diff --git a/services/core/java/com/android/server/am/ActivityStackSupervisor.java b/services/core/java/com/android/server/am/ActivityStackSupervisor.java index d194db3741022..df1ee55715622 100644 --- a/services/core/java/com/android/server/am/ActivityStackSupervisor.java +++ b/services/core/java/com/android/server/am/ActivityStackSupervisor.java @@ -1702,11 +1702,16 @@ public class ActivityStackSupervisor extends ConfigurationContainer implements D boolean checkStartAnyActivityPermission(Intent intent, ActivityInfo aInfo, String resultWho, int requestCode, int callingPid, int callingUid, - String callingPackage, boolean ignoreTargetSecurity, ProcessRecord callerApp, - ActivityRecord resultRecord, ActivityStack resultStack) { + String callingPackage, boolean ignoreTargetSecurity, boolean launchingInTask, + ProcessRecord callerApp, ActivityRecord resultRecord, ActivityStack resultStack) { + final boolean isCallerRecents = mService.getRecentTasks() != null && + mService.getRecentTasks().isCallerRecents(callingUid); final int startAnyPerm = mService.checkPermission(START_ANY_ACTIVITY, callingPid, callingUid); - if (startAnyPerm == PERMISSION_GRANTED) { + if (startAnyPerm == PERMISSION_GRANTED || (isCallerRecents && launchingInTask)) { + // If the caller has START_ANY_ACTIVITY, ignore all checks below. In addition, if the + // caller is the recents component and we are specifically starting an activity in an + // existing task, then also allow the activity to be fully relaunched. return true; } final int componentRestriction = getComponentRestrictionForCallingPackage( diff --git a/services/core/java/com/android/server/am/ActivityStarter.java b/services/core/java/com/android/server/am/ActivityStarter.java index bbf6e6cffee24..0104980f59fe1 100644 --- a/services/core/java/com/android/server/am/ActivityStarter.java +++ b/services/core/java/com/android/server/am/ActivityStarter.java @@ -713,7 +713,7 @@ class ActivityStarter { boolean abort = !mSupervisor.checkStartAnyActivityPermission(intent, aInfo, resultWho, requestCode, callingPid, callingUid, callingPackage, ignoreTargetSecurity, - callerApp, resultRecord, resultStack); + inTask != null, callerApp, resultRecord, resultStack); abort |= !mService.mIntentFirewall.checkStartActivity(intent, callingUid, callingPid, resolvedType, aInfo.applicationInfo); diff --git a/services/tests/servicestests/src/com/android/server/am/ActivityStarterTests.java b/services/tests/servicestests/src/com/android/server/am/ActivityStarterTests.java index 18e842f3e694f..1520859d4aacb 100644 --- a/services/tests/servicestests/src/com/android/server/am/ActivityStarterTests.java +++ b/services/tests/servicestests/src/com/android/server/am/ActivityStarterTests.java @@ -243,7 +243,7 @@ public class ActivityStarterTests extends ActivityTestsBase { if (containsConditions(preconditions,PRECONDITION_CANNOT_START_ANY_ACTIVITY)) { doReturn(false).when(service.mStackSupervisor).checkStartAnyActivityPermission( any(), any(), any(), anyInt(), anyInt(), anyInt(), any(), - anyBoolean(), any(), any(), any()); + anyBoolean(), anyBoolean(), any(), any(), any()); } try { @@ -302,7 +302,7 @@ public class ActivityStarterTests extends ActivityTestsBase { // always allow test to start activity. doReturn(true).when(mService.mStackSupervisor).checkStartAnyActivityPermission( any(), any(), any(), anyInt(), anyInt(), anyInt(), any(), - anyBoolean(), any(), any(), any()); + anyBoolean(), anyBoolean(), any(), any(), any()); // instrument the stack and task used. final ActivityStack stack = mService.mStackSupervisor.getDefaultDisplay().createStack(