Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9e5e7d6f authored by Louis Chang's avatar Louis Chang
Browse files

Consolidate the permission check through starting activity 

Updating the navigateTo API to always be done via
#startActivity, which can perform necessary permission checks
vs. doing it separately and deliver new intents.

Bug: 238605611
Test: atest StartActivityTests
Change-Id: I74cb963fcc0c764d8c7b1057991351fbf37a20e0
parent 9b3af05b

services/core/java/com/android/server/wm/Task.java

+26 −47
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ 


package com.android.server.wm;



import static android.app.ActivityManager.isStartResultSuccessful;

import static android.app.ActivityTaskManager.INVALID_TASK_ID;

import static android.app.ActivityTaskManager.RESIZE_MODE_FORCED;

import static android.app.ActivityTaskManager.RESIZE_MODE_SYSTEM_SCREEN_ROTATION;
@@ -5343,30 +5344,6 @@ class Task extends TaskFragment { 


        if (parent != null && foundParentInTask) {

            final int callingUid = srec.info.applicationInfo.uid;

            final int parentLaunchMode = parent.info.launchMode;

            final int destIntentFlags = destIntent.getFlags();

            if (parentLaunchMode == ActivityInfo.LAUNCH_SINGLE_INSTANCE ||

                    parentLaunchMode == ActivityInfo.LAUNCH_SINGLE_TASK ||

                    parentLaunchMode == ActivityInfo.LAUNCH_SINGLE_TOP ||

                    (destIntentFlags & Intent.FLAG_ACTIVITY_CLEAR_TOP) != 0) {

                boolean abort;

                try {

                    abort = !mTaskSupervisor.checkStartAnyActivityPermission(destIntent,

                            parent.info, null /* resultWho */, -1 /* requestCode */, srec.getPid(),

                            callingUid, srec.info.packageName, null /* callingFeatureId */,

                            false /* ignoreTargetSecurity */, false /* launchingInTask */, srec.app,

                            null /* resultRecord */, null /* resultRootTask */);

                } catch (SecurityException e) {

                    abort = true;

                }

                if (abort) {

                    android.util.EventLog.writeEvent(0x534e4554, "238605611", callingUid, "");

                    foundParentInTask = false;

                } else {

                    parent.deliverNewIntentLocked(callingUid, destIntent, destGrants,

                            srec.packageName);

                }

            } else {

            try {

                ActivityInfo aInfo = AppGlobals.getPackageManager().getActivityInfo(

                        destIntent.getComponent(), ActivityManagerService.STOCK_PM_FLAGS,
@@ -5377,6 +5354,7 @@ class Task extends TaskFragment { 
                        .setCaller(srec.app.getThread())

                        .setActivityInfo(aInfo)

                        .setResultTo(parent.token)

                        .setIntentGrants(destGrants)

                        .setCallingPid(-1)

                        .setCallingUid(callingUid)

                        .setCallingPackage(srec.packageName)
@@ -5385,13 +5363,14 @@ class Task extends TaskFragment { 
                        .setRealCallingUid(callingUid)

                        .setComponentSpecified(true)

                        .execute();

                    foundParentInTask = res == ActivityManager.START_SUCCESS;

                } catch (RemoteException e) {

                    foundParentInTask = false;

                }

                foundParentInTask = isStartResultSuccessful(res);

                if (res == ActivityManager.START_SUCCESS) {

                    parent.finishIfPossible(resultCode, resultData, resultGrants,

                            "navigate-top", true /* oomAdj */);

                }

            } catch (RemoteException e) {

                foundParentInTask = false;

            }

        }

        Binder.restoreCallingIdentity(origId);

        return foundParentInTask;