userId, false, ALLOW_FULL_ONLY, "startActivityInPackage", null);
// TODO: Switch to user app stacks here.
- return mActivityStarter.startActivityMayWait(null, uid, callingPackage, intent,
- resolvedType, null, null, resultTo, resultWho, requestCode, startFlags,
- null, null, null, bOptions, false, userId, inTask, reason);
+ return mActivityStarter.startActivityMayWait(null, uid, ActivityStarter.PID_NULL, uid,
+ callingPackage, intent, resolvedType, null, null, resultTo, resultWho, requestCode,
+ startFlags, null, null, null, bOptions, false, userId, inTask, reason);
}
@Override
final int startActivitiesInPackage(int uid, String callingPackage,
Intent[] intents, String[] resolvedTypes, IBinder resultTo,
Bundle bOptions, int userId) {
+ return startActivitiesInPackage(uid, ActivityStarter.PID_NULL, UserHandle.USER_NULL,
+ callingPackage, intents, resolvedTypes, resultTo, bOptions, userId);
+ }
+
+ final int startActivitiesInPackage(int uid, int realCallingPid, int realCallingUid,
+ String callingPackage, Intent[] intents, String[] resolvedTypes,
+ IBinder resultTo, Bundle bOptions, int userId) {
final String reason = "startActivityInPackage";
userId = mUserController.handleIncomingUser(Binder.getCallingPid(), Binder.getCallingUid(),
userId, false, ALLOW_FULL_ONLY, reason, null);
// TODO: Switch to user app stacks here.
- int ret = mActivityStarter.startActivities(null, uid, callingPackage, intents, resolvedTypes,
- resultTo, bOptions, userId, reason);
+ int ret = mActivityStarter.startActivities(null, uid, realCallingPid, realCallingUid,
+ callingPackage, intents, resolvedTypes, resultTo, bOptions, userId, reason);
return ret;
}
@Override
public boolean isAppForeground(int uid) throws RemoteException {
+ int callerUid = Binder.getCallingUid();
+ if (UserHandle.isCore(callerUid) || callerUid == uid) {
+ return isAppForegroundInternal(uid);
+ }
+ return false;
+ }
+
+ private boolean isAppForegroundInternal(int uid) {
synchronized (this) {
UidRecord uidRec = mActiveUids.get(uid);
if (uidRec == null || uidRec.idle) {
public ActivityStackSupervisor(ActivityManagerService service, Looper looper) {
mService = service;
mHandler = new ActivityStackSupervisorHandler(looper);
- mActivityMetricsLogger = new ActivityMetricsLogger(this, mService.mContext);
+ mActivityMetricsLogger = new ActivityMetricsLogger(this, mService.mContext, looper);
mKeyguardController = new KeyguardController(service, this);
}
mLockTaskNotify = new LockTaskNotify(mService.mContext);
}
mLockTaskNotify.show(false);
- try {
- boolean shouldLockKeyguard = Settings.Secure.getIntForUser(
- mService.mContext.getContentResolver(),
- Settings.Secure.LOCK_TO_APP_EXIT_LOCKED,
- UserHandle.USER_CURRENT) != 0;
- if (mLockTaskModeState == LOCK_TASK_MODE_PINNED && shouldLockKeyguard) {
- mWindowManager.lockNow(null);
- mWindowManager.dismissKeyguard(null /* callback */);
- new LockPatternUtils(mService.mContext)
- .requireCredentialEntry(UserHandle.USER_ALL);
- }
- } catch (SettingNotFoundException e) {
- // No setting, don't lock.
+ if (mLockTaskModeState == LOCK_TASK_MODE_PINNED && shouldLockKeyguard()) {
+ mWindowManager.lockNow(null);
+ mWindowManager.dismissKeyguard(null /* callback */);
+ new LockPatternUtils(mService.mContext)
+ .requireCredentialEntry(UserHandle.USER_ALL);
}
} catch (RemoteException ex) {
throw new RuntimeException(ex);
}
}
+ private boolean shouldLockKeyguard() {
+ // This functionality should be kept consistent with
+ // com.android.settings.security.ScreenPinningSettings (see b/127605586)
+ try {
+ return Settings.Secure.getIntForUser(
+ mService.mContext.getContentResolver(),
+ Settings.Secure.LOCK_TO_APP_EXIT_LOCKED,
+ UserHandle.USER_CURRENT) != 0;
+ } catch (Settings.SettingNotFoundException e) {
+ // Log to SafetyNet for b/127605586
+ android.util.EventLog.writeEvent(0x534e4554, "127605586", -1, "");
+ LockPatternUtils lockPatternUtils = new LockPatternUtils(mService.mContext);
+ return lockPatternUtils.isSecure(mCurrentUser);
+ }
+ }
+
// TODO: Move to its own file.
/** Exactly one of these classes per Display in the system. Capable of holding zero or more
* attached {@link ActivityStack}s */
mService.mActivityStarter.sendPowerHintForLaunchStartIfNeeded(true /* forceSend */,
targetActivity);
mActivityMetricsLogger.notifyActivityLaunching();
- mService.moveTaskToFrontLocked(task.taskId, 0, bOptions, true /* fromRecents */);
- mActivityMetricsLogger.notifyActivityLaunched(ActivityManager.START_TASK_TO_FRONT,
- targetActivity);
+ try {
+ mService.moveTaskToFrontLocked(task.taskId, 0, bOptions,
+ true /* fromRecents */);
+ } finally {
+ mActivityMetricsLogger.notifyActivityLaunched(START_TASK_TO_FRONT,
+ targetActivity);
+ }
// If we are launching the task in the docked stack, put it into resizing mode so
// the window renders full-screen with the background filling the void. Also only
if (!SELinux.restoreconRecursive(afterCodeFile)) {
Slog.w(TAG, "Failed to restorecon");
- return false;
}
// Reflect the rename internally
@Override
public boolean isPackageDeviceAdminOnAnyUser(String packageName) {
final int callingUid = Binder.getCallingUid();
+ if (checkUidPermission(android.Manifest.permission.MANAGE_USERS, callingUid)
+ != PERMISSION_GRANTED) {
+ EventLog.writeEvent(0x534e4554, "128599183", -1, "");
+ throw new SecurityException(android.Manifest.permission.MANAGE_USERS
+ + " permission is required to call this API");
+ }
if (getInstantAppPackageName(callingUid) != null
&& !isCallerSameApp(packageName, callingUid)) {
return false;
}
if (mExternalSourcesPolicy != null) {
int isTrusted = mExternalSourcesPolicy.getPackageTrustedToInstallApps(packageName, uid);
- if (isTrusted != PackageManagerInternal.ExternalSourcesPolicy.USER_DEFAULT) {
- return isTrusted == PackageManagerInternal.ExternalSourcesPolicy.USER_TRUSTED;
- }
+ return isTrusted == PackageManagerInternal.ExternalSourcesPolicy.USER_TRUSTED;
}
- return checkUidPermission(appOpPermission, uid) == PERMISSION_GRANTED;
+ return false;
}
@Override