Merge "Add ww logging for intent redirec blocked event" into main (f73ddc1c) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/wm/ActivityStartController.java

+3 −3

Original line number	Diff line number	Diff line
		@@ -479,9 +479,9 @@ public class ActivityStartController {
		}
		} catch (SecurityException securityException) {
		ActivityStarter.logAndThrowExceptionForIntentRedirect(mService.mContext,
		"Creator URI Grant Caused Exception.", intent, creatorUid,
		creatorPackage, filterCallingUid, callingPackage,
		securityException);
		ActivityStarter.INTENT_REDIRECT_EXCEPTION_GRANT_URI_PERMISSION,
		intent, creatorUid, creatorPackage, filterCallingUid,
		callingPackage, securityException);
		}
		}
		if ((aInfo.applicationInfo.privateFlags

services/core/java/com/android/server/wm/ActivityStarter.java

+74 −16

Original line number	Diff line number	Diff line
		@@ -65,6 +65,7 @@ import static android.window.TaskFragmentOperation.OP_TYPE_START_ACTIVITY_IN_TAS
		import static com.android.internal.protolog.WmProtoLogGroups.WM_DEBUG_CONFIGURATION;
		import static com.android.internal.protolog.WmProtoLogGroups.WM_DEBUG_TASKS;
		import static com.android.internal.protolog.WmProtoLogGroups.WM_DEBUG_WINDOW_TRANSITIONS;
		import static com.android.internal.util.FrameworkStatsLog.INTENT_REDIRECT_BLOCKED;
		import static com.android.server.pm.PackageArchiver.isArchivingEnabled;
		import static com.android.server.wm.ActivityRecord.State.RESUMED;
		import static com.android.server.wm.ActivityTaskManagerDebugConfig.DEBUG_PERMISSIONS_REVIEW;
		@@ -140,6 +141,7 @@ import com.android.internal.annotations.VisibleForTesting;
		import com.android.internal.app.HeavyWeightSwitcherActivity;
		import com.android.internal.app.IVoiceInteractor;
		import com.android.internal.protolog.ProtoLog;
		import com.android.internal.util.FrameworkStatsLog;
		import com.android.server.UiThread;
		import com.android.server.am.ActivityManagerService.IntentCreatorToken;
		import com.android.server.am.PendingIntentRecord;
		@@ -623,7 +625,7 @@ class ActivityStarter {
		if ((intent.getExtendedFlags() & Intent.EXTENDED_FLAG_MISSING_CREATOR_OR_INVALID_TOKEN)
		!= 0) {
		logAndThrowExceptionForIntentRedirect(supervisor.mService.mContext,
		"Unparceled intent does not have a creator token set.", intent,
		ActivityStarter.INTENT_REDIRECT_EXCEPTION_MISSING_OR_INVALID_TOKEN, intent,
		intentCreatorUid, intentCreatorPackage, resolvedCallingUid,
		resolvedCallingPackage, null);
		}
		@@ -659,9 +661,9 @@ class ActivityStarter {
		}
		} catch (SecurityException securityException) {
		logAndThrowExceptionForIntentRedirect(supervisor.mService.mContext,
		"Creator URI Grant Caused Exception.", intent, intentCreatorUid,
		intentCreatorPackage, resolvedCallingUid,
		resolvedCallingPackage, securityException);
		ActivityStarter.INTENT_REDIRECT_EXCEPTION_GRANT_URI_PERMISSION,
		intent, intentCreatorUid, intentCreatorPackage,
		resolvedCallingUid, resolvedCallingPackage, securityException);
		}
		}
		} else {
		@@ -683,9 +685,9 @@ class ActivityStarter {
		}
		} catch (SecurityException securityException) {
		logAndThrowExceptionForIntentRedirect(supervisor.mService.mContext,
		"Creator URI Grant Caused Exception.", intent, intentCreatorUid,
		intentCreatorPackage, resolvedCallingUid,
		resolvedCallingPackage, securityException);
		ActivityStarter.INTENT_REDIRECT_EXCEPTION_GRANT_URI_PERMISSION,
		intent, intentCreatorUid, intentCreatorPackage,
		resolvedCallingUid, resolvedCallingPackage, securityException);
		}
		}
		}
		@@ -1264,27 +1266,27 @@ class ActivityStarter {
		request.ignoreTargetSecurity, inTask != null, null, resultRecord,
		resultRootTask)) {
		abort = logAndAbortForIntentRedirect(mService.mContext,
		"Creator checkStartAnyActivityPermission Caused abortion.",
		ActivityStarter.INTENT_REDIRECT_ABORT_START_ANY_ACTIVITY_PERMISSION,
		intent, intentCreatorUid, intentCreatorPackage, callingUid,
		callingPackage);
		}
		} catch (SecurityException e) {
		logAndThrowExceptionForIntentRedirect(mService.mContext,
		"Creator checkStartAnyActivityPermission Caused Exception.",
		ActivityStarter.INTENT_REDIRECT_EXCEPTION_START_ANY_ACTIVITY_PERMISSION,
		intent, intentCreatorUid, intentCreatorPackage, callingUid, callingPackage,
		e);
		}
		if (!mService.mIntentFirewall.checkStartActivity(intent, intentCreatorUid,
		0, resolvedType, aInfo.applicationInfo)) {
		abort = logAndAbortForIntentRedirect(mService.mContext,
		"Creator IntentFirewall.checkStartActivity Caused abortion.",
		ActivityStarter.INTENT_REDIRECT_ABORT_INTENT_FIREWALL_START_ACTIVITY,
		intent, intentCreatorUid, intentCreatorPackage, callingUid, callingPackage);
		}

