCode; mBalVerdict = starter.mBalVerdict; mLaunchTaskBehind = starter.mLaunchTaskBehind; mLaunchFlags = starter.mLaunchFlags; Loading Loading @@ -1895,7 +1891,7 @@ class ActivityStarter { remoteTransition, null /* displayChange */); } else if (result == START_SUCCESS && mStartActivity.isState(RESUMED)) { // Do nothing if the activity is started and is resumed directly. } else if (isStarted && (mBalCode != BAL_BLOCK || mDoResume)) { } else if (isStarted && (mBalVerdict.allows() || mDoResume)) { // Make the collecting transition wait until this request is ready. if (transition != null) { transition.setReady(started, false); Loading @@ -1919,7 +1915,7 @@ class ActivityStarter { TaskFragment inTaskFragment, BalVerdict balVerdict, NeededUriGrants intentGrants, int realCallingUid) { setInitialState(r, options, inTask, inTaskFragment, startFlags, sourceRecord, voiceSession, voiceInteractor, balVerdict.getCode(), realCallingUid); voiceSession, voiceInteractor, balVerdict, realCallingUid); computeLaunchingTaskFlags(); mIntent.setFlags(mLaunchFlags); Loading Loading @@ -2282,7 +2278,7 @@ class ActivityStarter { || !targetTask.isUidPresent(mCallingUid) || (LAUNCH_SINGLE_INSTANCE == mLaunchMode && targetTask.inPinnedWindowingMode())); if (mBalCode == BAL_BLOCK && blockBalInTask if (mBalVerdict.blocks() && blockBalInTask && handleBackgroundActivityAbort(r)) { Slog.e(TAG, "Abort background activity starts from " + mCallingUid); return START_ABORTED; Loading Loading @@ -2344,8 +2340,8 @@ class ActivityStarter { } if (!mSupervisor.getBackgroundActivityLaunchController().checkActivityAllowedToStart( mSourceRecord, r, newTask, avoidMoveToFront(), targetTask, mLaunchFlags, mBalCode, mCallingUid, mRealCallingUid, mPreferredTaskDisplayArea)) { mSourceRecord, r, newTask, avoidMoveToFront(), targetTask, mLaunchFlags, mBalVerdict, mCallingUid, mRealCallingUid, mPreferredTaskDisplayArea)) { return START_ABORTED; } Loading Loading @@ -2438,7 +2434,7 @@ class ActivityStarter { if (mAddingToTask) { mSupervisor.getBackgroundActivityLaunchController().clearTopIfNeeded(targetTask, mSourceRecord, mStartActivity, mCallingUid, mRealCallingUid, mLaunchFlags, mBalCode); mBalVerdict); return START_SUCCESS; } Loading Loading @@ -2665,7 +2661,7 @@ class ActivityStarter { mCallingUid = -1; mRealCallingUid = -1; mOptions = null; mBalCode = BAL_ALLOW_DEFAULT; mBalVerdict = BalVerdict.ALLOW_BY_DEFAULT; mLaunchTaskBehind = false; mLaunchFlags = 0; Loading Loading @@ -2711,7 +2707,7 @@ class ActivityStarter { private void setInitialState(ActivityRecord r, ActivityOptions options, Task inTask, TaskFragment inTaskFragment, int startFlags, ActivityRecord sourceRecord, IVoiceInteractionSession voiceSession, IVoiceInteractor voiceInteractor, @BalCode int balCode, int realCallingUid) { IVoiceInteractor voiceInteractor, BalVerdict balVerdict, int realCallingUid) { reset(false /* clearRequest */); mStartActivity = r; Loading @@ -2723,7 +2719,7 @@ class ActivityStarter { mSourceRootTask = mSourceRecord != null ? mSourceRecord.getRootTask() : null; mVoiceSession = voiceSession; mVoiceInteractor = voiceInteractor; mBalCode = balCode; mBalVerdict = balVerdict; mLaunchParams.reset(); Loading Loading @@ -2880,7 +2876,7 @@ class ActivityStarter { mNoAnimation = (mLaunchFlags & FLAG_ACTIVITY_NO_ANIMATION) != 0; if (mBalCode == BAL_BLOCK && !mService.isBackgroundActivityStartsEnabled()) { if (mBalVerdict.blocks() && !mService.isBackgroundActivityStartsEnabled()) { mCanMoveToFrontCode = MOVE_TO_FRONT_AVOID_LEGACY; mDoResume = false; } Loading
