Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit de1298a3 authored by Gavin Corkery's avatar Gavin Corkery Committed by Automerger Merge Worker
Browse files

Merge "Don't allow sandbox uids to call registerReceiver" into tm-dev am: d7556376 

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/17136514

Change-Id: Iac898aefc56ae8bf961bd4b53a1b6e9bd675c422
parents 0ca71c32 d7556376

services/core/java/com/android/server/am/ActivityManagerService.java

+24 −1
Original line number Diff line number Diff line
@@ -2911,12 +2911,35 @@ public class ActivityManagerService extends IActivityManager.Stub 
        return mAtmInternal.compatibilityInfoForPackage(ai);

    }













    /**













     * Enforces that the uid that calls a method is not an













     * {@link UserHandle#isIsolated(int) isolated} uid.













     *













     * @param caller the name of the method being called.













     * @throws SecurityException if the calling uid is an isolated uid.













     */















    /* package */ void enforceNotIsolatedCaller(String caller) {















        if (UserHandle.isIsolated(Binder.getCallingUid())) {















            throw new SecurityException("Isolated process not allowed to call " + caller);















        }















    }



























    /**













     * Enforces that the uid that calls a method is not an













     * {@link UserHandle#isIsolated(int) isolated} uid or an













     * {@link Process#isSdkSandboxUid(int) SDK sandbox} uid.













     *













     * @param caller the name of the method being called.













     * @throws SecurityException if the calling uid is an isolated uid or SDK sandbox uid.













     */













    void enforceNotIsolatedOrSdkSandboxCaller(String caller) {













        enforceNotIsolatedCaller(caller);

























        if (Process.isSdkSandboxUid(Binder.getCallingUid())) {













            throw new SecurityException("SDK sandbox process not allowed to call " + caller);













        }













    }



























    @Override















    public void setPackageScreenCompatMode(String packageName, int mode) {















        mActivityTaskManager.setPackageScreenCompatMode(packageName, mode);










@@ -12843,7 +12866,7 @@ public class ActivityManagerService extends IActivityManager.Stub













    public Intent registerReceiverWithFeature(IApplicationThread caller, String callerPackage,















            String callerFeatureId, String receiverId, IIntentReceiver receiver,















            IntentFilter filter, String permission, int userId, int flags) {













        enforceNotIsolatedCaller("registerReceiver");













        enforceNotIsolatedOrSdkSandboxCaller("registerReceiver");















        ArrayList<Intent> stickyIntents = null;















        ProcessRecord callerApp = null;















        final boolean visibleToInstantApps