summaryrefslogtreecommitdiffstats
path: root/services
diff options
context:
space:
mode:
Diffstat (limited to 'services')
-rw-r--r--services/core/java/com/android/server/am/ActivityManagerService.java119
-rw-r--r--services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java24
2 files changed, 73 insertions, 70 deletions
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index d27d783..18ab3b4 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -41,7 +41,6 @@ import android.app.IActivityContainerCallback;
import android.app.IAppTask;
import android.app.ITaskStackListener;
import android.app.ProfilerInfo;
-import android.app.admin.DevicePolicyManager;
import android.app.usage.UsageEvents;
import android.app.usage.UsageStats;
import android.app.usage.UsageStatsManagerInternal;
@@ -429,6 +428,11 @@ public final class ActivityManagerService extends ActivityManagerNative
*/
ActivityInfo mLastAddedTaskActivity;
+ /**
+ * List of packages whitelisted by DevicePolicyManager for locktask. Indexed by userId.
+ */
+ SparseArray<String[]> mLockTaskPackages = new SparseArray<>();
+
public class PendingAssistExtras extends Binder implements Runnable {
public final ActivityRecord activity;
public final Bundle extras;
@@ -8463,52 +8467,54 @@ public final class ActivityManagerService extends ActivityManagerNative
}
}
- private boolean isLockTaskAuthorized(String pkg) {
- final DevicePolicyManager dpm = (DevicePolicyManager)
- mContext.getSystemService(Context.DEVICE_POLICY_SERVICE);
- try {
- int uid = mContext.getPackageManager().getPackageUid(pkg,
- Binder.getCallingUserHandle().getIdentifier());
- return (uid == Binder.getCallingUid()) && dpm != null && dpm.isLockTaskPermitted(pkg);
- } catch (NameNotFoundException e) {
- return false;
+ @Override
+ public void updateLockTaskPackages(int userId, String[] packages) {
+ if (Binder.getCallingUid() != Process.SYSTEM_UID) {
+ throw new SecurityException("updateLockTaskPackage called from non-system process");
+ }
+ synchronized (this) {
+ mLockTaskPackages.put(userId, packages);
}
}
- void startLockTaskMode(TaskRecord task) {
- final String pkg;
- synchronized (this) {
- pkg = task.intent.getComponent().getPackageName();
+ private boolean isLockTaskAuthorizedLocked(String pkg) {
+ String[] packages = mLockTaskPackages.get(mCurrentUserId);
+ if (packages == null) {
+ return false;
+ }
+ for (int i = packages.length - 1; i >= 0; --i) {
+ if (pkg.equals(packages[i])) {
+ return true;
+ }
}
+ return false;
+ }
+
+ void startLockTaskModeLocked(TaskRecord task) {
+ final String pkg = task.intent.getComponent().getPackageName();
// isSystemInitiated is used to distinguish between locked and pinned mode, as pinned mode
// is initiated by system after the pinning request was shown and locked mode is initiated
// by an authorized app directly
boolean isSystemInitiated = Binder.getCallingUid() == Process.SYSTEM_UID;
- if (!isSystemInitiated && !isLockTaskAuthorized(pkg)) {
- StatusBarManagerInternal statusBarManager = LocalServices.getService(
- StatusBarManagerInternal.class);
- if (statusBarManager != null) {
- statusBarManager.showScreenPinningRequest();
- }
- return;
- }
long ident = Binder.clearCallingIdentity();
try {
- synchronized (this) {
- // Since we lost lock on task, make sure it is still there.
- task = mStackSupervisor.anyTaskForIdLocked(task.taskId);
- if (task != null) {
- if (!isSystemInitiated
- && ((mStackSupervisor.getFocusedStack() == null)
- || (task != mStackSupervisor.getFocusedStack().topTask()))) {
- throw new IllegalArgumentException("Invalid task, not in foreground");
- }
- mStackSupervisor.setLockTaskModeLocked(task, isSystemInitiated ?
- ActivityManager.LOCK_TASK_MODE_PINNED :
- ActivityManager.LOCK_TASK_MODE_LOCKED,
- "startLockTask");
+ if (!isSystemInitiated && !isLockTaskAuthorizedLocked(pkg)) {
+ StatusBarManagerInternal statusBarManager =
+ LocalServices.getService(StatusBarManagerInternal.class);
+ if (statusBarManager != null) {
+ statusBarManager.showScreenPinningRequest();
}
+ return;
}
+
+ final ActivityStack stack = mStackSupervisor.getFocusedStack();
+ if (!isSystemInitiated && (stack == null || task != stack.topTask())) {
+ throw new IllegalArgumentException("Invalid task, not in foreground");
+ }
+ mStackSupervisor.setLockTaskModeLocked(task, isSystemInitiated ?
