Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8481b9c1 authored by Abhijeet Kaur's avatar Abhijeet Kaur
Browse files

Remove whitelisting REMOTE_BUGREPORT_FINISHED broadcast 

After migration to bugreport API, communication between Shell and dumpstate
is done using callbacks and dumpstate does not send this broadcast anymore.

REMOTE_BUGREPORT_FINISHED broadcast was whitelisted previously,
so that remote bugreports are allowed even if DISALLOW_DEBUGGING_FEATURES
user restriction is enforced.

ag/866973 This was necessary so that dumpstate can communicate with
Shell via the broadcast which is not required now.

Bug: 136066578
Bug: 139415553

Test: * Build and flash
      * Install TestDPC
      * Make it device owner
      * Take a remote bugreport. Works as expected
      * Go to "Set user restrictions" and enable "Disallow debugging
        feature"
      * Take a remote bugreport. Works as expected.

Change-Id: I027da8e13ff6f930ec8c33c3aafbb93f0aaf2e9c
parent f6fb7063

services/core/java/com/android/server/am/ActivityManagerService.java

+2 −13
Original line number Diff line number Diff line
@@ -507,10 +507,6 @@ public class ActivityManagerService extends IActivityManager.Stub 
    static final int PERSISTENT_MASK =

            ApplicationInfo.FLAG_SYSTEM|ApplicationInfo.FLAG_PERSISTENT;













    // Intent sent when remote bugreport collection has been completed













    private static final String INTENT_REMOTE_BUGREPORT_FINISHED =













            "com.android.internal.intent.action.REMOTE_BUGREPORT_FINISHED";



























    // If set, we will push process association information in to procstats.















    static final boolean TRACK_PROCSTATS_ASSOCIATIONS = true;
























@@ -14970,12 +14966,10 @@ public class ActivityManagerService extends IActivityManager.Stub













            HashSet<ComponentName> singleUserReceivers = null;















            boolean scannedFirstReceivers = false;















            for (int user : users) {













                // Skip users that have Shell restrictions, with exception of always permitted













                // Shell broadcasts













                // Skip users that have Shell restrictions















                if (callingUid == SHELL_UID















                        && mUserController.hasUserRestriction(













                                UserManager.DISALLOW_DEBUGGING_FEATURES, user)













                        && !isPermittedShellBroadcast(intent)) {













                                UserManager.DISALLOW_DEBUGGING_FEATURES, user)) {















                    continue;















                }















                List<ResolveInfo> newReceivers = AppGlobals.getPackageManager()










@@ -15042,11 +15036,6 @@ public class ActivityManagerService extends IActivityManager.Stub













        return receivers;















    }



























    private boolean isPermittedShellBroadcast(Intent intent) {













        // remote bugreport should always be allowed to be taken













        return INTENT_REMOTE_BUGREPORT_FINISHED.equals(intent.getAction());













    }



























    private void checkBroadcastFromSystem(Intent intent, ProcessRecord callerApp,















            String callerPackage, int callingUid, boolean isProtectedBroadcast, List receivers) {















        if ((intent.getFlags() & Intent.FLAG_RECEIVER_FROM_SHELL) != 0) {