Loading services/core/java/com/android/server/am/ActivityManagerService.java +12 −5 Original line number Diff line number Diff line Loading @@ -4996,9 +4996,9 @@ public class ActivityManagerService extends IActivityManager.Stub userId, false, ALLOW_FULL_ONLY, "startActivityInPackage", null); // TODO: Switch to user app stacks here. return mActivityStarter.startActivityMayWait(null, uid, callingPackage, intent, resolvedType, null, null, resultTo, resultWho, requestCode, startFlags, null, null, null, bOptions, false, userId, inTask, reason); return mActivityStarter.startActivityMayWait(null, uid, ActivityStarter.PID_NULL, uid, callingPackage, intent, resolvedType, null, null, resultTo, resultWho, requestCode, startFlags, null, null, null, bOptions, false, userId, inTask, reason); } @Override Loading @@ -5018,13 +5018,20 @@ public class ActivityManagerService extends IActivityManager.Stub final int startActivitiesInPackage(int uid, String callingPackage, Intent[] intents, String[] resolvedTypes, IBinder resultTo, Bundle bOptions, int userId) { return startActivitiesInPackage(uid, ActivityStarter.PID_NULL, UserHandle.USER_NULL, callingPackage, intents, resolvedTypes, resultTo, bOptions, userId); } final int startActivitiesInPackage(int uid, int realCallingPid, int realCallingUid, String callingPackage, Intent[] intents, String[] resolvedTypes, IBinder resultTo, Bundle bOptions, int userId) { final String reason = "startActivityInPackage"; userId = mUserController.handleIncomingUser(Binder.getCallingPid(), Binder.getCallingUid(), userId, false, ALLOW_FULL_ONLY, reason, null); // TODO: Switch to user app stacks here. int ret = mActivityStarter.startActivities(null, uid, callingPackage, intents, resolvedTypes, resultTo, bOptions, userId, reason); int ret = mActivityStarter.startActivities(null, uid, realCallingPid, realCallingUid, callingPackage, intents, resolvedTypes, resultTo, bOptions, userId, reason); return ret; } services/core/java/com/android/server/am/ActivityStarter.java +39 −4 Original line number Diff line number Diff line Loading @@ -136,6 +136,8 @@ import java.util.Date; * an activity and associated task and stack. */ class ActivityStarter { public static final int PID_NULL = 0; private static final String TAG = TAG_WITH_CLASS_NAME ? "ActivityStarter" : TAG_AM; private static final String TAG_RESULTS = TAG + POSTFIX_RESULTS; private static final String TAG_FOCUS = TAG + POSTFIX_FOCUS; Loading Loading @@ -677,6 +679,20 @@ class ActivityStarter { ProfilerInfo profilerInfo, WaitResult outResult, Configuration globalConfig, Bundle bOptions, boolean ignoreTargetSecurity, int userId, TaskRecord inTask, String reason) { return startActivityMayWait(caller, callingUid, PID_NULL, UserHandle.USER_NULL, callingPackage, intent, resolvedType, voiceSession, voiceInteractor, resultTo, resultWho, requestCode, startFlags, profilerInfo, outResult, globalConfig, bOptions, ignoreTargetSecurity, userId, inTask, reason); } final int startActivityMayWait(IApplicationThread caller, int callingUid, int requestRealCallingPid, int requestRealCallingUid, String callingPackage, Intent intent, String resolvedType, IVoiceInteractionSession voiceSession, IVoiceInteractor voiceInteractor, IBinder resultTo, String resultWho, int requestCode, int startFlags, ProfilerInfo profilerInfo, WaitResult outResult, Configuration globalConfig, Bundle bOptions, boolean ignoreTargetSecurity, int userId, TaskRecord inTask, String reason) { // Refuse possible leaked file descriptors if (intent != null && intent.hasFileDescriptors()) { throw new IllegalArgumentException("File descriptors passed in Intent"); Loading Loading @@ -730,8 +746,14 @@ class ActivityStarter { ActivityOptions options = ActivityOptions.fromBundle(bOptions); synchronized (mService) { final int realCallingPid = Binder.getCallingPid(); final int realCallingUid = Binder.getCallingUid(); final int realCallingPid = requestRealCallingPid != PID_NULL ? requestRealCallingPid : Binder.getCallingPid(); final int realCallingUid = requestRealCallingUid != UserHandle.USER_NULL ? requestRealCallingUid : Binder.getCallingUid(); int callingPid; if (callingUid >= 0) { callingPid = -1; Loading Loading @@ -883,6 +905,14 @@ class ActivityStarter { final int startActivities(IApplicationThread caller, int callingUid, String callingPackage, Intent[] intents, String[] resolvedTypes, IBinder resultTo, Bundle bOptions, int userId, String reason) { return