Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / 2927b542ab9d6e63f61c582c6a027da3efd9dead
commit2927b542ab9d6e63f61c582c6a027da3efd9dead[log] [tgz]
authorMichal Karpinski <mkarpinski@google.com>Tue Apr 16 14:02:46 2019 +0100
committerMichal Karpinski <mkarpinski@google.com>Tue Apr 16 15:50:13 2019 +0100
tree6032710dc8369b13d011850422428e56faa9dd71
parent949305fe52816c6a51454cc8aee56fee8486eeac [diff]
Don't allow PI-based starts and trampolines when sender
is SYSTEM_UID and it happens to pass foregroundness check
at the time of sending

It could lead to abuses like directing the user to Settings app
and then giving a PI through any API, so that app could open
activity/trampoline due to Settings app (SYSTEM_UID) being fg.

PI-based starts where sender is SYSTEM_UID will no longer be
supported based on foregroundness check. Any such starts need
to now be explicitly whitelisted (see b/124858756).

Also, ignore windows of type TYPE_APPLICATION_STARTING in
isAnyNonToastWindowVisibleForUid() check.

Bug: 129563343
Test: atest WmTests:ActivityStarterTests
Test: atest BackgroundActivityLaunchTest
Test: atest CtsActivityManagerDeviceTestCases:ActivityStarterTests
Test: atest WmTests:RootWindowContainerTests
Change-Id: I563f71f0b1c7922d8c675d2e4feed909f43446be
4 files changed
tree: 6032710dc8369b13d011850422428e56faa9dd71
  1. apct-tests/
  2. api/
  3. cmds/
  4. config/
  5. core/
  6. data/
  7. docs/
  8. drm/
  9. graphics/
  10. keystore/
  11. libs/
  12. location/
  13. lowpan/
  14. media/
  15. native/
  16. nfc-extras/
  17. obex/
  18. opengl/
  19. packages/
  20. proto/
  21. rs/
  22. samples/
  23. sax/
  24. services/
  25. startop/
  26. telecomm/
  27. telephony/
  28. test-base/
  29. test-legacy/
  30. test-mock/
  31. test-runner/
  32. tests/
  33. tools/
  34. wifi/
  35. .gitignore
  36. Android.bp
  37. Android.mk
  38. CleanSpec.mk
  39. jarjar_rules_hidl.txt
  40. MODULE_LICENSE_APACHE2
  41. NOTICE
  42. pathmap.mk
  43. PREUPLOAD.cfg