Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d2b4c959 authored by Mohammed Rashidy's avatar Mohammed Rashidy
Browse files

Apply check to Activity starting flow if it is a SandboxedActivity 

SandboxedActivity is a new an Activity which is part of the SdkSanbox
App and will run insdie sandbox process.
This cl adds a check to starting activity flow in case that the activity
is SandboxedActivity to ensure that the caller app can start it.

Test: atest com.android.server.sdksandbox.SdkSandboxManagerServiceUnitTest
Bug: 261730613
Change-Id: Ia862bfd8a2108d36ae7f08ed657f4b797cde6076
parent 3ee31de1

services/core/java/com/android/server/wm/ActivityTaskManagerService.java

+12 −0
Original line number Original line Diff line number Diff line
@@ -37,6 +37,7 @@ import static android.app.ActivityTaskManager.INVALID_TASK_ID; 
import static android.app.ActivityTaskManager.RESIZE_MODE_PRESERVE_WINDOW;

import static android.app.ActivityTaskManager.RESIZE_MODE_PRESERVE_WINDOW;

import static android.app.WindowConfiguration.ACTIVITY_TYPE_DREAM;

import static android.app.WindowConfiguration.ACTIVITY_TYPE_DREAM;

import static android.app.WindowConfiguration.WINDOWING_MODE_PINNED;

import static android.app.WindowConfiguration.WINDOWING_MODE_PINNED;

import static android.app.sdksandbox.SdkSandboxManager.ACTION_START_SANDBOXED_ACTIVITY;

import static android.content.Intent.FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS;

import static android.content.Intent.FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS;

import static android.content.Intent.FLAG_ACTIVITY_NEW_TASK;

import static android.content.Intent.FLAG_ACTIVITY_NEW_TASK;

import static android.content.pm.ActivityInfo.RESIZE_MODE_UNRESIZEABLE;

import static android.content.pm.ActivityInfo.RESIZE_MODE_UNRESIZEABLE;
@@ -1260,6 +1261,17 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub { 




        assertPackageMatchesCallingUid(callingPackage);

        assertPackageMatchesCallingUid(callingPackage);

        enforceNotIsolatedCaller("startActivityAsUser");

        enforceNotIsolatedCaller("startActivityAsUser");



        boolean isSandboxedActivity = (intent != null && intent.getAction() != null

                && intent.getAction().equals(ACTION_START_SANDBOXED_ACTIVITY));

        if (isSandboxedActivity) {

            SdkSandboxManagerLocal sdkSandboxManagerLocal = LocalManagerRegistry.getManager(

                    SdkSandboxManagerLocal.class);

            sdkSandboxManagerLocal.enforceAllowedToHostSandboxedActivity(

                    intent, Binder.getCallingUid(), callingPackage

            );

        }



        if (Process.isSdkSandboxUid(Binder.getCallingUid())) {

        if (Process.isSdkSandboxUid(Binder.getCallingUid())) {

            SdkSandboxManagerLocal sdkSandboxManagerLocal = LocalManagerRegistry.getManager(

            SdkSandboxManagerLocal sdkSandboxManagerLocal = LocalManagerRegistry.getManager(

                    SdkSandboxManagerLocal.class);

                    SdkSandboxManagerLocal.class);