startActivities(caller, callingUid, PID_NULL, UserHandle.USER_NULL, callingPackage, intents, resolvedTypes, resultTo, bOptions, userId, reason); } final int startActivities(IApplicationThread caller, int callingUid, int incomingRealCallingPid, int incomingRealCallingUid, String callingPackage, Intent[] intents, String[] resolvedTypes, IBinder resultTo, Bundle bOptions, int userId, String reason) { if (intents == null) { throw new NullPointerException("intents is null"); } Loading @@ -893,8 +923,13 @@ class ActivityStarter { throw new IllegalArgumentException("intents are length different than resolvedTypes"); } final int realCallingPid = Binder.getCallingPid(); final int realCallingUid = Binder.getCallingUid(); final int realCallingPid = incomingRealCallingPid != PID_NULL ? incomingRealCallingPid : Binder.getCallingPid(); final int realCallingUid = incomingRealCallingUid != UserHandle.USER_NULL ? incomingRealCallingUid : Binder.getCallingUid(); int callingPid; if (callingUid >= 0) { Loading services/core/java/com/android/server/am/PendingIntentRecord.java +3 −2 Original line number Diff line number Diff line Loading @@ -332,8 +332,9 @@ final class PendingIntentRecord extends IIntentSender.Stub { } allIntents[allIntents.length-1] = finalIntent; allResolvedTypes[allResolvedTypes.length-1] = resolvedType; owner.startActivitiesInPackage(uid, key.packageName, allIntents, allResolvedTypes, resultTo, options, userId); owner.startActivitiesInPackage(uid, callingPid, callingUid, key.packageName, allIntents, allResolvedTypes, resultTo, options, userId); } else { owner.startActivityInPackage(uid, key.packageName, finalIntent, resolvedType, resultTo, resultWho, requestCode, 0, Loading services/core/java/com/android/server/pm/PackageManagerService.java +2 −4 Original line number Diff line number Diff line Loading @@ -25935,11 +25935,9 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName()); } if (mExternalSourcesPolicy != null) { int isTrusted = mExternalSourcesPolicy.getPackageTrustedToInstallApps(packageName, uid); if (isTrusted != PackageManagerInternal.ExternalSourcesPolicy.USER_DEFAULT) { return isTrusted == PackageManagerInternal.ExternalSourcesPolicy.USER_TRUSTED; } } return checkUidPermission(appOpPermission, uid) == PERMISSION_GRANTED; return false; } @Override Loading
services/core/java/com/android/server/am/ActivityManagerService.java +12 −5 Original line number Diff line number Diff line Loading @@ -4996,9 +4996,9 @@ public class ActivityManagerService extends IActivityManager.Stub userId, false, ALLOW_FULL_ONLY, "startActivityInPackage", null); // TODO: Switch to user app stacks here. return mActivityStarter.startActivityMayWait(null, uid, callingPackage, intent, resolvedType, null, null, resultTo, resultWho, requestCode, startFlags, null, null, null, bOptions, false, userId, inTask, reason); return mActivityStarter.startActivityMayWait(null, uid, ActivityStarter.PID_NULL, uid, callingPackage, intent, resolvedType, null, null, resultTo, resultWho, requestCode, startFlags, null, null, null, bOptions, false, userId, inTask, reason); } @Override Loading @@ -5018,13 +5018,20 @@ public class ActivityManagerService extends IActivityManager.Stub final int startActivitiesInPackage(int uid, String callingPackage, Intent[] intents, String[] resolvedTypes, IBinder resultTo, Bundle bOptions, int userId) { return startActivitiesInPackage(uid, ActivityStarter.PID_NULL, UserHandle.USER_NULL, callingPackage, intents, resolvedTypes, resultTo, bOptions, userId); } final int startActivitiesInPackage(int uid, int realCallingPid, int realCallingUid, String callingPackage, Intent[] intents, String[] resolvedTypes, IBinder resultTo, Bundle bOptions, int userId) { final String reason = "startActivityInPackage"; userId = mUserController.handleIncomingUser(Binder.getCallingPid(), Binder.getCallingUid(), userId, false, ALLOW_FULL_ONLY, reason, null); // TODO: Switch to user app stacks here. int ret = mActivityStarter.startActivities(null, uid, callingPackage, intents, resolvedTypes, resultTo, bOptions, userId, reason); int ret = mActivityStarter.startActivities(null, uid, realCallingPid, realCallingUid, callingPackage, intents, resolvedTypes, resultTo, bOptions, userId, reason); return ret; }
