Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Replacing some explicit recents components checks with permission checks

Browse Source 
Bug: 177096054
Test: Presubmit for quickstep
Change-Id: Ia824ed21a3836548eccb186ee7c9a3f697e9ee66
This commit is contained in:
Sunny Goyal
2021-01-28 17:28:12 -08:00
parent cd347c4bd0
commit 4ee257ce72
12 changed files with 83 additions and 169 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
core/res/AndroidManifest.xml
View File

@@ -2541,7 +2541,7 @@
<!-- Allows an application to start a task from a ActivityManager#RecentTaskInfo.
@hide -->
<permission android:name="android.permission.START_TASKS_FROM_RECENTS"
android:protectionLevel="signature|privileged" />
android:protectionLevel="signature|privileged|recents" />
<!-- @SystemApi @hide Allows an application to call APIs that allow it to do interactions
across the users on the device, using singleton services and
@@ -2606,7 +2606,7 @@
<!-- @SystemApi @TestApi @hide Allows an application to change to remove/kill tasks -->
<permission android:name="android.permission.REMOVE_TASKS"
android:protectionLevel="signature|documenter" />
android:protectionLevel="signature|documenter|recents" />
<!-- @deprecated Use MANAGE_ACTIVITY_TASKS instead.
@SystemApi @TestApi @hide Allows an application to create/manage/remove stacks -->
@@ -2615,7 +2615,7 @@
<!-- @SystemApi @TestApi @hide Allows an application to create/manage/remove tasks -->
<permission android:name="android.permission.MANAGE_ACTIVITY_TASKS"
android:protectionLevel="signature" />
android:protectionLevel="signature|recents" />
<!-- @SystemApi @TestApi @hide Allows an application to embed other activities -->
<permission android:name="android.permission.ACTIVITY_EMBEDDING"
@@ -3284,7 +3284,7 @@
and its icons.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.STATUS_BAR"
android:protectionLevel="signature|privileged" />
android:protectionLevel="signature|privileged|recents" />
<!-- Allows an application to trigger bugreport via shell using the bugreport API.
<p>Not for use by third-party applications.
@@ -3451,7 +3451,7 @@
critical UI such as the home screen.
@hide -->
<permission android:name="android.permission.STOP_APP_SWITCHES"
android:protectionLevel="signature|privileged" />
android:protectionLevel="signature|privileged|recents" />
<!-- @SystemApi Allows an application to retrieve private information about
the current top activity, such as any assist context it can provide.
@@ -3836,7 +3836,7 @@
@hide
-->
<permission android:name="android.permission.SET_ORIENTATION"
android:protectionLevel="signature" />
android:protectionLevel="signature|recents" />
<!-- @SystemApi Allows low-level access to setting the pointer speed.
<p>Not for use by third-party applications.
@@ -4100,7 +4100,7 @@
@hide
@removed -->
<permission android:name="android.permission.READ_FRAME_BUFFER"
android:protectionLevel="signature" />
android:protectionLevel="signature|recents" />
<!-- Allows an application to use InputFlinger's low level features.
@hide -->
@@ -5277,7 +5277,7 @@
<!-- @SystemApi Allows modifying accessibility state.
@hide -->
<permission android:name="android.permission.MANAGE_ACCESSIBILITY"
android:protectionLevel="signature|setup" />
android:protectionLevel="signature|setup|recents" />
<!-- @SystemApi Allows an app to grant a profile owner access to device identifiers.
<p>Not for use by third-party applications.

3
data/etc/com.android.launcher3.xml
View File

@@ -21,5 +21,8 @@
<permission name="android.permission.GET_ACCOUNTS_PRIVILEGED"/>
<permission name="android.permission.WRITE_SECURE_SETTINGS"/>
<permission name="android.permission.BROADCAST_CLOSE_SYSTEM_DIALOGS"/>
<permission name="android.permission.START_TASKS_FROM_RECENTS"/>
<permission name="android.permission.STATUS_BAR"/>
<permission name="android.permission.STOP_APP_SWITCHES"/>
</privapp-permissions>
</permissions>