services/core/java/com/android/server/wm/BackgroundActivityStartController.java +32 −22 Original line number Diff line number Diff line Loading @@ -167,6 +167,9 @@ public class BackgroundActivityStartController { BAL_ALLOW_SDK_SANDBOX, BAL_ALLOW_TOKEN, BAL_ALLOW_VISIBLE_WINDOW, BAL_ALLOW_NON_APP_VISIBLE_WINDOW, BAL_ALLOW_WALLPAPER, BAL_ALLOW_NOTIFICATION_TOKEN, BAL_BLOCK }) public @interface BalCode {} Loading Loading @@ -1313,8 +1316,9 @@ public class BackgroundActivityStartController { */ boolean checkActivityAllowedToStart(@Nullable ActivityRecord sourceRecord, @NonNull ActivityRecord targetRecord, boolean newTask, boolean avoidMoveTaskToFront, @Nullable Task targetTask, int launchFlags, int balCode, int callingUid, @Nullable Task targetTask, int launchFlags, BalVerdict balVerdict, int callingUid, int realCallingUid, TaskDisplayArea preferredTaskDisplayArea) { @BalCode int balCode = balVerdict.getCode(); // BAL Exception allowed in all cases if (balCode == BAL_ALLOW_ALLOWLISTED_UID || (android.security.Flags.asmReintroduceGracePeriod() Loading @@ -1329,15 +1333,20 @@ public class BackgroundActivityStartController { // BAL exception only allowed for new tasks if (taskToFront) { if (balCode == BAL_ALLOW_ALLOWLISTED_COMPONENT || balCode == BAL_ALLOW_PERMISSION || balCode == BAL_ALLOW_PENDING_INTENT || balCode == BAL_ALLOW_SAW_PERMISSION || balCode == BAL_ALLOW_VISIBLE_WINDOW || balCode == BAL_ALLOW_NON_APP_VISIBLE_WINDOW || balCode == BAL_ALLOW_TOKEN || balCode == BAL_ALLOW_BOUND_BY_FOREGROUND) { switch (balCode) { case BAL_ALLOW_ALLOWLISTED_COMPONENT: case BAL_ALLOW_PERMISSION: case BAL_ALLOW_PENDING_INTENT: case BAL_ALLOW_SAW_PERMISSION: case BAL_ALLOW_VISIBLE_WINDOW: case BAL_ALLOW_NON_APP_VISIBLE_WINDOW: case BAL_ALLOW_WALLPAPER: case BAL_ALLOW_TOKEN: case BAL_ALLOW_NOTIFICATION_TOKEN: case BAL_ALLOW_BOUND_BY_FOREGROUND: return true; default: // not automatically allowed by user intent } } Loading Loading @@ -1391,13 +1400,13 @@ public class BackgroundActivityStartController { // ASM rules have failed. Log why return logAsmFailureAndCheckFeatureEnabled(sourceRecord, callingUid, realCallingUid, newTask, avoidMoveTaskToFront, targetTask, targetRecord, balCode, launchFlags, newTask, avoidMoveTaskToFront, targetTask, targetRecord, balVerdict, launchFlags, bas, taskToFront); } private boolean logAsmFailureAndCheckFeatureEnabled(ActivityRecord sourceRecord, int callingUid, int realCallingUid, boolean newTask, boolean avoidMoveTaskToFront, Task targetTask, ActivityRecord targetRecord, @BalCode int balCode, int launchFlags, ActivityRecord targetRecord, BalVerdict balVerdict, int launchFlags, BlockActivityStart bas, boolean taskToFront) { ActivityRecord targetTopActivity = targetTask == null ? null Loading @@ -1413,10 +1422,10 @@ public class BackgroundActivityStartController { && ActivitySecurityModelFeatureFlags.shouldRestrictActivitySwitch(callingUid); boolean allowedByGracePeriod = allowedByAsmGracePeriod(callingUid, sourceRecord, targetTask, balCode, taskToFront, avoidMoveTaskToFront); balVerdict, taskToFront, avoidMoveTaskToFront); String asmDebugInfo = getDebugInfoForActivitySecurity("Launch", sourceRecord, targetRecord, targetTask, targetTopActivity, realCallingUid, balCode, targetRecord, targetTask, targetTopActivity, realCallingUid, balVerdict, enforceBlock, taskToFront, avoidMoveTaskToFront, allowedByGracePeriod, bas.mActivityOptedIn); Loading Loading @@ -1448,7 +1457,7 @@ public class BackgroundActivityStartController { targetTask != null && sourceRecord != null && !targetTask.equals(sourceRecord.getTask()) && targetTask.isVisible(), /* bal_code */ balCode, balVerdict.getCode(), /* debug_info */ asmDebugInfo ); Loading @@ -1470,7 +1479,7 @@ public class BackgroundActivityStartController { + (sourceRecord != null ? sourceRecord : launchedFromPackageName) + " is in background. New task: " + newTask + ". Top activity: " + targetTopActivity + ". BAL Code: " + balCodeToString(balCode)); + ". BAL Code: " + balCodeToString(balVerdict.getCode())); return false; } Loading @@ -1491,9 +1500,9 @@ public class BackgroundActivityStartController { */ void clearTopIfNeeded(@NonNull Task targetTask, @Nullable ActivityRecord sourceRecord, @NonNull ActivityRecord targetRecord, int callingUid, int realCallingUid, int launchFlags, @BalCode int balCode) { int launchFlags, BalVerdict balVerdict) { if ((launchFlags & FLAG_ACTIVITY_NEW_TASK) != FLAG_ACTIVITY_NEW_TASK || balCode == BAL_ALLOW_ALLOWLISTED_UID) { || balVerdict.getCode() == BAL_ALLOW_ALLOWLISTED_UID) { // Launch is from the same task, (a top or privileged UID), or is directly privileged. return; } Loading Loading @@ -1538,7 +1547,7 @@ public class BackgroundActivityStartController { + ActivitySecurityModelFeatureFlags.DOC_LINK); Slog.i(TAG, getDebugInfoForActivitySecurity("Clear Top", sourceRecord, targetRecord, targetTask, targetTaskTop, realCallingUid, balCode, shouldBlockActivityStart, targetTask, targetTaskTop, realCallingUid, balVerdict, shouldBlockActivityStart, /* taskToFront */ true, /* avoidMoveTaskToFront */ false, /* allowedByAsmGracePeriod */ false, bas.mActivityOptedIn)); } Loading Loading @@ -1792,10 +1801,11 @@ public class BackgroundActivityStartController { private String getDebugInfoForActivitySecurity(@NonNull String action, @Nullable ActivityRecord sourceRecord, @NonNull ActivityRecord targetRecord, @Nullable Task targetTask, @Nullable ActivityRecord targetTopActivity, int realCallingUid, @BalCode int balCode, int realCallingUid, BalVerdict balVerdict, boolean enforceBlock, boolean taskToFront, boolean avoidMoveTaskToFront, boolean allowedByGracePeriod, ActivityRecord activityOptedIn) { @BalCode int balCode = balVerdict.getCode(); final String prefix = "[ASM] "; Function<ActivityRecord, String> recordToString = (ar) -> { if (ar == null) { Loading Loading @@ -1890,9 +1900,9 @@ public class BackgroundActivityStartController { } private boolean allowedByAsmGracePeriod(int callingUid, @Nullable ActivityRecord sourceRecord, @Nullable Task targetTask, @BalCode int balCode, boolean taskToFront, @Nullable Task targetTask, BalVerdict balVerdict, boolean taskToFront, boolean avoidMoveTaskToFront) { if (balCode == BAL_ALLOW_GRACE_PERIOD) { if (balVerdict.getCode() == BAL_ALLOW_GRACE_PERIOD) { // Allow if launching into new task, and caller matches most recently finished activity if (taskToFront && mTopFinishedActivity != null && mTopFinishedActivity.mUid == callingUid) { Loading