services/core/java/com/android/server/am/ActivityStarter.java +39 −4 Original line number Diff line number Diff line Loading @@ -136,6 +136,8 @@ import java.util.Date; * an activity and associated task and stack. */ class ActivityStarter { public static final int PID_NULL = 0; private static final String TAG = TAG_WITH_CLASS_NAME ? "ActivityStarter" : TAG_AM; private static final String TAG_RESULTS = TAG + POSTFIX_RESULTS; private static final String TAG_FOCUS = TAG + POSTFIX_FOCUS; Loading Loading @@ -677,6 +679,20 @@ class ActivityStarter { ProfilerInfo profilerInfo, WaitResult outResult, Configuration globalConfig, Bundle bOptions, boolean ignoreTargetSecurity, int userId, TaskRecord inTask, String reason) { return startActivityMayWait(caller, callingUid, PID_NULL, UserHandle.USER_NULL, callingPackage, intent, resolvedType, voiceSession, voiceInteractor, resultTo, resultWho, requestCode, startFlags, profilerInfo, outResult, globalConfig, bOptions, ignoreTargetSecurity, userId, inTask, reason); } final int startActivityMayWait(IApplicationThread caller, int callingUid, int requestRealCallingPid, int requestRealCallingUid, String callingPackage, Intent intent, String resolvedType, IVoiceInteractionSession voiceSession, IVoiceInteractor voiceInteractor, IBinder resultTo, String resultWho, int requestCode, int startFlags, ProfilerInfo profilerInfo, WaitResult outResult, Configuration globalConfig, Bundle bOptions, boolean ignoreTargetSecurity, int userId, TaskRecord inTask, String reason) { // Refuse possible leaked file descriptors if (intent != null && intent.hasFileDescriptors()) { throw new IllegalArgumentException("File descriptors passed in Intent"); Loading Loading @@ -730,8 +746,14 @@ class ActivityStarter { ActivityOptions options = ActivityOptions.fromBundle(bOptions); synchronized (mService) { final int realCallingPid = Binder.getCallingPid(); final int realCallingUid = Binder.getCallingUid(); final int realCallingPid = requestRealCallingPid != PID_NULL ? requestRealCallingPid : Binder.getCallingPid(); final int realCallingUid = requestRealCallingUid != UserHandle.USER_NULL ? requestRealCallingUid : Binder.getCallingUid(); int callingPid; if (callingUid >= 0) { callingPid = -1; Loading Loading @@ -883,6 +905,14 @@ class ActivityStarter { final int startActivities(IApplicationThread caller, int callingUid, String callingPackage, Intent[] intents, String[] resolvedTypes, IBinder resultTo, Bundle bOptions, int userId, String reason) { return startActivities(caller, callingUid, PID_NULL, UserHandle.USER_NULL, callingPackage, intents, resolvedTypes, resultTo, bOptions, userId, reason); } final int startActivities(IApplicationThread caller, int callingUid, int incomingRealCallingPid, int incomingRealCallingUid, String callingPackage, Intent[] intents, String[] resolvedTypes, IBinder resultTo, Bundle bOptions, int userId, String reason) { if (intents == null) { throw new NullPointerException("intents is null"); } Loading @@ -893,8 +923,13 @@ class ActivityStarter { throw new IllegalArgumentException("intents are length different than resolvedTypes"); } final int realCallingPid = Binder.getCallingPid(); final int realCallingUid = Binder.getCallingUid(); final int realCallingPid = incomingRealCallingPid != PID_NULL ? incomingRealCallingPid : Binder.getCallingPid(); final int realCallingUid = incomingRealCallingUid != UserHandle.USER_NULL ? incomingRealCallingUid : Binder.getCallingUid(); int callingPid; if (callingUid >= 0) { Loading
services/core/java/com/android/server/am/PendingIntentRecord.java +3 −2 Original line number Diff line number Diff line Loading @@ -332,8 +332,9 @@ final class PendingIntentRecord extends IIntentSender.Stub { } allIntents[allIntents.length-1] = finalIntent; allResolvedTypes[allResolvedTypes.length-1] = resolvedType; owner.startActivitiesInPackage(uid, key.packageName, allIntents, allResolvedTypes, resultTo, options, userId); owner.startActivitiesInPackage(uid, callingPid, callingUid, key.packageName, allIntents, allResolvedTypes, resultTo, options, userId); } else { owner.startActivityInPackage(uid, key.packageName, finalIntent, resolvedType, resultTo, resultWho, requestCode, 0, Loading
services/core/java/com/android/server/pm/PackageManagerService.java +2 −4 Original line number Diff line number Diff line Loading @@ -25935,11 +25935,9 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName()); } if (mExternalSourcesPolicy != null) { int isTrusted = mExternalSourcesPolicy.getPackageTrustedToInstallApps(packageName, uid); if (isTrusted != PackageManagerInternal.ExternalSourcesPolicy.USER_DEFAULT) { return isTrusted == PackageManagerInternal.ExternalSourcesPolicy.USER_TRUSTED; } } return checkUidPermission(appOpPermission, uid) == PERMISSION_GRANTED; return false; } @Override