10
services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java
View File

@@ -166,8 +166,6 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub
// their capabilities are ready.
private static final int WAIT_MOTION_INJECTOR_TIMEOUT_MILLIS = 1000;
static final String FUNCTION_REGISTER_SYSTEM_ACTION = "registerSystemAction";
static final String FUNCTION_UNREGISTER_SYSTEM_ACTION = "unregisterSystemAction";
private static final String FUNCTION_REGISTER_UI_TEST_AUTOMATION_SERVICE =
"registerUiTestAutomationService";
@@ -748,9 +746,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub
*/
@Override
public void registerSystemAction(RemoteAction action, int actionId) {
mSecurityPolicy.enforceCallerIsRecentsOrHasPermission(
Manifest.permission.MANAGE_ACCESSIBILITY,
FUNCTION_REGISTER_SYSTEM_ACTION);
mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY);
getSystemActionPerformer().registerSystemAction(actionId, action);
}
@@ -761,9 +757,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub
*/
@Override
public void unregisterSystemAction(int actionId) {
mSecurityPolicy.enforceCallerIsRecentsOrHasPermission(
Manifest.permission.MANAGE_ACCESSIBILITY,
FUNCTION_UNREGISTER_SYSTEM_ACTION);
mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY);
getSystemActionPerformer().unregisterSystemAction(actionId);
}

13
services/accessibility/java/com/android/server/accessibility/AccessibilitySecurityPolicy.java
View File

@@ -38,8 +38,6 @@ import android.util.Slog;
import android.view.accessibility.AccessibilityEvent;
import com.android.internal.util.ArrayUtils;
import com.android.server.LocalServices;
import com.android.server.wm.ActivityTaskManagerInternal;
import libcore.util.EmptyArray;
@@ -88,7 +86,6 @@ public class AccessibilitySecurityPolicy {
private final AccessibilityUserManager mAccessibilityUserManager;
private AccessibilityWindowManager mAccessibilityWindowManager;
private final ActivityTaskManagerInternal mAtmInternal;
/**
* Constructor for AccessibilityManagerService.
@@ -100,7 +97,6 @@ public class AccessibilitySecurityPolicy {
mPackageManager = mContext.getPackageManager();
mUserManager = (UserManager) mContext.getSystemService(Context.USER_SERVICE);
mAppOpsManager = (AppOpsManager) context.getSystemService(Context.APP_OPS_SERVICE);
mAtmInternal = LocalServices.getService(ActivityTaskManagerInternal.class);
}
/**
@@ -572,13 +568,4 @@ public class AccessibilitySecurityPolicy {
+ permission);
}
}
/**
* Enforcing permission check to IPC caller or grant it if it's recents.
*
* @param permission The permission to check
*/
public void enforceCallerIsRecentsOrHasPermission(@NonNull String permission, String func) {
mAtmInternal.enforceCallerIsRecentsOrHasPermission(permission, func);
}
}

6
services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java
View File

@@ -278,12 +278,6 @@ public abstract class ActivityTaskManagerInternal {
*/
public abstract void cancelRecentsAnimation(boolean restoreHomeRootTaskPosition);
/**
* This enforces {@code func} can only be called if either the caller is Recents activity or
* has {@code permission}.
*/
public abstract void enforceCallerIsRecentsOrHasPermission(String permission, String func);
/**
* Returns true if the app can close system dialogs. Otherwise it either throws a {@link
* SecurityException} or returns false with a logcat message depending on whether the app

71
services/core/java/com/android/server/wm/ActivityTaskManagerService.java
View File

