Change lock-task DPM authorization to packages

Switch the DPM lock-task authorization to be controlled by a package
rather than a component.

Change-Id: Ife9bed068f31ff2449b4451ab69d3586a3f09d89

2 files changed, 34 insertions, 18 deletions

diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index 697e1f2..1d9cf5b 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -7625,14 +7625,24 @@ public final class ActivityManagerService extends ActivityManagerNative
         }
     }
 
-    private boolean isLockTaskAuthorized(ComponentName name) {
+    private boolean isLockTaskAuthorized(String pkg) {
         final DevicePolicyManager dpm = (DevicePolicyManager)
                 mContext.getSystemService(Context.DEVICE_POLICY_SERVICE);
-        return dpm != null && dpm.isLockTaskPermitted(name);
+        try {
+            int uid = mContext.getPackageManager().getPackageUid(pkg,
+                    Binder.getCallingUserHandle().getIdentifier());
+            return (uid == Binder.getCallingUid()) && dpm != null && dpm.isLockTaskPermitted(pkg);
+        } catch (NameNotFoundException e) {
+            return false;
+        }
     }
 
     private void startLockTaskMode(TaskRecord task) {
-        if (!isLockTaskAuthorized(task.intent.getComponent())) {
+        final String pkg;
+        synchronized (this) {
+            pkg = task.intent.getComponent().getPackageName();
+        }
+        if (!isLockTaskAuthorized(pkg)) {
             return;
         }
         long ident = Binder.clearCallingIdentity();
@@ -7641,6 +7651,9 @@ public final class ActivityManagerService extends ActivityManagerNative
                 // Since we lost lock on task, make sure it is still there.
                 task = mStackSupervisor.anyTaskForIdLocked(task.taskId);
                 if (task != null) {
+                    if ((mFocusedActivity == null) || (task != mFocusedActivity.task)) {
+                        throw new IllegalArgumentException("Invalid task, not in foreground");
+                    }
                     mStackSupervisor.setLockTaskModeLocked(task);
                 }
             }
@@ -7651,25 +7664,25 @@ public final class ActivityManagerService extends ActivityManagerNative
 
     @Override
     public void startLockTaskMode(int taskId) {
+        final TaskRecord task;
         long ident = Binder.clearCallingIdentity();
         try {
-            final TaskRecord task;
             synchronized (this) {
                 task = mStackSupervisor.anyTaskForIdLocked(taskId);
             }
-            if (task != null) {
-                startLockTaskMode(task);
-            }
         } finally {
             Binder.restoreCallingIdentity(ident);
         }
+        if (task != null) {
+            startLockTaskMode(task);
+        }
     }
 
     @Override
     public void startLockTaskMode(IBinder token) {
+        final TaskRecord task;
         long ident = Binder.clearCallingIdentity();
         try {
-            final TaskRecord task;
             synchronized (this) {
                 final ActivityRecord r = ActivityRecord.forToken(token);
                 if (r == null) {
@@ -7677,24 +7690,27 @@ public final class ActivityManagerService extends ActivityManagerNative
                 }
                 task = r.task;
             }
-            if (task != null) {
-                startLockTaskMode(task);
-            }
         } finally {
             Binder.restoreCallingIdentity(ident);
         }
+        if (task != null) {
+            startLockTaskMode(task);
+        }
     }
 
     @Override
     public void stopLockTaskMode() {
-        // Check if the calling task is eligible to use lock task
-        final int uid = Binder.getCallingUid();
+        // Verify that the user matches the package of the intent for the TaskRecord
+        // we are locked to.  This will ensure the same caller for startLockTaskMode and
+        // stopLockTaskMode.
         try {
-            final String name = AppGlobals.getPackageManager().getNameForUid(uid);
-            if (!isLockTaskAuthorized(new ComponentName(name, name))) {
-                return;
+            String pkg = mStackSupervisor.mLockTaskModeTask.intent.getPackage();
+            int uid = mContext.getPackageManager().getPackageUid(pkg,
+                    Binder.getCallingUserHandle().getIdentifier());
+            if (uid != Binder.getCallingUid()) {
+                throw new SecurityException("Invalid uid, expected " + uid);
             }
-        } catch (RemoteException e) {
+        } catch (NameNotFoundException e) {
             Log.d(TAG, "stopLockTaskMode " + e);
             return;
         }
diff --git a/services/core/java/com/android/server/am/ActivityStackSupervisor.java b/services/core/java/com/android/server/am/ActivityStackSupervisor.java
index 66e9eb3..278fa3e 100644
--- a/services/core/java/com/android/server/am/ActivityStackSupervisor.java
+++ b/services/core/java/com/android/server/am/ActivityStackSupervisor.java
@@ -251,7 +251,7 @@ public final class ActivityStackSupervisor implements DisplayListener {
 
     /** If non-null then the task specified remains in front and no other tasks may be started
      * until the task exits or #stopLockTaskMode() is called. */
-    private TaskRecord mLockTaskModeTask;
+    TaskRecord mLockTaskModeTask;
 
     public ActivityStackSupervisor(ActivityManagerService service) {
         mService = service;