diff options
| author | justinzhang <justinzhang@google.com> | 2014-05-12 14:50:48 -0400 |
|---|---|---|
| committer | justinzhang <justinzhang@google.com> | 2014-05-21 15:28:08 -0400 |
| commit | 7bd35c7e6f5e8b4085bc8ee708e67872cab9743f (patch) | |
| tree | 433c7bc616bfe5f5dc39cf0daf4e232670d66b0b /services | |
| parent | bee9d71293ede690faefd2d36141aece893a9e71 (diff) | |
| download | frameworks_base-7bd35c7e6f5e8b4085bc8ee708e67872cab9743f.zip frameworks_base-7bd35c7e6f5e8b4085bc8ee708e67872cab9743f.tar.gz frameworks_base-7bd35c7e6f5e8b4085bc8ee708e67872cab9743f.tar.bz2 | |
Use DeviecPolicyManager to authenticate lock task
Uncomment lines in ActivityManagerService. Before start lock task,
ActivityMangerService calls DevicePolicyManager to see if the
app can go into lock task.
Change-Id: I9ad784d7cc637d45884dcb2623b4c59ff802f93d
Diffstat (limited to 'services')
| -rw-r--r-- | services/core/java/com/android/server/am/ActivityManagerService.java | 30 |
1 files changed, 19 insertions, 11 deletions
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java index 7cd4ef8..ac30319 100644 --- a/services/core/java/com/android/server/am/ActivityManagerService.java +++ b/services/core/java/com/android/server/am/ActivityManagerService.java @@ -33,6 +33,7 @@ import android.app.AppOpsManager; import android.app.IActivityContainer; import android.app.IActivityContainerCallback; import android.app.IAppTask; +import android.app.admin.DevicePolicyManager; import android.appwidget.AppWidgetManager; import android.graphics.Rect; import android.os.BatteryStats; @@ -7576,12 +7577,9 @@ public final class ActivityManagerService extends ActivityManagerNative } private boolean isLockTaskAuthorized(ComponentName name) { -// enforceCallingPermission(android.Manifest.permission.REORDER_TASKS, -// "startLockTaskMode()"); -// DevicePolicyManager dpm = (DevicePolicyManager) -// mContext.getSystemService(Context.DEVICE_POLICY_SERVICE); -// return dpm != null && dpm.isLockTaskPermitted(name); - return true; + final DevicePolicyManager dpm = (DevicePolicyManager) + mContext.getSystemService(Context.DEVICE_POLICY_SERVICE); + return dpm != null && dpm.isLockTaskPermitted(name); } private void startLockTaskMode(TaskRecord task) { @@ -7640,8 +7638,18 @@ public final class ActivityManagerService extends ActivityManagerNative @Override public void stopLockTaskMode() { -// enforceCallingPermission(android.Manifest.permission.REORDER_TASKS, -// "stopLockTaskMode()"); + // Check if the calling task is eligible to use lock task + final int uid = Binder.getCallingUid(); + try { + final String name = AppGlobals.getPackageManager().getNameForUid(uid); + if (!isLockTaskAuthorized(new ComponentName(name, name))) { + return; + } + } catch (RemoteException e) { + Log.d(TAG, "stopLockTaskMode " + e); + return; + } + // Stop lock task synchronized (this) { mStackSupervisor.setLockTaskModeLocked(null); } @@ -8759,7 +8767,7 @@ public final class ActivityManagerService extends ActivityManagerNative if (mAppSwitchesAllowedTime < SystemClock.uptimeMillis()) { return true; } - + final int perm = checkComponentPermission( android.Manifest.permission.STOP_APP_SWITCHES, callingPid, callingUid, -1, true); @@ -13273,7 +13281,7 @@ public final class ActivityManagerService extends ActivityManagerNative } } - // A backup agent has just come up + // A backup agent has just come up public void backupAgentCreated(String agentPackageName, IBinder agent) { if (DEBUG_BACKUP) Slog.v(TAG, "backupAgentCreated: " + agentPackageName + " = " + agent); @@ -14492,7 +14500,7 @@ public final class ActivityManagerService extends ActivityManagerNative msg.obj = new Configuration(configCopy); mHandler.sendMessage(msg); } - + for (int i=mLruProcesses.size()-1; i>=0; i--) { ProcessRecord app = mLruProcesses.get(i); try { |