Check device owner by callingUid in ActivityStarter

author Ricky Wai <rickywai@google.com>

Wed, 10 Apr 2019 17:40:17 +0000 (18:40 +0100)

committer Ricky Wai <rickywai@google.com>

Thu, 11 Apr 2019 15:03:19 +0000 (16:03 +0100)
author Ricky Wai <rickywai@google.com>
Wed, 10 Apr 2019 17:40:17 +0000 (18:40 +0100)
committer Ricky Wai <rickywai@google.com>
Thu, 11 Apr 2019 15:03:19 +0000 (16:03 +0100)
diff --git a/services/core/java/com/android/server/wm/ActivityStarter.java b/services/core/java/com/android/server/wm/ActivityStarter.java

index 3b358e8..a134eb8 100644 (file)
--- a/services/core/java/com/android/server/wm/ActivityStarter.java
+++ b/services/core/java/com/android/server/wm/ActivityStarter.java
@@ -1025,11 +1025,11 @@ class ActivityStarter {
          if (mSupervisor.mRecentTasks.isCallerRecents(callingUid)) {
              return false;
          }
-        // don't abort if the callingPackage is the device owner
-        if (mService.isDeviceOwner(callingPackage)) {
+        // don't abort if the callingUid is the device owner
+        if (mService.isDeviceOwner(callingUid)) {
              return false;
          }
-        // don't abort if the callingPackage has companion device
+        // don't abort if the callingUid has companion device
          final int callingUserId = UserHandle.getUserId(callingUid);
          if (mService.isAssociatedCompanionApp(callingUserId, callingUid)) {
              return false;
diff --git a/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java b/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java

index b2e5b6a..7d25466 100644 (file)
--- a/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java
+++ b/services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java
@@ -507,9 +507,9 @@ public abstract class ActivityTaskManagerInternal {
      public abstract boolean isUidForeground(int uid);
  
      /**
-     * Called by DevicePolicyManagerService to set the package name of the device owner.
+     * Called by DevicePolicyManagerService to set the uid of the device owner.
       */
-    public abstract void setDeviceOwnerPackageName(String deviceOwnerPkg);
+    public abstract void setDeviceOwnerUid(int uid);
  
      /** Set all associated companion app that belongs to an userId. */
      public abstract void setCompanionAppPackages(int userId, Set<String> companionAppPackages);
diff --git a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java

index b64abdb..9717757 100644 (file)
--- a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
+++ b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
@@ -632,7 +632,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
  
      private FontScaleSettingObserver mFontScaleSettingObserver;
  
-    private String mDeviceOwnerPackageName;
+    private int mDeviceOwnerUid = Process.INVALID_UID;
  
      private final class FontScaleSettingObserver extends ContentObserver {
          private final Uri mFontScaleUri = Settings.System.getUriFor(FONT_SCALE);
@@ -5829,15 +5829,12 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
                  || mWindowManager.mRoot.isAnyNonToastWindowVisibleForUid(uid);
      }
  
-    boolean isDeviceOwner(String packageName) {
-        if (packageName == null) {
-            return false;
-        }
-        return packageName.equals(mDeviceOwnerPackageName);
+    boolean isDeviceOwner(int uid) {
+        return uid >= 0 && mDeviceOwnerUid == uid;
      }
  
-    void setDeviceOwnerPackageName(String deviceOwnerPkg) {
-        mDeviceOwnerPackageName = deviceOwnerPkg;
+    void setDeviceOwnerUid(int uid) {
+        mDeviceOwnerUid = uid;
      }
  
      /**
@@ -7283,9 +7280,9 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub {
          }
  
          @Override
-        public void setDeviceOwnerPackageName(String deviceOwnerPkg) {
+        public void setDeviceOwnerUid(int uid) {
              synchronized (mGlobalLock) {
-                ActivityTaskManagerService.this.setDeviceOwnerPackageName(deviceOwnerPkg);
+                ActivityTaskManagerService.this.setDeviceOwnerUid(uid);
              }
          }
  
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java b/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java

index 27cd70c..215e46f 100644 (file)
--- a/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java
@@ -26,6 +26,7 @@ import android.content.pm.PackageManagerInternal;
  import android.content.pm.UserInfo;
  import android.os.Binder;
  import android.os.Environment;
+import android.os.Process;
  import android.os.UserHandle;
  import android.os.UserManager;
  import android.os.UserManagerInternal;
@@ -209,8 +210,11 @@ class Owners {
      }
  
      private void pushToActivityTaskManagerLocked() {
-        mActivityTaskManagerInternal.setDeviceOwnerPackageName(mDeviceOwner != null
-                ? mDeviceOwner.packageName : null);
+        final int uid = mDeviceOwner != null ? mPackageManagerInternal.getPackageUid(
+                mDeviceOwner.packageName,
+                PackageManager.MATCH_ALL | PackageManager.MATCH_KNOWN_PACKAGES, mDeviceOwnerUserId)
+                : Process.INVALID_UID;
+        mActivityTaskManagerInternal.setDeviceOwnerUid(uid);
      }
  
      String getDeviceOwnerPackageName() {
diff --git a/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java b/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java

index d02db7b..44aa55d 100644 (file)
--- a/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java
+++ b/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java
@@ -659,7 +659,7 @@ public class ActivityStarterTests extends ActivityTestsBase {
              boolean hasForegroundActivities, boolean callerIsRecents,
              boolean callerIsTempWhitelisted,
              boolean callerIsInstrumentingWithBackgroundActivityStartPrivileges,
-            boolean isCallingPackageNameDeviceOwner, boolean isCallingPackageTempWhitelisted) {
+            boolean isCallingUidDeviceOwner, boolean isCallingPackageTempWhitelisted) {
          // window visibility
          doReturn(callingUidHasVisibleWindow).when(mService.mWindowManager.mRoot)
                  .isAnyNonToastWindowVisibleForUid(callingUid);
@@ -685,8 +685,8 @@ public class ActivityStarterTests extends ActivityTestsBase {
          // caller is instrumenting with background activity starts privileges
          callerApp.setInstrumenting(callerIsInstrumentingWithBackgroundActivityStartPrivileges,
                  callerIsInstrumentingWithBackgroundActivityStartPrivileges);
-        // calling package name is the device owner
-        doReturn(isCallingPackageNameDeviceOwner).when(mService).isDeviceOwner(any());
+        // callingUid is the device owner
+        doReturn(isCallingUidDeviceOwner).when(mService).isDeviceOwner(callingUid);
          // calling package name is temporarily whitelisted
          doReturn(isCallingPackageTempWhitelisted).when(mService)
                  .isPackageNameWhitelistedForBgActivityStarts("com.whatever.dude");
author	Ricky Wai <rickywai@google.com>
	Wed, 10 Apr 2019 17:40:17 +0000 (18:40 +0100)
committer	Ricky Wai <rickywai@google.com>
	Thu, 11 Apr 2019 15:03:19 +0000 (16:03 +0100)
services/core/java/com/android/server/wm/ActivityStarter.java		patch \| blob \| history
services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java		patch \| blob \| history
services/core/java/com/android/server/wm/ActivityTaskManagerService.java		patch \| blob \| history
services/devicepolicy/java/com/android/server/devicepolicy/Owners.java		patch \| blob \| history
services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java		patch \| blob \| history