		if (!mService.getPermissionPolicyInternal().checkStartActivity(intent,
		intentCreatorUid, intentCreatorPackage)) {
		abort = logAndAbortForIntentRedirect(mService.mContext,
		"Creator PermissionPolicyService.checkStartActivity Caused abortion.",
		ActivityStarter.INTENT_REDIRECT_ABORT_PERMISSION_POLICY_START_ACTIVITY,
		intent, intentCreatorUid, intentCreatorPackage, callingUid, callingPackage);
		}
		}
		@@ -3629,13 +3631,41 @@ class ActivityStarter {
		pw.println(mInTaskFragment);
		}

		/**
		* Error codes for intent redirect.
		*
		* @hide
		*/
		@IntDef(prefix = {"INTENT_REDIRECT_"}, value = {
		INTENT_REDIRECT_EXCEPTION_MISSING_OR_INVALID_TOKEN,
		INTENT_REDIRECT_EXCEPTION_GRANT_URI_PERMISSION,
		INTENT_REDIRECT_EXCEPTION_START_ANY_ACTIVITY_PERMISSION,
		INTENT_REDIRECT_ABORT_START_ANY_ACTIVITY_PERMISSION,
		INTENT_REDIRECT_ABORT_INTENT_FIREWALL_START_ACTIVITY,
		INTENT_REDIRECT_ABORT_PERMISSION_POLICY_START_ACTIVITY,
		})
		@Retention(RetentionPolicy.SOURCE)
		@interface IntentRedirectErrorCode {
		}

		/**
		* Error codes for intent redirect issues
		*/
		static final int INTENT_REDIRECT_EXCEPTION_MISSING_OR_INVALID_TOKEN = 1;
		static final int INTENT_REDIRECT_EXCEPTION_GRANT_URI_PERMISSION = 2;
		static final int INTENT_REDIRECT_EXCEPTION_START_ANY_ACTIVITY_PERMISSION = 3;
		static final int INTENT_REDIRECT_ABORT_START_ANY_ACTIVITY_PERMISSION = 4;
		static final int INTENT_REDIRECT_ABORT_INTENT_FIREWALL_START_ACTIVITY = 5;
		static final int INTENT_REDIRECT_ABORT_PERMISSION_POLICY_START_ACTIVITY = 6;

