diff options
| -rw-r--r-- | cmds/servicemanager/service_manager.c | 23 | ||||
| -rw-r--r-- | cmds/surfaceflinger/main_surfaceflinger.cpp | 2 | ||||
| -rw-r--r-- | core/java/android/os/IServiceManager.java | 3 | ||||
| -rw-r--r-- | core/java/android/os/ServiceManager.java | 19 | ||||
| -rw-r--r-- | core/java/android/os/ServiceManagerNative.java | 6 | ||||
| -rw-r--r-- | core/java/android/os/UserId.java | 5 | ||||
| -rw-r--r-- | core/res/AndroidManifest.xml | 7 | ||||
| -rwxr-xr-x | core/res/res/values/strings.xml | 7 | ||||
| -rw-r--r-- | include/binder/BinderService.h | 8 | ||||
| -rw-r--r-- | include/binder/IServiceManager.h | 3 | ||||
| -rw-r--r-- | libs/binder/IServiceManager.cpp | 4 | ||||
| -rw-r--r-- | services/java/com/android/server/am/ActivityManagerService.java | 65 |
12 files changed, 133 insertions, 19 deletions
diff --git a/cmds/servicemanager/service_manager.c b/cmds/servicemanager/service_manager.c index 4ed2489..cfc2d16 100644 --- a/cmds/servicemanager/service_manager.c +++ b/cmds/servicemanager/service_manager.c @@ -90,6 +90,7 @@ struct svcinfo struct svcinfo *next; void *ptr; struct binder_death death; + int allow_isolated; unsigned len; uint16_t name[0]; }; @@ -125,13 +126,21 @@ uint16_t svcmgr_id[] = { }; -void *do_find_service(struct binder_state *bs, uint16_t *s, unsigned len) +void *do_find_service(struct binder_state *bs, uint16_t *s, unsigned len, unsigned uid) { struct svcinfo *si; si = find_svc(s, len); // ALOGI("check_service('%s') ptr = %p\n", str8(s), si ? si->ptr : 0); if (si && si->ptr) { + if (!si->allow_isolated) { + // If this service doesn't allow access from isolated processes, + // then check the uid to see if it is isolated. + unsigned appid = uid % AID_USER; + if (appid >= AID_ISOLATED_START && appid <= AID_ISOLATED_END) { + return 0; + } + } return si->ptr; } else { return 0; @@ -140,10 +149,11 @@ void *do_find_service(struct binder_state *bs, uint16_t *s, unsigned len) int do_add_service(struct binder_state *bs, uint16_t *s, unsigned len, - void *ptr, unsigned uid) + void *ptr, unsigned uid, int allow_isolated) { struct svcinfo *si; -// ALOGI("add_service('%s',%p) uid=%d\n", str8(s), ptr, uid); + //ALOGI("add_service('%s',%p,%s) uid=%d\n", str8(s), ptr, + // allow_isolated ? "allow_isolated" : "!allow_isolated", uid); if (!ptr || (len == 0) || (len > 127)) return -1; @@ -175,6 +185,7 @@ int do_add_service(struct binder_state *bs, si->name[len] = '\0'; si->death.func = svcinfo_death; si->death.ptr = si; + si->allow_isolated = allow_isolated; si->next = svclist; svclist = si; } @@ -194,6 +205,7 @@ int svcmgr_handler(struct binder_state *bs, unsigned len; void *ptr; uint32_t strict_policy; + int allow_isolated; // ALOGI("target=%p code=%d pid=%d uid=%d\n", // txn->target, txn->code, txn->sender_pid, txn->sender_euid); @@ -217,7 +229,7 @@ int svcmgr_handler(struct binder_state *bs, case SVC_MGR_GET_SERVICE: case SVC_MGR_CHECK_SERVICE: s = bio_get_string16(msg, &len); - ptr = do_find_service(bs, s, len); + ptr = do_find_service(bs, s, len, txn->sender_euid); if (!ptr) break; bio_put_ref(reply, ptr); @@ -226,7 +238,8 @@ int svcmgr_handler(struct binder_state *bs, case SVC_MGR_ADD_SERVICE: s = bio_get_string16(msg, &len); ptr = bio_get_ref(msg); - if (do_add_service(bs, s, len, ptr, txn->sender_euid)) + allow_isolated = bio_get_uint32(msg) ? 1 : 0; + if (do_add_service(bs, s, len, ptr, txn->sender_euid, allow_isolated)) return -1; break; diff --git a/cmds/surfaceflinger/main_surfaceflinger.cpp b/cmds/surfaceflinger/main_surfaceflinger.cpp index 78b1007..6dbcf5c 100644 --- a/cmds/surfaceflinger/main_surfaceflinger.cpp +++ b/cmds/surfaceflinger/main_surfaceflinger.cpp @@ -20,6 +20,6 @@ using namespace android; int main(int argc, char** argv) { - SurfaceFlinger::publishAndJoinThreadPool(); + SurfaceFlinger::publishAndJoinThreadPool(true); return 0; } diff --git a/core/java/android/os/IServiceManager.java b/core/java/android/os/IServiceManager.java index 9a5ff47..7b11c28 100644 --- a/core/java/android/os/IServiceManager.java +++ b/core/java/android/os/IServiceManager.java @@ -45,7 +45,8 @@ public