6 files changed, 55 insertions, 10 deletions

diff --git a/core/java/android/app/ApplicationPackageManager.java b/core/java/android/app/ApplicationPackageManager.java
index db4e123..c829daa 100644
--- a/core/java/android/app/ApplicationPackageManager.java
+++ b/core/java/android/app/ApplicationPackageManager.java
@@ -2048,9 +2048,11 @@ final class ApplicationPackageManager extends PackageManager {
 
     /** @hide */
     @Override
-    public boolean isComponentProtected(String callingPackage, ComponentName componentName) {
+    public boolean isComponentProtected(String callingPackage, int callingUid,
+            ComponentName componentName) {
         try {
-            return mPM.isComponentProtected(callingPackage, componentName, mContext.getUserId());
+            return mPM.isComponentProtected(callingPackage, callingUid, componentName,
+                    mContext.getUserId());
         } catch (RemoteException re) {
             Log.e(TAG, "Failed to get component protected setting", re);
             return false;
diff --git a/core/java/android/content/pm/IPackageManager.aidl b/core/java/android/content/pm/IPackageManager.aidl
index 6d8b5cb..a3329db 100644
--- a/core/java/android/content/pm/IPackageManager.aidl
+++ b/core/java/android/content/pm/IPackageManager.aidl
@@ -521,6 +521,6 @@ interface IPackageManager {
     int processThemeResources(String themePkgName);
 
     /** Protected Apps */
-    boolean isComponentProtected(in String callingPackage, in ComponentName componentName,
-            int userId);
+    boolean isComponentProtected(in String callingPackage, in int callingUid,
+    in ComponentName componentName, int userId);
 }
diff --git a/core/java/android/content/pm/PackageManager.java b/core/java/android/content/pm/PackageManager.java
index 529d641..8f0500e 100644
--- a/core/java/android/content/pm/PackageManager.java
+++ b/core/java/android/content/pm/PackageManager.java
@@ -4564,7 +4564,7 @@ public abstract class PackageManager {
      * Return whether or not a specific component is protected
      * @hide
      */
-    public abstract boolean isComponentProtected(String callingPackage,
+    public abstract boolean isComponentProtected(String callingPackage, int callingUid,
             ComponentName componentName);
 
     /**
diff --git a/services/core/java/com/android/server/am/ActivityStackSupervisor.java b/services/core/java/com/android/server/am/ActivityStackSupervisor.java
index 48ac172..4cc5370 100644
--- a/services/core/java/com/android/server/am/ActivityStackSupervisor.java
+++ b/services/core/java/com/android/server/am/ActivityStackSupervisor.java
@@ -961,7 +961,8 @@ public final class ActivityStackSupervisor implements DisplayListener {
                 //TODO: This needs to be a flushed out API in the future.
                 boolean isProtected = intent.getComponent() != null
                         && AppGlobals.getPackageManager()
-                        .isComponentProtected(callingPackage, intent.getComponent(), userId) &&
+                        .isComponentProtected(callingPackage, callingUid,
+                                intent.getComponent(), userId) &&
                         (intent.getFlags()&Intent.FLAG_GRANT_READ_URI_PERMISSION) == 0;
 
                 if (isProtected) {
@@ -977,6 +978,7 @@ public final class ActivityStackSupervisor implements DisplayListener {
             } catch (RemoteException e) {
                 e.printStackTrace();
             }
+
             final int realCallingPid = Binder.getCallingPid();
             final int realCallingUid = Binder.getCallingUid();
             int callingPid;
@@ -1873,6 +1875,28 @@ public final class ActivityStackSupervisor implements DisplayListener {
             inTask = null;
         }
 
+        try {
+            //TODO: This needs to be a flushed out API in the future.
+            boolean isProtected = intent.getComponent() != null
+                    && AppGlobals.getPackageManager()
+                    .isComponentProtected(null, r.launchedFromUid,
+                            intent.getComponent(), r.userId) &&
+                    (intent.getFlags()&Intent.FLAG_GRANT_READ_URI_PERMISSION) == 0;
+
+            if (isProtected) {
+                Message msg = mService.mHandler.obtainMessage(
+                        ActivityManagerService.POST_COMPONENT_PROTECTED_MSG);
+                //Store start flags, userid
+                intent.setFlags(startFlags);
+                intent.putExtra("com.android.settings.PROTECTED_APPS_USER_ID", r.userId);
+                msg.obj = intent;
+                mService.mHandler.sendMessage(msg);
+                return ActivityManager.START_NOT_CURRENT_USER_ACTIVITY;
+            }
+        } catch (RemoteException e) {
+            e.printStackTrace();
+        }
+
         final boolean launchSingleTop = r.launchMode == ActivityInfo.LAUNCH_SINGLE_TOP;
         final boolean launchSingleInstance = r.launchMode == ActivityInfo.LAUNCH_SINGLE_INSTANCE;
         final boolean launchSingleTask = r.launchMode == ActivityInfo.LAUNCH_SINGLE_TASK;
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 0e174c3..e1f94ce 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -17265,10 +17265,12 @@ public class PackageManagerService extends IPackageManager.Stub {
     }
 
     @Override
-    public boolean isComponentProtected(String callingPackage,
+    public boolean isComponentProtected(String callingPackage, int callingUid,
             ComponentName componentName, int userId) {
         if (DEBUG_PROTECTED) Log.d(TAG, "Checking if component is protected "
-                + componentName.flattenToShortString() + " from calling package " + callingPackage);
+                + componentName.flattenToShortString() + " from calling package " + callingPackage
+                + " and callinguid " + callingUid);
+
         enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false, "set protected");
 
         //Allow managers full access
@@ -17289,8 +17291,24 @@ public class PackageManagerService extends IPackageManager.Stub {
             return false;
         }
 
+        //If this component is launched from a validation component, allow it.
         if (TextUtils.equals(PROTECTED_APPS_TARGET_VALIDATION_COMPONENT,
-                componentName.flattenToString())) {
+                componentName.flattenToString()) && callingUid == Process.SYSTEM_UID) {
+            return false;
+        }
+
+        //If this component is launched from the system or a uid of a protected component, allow it.
+        boolean fromProtectedComponentUid = false;
+        for (String protectedComponentManager : protectedComponentManagers) {
+            if (callingUid == getPackageUid(protectedComponentManager, userId)) {
+                fromProtectedComponentUid = true;
+            }
+        }
+
+        if (callingPackage == null && (callingUid == Process.SYSTEM_UID
+                || fromProtectedComponentUid)) {
+            if (DEBUG_PROTECTED) Log.d(TAG, "Calling package is android and from system or " +
+                    "protected manager, allow");
             return false;
         }
 
diff --git a/test-runner/src/android/test/mock/MockPackageManager.java b/test-runner/src/android/test/mock/MockPackageManager.java
index d3e2bfd..bd0a89a 100644
--- a/test-runner/src/android/test/mock/MockPackageManager.java
+++ b/test-runner/src/android/test/mock/MockPackageManager.java
@@ -904,7 +904,8 @@ public class MockPackageManager extends PackageManager {
      * @hide
      */
     @Override
-    public boolean isComponentProtected(String callingPackage, ComponentName componentName) {
+    public boolean isComponentProtected(String callingPackage, int callingUid,
+            ComponentName componentName) {
         throw new UnsupportedOperationException();
     }