@@ -1577,7 +1577,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public void startRecentsActivity(Intent intent, long eventTime,
@Nullable IRecentsAnimationRunner recentsAnimationRunner) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS, "startRecentsActivity()");
enforceTaskPermission("startRecentsActivity()");
final int callingPid = Binder.getCallingPid();
final int callingUid = Binder.getCallingUid();
final long origId = Binder.clearCallingIdentity();
@@ -1605,7 +1605,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public final int startActivityFromRecents(int taskId, Bundle bOptions) {
enforceCallerIsRecentsOrHasPermission(START_TASKS_FROM_RECENTS,
mAmInternal.enforceCallingPermission(START_TASKS_FROM_RECENTS,
"startActivityFromRecents()");
final int callingPid = Binder.getCallingPid();
@@ -1735,7 +1735,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public RootTaskInfo getFocusedRootTaskInfo() throws RemoteException {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS, "getFocusedRootTaskInfo()");
enforceTaskPermission("getFocusedRootTaskInfo()");
final long ident = Binder.clearCallingIdentity();
try {
synchronized (mGlobalLock) {
@@ -1796,7 +1796,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public boolean removeTask(int taskId) {
enforceCallerIsRecentsOrHasPermission(REMOVE_TASKS, "removeTask()");
mAmInternal.enforceCallingPermission(REMOVE_TASKS, "removeTask()");
synchronized (mGlobalLock) {
final long ident = Binder.clearCallingIdentity();
try {
@@ -1821,7 +1821,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public void removeAllVisibleRecentTasks() {
enforceCallerIsRecentsOrHasPermission(REMOVE_TASKS, "removeAllVisibleRecentTasks()");
mAmInternal.enforceCallingPermission(REMOVE_TASKS, "removeAllVisibleRecentTasks()");
synchronized (mGlobalLock) {
final long ident = Binder.clearCallingIdentity();
try {
@@ -1860,8 +1860,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public ActivityManager.TaskDescription getTaskDescription(int id) {
synchronized (mGlobalLock) {
enforceCallerIsRecentsOrHasPermission(
MANAGE_ACTIVITY_TASKS, "getTaskDescription()");
enforceTaskPermission("getTaskDescription()");
final Task tr = mRootWindowContainer.anyTaskForId(id,
MATCH_ATTACHED_TASK_OR_RECENT_TASKS);
if (tr != null) {
@@ -1873,7 +1872,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public boolean setTaskWindowingMode(int taskId, int windowingMode, boolean toTop) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS, "setTaskWindowingMode()");
enforceTaskPermission("setTaskWindowingMode()");
synchronized (mGlobalLock) {
final long ident = Binder.clearCallingIdentity();
try {
@@ -2103,7 +2102,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public void moveTaskToRootTask(int taskId, int rootTaskId, boolean toTop) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS, "moveTaskToRootTask()");
enforceTaskPermission("moveTaskToRootTask()");
synchronized (mGlobalLock) {
final long ident = Binder.clearCallingIdentity();
try {
@@ -2197,8 +2196,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
*/
@Override
public void removeRootTasksInWindowingModes(int[] windowingModes) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS,
"removeRootTasksInWindowingModes()");
enforceTaskPermission("removeRootTasksInWindowingModes()");
synchronized (mGlobalLock) {
final long ident = Binder.clearCallingIdentity();
@@ -2212,8 +2210,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public void removeRootTasksWithActivityTypes(int[] activityTypes) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS,
"removeRootTasksWithActivityTypes()");
enforceTaskPermission("removeRootTasksWithActivityTypes()");
synchronized (mGlobalLock) {
final long ident = Binder.clearCallingIdentity();
@@ -2239,7 +2236,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public List<RootTaskInfo> getAllRootTaskInfos() {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS, "getAllRootTaskInfos()");
enforceTaskPermission("getAllRootTaskInfos()");
final long ident = Binder.clearCallingIdentity();
try {
synchronized (mGlobalLock) {
@@ -2252,7 +2249,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public RootTaskInfo getRootTaskInfo(int windowingMode, int activityType) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS, "getRootTaskInfo()");
enforceTaskPermission("getRootTaskInfo()");
final long ident = Binder.clearCallingIdentity();
try {
synchronized (mGlobalLock) {
@@ -2265,8 +2262,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public List<RootTaskInfo> getAllRootTaskInfosOnDisplay(int displayId) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS,
"getAllRootTaskInfosOnDisplay()");
enforceTaskPermission("getAllRootTaskInfosOnDisplay()");
final long ident = Binder.clearCallingIdentity();
try {
synchronized (mGlobalLock) {
@@ -2280,7 +2276,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public RootTaskInfo getRootTaskInfoOnDisplay(int windowingMode, int activityType,