interface IServiceManager extends IInterface * Place a new @a service called @a name into the service * manager. */ - public void addService(String name, IBinder service) throws RemoteException; + public void addService(String name, IBinder service, boolean allowIsolated) + throws RemoteException; /** * Return a list of all currently running services. diff --git a/core/java/android/os/ServiceManager.java b/core/java/android/os/ServiceManager.java index 1af24f4..13b8b66 100644 --- a/core/java/android/os/ServiceManager.java +++ b/core/java/android/os/ServiceManager.java @@ -69,7 +69,24 @@ public final class ServiceManager { */ public static void addService(String name, IBinder service) { try { - getIServiceManager().addService(name, service); + getIServiceManager().addService(name, service, false); + } catch (RemoteException e) { + Log.e(TAG, "error in addService", e); + } + } + + /** + * Place a new @a service called @a name into the service + * manager. + * + * @param name the name of the new service + * @param service the service object + * @param allowIsolated set to true to allow isolated sandboxed processes + * to access this service + */ + public static void addService(String name, IBinder service, boolean allowIsolated) { + try { + getIServiceManager().addService(name, service, allowIsolated); } catch (RemoteException e) { Log.e(TAG, "error in addService", e); } diff --git a/core/java/android/os/ServiceManagerNative.java b/core/java/android/os/ServiceManagerNative.java index 2aab0e6..43b5128 100644 --- a/core/java/android/os/ServiceManagerNative.java +++ b/core/java/android/os/ServiceManagerNative.java @@ -71,7 +71,8 @@ public abstract class ServiceManagerNative extends Binder implements IServiceMan data.enforceInterface(IServiceManager.descriptor); String name = data.readString(); IBinder service = data.readStrongBinder(); - addService(name, service); + boolean allowIsolated = data.readInt() != 0; + addService(name, service, allowIsolated); return true; } @@ -136,13 +137,14 @@ class ServiceManagerProxy implements IServiceManager { return binder; } - public void addService(String name, IBinder service) + public void addService(String name, IBinder service, boolean allowIsolated) throws RemoteException { Parcel data = Parcel.obtain(); Parcel reply = Parcel.obtain(); data.writeInterfaceToken(IServiceManager.descriptor); data.writeString(name); data.writeStrongBinder(service); + data.writeInt(allowIsolated ? 1 : 0); mRemote.transact(ADD_SERVICE_TRANSACTION, data, reply, 0); reply.recycle(); data.recycle(); diff --git a/core/java/android/os/UserId.java b/core/java/android/os/UserId.java index 4124d51..286b674 100644 --- a/core/java/android/os/UserId.java +++ b/core/java/android/os/UserId.java @@ -56,6 +56,11 @@ public final class UserId { return getAppId(uid1) == getAppId(uid2); } + public static final boolean isIsolated(int uid) { + uid = getAppId(uid); + return uid >= Process.FIRST_ISOLATED_UID && uid <= Process.LAST_ISOLATED_UID; + } + /** * Returns the user id for a given uid. * @hide diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 97658a1..1199cf7 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -717,6 +717,13 @@ android:label="@string/permlab_removeTasks" android:description="@string/permdesc_removeTasks" /> + <!-- @hide Change the screen compatibility mode of applications --> + <permission android:name="android.permission.SET_SCREEN_COMPATIBILITY" + android:permissionGroup="android.permission-group.SYSTEM_TOOLS" + android:protectionLevel="signature" + android:label="@string/permlab_setScreenCompatibility" + android:description="@string/permdesc_setScreenCompatibility" /> + <!-- Allows an application to modify the current configuration, such as locale. --> <permission android:name="android.permission.CHANGE_CONFIGURATION" diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml index dc45c40..701782c 100755 --- a/core/res/res/values/strings.xml +++ b/core/res/res/values/strings.xml @@ -532,6 +532,13 @@ tasks and kill their apps. Malicious apps may disrupt the behavior of other apps.</string> + <!