ASM Rule and Debug Updates.
This change updates ASM rules based on gathered data, and improves debug
information.
1. An activity in the background can fire a PendingIntent, with affinity
for an existing task. The BAL code is BAL_BLOCK, but is not blocked
by BAL rules due to the affinity. We now also allow this case for ASM
by checking avoidMoveToFront.
2. An actiivty can launch multiple GrantPermissionActitities in quick
succession. If the launcher is visible, this was allowed. However, if
the launcher was not (e.g, a URIHandler redirect), it would be
blocked by ASM. We now allow it in the redirect case as well by
considering the visibiltiy of all activities in the task.
Bug: 230590090
Test: atest BackgroundActivityLaunchTest ActivitySecurityModelTest
Change-Id: I221620ec35f4ddee1425beaa2898d85389cccdae
3 files changed