		static void logAndThrowExceptionForIntentRedirect(@NonNull Context context,
		@NonNull String message, @NonNull Intent intent, int intentCreatorUid,
		@IntentRedirectErrorCode int errorCode, @NonNull Intent intent, int intentCreatorUid,
		@Nullable String intentCreatorPackage, int callingUid, @Nullable String callingPackage,
		@Nullable SecurityException originalException) {
		String msg = getIntentRedirectPreventedLogMessage(message, intent, intentCreatorUid,
		String msg = getIntentRedirectPreventedLogMessage(errorCode, intent, intentCreatorUid,
		intentCreatorPackage, callingUid, callingPackage);
		Slog.wtf(TAG, msg);
		FrameworkStatsLog.write(INTENT_REDIRECT_BLOCKED, intentCreatorUid, callingUid, errorCode);
		if (preventIntentRedirectShowToast()) {
		UiThread.getHandler().post(
		() -> Toast.makeText(context,
		@@ -3649,12 +3679,13 @@ class ActivityStarter {
		}

		private static boolean logAndAbortForIntentRedirect(@NonNull Context context,
		@NonNull String message, @NonNull Intent intent, int intentCreatorUid,
		@IntentRedirectErrorCode int errorCode, @NonNull Intent intent, int intentCreatorUid,
		@Nullable String intentCreatorPackage, int callingUid,
		@Nullable String callingPackage) {
		String msg = getIntentRedirectPreventedLogMessage(message, intent, intentCreatorUid,
		String msg = getIntentRedirectPreventedLogMessage(errorCode, intent, intentCreatorUid,
		intentCreatorPackage, callingUid, callingPackage);
		Slog.wtf(TAG, msg);
		FrameworkStatsLog.write(INTENT_REDIRECT_BLOCKED, intentCreatorUid, callingUid, errorCode);
		if (preventIntentRedirectShowToast()) {
		UiThread.getHandler().post(
		() -> Toast.makeText(context,
		@@ -3665,11 +3696,38 @@ class ActivityStarter {
		ENABLE_PREVENT_INTENT_REDIRECT_TAKE_ACTION, callingUid);
		}

		private static String getIntentRedirectPreventedLogMessage(@NonNull String message,
		private static String getIntentRedirectPreventedLogMessage(
		@IntentRedirectErrorCode int errorCode,
		@NonNull Intent intent, int intentCreatorUid, @Nullable String intentCreatorPackage,
		int callingUid, @Nullable String callingPackage) {
		String message = getIntentRedirectErrorMessageFromCode(errorCode);
		return "[IntentRedirect Hardening] " + message + " intentCreatorUid: " + intentCreatorUid
		+ "; intentCreatorPackage: " + intentCreatorPackage + "; callingUid: " + callingUid
		+ "; callingPackage: " + callingPackage + "; intent: " + intent;
		}

		private static String getIntentRedirectErrorMessageFromCode(
		@IntentRedirectErrorCode int errorCode) {
		return switch (errorCode) {
		case INTENT_REDIRECT_EXCEPTION_MISSING_OR_INVALID_TOKEN ->
		"INTENT_REDIRECT_EXCEPTION_MISSING_OR_INVALID_TOKEN"
		+ " (Unparceled intent does not have a creator token set, throw exception.)";
		case INTENT_REDIRECT_EXCEPTION_GRANT_URI_PERMISSION ->
		"INTENT_REDIRECT_EXCEPTION_GRANT_URI_PERMISSION"
		+ " (Creator URI permission grant throw exception.)";
		case INTENT_REDIRECT_EXCEPTION_START_ANY_ACTIVITY_PERMISSION ->
		"INTENT_REDIRECT_ABORT_START_ANY_ACTIVITY_PERMISSION"
		+ " (Creator checkStartAnyActivityPermission, throw exception)";
		case INTENT_REDIRECT_ABORT_START_ANY_ACTIVITY_PERMISSION ->
		"INTENT_REDIRECT_ABORT_START_ANY_ACTIVITY_PERMISSION"
		+ " (Creator checkStartAnyActivityPermission, abort)";
		case INTENT_REDIRECT_ABORT_INTENT_FIREWALL_START_ACTIVITY ->
		"INTENT_REDIRECT_ABORT_INTENT_FIREWALL_START_ACTIVITY"
		+ " (Creator IntentFirewall.checkStartActivity, abort)";
		case INTENT_REDIRECT_ABORT_PERMISSION_POLICY_START_ACTIVITY ->
		"INTENT_REDIRECT_ABORT_PERMISSION_POLICY_START_ACTIVITY"
		+ " (Creator PermissionPolicyService.checkStartActivity, abort)";
		default -> "Unknown error code: " + errorCode;
		};
		}
		}