-- Title of an application permission, allowing control of app screen compatibility mode --> + <string name="permlab_setScreenCompatibility">set screen compatibility</string> + <!-- Description of an application permission, allowing control of app screen compatibility mode --> + <string name="permdesc_setScreenCompatibility">Allows the app to control the + screen compatibility mode of other applications. Malicious applications may + break the behavior of other applications.</string> + <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_setDebugApp">enable app debugging</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> diff --git a/include/binder/BinderService.h b/include/binder/BinderService.h index 2316fef..ca594d3 100644 --- a/include/binder/BinderService.h +++ b/include/binder/BinderService.h @@ -34,15 +34,15 @@ template<typename SERVICE> class BinderService { public: - static status_t publish() { + static status_t publish(bool allowIsolated = false) { sp<IServiceManager> sm(defaultServiceManager()); - return sm->addService(String16(SERVICE::getServiceName()), new SERVICE()); + return sm->addService(String16(SERVICE::getServiceName()), new SERVICE(), allowIsolated); } - static void publishAndJoinThreadPool() { + static void publishAndJoinThreadPool(bool allowIsolated = false) { sp<ProcessState> proc(ProcessState::self()); sp<IServiceManager> sm(defaultServiceManager()); - sm->addService(String16(SERVICE::getServiceName()), new SERVICE()); + sm->addService(String16(SERVICE::getServiceName()), new SERVICE(), allowIsolated); ProcessState::self()->startThreadPool(); IPCThreadState::self()->joinThreadPool(); } diff --git a/include/binder/IServiceManager.h b/include/binder/IServiceManager.h index 24e9e99..2c297d6 100644 --- a/include/binder/IServiceManager.h +++ b/include/binder/IServiceManager.h @@ -47,7 +47,8 @@ public: * Register a service. */ virtual status_t addService( const String16& name, - const sp<IBinder>& service) = 0; + const sp<IBinder>& service, + bool allowIsolated = false) = 0; /** * Return list of all existing services. diff --git a/libs/binder/IServiceManager.cpp b/libs/binder/IServiceManager.cpp index 33b305d..1750640 100644 --- a/libs/binder/IServiceManager.cpp +++ b/libs/binder/IServiceManager.cpp @@ -151,12 +151,14 @@ public: return reply.readStrongBinder(); } - virtual status_t addService(const String16& name, const sp<IBinder>& service) + virtual status_t addService(const String16& name, const sp<IBinder>& service, + bool allowIsolated) { Parcel data, reply; data.writeInterfaceToken(IServiceManager::getInterfaceDescriptor()); data.writeString16(name); data.writeStrongBinder(service); + data.writeInt32(allowIsolated ? 1 : 0); status_t err = remote()->transact(ADD_SERVICE_TRANSACTION, data, &reply); return err == NO_ERROR ? reply.readExceptionCode() : err; } diff --git a/services/java/com/android/server/am/ActivityManagerService.java b/services/java/com/android/server/am/ActivityManagerService.java index 10a0efe..a110dd6 100644 --- a/services/java/com/android/server/am/ActivityManagerService.java +++ b/services/java/com/android/server/am/ActivityManagerService.java @@ -2093,7 +2093,7 @@ public final class ActivityManagerService extends ActivityManagerNative try { ActivityManagerService m = mSelf; - ServiceManager.addService("activity", m); + ServiceManager.addService("activity", m, true); ServiceManager.addService("meminfo", new MemBinder(m)); ServiceManager.addService("gfxinfo", new GraphicsBinder(m)); ServiceManager.addService("dbinfo", new DbBinder(m)); @@ -2964,37 +2964,52 @@ public final class ActivityManagerService extends ActivityManagerNative return mCompatModePackages.compatibilityInfoForPackageLocked(ai); } + void enforceNotIsolatedCaller(String caller) { + if (UserId.isIsolated(Binder.getCallingUid())) { + throw new SecurityException("Isolated process not allowed to call " + caller); + } + } + public int getFrontActivityScreenCompatMode() { + enforceNotIsolatedCaller("getFrontActivityScreenCompatMode"); synchronized (this) { return mCompatModePackages.getFrontActivityScreenCompatModeLocked(); } } public void