diff options
| author | Dianne Hackborn <hackbod@google.com> | 2014-08-25 23:21:47 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2014-08-25 23:21:48 +0000 |
| commit | 4cce1de9fe95ffc3b968de87579a543a461f96bb (patch) | |
| tree | f0fe5a45d828b4da3fd927954ffe6fd7f8ef710f | |
| parent | 83a82983eb27f297319b87a25fe3729cb3bb16ee (diff) | |
| parent | 885fbe5c070cf1579c96ab8e150449af00e16501 (diff) | |
| download | frameworks_base-4cce1de9fe95ffc3b968de87579a543a461f96bb.zip frameworks_base-4cce1de9fe95ffc3b968de87579a543a461f96bb.tar.gz frameworks_base-4cce1de9fe95ffc3b968de87579a543a461f96bb.tar.bz2 | |
Merge "Fix issue #16366571: UIDs for work and normal Chrome processes are the same" into lmp-dev
6 files changed, 61 insertions, 27 deletions
diff --git a/core/java/android/app/ActivityManager.java b/core/java/android/app/ActivityManager.java index b86621f..2667bcd 100644 --- a/core/java/android/app/ActivityManager.java +++ b/core/java/android/app/ActivityManager.java @@ -985,7 +985,7 @@ public class ActivityManager { ArrayList<AppTask> tasks = new ArrayList<AppTask>(); List<IAppTask> appTasks; try { - appTasks = ActivityManagerNative.getDefault().getAppTasks(); + appTasks = ActivityManagerNative.getDefault().getAppTasks(mContext.getPackageName()); } catch (RemoteException e) { // System dead, we will be dead too soon! return null; diff --git a/core/java/android/app/ActivityManagerNative.java b/core/java/android/app/ActivityManagerNative.java index 5b81cc3..82af99b 100644 --- a/core/java/android/app/ActivityManagerNative.java +++ b/core/java/android/app/ActivityManagerNative.java @@ -554,7 +554,8 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM case GET_APP_TASKS_TRANSACTION: { data.enforceInterface(IActivityManager.descriptor); - List<IAppTask> list = getAppTasks(); + String callingPackage = data.readString(); + List<IAppTask> list = getAppTasks(callingPackage); reply.writeNoException(); int N = list != null ? list.size() : -1; reply.writeInt(N); @@ -2880,10 +2881,11 @@ class ActivityManagerProxy implements IActivityManager reply.recycle(); return res; } - public List<IAppTask> getAppTasks() throws RemoteException { + public List<IAppTask> getAppTasks(String callingPackage) throws RemoteException { Parcel data = Parcel.obtain(); Parcel reply = Parcel.obtain(); data.writeInterfaceToken(IActivityManager.descriptor); + data.writeString(callingPackage); mRemote.transact(GET_APP_TASKS_TRANSACTION, data, reply, 0); reply.readException(); ArrayList<IAppTask> list = null; diff --git a/core/java/android/app/IActivityManager.java b/core/java/android/app/IActivityManager.java index 1664408..69e1710 100644 --- a/core/java/android/app/IActivityManager.java +++ b/core/java/android/app/IActivityManager.java @@ -119,7 +119,7 @@ public interface IActivityManager extends IInterface { public void activityDestroyed(IBinder token) throws RemoteException; public String getCallingPackage(IBinder token) throws RemoteException; public ComponentName getCallingActivity(IBinder token) throws RemoteException; - public List<IAppTask> getAppTasks() throws RemoteException; + public List<IAppTask> getAppTasks(String callingPackage) throws RemoteException; public int addAppTask(IBinder activityToken, Intent intent, ActivityManager.TaskDescription description, Bitmap thumbnail) throws RemoteException; public Point getAppTaskThumbnailSize() throws RemoteException; diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java index dd3d862..62a212b 100755 --- a/services/core/java/com/android/server/am/ActivityManagerService.java +++ b/services/core/java/com/android/server/am/ActivityManagerService.java @@ -7516,18 +7516,10 @@ public final class ActivityManagerService extends ActivityManagerNative // ========================================================= @Override - public List<IAppTask> getAppTasks() { - final PackageManager pm = mContext.getPackageManager(); + public List<IAppTask> getAppTasks(String callingPackage) { int callingUid = Binder.getCallingUid(); long ident = Binder.clearCallingIdentity(); - // Compose the list of packages for this id to test against - HashSet<String> packages = new HashSet<String>(); - String[] uidPackages = pm.getPackagesForUid(callingUid); - for (int i = 0; i < uidPackages.length; i++) { - packages.add(uidPackages[i]); - } - synchronized(this) { ArrayList<IAppTask> list = new ArrayList<IAppTask>(); try { @@ -7536,13 +7528,21 @@ public final class ActivityManagerService extends ActivityManagerNative final int N = mRecentTasks.size(); for (int i = 0; i < N; i++) { TaskRecord tr = mRecentTasks.get(i); - // Skip tasks that do not match the package name - if (packages.contains(tr.getBaseIntent().getComponent().getPackageName())) { - ActivityManager.RecentTaskInfo taskInfo = - createRecentTaskInfoFromTaskRecord(tr); - AppTaskImpl taskImpl = new AppTaskImpl(taskInfo.persistentId, callingUid); - list.add(taskImpl); + // Skip tasks that do not match the caller. We don't need to verify + // callingPackage, because we are also limiting to callingUid and know + // that will limit to the correct security sandbox. + if (tr.effectiveUid != callingUid) { + continue; + } + Intent intent = tr.getBaseIntent(); + if (intent == null || + !callingPackage.equals(intent.getComponent().getPackageName())) { + continue; } + ActivityManager.RecentTaskInfo taskInfo = + createRecentTaskInfoFromTaskRecord(tr); + AppTaskImpl taskImpl = new AppTaskImpl(taskInfo.persistentId, callingUid); + list.add(taskImpl); } } finally { Binder.restoreCallingIdentity(ident); @@ -7706,7 +7706,7 @@ public final class ActivityManagerService extends ActivityManagerNative if (!allowed) { // If the caller doesn't have the GET_TASKS permission, then only // allow them to see a small subset of tasks -- their own and home. - if (!tr.isHomeTask() && tr.creatorUid != callingUid) { + if (!tr.isHomeTask() && tr.effectiveUid != callingUid) { if (DEBUG_RECENTS) Slog.d(TAG, "Skipping, not allowed: " + tr); continue; } diff --git a/services/core/java/com/android/server/am/ActivityStack.java b/services/core/java/com/android/server/am/ActivityStack.java index 4bd86e4..41ed4ce 100755 --- a/services/core/java/com/android/server/am/ActivityStack.java +++ b/services/core/java/com/android/server/am/ActivityStack.java @@ -3799,7 +3799,7 @@ final class ActivityStack { if (activities.isEmpty()) { continue; } - if (!allowed && !task.isHomeTask() && task.creatorUid != callingUid) { + if (!allowed && !task.isHomeTask() && task.effectiveUid != callingUid) { continue; } for (int activityNdx = activities.size() - 1; activityNdx >= 0; --activityNdx) { diff --git a/services/core/java/com/android/server/am/TaskRecord.java b/services/core/java/com/android/server/am/TaskRecord.java index d35e09f..7e42232 100644 --- a/services/core/java/com/android/server/am/TaskRecord.java +++ b/services/core/java/com/android/server/am/TaskRecord.java @@ -26,11 +26,16 @@ import android.app.Activity; import android.app.ActivityManager; import android.app.ActivityManager.TaskThumbnail; import android.app.ActivityOptions; +import android.app.AppGlobals; import android.content.ComponentName; import android.content.Intent; import android.content.pm.ActivityInfo; +import android.content.pm.ApplicationInfo; +import android.content.pm.IPackageManager; +import android.content.pm.PackageManager; import android.graphics.Bitmap; import android.os.ParcelFileDescriptor; +import android.os.RemoteException; import android.os.UserHandle; import android.service.voice.IVoiceInteractionSession; import android.util.Slog; @@ -57,6 +62,7 @@ final class TaskRecord { private static final String ATTR_AUTOREMOVERECENTS = "auto_remove_recents"; private static final String ATTR_ASKEDCOMPATMODE = "asked_compat_mode"; private static final String ATTR_USERID = "user_id"; + private static final String ATTR_EFFECTIVE_UID = "effective_uid"; private static final String ATTR_TASKTYPE = "task_type"; private static final String ATTR_FIRSTACTIVETIME = "first_active_time"; private static final String ATTR_LASTACTIVETIME = "last_active_time"; @@ -83,6 +89,7 @@ final class TaskRecord { final IVoiceInteractor voiceInteractor; // Associated interactor to provide to app Intent intent; // The original intent that started the task. Intent affinityIntent; // Intent of affinity-moved activity that started this task. + int effectiveUid; // The current effective uid of the identity of this task. ComponentName origActivity; // The non-alias activity component of the intent. ComponentName realActivity; // The actual activity component that started the task. long firstActiveTime; // First time this task was active. @@ -198,7 +205,7 @@ final class TaskRecord { TaskRecord(ActivityManagerService service, int _taskId, Intent _intent, Intent _affinityIntent, String _affinity, ComponentName _realActivity, ComponentName _origActivity, boolean _rootWasReset, boolean _autoRemoveRecents, boolean _askedCompatMode, - int _taskType, int _userId, + int _taskType, int _userId, int _effectiveUid, String _lastDescription, ArrayList<ActivityRecord> activities, long _firstActiveTime, long _lastActiveTime, long lastTimeMoved, boolean neverRelinquishIdentity, ActivityManager.TaskDescription _lastTaskDescription, int taskAffiliation, @@ -222,6 +229,7 @@ final class TaskRecord { taskType = _taskType; mTaskToReturnTo = HOME_ACTIVITY_TYPE; userId = _userId; + effectiveUid = _effectiveUid; firstActiveTime = _firstActiveTime; lastActiveTime = _lastActiveTime; lastDescription = _lastDescription; @@ -265,6 +273,7 @@ final class TaskRecord { } affinity = info.taskAffinity; + effectiveUid = info.applicationInfo.uid; stringName = null; if (info.targetActivity == null) { @@ -311,7 +320,6 @@ final class TaskRecord { } userId = UserHandle.getUserId(info.applicationInfo.uid); - creatorUid = info.applicationInfo.uid; if ((info.flags & ActivityInfo.FLAG_AUTO_REMOVE_FROM_RECENTS) != 0) { // If the activity itself has requested auto-remove, then just always do it. autoRemoveRecents = true; @@ -823,6 +831,7 @@ final class TaskRecord { out.attribute(null, ATTR_AUTOREMOVERECENTS, String.valueOf(autoRemoveRecents)); out.attribute(null, ATTR_ASKEDCOMPATMODE, String.valueOf(askedCompatMode)); out.attribute(null, ATTR_USERID, String.valueOf(userId)); + out.attribute(null, ATTR_EFFECTIVE_UID, String.valueOf(effectiveUid)); out.attribute(null, ATTR_TASKTYPE, String.valueOf(taskType)); out.attribute(null, ATTR_FIRSTACTIVETIME, String.valueOf(firstActiveTime)); out.attribute(null, ATTR_LASTACTIVETIME, String.valueOf(lastActiveTime)); @@ -881,6 +890,7 @@ final class TaskRecord { boolean askedCompatMode = false; int taskType = ActivityRecord.APPLICATION_ACTIVITY_TYPE; int userId = 0; + int effectiveUid = -1; String lastDescription = null; long firstActiveTime = -1; long lastActiveTime = -1; @@ -917,6 +927,8 @@ final class TaskRecord { askedCompatMode = Boolean.valueOf(attrValue); } else if (ATTR_USERID.equals(attrName)) { userId = Integer.valueOf(attrValue); + } else if (ATTR_EFFECTIVE_UID.equals(attrName)) { + effectiveUid = Integer.valueOf(attrValue); } else if (ATTR_TASKTYPE.equals(attrName)) { taskType = Integer.valueOf(attrValue); } else if (ATTR_FIRSTACTIVETIME.equals(attrName)) { @@ -979,10 +991,30 @@ final class TaskRecord { createLastTaskDescriptionIconFilename(taskId, lastActiveTime))); } + if (effectiveUid <= 0) { + Intent checkIntent = intent != null ? intent : affinityIntent; + effectiveUid = 0; + if (checkIntent != null) { + IPackageManager pm = AppGlobals.getPackageManager(); + try { + ApplicationInfo ai = pm.getApplicationInfo( + checkIntent.getComponent().getPackageName(), + PackageManager.GET_UNINSTALLED_PACKAGES + | PackageManager.GET_DISABLED_COMPONENTS, userId); + if (ai != null) { + effectiveUid = ai.uid; + } + } catch (RemoteException e) { + } + } + Slog.w(TAG, "Updating task #" + taskId + " for " + checkIntent + + ": effectiveUid=" + effectiveUid); + } + final TaskRecord task = new TaskRecord(stackSupervisor.mService, taskId, intent, affinityIntent, affinity, realActivity, origActivity, rootHasReset, - autoRemoveRecents, askedCompatMode, taskType, userId, lastDescription, activities, - firstActiveTime, lastActiveTime, lastTimeOnTop, neverRelinquishIdentity, + autoRemoveRecents, askedCompatMode, taskType, userId, effectiveUid, lastDescription, + activities, firstActiveTime, lastActiveTime, lastTimeOnTop, neverRelinquishIdentity, taskDescription, taskAffiliation, prevTaskId, nextTaskId, taskAffiliationColor, callingUid, callingPackage); @@ -996,8 +1028,8 @@ final class TaskRecord { void dump(PrintWriter pw, String prefix) { pw.print(prefix); pw.print("userId="); pw.print(userId); - pw.print(" creatorUid="); pw.print(creatorUid); - pw.print(" mCallingUid="); pw.print(mCallingUid); + pw.print(" effectiveUid="); UserHandle.formatUid(pw, effectiveUid); + pw.print(" mCallingUid="); UserHandle.formatUid(pw, mCallingUid); pw.print(" mCallingPackage="); pw.println(mCallingPackage); if (affinity != null) { pw.print(prefix); pw.print("affinity="); pw.println(affinity); |