int displayId) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS, "getRootTaskInfoOnDisplay()");
enforceTaskPermission("getRootTaskInfoOnDisplay()");
final long ident = Binder.clearCallingIdentity();
try {
synchronized (mGlobalLock) {
@@ -2293,7 +2289,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public void cancelRecentsAnimation(boolean restoreHomeRootTaskPosition) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS, "cancelRecentsAnimation()");
enforceTaskPermission("cancelRecentsAnimation()");
final long callingUid = Binder.getCallingUid();
final long origId = Binder.clearCallingIdentity();
try {
@@ -2728,16 +2724,14 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
/** Sets the task stack listener that gets callbacks when a task stack changes. */
@Override
public void registerTaskStackListener(ITaskStackListener listener) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS,
"registerTaskStackListener()");
enforceTaskPermission("registerTaskStackListener()");
mTaskChangeNotificationController.registerTaskStackListener(listener);
}
/** Unregister a task stack listener so that it stops receiving callbacks. */
@Override
public void unregisterTaskStackListener(ITaskStackListener listener) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS,
"unregisterTaskStackListener()");
enforceTaskPermission("unregisterTaskStackListener()");
mTaskChangeNotificationController.unregisterTaskStackListener(listener);
}
@@ -2790,19 +2784,6 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
permission, Binder.getCallingPid(), Binder.getCallingUid());
}
/** This can be called with or without the global lock held. */
void enforceCallerIsRecentsOrHasPermission(String permission, String func) {
if (getRecentTasks().isCallerRecents(Binder.getCallingUid())) {
return;
}
if (permission.equals(MANAGE_ACTIVITY_TASKS) || permission.equals(MANAGE_ACTIVITY_STACKS)) {
enforceTaskPermission(func);
} else {
mAmInternal.enforceCallingPermission(permission, func);
}
}
/**
* Returns true if the app can close system dialogs. Otherwise it either throws a {@link
* SecurityException} or returns false with a logcat message depending on whether the app
@@ -3263,7 +3244,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
public void resizePrimarySplitScreen(Rect dockedBounds, Rect tempDockedTaskBounds,
Rect tempDockedTaskInsetBounds,
Rect tempOtherTaskBounds, Rect tempOtherTaskInsetBounds) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS, "resizePrimarySplitScreen()");
enforceTaskPermission("resizePrimarySplitScreen()");
final long ident = Binder.clearCallingIdentity();
try {
synchronized (mGlobalLock) {
@@ -3301,7 +3282,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public void setSplitScreenResizing(boolean resizing) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS, "setSplitScreenResizing()");
enforceTaskPermission("setSplitScreenResizing()");
final long ident = Binder.clearCallingIdentity();
try {
synchronized (mGlobalLock) {
@@ -3371,8 +3352,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public void cancelTaskWindowTransition(int taskId) {
enforceCallerIsRecentsOrHasPermission(MANAGE_ACTIVITY_TASKS,
"cancelTaskWindowTransition()");
enforceTaskPermission("cancelTaskWindowTransition()");
final long ident = Binder.clearCallingIdentity();
try {
synchronized (mGlobalLock) {
@@ -3391,7 +3371,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public TaskSnapshot getTaskSnapshot(int taskId, boolean isLowResolution) {
enforceCallerIsRecentsOrHasPermission(READ_FRAME_BUFFER, "getTaskSnapshot()");
mAmInternal.enforceCallingPermission(READ_FRAME_BUFFER, "getTaskSnapshot()");
final long ident = Binder.clearCallingIdentity();
try {
return getTaskSnapshot(taskId, isLowResolution, true /* restoreFromDisk */);
@@ -3526,7 +3506,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public void stopAppSwitches() {
enforceCallerIsRecentsOrHasPermission(STOP_APP_SWITCHES, "stopAppSwitches");
mAmInternal.enforceCallingPermission(STOP_APP_SWITCHES, "stopAppSwitches");
synchronized (mGlobalLock) {
mAppSwitchesAllowed = false;
mLastStopAppSwitchesTime = SystemClock.uptimeMillis();
@@ -3535,7 +3515,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
@Override
public void resumeAppSwitches() {
enforceCallerIsRecentsOrHasPermission(STOP_APP_SWITCHES, "resumeAppSwitches");
mAmInternal.enforceCallingPermission(STOP_APP_SWITCHES, "resumeAppSwitches");
synchronized (mGlobalLock) {
mAppSwitchesAllowed = true;
}
@@ -5134,11 +5114,6 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
ActivityTaskManagerService.this.cancelRecentsAnimation(restoreHomeRootTaskPosition);
}
@Override
public void enforceCallerIsRecentsOrHasPermission(String permission, String func) {
ActivityTaskManagerService.this.enforceCallerIsRecentsOrHasPermission(permission, func);
}
@Override
public boolean checkCanCloseSystemDialogs(int pid, int uid, @Nullable String packageName) {
return ActivityTaskManagerService.this.checkCanCloseSystemDialogs(pid, uid,

