Loading core/java/android/app/ActivityThread.java +18 −15 Original line number Diff line number Diff line Loading @@ -1173,16 +1173,14 @@ public final class ActivityThread extends ClientTransactionHandler @Override public boolean onTransact(int code, Parcel data, Parcel reply, int flags) throws RemoteException { if (Build.IS_DEBUGGABLE) { boolean checkApplicationThreadCalledBySystem = android.security.Flags.checkApplicationThreadCalledBySystem(); if (Build.IS_DEBUGGABLE || checkApplicationThreadCalledBySystem) { int callingUid = Binder.getCallingUid(); if (callingUid != Process.SYSTEM_UID) { String packageName; if (callingUid == Process.ROOT_UID) { packageName = "root"; } else { if (callingUid != Process.ROOT_UID && callingUid != Process.SYSTEM_UID) { String[] packagesForUid = getSystemContext().getPackageManager().getPackagesForUid( callingUid); getSystemContext().getPackageManager().getPackagesForUid(callingUid); String packageName; if (packagesForUid == null || packagesForUid.length == 0) { packageName = "unknown"; } else if (packagesForUid.length == 1) { Loading @@ -1191,13 +1189,18 @@ public final class ActivityThread extends ClientTransactionHandler packageName = Arrays.asList(packagesForUid).stream().sorted().collect( Collectors.joining(", ")); } } Slog.wtf(TAG, "ApplicationThread called by non-system process" + " (callingUid: " + callingUid + "; packageName: " + packageName + "; code: " + code + "; flags: " + flags + ")"); if (checkApplicationThreadCalledBySystem) { throw new SecurityException( "ApplicationThread called by non-system process" + " (callingUid: " + callingUid + "; packageName: " + packageName + ")"); } } } return super.onTransact(code, data, reply, flags); Loading core/java/android/security/responsible_apis_flags.aconfig +10 −0 Original line number Diff line number Diff line Loading @@ -213,3 +213,13 @@ flag { description: "Flag that enables the uprobestats system service" bug: "408041227" } flag { name: "check_application_thread_called_by_system" namespace: "responsible_apis" description: "Allow only the system to call methods on ApplicationThread." bug: "317346668" metadata { purpose: PURPOSE_BUGFIX } } Loading
core/java/android/app/ActivityThread.java +18 −15 Original line number Diff line number Diff line Loading @@ -1173,16 +1173,14 @@ public final class ActivityThread extends ClientTransactionHandler @Override public boolean onTransact(int code, Parcel data, Parcel reply, int flags) throws RemoteException { if (Build.IS_DEBUGGABLE) { boolean checkApplicationThreadCalledBySystem = android.security.Flags.checkApplicationThreadCalledBySystem(); if (Build.IS_DEBUGGABLE || checkApplicationThreadCalledBySystem) { int callingUid = Binder.getCallingUid(); if (callingUid != Process.SYSTEM_UID) { String packageName; if (callingUid == Process.ROOT_UID) { packageName = "root"; } else { if (callingUid != Process.ROOT_UID && callingUid != Process.SYSTEM_UID) { String[] packagesForUid = getSystemContext().getPackageManager().getPackagesForUid( callingUid); getSystemContext().getPackageManager().getPackagesForUid(callingUid); String packageName; if (packagesForUid == null || packagesForUid.length == 0) { packageName = "unknown"; } else if (packagesForUid.length == 1) { Loading @@ -1191,13 +1189,18 @@ public final class ActivityThread extends ClientTransactionHandler packageName = Arrays.asList(packagesForUid).stream().sorted().collect( Collectors.joining(", ")); } } Slog.wtf(TAG, "ApplicationThread called by non-system process" + " (callingUid: " + callingUid + "; packageName: " + packageName + "; code: " + code + "; flags: " + flags + ")"); if (checkApplicationThreadCalledBySystem) { throw new SecurityException( "ApplicationThread called by non-system process" + " (callingUid: " + callingUid + "; packageName: " + packageName + ")"); } } } return super.onTransact(code, data, reply, flags); Loading
core/java/android/security/responsible_apis_flags.aconfig +10 −0 Original line number Diff line number Diff line Loading @@ -213,3 +213,13 @@ flag { description: "Flag that enables the uprobestats system service" bug: "408041227" } flag { name: "check_application_thread_called_by_system" namespace: "responsible_apis" description: "Allow only the system to call methods on ApplicationThread." bug: "317346668" metadata { purpose: PURPOSE_BUGFIX } }