setFrontActivityScreenCompatMode(int mode) { + enforceCallingPermission(android.Manifest.permission.SET_SCREEN_COMPATIBILITY, + "setFrontActivityScreenCompatMode"); synchronized (this) { mCompatModePackages.setFrontActivityScreenCompatModeLocked(mode); } } public int getPackageScreenCompatMode(String packageName) { + enforceNotIsolatedCaller("getPackageScreenCompatMode"); synchronized (this) { return mCompatModePackages.getPackageScreenCompatModeLocked(packageName); } } public void setPackageScreenCompatMode(String packageName, int mode) { + enforceCallingPermission(android.Manifest.permission.SET_SCREEN_COMPATIBILITY, + "setPackageScreenCompatMode"); synchronized (this) { mCompatModePackages.setPackageScreenCompatModeLocked(packageName, mode); } } public boolean getPackageAskScreenCompat(String packageName) { + enforceNotIsolatedCaller("getPackageAskScreenCompat"); synchronized (this) { return mCompatModePackages.getPackageAskCompatModeLocked(packageName); } } public void setPackageAskScreenCompat(String packageName, boolean ask) { + enforceCallingPermission(android.Manifest.permission.SET_SCREEN_COMPATIBILITY, + "setPackageAskScreenCompat"); synchronized (this) { mCompatModePackages.setPackageAskCompatModeLocked(packageName, ask); } @@ -3069,6 +3084,7 @@ public final class ActivityManagerService extends ActivityManagerNative int grantedMode, IBinder resultTo, String resultWho, int requestCode, boolean onlyIfNeeded, boolean debug, String profileFile, ParcelFileDescriptor profileFd, boolean autoStopProfiler) { + enforceNotIsolatedCaller("startActivity"); int userId = 0; if (intent.getCategories() != null && intent.getCategories().contains(Intent.CATEGORY_HOME)) { // Requesting home, set the identity to the current user @@ -3093,6 +3109,7 @@ public final class ActivityManagerService extends ActivityManagerNative int grantedMode, IBinder resultTo, String resultWho, int requestCode, boolean onlyIfNeeded, boolean debug, String profileFile, ParcelFileDescriptor profileFd, boolean autoStopProfiler) { + enforceNotIsolatedCaller("startActivityAndWait"); WaitResult res = new WaitResult(); int userId = Binder.getOrigCallingUser(); mMainStack.startActivityMayWait(caller, -1, intent, resolvedType, @@ -3107,6 +3124,7 @@ public final class ActivityManagerService extends ActivityManagerNative int grantedMode, IBinder resultTo, String resultWho, int requestCode, boolean onlyIfNeeded, boolean debug, Configuration config) { + enforceNotIsolatedCaller("startActivityWithConfig"); int ret = mMainStack.startActivityMayWait(caller, -1, intent, resolvedType, grantedUriPermissions, grantedMode, resultTo, resultWho, requestCode, onlyIfNeeded, @@ -3118,6 +3136,7 @@ public final class ActivityManagerService extends ActivityManagerNative IntentSender intent, Intent fillInIntent, String resolvedType, IBinder resultTo, String resultWho, int requestCode, int flagsMask, int flagsValues) { + enforceNotIsolatedCaller("startActivityIntentSender"); // Refuse possible leaked file descriptors if (fillInIntent != null && fillInIntent.hasFileDescriptors()) { throw new IllegalArgumentException("File descriptors passed in Intent"); @@ -3259,6 +3278,7 @@ public final class ActivityManagerService extends ActivityManagerNative public final int startActivities(IApplicationThread caller, Intent[] intents, String[] resolvedTypes, IBinder resultTo) { + enforceNotIsolatedCaller("startActivities"); int ret = mMainStack.startActivities(caller, -1, intents, resolvedTypes, resultTo, Binder.getOrigCallingUser()); return ret; @@ -4020,6 +4040,7 @@ public final class ActivityManagerService extends ActivityManagerNative public boolean clearApplicationUserData(final String packageName, final IPackageDataObserver observer, final int userId) { + enforceNotIsolatedCaller("clearApplicationUserData"); int uid = Binder.getCallingUid(); int pid = Binder.getCallingPid(); long callingId = Binder.clearCallingIdentity(); @@ -4208,6 +4229,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public void closeSystemDialogs(String reason) { + enforceNotIsolatedCaller("closeSystemDialogs"); Intent intent = new Intent(Intent.ACTION_CLOSE_SYSTEM_DIALOGS); intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); if (reason != null) { @@ -4248,6 +4270,7 @@ public final class ActivityManagerService extends ActivityManagerNative public Debug.MemoryInfo[] getProcessMemoryInfo(int[] pids) throws RemoteException { + enforceNotIsolatedCaller("getProcessMemoryInfo"); Debug.MemoryInfo[] infos = new Debug.MemoryInfo[pids.length]; for (int i=pids.length-1; i>=0; i--) { infos[i] = new Debug.MemoryInfo(); @@ -4257,6 +4280,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public long[] getProcessPss(int[] pids) throws RemoteException { + enforceNotIsolatedCaller("getProcessPss"); long[] pss = new long[pids.length]; for (int i=pids.length-1; i>=0; i--) { pss[i] = Debug.getPss(pids[i]); @@ -4825,10 +4849,12 @@ public final class ActivityManagerService extends ActivityManagerNative } public void showBootMessage(final CharSequence msg, final boolean always) { + enforceNotIsolatedCaller("showBootMessage"); mWindowManager.showBootMessage(msg, always); } public void dismissKeyguardOnNextActivity() { + enforceNotIsolatedCaller("dismissKeyguardOnNextActivity"); synchronized (this) { mMainStack.dismissKeyguardOnNextActivityLocked(); } @@ -4991,6 +5017,7 @@ public final class ActivityManagerService extends ActivityManagerNative public IIntentSender getIntentSender(int type, String packageName, IBinder token, String resultWho, int requestCode, Intent[] intents, String[] resolvedTypes, int flags) { + enforceNotIsolatedCaller("getIntentSender"); // Refuse possible leaked file descriptors if (intents != null) { if (intents.length < 1) { @@ -5293,6 +5320,10 @@ public final class ActivityManagerService extends ActivityManagerNative if (uid == 0 || uid == Process.SYSTEM_UID || pid == MY_PID) { return PackageManager.PERMISSION_GRANTED; } + // Isolated processes don't get any permissions. + if (UserId.isIsolated(uid)) { + return PackageManager.PERMISSION_DENIED; + } // If there is a uid that owns whatever is being accessed, it has // blanket access to it regardless of the permissions it requires. if (owningUid >= 0 && UserId.isSameApp(uid, owningUid)) { @@ -5445,6 +5476,8 @@ public final class ActivityManagerService extends ActivityManagerNative } public int checkUriPermission(Uri uri, int pid, int uid, int modeFlags) { + enforceNotIsolatedCaller("checkUriPermission"); + // Another redirected-binder-call permissions check as in // {@link checkComponentPermission}. Identity tlsIdentity = sCallerIdentity.get(); @@ -5595,6 +5628,7 @@ public final class ActivityManagerService extends ActivityManagerNative public int checkGrantUriPermission(int callingUid, String targetPkg, Uri uri, int modeFlags) { + enforceNotIsolatedCaller("checkGrantUriPermission"); synchronized(this) { return checkGrantUriPermissionLocked(callingUid, targetPkg, uri, modeFlags); } @@ -5703,6 +5737,7 @@ public final class ActivityManagerService extends ActivityManagerNative public void grantUriPermission(IApplicationThread caller, String targetPkg, Uri uri, int modeFlags) { + enforceNotIsolatedCaller("grantUriPermission"); synchronized(this) { final ProcessRecord r = getRecordForAppLocked(caller); if (r == null) { @@ -5826,6 +5861,7 @@ public final class ActivityManagerService extends ActivityManagerNative public void revokeUriPermission(IApplicationThread caller, Uri uri, int modeFlags) { + enforceNotIsolatedCaller("revokeUriPermission"); synchronized(this) { final ProcessRecord r = getRecordForAppLocked(caller); if (r == null) { @@ -5870,6 +5906,7 @@ public final class ActivityManagerService extends ActivityManagerNative @Override public IBinder newUriPermissionOwner(String name) { + enforceNotIsolatedCaller("newUriPermissionOwner"); synchronized(this) { UriPermissionOwner owner = new UriPermissionOwner(this, name); return owner.getExternalTokenLocked(); @@ -6406,6 +6443,7 @@ public final class ActivityManagerService extends ActivityManagerNative * @return Returns true if the move completed, false if not. */ public boolean moveActivityTaskToBack(IBinder token, boolean