14
services/core/java/com/android/server/wm/Session.java
View File

@@ -103,6 +103,8 @@ class Session extends IWindowSession.Stub implements IBinder.DeathRecipient {
private final ArraySet<WindowSurfaceController> mAlertWindowSurfaces = new ArraySet<>();
private final DragDropController mDragDropController;
final boolean mCanAddInternalSystemWindow;
private final boolean mCanStartTasksFromRecents;
// If non-system overlays from this process can be hidden by the user or app using
// HIDE_NON_SYSTEM_OVERLAY_WINDOWS.
final boolean mOverlaysCanBeHidden;
@@ -134,6 +136,8 @@ class Session extends IWindowSession.Stub implements IBinder.DeathRecipient {
mCanCreateSystemApplicationOverlay =
service.mContext.checkCallingOrSelfPermission(SYSTEM_APPLICATION_OVERLAY)
== PERMISSION_GRANTED;
mCanStartTasksFromRecents = service.mContext.checkCallingOrSelfPermission(
START_TASKS_FROM_RECENTS) == PERMISSION_GRANTED;
mOverlaysCanBeHidden = !mCanAddInternalSystemWindow
&& !mService.mAtmInternal.isCallerRecents(mUid);
mCanAcquireSleepToken = service.mContext.checkCallingOrSelfPermission(DEVICE_POWER)
@@ -374,8 +378,9 @@ class Session extends IWindowSession.Stub implements IBinder.DeathRecipient {
} else if (hasShortcut) {
// Restrict who can start a shortcut drag since it will start the shortcut as the
// target shortcut package
mService.mAtmService.enforceCallerIsRecentsOrHasPermission(START_TASKS_FROM_RECENTS,
"performDrag");
if (!mCanStartTasksFromRecents) {
throw new SecurityException("Requires START_TASKS_FROM_RECENTS permission");
}
for (int i = 0; i < data.getItemCount(); i++) {
final ClipData.Item item = data.getItemAt(i);
final Intent intent = item.getIntent();
@@ -403,8 +408,9 @@ class Session extends IWindowSession.Stub implements IBinder.DeathRecipient {
}
} else if (hasTask) {
// TODO(b/169894807): Consider opening this up for tasks from the same app as the caller
mService.mAtmService.enforceCallerIsRecentsOrHasPermission(START_TASKS_FROM_RECENTS,
"performDrag");
if (!mCanStartTasksFromRecents) {
throw new SecurityException("Requires START_TASKS_FROM_RECENTS permission");
}
for (int i = 0; i < data.getItemCount(); i++) {
final ClipData.Item item = data.getItemAt(i);
final Intent intent = item.getIntent();