+ ActivityManager.LOCK_TASK_MODE_PINNED :
+ ActivityManager.LOCK_TASK_MODE_LOCKED,
+ "startLockTask");
} finally {
Binder.restoreCallingIdentity(ident);
}
@@ -8516,37 +8522,25 @@ public final class ActivityManagerService extends ActivityManagerNative
@Override
public void startLockTaskMode(int taskId) {
- final TaskRecord task;
- long ident = Binder.clearCallingIdentity();
- try {
- synchronized (this) {
- task = mStackSupervisor.anyTaskForIdLocked(taskId);
+ synchronized (this) {
+ final TaskRecord task = mStackSupervisor.anyTaskForIdLocked(taskId);
+ if (task != null) {
+ startLockTaskModeLocked(task);
}
- } finally {
- Binder.restoreCallingIdentity(ident);
- }
- if (task != null) {
- startLockTaskMode(task);
}
}
@Override
public void startLockTaskMode(IBinder token) {
- final TaskRecord task;
- long ident = Binder.clearCallingIdentity();
- try {
- synchronized (this) {
- final ActivityRecord r = ActivityRecord.forTokenLocked(token);
- if (r == null) {
- return;
- }
- task = r.task;
+ synchronized (this) {
+ final ActivityRecord r = ActivityRecord.forTokenLocked(token);
+ if (r == null) {
+ return;
+ }
+ final TaskRecord task = r.task;
+ if (task != null) {
+ startLockTaskModeLocked(task);
}
- } finally {
- Binder.restoreCallingIdentity(ident);
- }
- if (task != null) {
- startLockTaskMode(task);
}
}
@@ -8556,11 +8550,12 @@ public final class ActivityManagerService extends ActivityManagerNative
"startLockTaskModeOnCurrent");
long ident = Binder.clearCallingIdentity();
try {
- ActivityRecord r = null;
synchronized (this) {
- r = mStackSupervisor.topRunningActivityLocked();
+ ActivityRecord r = mStackSupervisor.topRunningActivityLocked();
+ if (r != null) {
+ startLockTaskModeLocked(r.task);
+ }
}
- startLockTaskMode(r.task);
} finally {
Binder.restoreCallingIdentity(ident);
}
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 45584cd..bb3085e 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -280,15 +280,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
long mLastMaximumTimeToLock = -1;
boolean mUserSetupComplete = false;
- final HashMap<ComponentName, ActiveAdmin> mAdminMap
- = new HashMap<ComponentName, ActiveAdmin>();
- final ArrayList<ActiveAdmin> mAdminList
- = new ArrayList<ActiveAdmin>();
- final ArrayList<ComponentName> mRemovingAdmins
- = new ArrayList<ComponentName>();
+ final HashMap<ComponentName, ActiveAdmin> mAdminMap = new HashMap<>();
+ final ArrayList<ActiveAdmin> mAdminList = new ArrayList<>();
+ final ArrayList<ComponentName> mRemovingAdmins = new ArrayList<>();
// This is the list of component allowed to start lock task mode.
- final List<String> mLockTaskPackages = new ArrayList<String>();
+ final List<String> mLockTaskPackages = new ArrayList<>();
ComponentName mRestrictionsProvider;
@@ -299,7 +296,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
}
}
- final SparseArray<DevicePolicyData> mUserData = new SparseArray<DevicePolicyData>();
+ final SparseArray<DevicePolicyData> mUserData = new SparseArray<>();
Handler mHandler = new Handler();
@@ -1596,6 +1593,16 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
validatePasswordOwnerLocked(policy);
syncDeviceCapabilitiesLocked(policy);
updateMaximumTimeToLockLocked(policy);
+ updateLockTaskPackagesLocked(policy, userHandle);
+ }
+
+ private void updateLockTaskPackagesLocked(DevicePolicyData policy, int userId) {
+ IActivityManager am = ActivityManagerNative.getDefault();
+ try {
+ am.updateLockTaskPackages(userId, policy.mLockTaskPackages.toArray(new String[0]));
+ } catch (RemoteException e) {
+ // Not gonna happen.
+ }
}
static void validateQualityConstant(int quality) {
@@ -5533,6 +5540,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
// Store the settings persistently.
saveSettingsLocked(userHandle);
+ updateLockTaskPackagesLocked(policy, userHandle);
}
}
generated by cgit v1.1 at 2025-02-10 01:07:12 +0000