nonRoot) { + enforceNotIsolatedCaller("moveActivityTaskToBack"); synchronized(this) { final long origId = Binder.clearCallingIdentity(); int taskId = getTaskForActivityLocked(token, !nonRoot); @@ -6460,6 +6498,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public void finishOtherInstances(IBinder token, ComponentName className) { + enforceNotIsolatedCaller("finishOtherInstances"); synchronized(this) { final long origId = Binder.clearCallingIdentity(); @@ -6938,6 +6977,7 @@ public final class ActivityManagerService extends ActivityManagerNative public final ContentProviderHolder getContentProvider( IApplicationThread caller, String name) { + enforceNotIsolatedCaller("getContentProvider"); if (caller == null) { String msg = "null IApplicationThread when getting content provider " + name; @@ -6958,6 +6998,7 @@ public final class ActivityManagerService extends ActivityManagerNative * @param cpr */ public void removeContentProvider(IApplicationThread caller, String name) { + enforceNotIsolatedCaller("removeContentProvider"); synchronized (this) { int userId = UserId.getUserId(Binder.getCallingUid()); ContentProviderRecord cpr = mProviderMap.getProviderByName(name, userId); @@ -7020,6 +7061,7 @@ public final class ActivityManagerService extends ActivityManagerNative return; } + enforceNotIsolatedCaller("publishContentProviders"); synchronized(this) { final ProcessRecord r = getRecordForAppLocked(caller); if (DEBUG_MU) @@ -7107,6 +7149,7 @@ public final class ActivityManagerService extends ActivityManagerNative * src/com/android/cts/usespermissiondiffcertapp/AccessPermissionWithDiffSigTest.java */ public String getProviderMimeType(Uri uri) { + enforceNotIsolatedCaller("getProviderMimeType"); final String name = uri.getAuthority(); final long ident = Binder.clearCallingIdentity(); ContentProviderHolder holder = null; @@ -7224,6 +7267,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public ParcelFileDescriptor openContentUri(Uri uri) throws RemoteException { + enforceNotIsolatedCaller("openContentUri"); String name = uri.getAuthority(); ContentProviderHolder cph = getContentProviderExternal(name); ParcelFileDescriptor pfd = null; @@ -7477,6 +7521,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public void registerActivityWatcher(IActivityWatcher watcher) { + enforceNotIsolatedCaller("registerActivityWatcher"); synchronized (this) { mWatchers.register(watcher); } @@ -7489,6 +7534,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public void registerProcessObserver(IProcessObserver observer) { + enforceNotIsolatedCaller("registerProcessObserver"); mProcessObservers.register(observer); } @@ -7517,6 +7563,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public boolean isTopActivityImmersive() { + enforceNotIsolatedCaller("startActivity"); synchronized (this) { ActivityRecord r = mMainStack.topRunningActivityLocked(null); return (r != null) ? r.immersive : false; @@ -8701,6 +8748,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public List<ActivityManager.ProcessErrorStateInfo> getProcessesInErrorState() { + enforceNotIsolatedCaller("getProcessesInErrorState"); // assume our apps are happy - lazy create the list List<ActivityManager.ProcessErrorStateInfo> errList = null; @@ -8763,6 +8811,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public List<ActivityManager.RunningAppProcessInfo> getRunningAppProcesses() { + enforceNotIsolatedCaller("getRunningAppProcesses"); // Lazy instantiation of list List<ActivityManager.RunningAppProcessInfo> runList = null; synchronized (this) { @@ -8808,6 +8857,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public List<ApplicationInfo> getRunningExternalApplications() { + enforceNotIsolatedCaller("getRunningExternalApplications"); List<ActivityManager.RunningAppProcessInfo> runningApps = getRunningAppProcesses(); List<ApplicationInfo> retList = new ArrayList<ApplicationInfo>(); if (runningApps != null && runningApps.size() > 0) { @@ -11323,6 +11373,7 @@ public final class ActivityManagerService extends ActivityManagerNative public List<ActivityManager.RunningServiceInfo> getServices(int maxNum, int