40
services/core/java/com/android/server/wm/WindowManagerService.java
View File

@@ -3938,8 +3938,10 @@ public class WindowManagerService extends IWindowManager.Stub
@Override
public void setIgnoreOrientationRequest(int displayId, boolean ignoreOrientationRequest) {
mAtmInternal.enforceCallerIsRecentsOrHasPermission(
android.Manifest.permission.SET_ORIENTATION, "setIgnoreOrientationRequest()");
if (!checkCallingPermission(
android.Manifest.permission.SET_ORIENTATION, "setIgnoreOrientationRequest()")) {
throw new SecurityException("Requires SET_ORIENTATION permission");
}
final long origId = Binder.clearCallingIdentity();
try {
@@ -6002,8 +6004,10 @@ public class WindowManagerService extends IWindowManager.Stub
@Override
public void setRecentsVisibility(boolean visible) {
mAtmInternal.enforceCallerIsRecentsOrHasPermission(android.Manifest.permission.STATUS_BAR,
"setRecentsVisibility()");
if (!checkCallingPermission(
android.Manifest.permission.STATUS_BAR, "setRecentsVisibility()")) {
throw new SecurityException("Requires STATUS_BAR permission");
}
synchronized (mGlobalLock) {
mPolicy.setRecentsVisibilityLw(visible);
}
@@ -6011,8 +6015,11 @@ public class WindowManagerService extends IWindowManager.Stub
@Override
public void hideTransientBars(int displayId) {
mAtmInternal.enforceCallerIsRecentsOrHasPermission(android.Manifest.permission.STATUS_BAR,
"hideTransientBars()");
if (!checkCallingPermission(
android.Manifest.permission.STATUS_BAR, "hideTransientBars()")) {
throw new SecurityException("Requires STATUS_BAR permission");
}
synchronized (mGlobalLock) {
final DisplayContent displayContent = mRoot.getDisplayContent(displayId);
if (displayContent != null) {
@@ -8314,8 +8321,11 @@ public class WindowManagerService extends IWindowManager.Stub
/** Return whether layer tracing is enabled */
public boolean isLayerTracing() {
mAtmInternal.enforceCallerIsRecentsOrHasPermission(android.Manifest.permission.DUMP,
"isLayerTracing");
if (!checkCallingPermission(
android.Manifest.permission.DUMP, "isLayerTracing()")) {
throw new SecurityException("Requires DUMP permission");
}
final long token = Binder.clearCallingIdentity();
try {
Parcel data = null;
@@ -8347,8 +8357,11 @@ public class WindowManagerService extends IWindowManager.Stub
/** Enable or disable layer tracing */
public void setLayerTracing(boolean enabled) {
mAtmInternal.enforceCallerIsRecentsOrHasPermission(android.Manifest.permission.DUMP,
"setLayerTracing");
if (!checkCallingPermission(
android.Manifest.permission.DUMP, "setLayerTracing()")) {
throw new SecurityException("Requires DUMP permission");
}
final long token = Binder.clearCallingIdentity();
try {
Parcel data = null;
@@ -8374,8 +8387,11 @@ public class WindowManagerService extends IWindowManager.Stub
/** Set layer tracing flags. */
public void setLayerTracingFlags(int flags) {
mAtmInternal.enforceCallerIsRecentsOrHasPermission(android.Manifest.permission.DUMP,
"setLayerTracingFlags");
if (!checkCallingPermission(
android.Manifest.permission.DUMP, "setLayerTracingFlags")) {
throw new SecurityException("Requires DUMP permission");
}
final long token = Binder.clearCallingIdentity();
try {
Parcel data = null;

8
services/tests/servicestests/src/com/android/server/accessibility/AccessibilityManagerServiceTest.java
View File

@@ -164,9 +164,7 @@ public class AccessibilityManagerServiceTest extends AndroidTestCase {
@SmallTest
public void testRegisterSystemActionWithoutPermission() throws Exception {
doThrow(SecurityException.class).when(mMockSecurityPolicy)
.enforceCallerIsRecentsOrHasPermission(
Manifest.permission.MANAGE_ACCESSIBILITY,
AccessibilityManagerService.FUNCTION_REGISTER_SYSTEM_ACTION);
.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY);
try {
mA11yms.registerSystemAction(TEST_ACTION, ACTION_ID);
@@ -185,9 +183,7 @@ public class AccessibilityManagerServiceTest extends AndroidTestCase {
@SmallTest
public void testUnregisterSystemActionWithoutPermission() throws Exception {
doThrow(SecurityException.class).when(mMockSecurityPolicy)
.enforceCallerIsRecentsOrHasPermission(
Manifest.permission.MANAGE_ACCESSIBILITY,
AccessibilityManagerService.FUNCTION_UNREGISTER_SYSTEM_ACTION);
.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY);
try {
mA11yms.unregisterSystemAction(ACTION_ID);

14
services/tests/servicestests/src/com/android/server/accessibility/AccessibilitySecurityPolicyTest.java
View File

@@ -51,9 +51,6 @@ import android.util.ArraySet;
import android.view.accessibility.AccessibilityEvent;
import android.view.accessibility.AccessibilityWindowInfo;
import com.android.server.LocalServices;
import com.android.server.wm.ActivityTaskManagerInternal;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@@ -123,7 +120,6 @@ public class AccessibilitySecurityPolicyTest {
@Mock private AccessibilityWindowManager mMockA11yWindowManager;
@Mock private AppWidgetManagerInternal mMockAppWidgetManager;
@Mock private AccessibilitySecurityPolicy.AccessibilityUserManager mMockA11yUserManager;
@Mock private ActivityTaskManagerInternal mMockActivityTaskManagerInternal;
@Before
public void setUp() {
@@ -132,10 +128,6 @@ public class AccessibilitySecurityPolicyTest {
when(mMockContext.getSystemService(Context.USER_SERVICE)).thenReturn(mMockUserManager);
when(mMockContext.getSystemService(Context.APP_OPS_SERVICE)).thenReturn(mMockAppOpsManager);
LocalServices.removeServiceForTest(ActivityTaskManagerInternal.class);
LocalServices.addService(
ActivityTaskManagerInternal.class, mMockActivityTaskManagerInternal);
mA11ySecurityPolicy = new AccessibilitySecurityPolicy(mMockContext, mMockA11yUserManager);
mA11ySecurityPolicy.setAccessibilityWindowManager(mMockA11yWindowManager);
mA11ySecurityPolicy.setAppWidgetManager(mMockAppWidgetManager);
@@ -570,10 +562,4 @@ public class AccessibilitySecurityPolicyTest {
APP_UID, PACKAGE_NAME);
}
@Test
public void testEnforceCallerIsRecentsOrHasPermission() {
mA11ySecurityPolicy.enforceCallerIsRecentsOrHasPermission(PERMISSION, FUNCTION);
verify(mMockActivityTaskManagerInternal).enforceCallerIsRecentsOrHasPermission(
PERMISSION, FUNCTION);
}
}

7
services/tests/wmtests/src/com/android/server/wm/DragDropControllerTests.java
View File

@@ -16,11 +16,13 @@
package com.android.server.wm;
import static android.Manifest.permission.START_TASKS_FROM_RECENTS;
import static android.app.WindowConfiguration.ACTIVITY_TYPE_STANDARD;
import static android.app.WindowConfiguration.WINDOWING_MODE_FULLSCREEN;
import static android.content.ClipDescription.MIMETYPE_APPLICATION_ACTIVITY;
import static android.content.ClipDescription.MIMETYPE_APPLICATION_SHORTCUT;
import static android.content.ClipDescription.MIMETYPE_APPLICATION_TASK;
import static android.content.pm.PackageManager.PERMISSION_GRANTED;
import static android.view.DragEvent.ACTION_DRAG_STARTED;
import static android.view.WindowManager.LayoutParams.PRIVATE_FLAG_INTERCEPT_GLOBAL_DRAG_AND_DROP;
import static android.view.WindowManager.LayoutParams.TYPE_BASE_APPLICATION;
@@ -34,6 +36,7 @@ import static com.android.dx.mockito.inline.extended.ExtendedMockito.when;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.verify;
import android.app.PendingIntent;
@@ -278,6 +281,8 @@ public class DragDropControllerTests extends WindowTestsBase {
@Test
public void testValidateAppShortcutArguments() {
doReturn(PERMISSION_GRANTED).when(mWm.mContext)
.checkCallingOrSelfPermission(eq(START_TASKS_FROM_RECENTS));
final Session session = new Session(mWm, new IWindowSessionCallback.Stub() {
@Override
public void onAnimatorScaleChanged(float scale) {}
@@ -329,6 +334,8 @@ public class DragDropControllerTests extends WindowTestsBase {
@Test
public void testValidateAppTaskArguments() {
doReturn(PERMISSION_GRANTED).when(mWm.mContext)
.checkCallingOrSelfPermission(eq(START_TASKS_FROM_RECENTS));
final Session session = new Session(mWm, new IWindowSessionCallback.Stub() {
@Override
public void onAnimatorScaleChanged(float scale) {}