flags) { + enforceNotIsolatedCaller("getServices"); synchronized (this) { ArrayList<ActivityManager.RunningServiceInfo> res = new ArrayList<ActivityManager.RunningServiceInfo>(); @@ -11349,6 +11400,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public PendingIntent getRunningServiceControlPanel(ComponentName name) { + enforceNotIsolatedCaller("getRunningServiceControlPanel"); synchronized (this) { int userId = UserId.getUserId(Binder.getCallingUid()); ServiceRecord r = mServiceMap.getServiceByName(name, userId); @@ -12076,6 +12128,7 @@ public final class ActivityManagerService extends ActivityManagerNative public ComponentName startService(IApplicationThread caller, Intent service, String resolvedType) { + enforceNotIsolatedCaller("startService"); // Refuse possible leaked file descriptors if (service != null && service.hasFileDescriptors() == true) { throw new IllegalArgumentException("File descriptors passed in Intent"); @@ -12118,6 +12171,7 @@ public final class ActivityManagerService extends ActivityManagerNative public int stopService(IApplicationThread caller, Intent service, String resolvedType) { + enforceNotIsolatedCaller("stopService"); // Refuse possible leaked file descriptors if (service != null && service.hasFileDescriptors() == true) { throw new IllegalArgumentException("File descriptors passed in Intent"); @@ -12155,6 +12209,7 @@ public final class ActivityManagerService extends ActivityManagerNative } public IBinder peekService(Intent service, String resolvedType) { + enforceNotIsolatedCaller("peekService"); // Refuse possible leaked file descriptors if (service != null && service.hasFileDescriptors() == true) { throw new IllegalArgumentException("File descriptors passed in Intent"); @@ -12293,6 +12348,7 @@ public final class ActivityManagerService extends ActivityManagerNative public int bindService(IApplicationThread caller, IBinder token, Intent service, String resolvedType, IServiceConnection connection, int flags) { + enforceNotIsolatedCaller("bindService"); // Refuse possible leaked file descriptors if (service != null && service.hasFileDescriptors() == true) { throw new IllegalArgumentException("File descriptors passed in Intent"); @@ -12949,6 +13005,7 @@ public final class ActivityManagerService extends ActivityManagerNative public Intent registerReceiver(IApplicationThread caller, String callerPackage, IIntentReceiver receiver, IntentFilter filter, String permission) { + enforceNotIsolatedCaller("registerReceiver"); synchronized(this) { ProcessRecord callerApp = null; if (caller != null) { @@ -13458,6 +13515,7 @@ public final class ActivityManagerService extends ActivityManagerNative Intent intent, String resolvedType, IIntentReceiver resultTo, int resultCode, String resultData, Bundle map, String requiredPermission, boolean serialized, boolean sticky, int userId) { + enforceNotIsolatedCaller("broadcastIntent"); synchronized(this) { intent = verifyBroadcastLocked(intent); @@ -13704,6 +13762,7 @@ public final class ActivityManagerService extends ActivityManagerNative public boolean startInstrumentation(ComponentName className, String profileFile, int flags, Bundle arguments, IInstrumentationWatcher watcher) { + enforceNotIsolatedCaller("startInstrumentation"); // Refuse possible leaked file descriptors if (arguments != null && arguments.hasFileDescriptors()) { throw new IllegalArgumentException("File descriptors passed in Bundle"); @@ -13901,7 +13960,7 @@ public final class ActivityManagerService extends ActivityManagerNative * configuration. * @param persistent TODO */ - public boolean updateConfigurationLocked(Configuration values, + boolean updateConfigurationLocked(Configuration values, ActivityRecord starting, boolean persistent, boolean initLocale) { int changes = 0; @@ -15321,7 +15380,7 @@ public final class ActivityManagerService extends ActivityManagerNative synchronized (this) { } } - public void onCoreSettingsChange(Bundle settings) { + void onCoreSettingsChange(Bundle settings) { for (int i = mLruProcesses.size() - 1; i >= 0; i--) { ProcessRecord processRecord = mLruProcesses.get(i); try { |