50
services/tests/wmtests/src/com/android/server/wm/RecentTasksTest.java
View File

@@ -45,7 +45,6 @@ import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import static org.mockito.ArgumentMatchers.anyBoolean;
import static org.mockito.ArgumentMatchers.anyInt;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.reset;
@@ -58,7 +57,6 @@ import android.app.ActivityManager.RecentTaskInfo;
import android.app.ActivityManager.RunningTaskInfo;
import android.app.ActivityTaskManager;
import android.content.ComponentName;
import android.content.pm.PackageManager;
import android.content.pm.ParceledListSlice;
import android.content.pm.UserInfo;
import android.os.Bundle;
@@ -1109,28 +1107,6 @@ public class RecentTasksTest extends WindowTestsBase {
assertEquals(originalStackCount, mTaskContainer.getRootTaskCount());
}
@Test
public void testNotRecentsComponent_denyApiAccess() throws Exception {
doReturn(PackageManager.PERMISSION_DENIED).when(mAtm)
.checkGetTasksPermission(anyString(), anyInt(), anyInt());
// Expect the following methods to fail due to recents component not being set
mRecentTasks.setIsCallerRecentsOverride(TestRecentTasks.DENY_THROW_SECURITY_EXCEPTION);
doTestRecentTasksApis(false /* expectNoSecurityException */);
// Don't throw for the following tests
mRecentTasks.setIsCallerRecentsOverride(TestRecentTasks.DENY);
testGetTasksApis(false /* expectNoSecurityException */);
}
@Test
public void testRecentsComponent_allowApiAccessWithoutPermissions() {
doReturn(PackageManager.PERMISSION_DENIED).when(mAtm)
.checkGetTasksPermission(anyString(), anyInt(), anyInt());
// Set the recents component and ensure that the following calls do not fail
mRecentTasks.setIsCallerRecentsOverride(TestRecentTasks.GRANT);
doTestRecentTasksApis(true /* expectNoSecurityException */);
testGetTasksApis(true /* expectNoSecurityException */);
}
private void doTestRecentTasksApis(boolean expectCallable) {
assertSecurityException(expectCallable, () -> mAtm.removeTask(INVALID_STACK_ID));
assertSecurityException(expectCallable,
@@ -1295,13 +1271,7 @@ public class RecentTasksTest extends WindowTestsBase {
}
private static class TestRecentTasks extends RecentTasks {
static final int GRANT = 0;
static final int DENY = 1;
static final int DENY_THROW_SECURITY_EXCEPTION = 2;
private boolean mOverrideIsCallerRecents;
private boolean mIsTrimmableOverride;
private int mIsCallerRecentsPolicy;
public boolean mLastAllowed;
@@ -1334,26 +1304,6 @@ public class RecentTasksTest extends WindowTestsBase {
return new int[] { TEST_USER_0_ID, TEST_QUIET_USER_ID };
}
@Override
boolean isCallerRecents(int callingUid) {
if (mOverrideIsCallerRecents) {
switch (mIsCallerRecentsPolicy) {
case GRANT:
return true;
case DENY:
return false;
case DENY_THROW_SECURITY_EXCEPTION:
throw new SecurityException();
}
}
return super.isCallerRecents(callingUid);
}
void setIsCallerRecentsOverride(int policy) {
mOverrideIsCallerRecents = true;
mIsCallerRecentsPolicy = policy;
}
/**
* To simplify the setup for some tests, the caller can request that we only rely on the
* visible range test to determine what is trimmable. In this case, we don't try to