mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-15 10:54:27 -05:00
75 lines
3.7 KiB
Diff
75 lines
3.7 KiB
Diff
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||
|
From: Nan Wu <wnan@google.com>
|
||
|
Date: Fri, 25 Aug 2023 15:02:28 +0000
|
||
|
Subject: [PATCH] RESTRICT AUTOMERGE Log to detect usage of whitelistToken when
|
||
|
sending non-PI target
|
||
|
|
||
|
Log ActivityManagerService.sendIntentSender if the target is not a
|
||
|
PendingIntent and a non-null whitelistToken is sent to the client.
|
||
|
This is simply to detect if there are real cases this would happen
|
||
|
before we decide simply remove whitelistToken in that case.
|
||
|
|
||
|
Do not pass whitelistToken when sending non-PI target
|
||
|
|
||
|
In ActivityManagerService.sendIntentSender, if the target is not a
|
||
|
PendingIntent, do not send whitelistToken to the client.
|
||
|
|
||
|
Bug: 279428283
|
||
|
Test: Manual test
|
||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:5f12deecd46e79212deba584a1afea97d401dd52)
|
||
|
Merged-In: I017486354a1ab2f14d0472c355583d53c27c4810
|
||
|
Change-Id: I017486354a1ab2f14d0472c355583d53c27c4810
|
||
|
---
|
||
|
.../server/am/ActivityManagerService.java | 20 +++++++++++++++----
|
||
|
1 file changed, 16 insertions(+), 4 deletions(-)
|
||
|
|
||
|
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
|
||
|
index faeb5f348834..41b1ddaf887b 100644
|
||
|
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
|
||
|
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
|
||
|
@@ -160,7 +160,6 @@ import android.app.AppOpsManager;
|
||
|
import android.app.AppOpsManagerInternal.CheckOpsDelegate;
|
||
|
import android.app.ApplicationErrorReport;
|
||
|
import android.app.ApplicationThreadConstants;
|
||
|
-import android.app.AppOpsManager;
|
||
|
import android.app.BroadcastOptions;
|
||
|
import android.app.ContentProviderHolder;
|
||
|
import android.app.Dialog;
|
||
|
@@ -5465,12 +5464,12 @@ public class ActivityManagerService extends IActivityManager.Stub
|
||
|
}
|
||
|
|
||
|
@Override
|
||
|
- public int sendIntentSender(IIntentSender target, IBinder whitelistToken, int code,
|
||
|
+ public int sendIntentSender(IIntentSender target, IBinder allowlistToken, int code,
|
||
|
Intent intent, String resolvedType,
|
||
|
IIntentReceiver finishedReceiver, String requiredPermission, Bundle options) {
|
||
|
if (target instanceof PendingIntentRecord) {
|
||
|
return ((PendingIntentRecord)target).sendWithResult(code, intent, resolvedType,
|
||
|
- whitelistToken, finishedReceiver, requiredPermission, options);
|
||
|
+ allowlistToken, finishedReceiver, requiredPermission, options);
|
||
|
} else {
|
||
|
if (intent == null) {
|
||
|
// Weird case: someone has given us their own custom IIntentSender, and now
|
||
|
@@ -5482,7 +5481,20 @@ public class ActivityManagerService extends IActivityManager.Stub
|
||
|
intent = new Intent(Intent.ACTION_MAIN);
|
||
|
}
|
||
|
try {
|
||
|
- target.send(code, intent, resolvedType, whitelistToken, null,
|
||
|
+ if (allowlistToken != null) {
|
||
|
+ final int callingUid = Binder.getCallingUid();
|
||
|
+ final String packageName;
|
||
|
+ final long token = Binder.clearCallingIdentity();
|
||
|
+ try {
|
||
|
+ packageName = AppGlobals.getPackageManager().getNameForUid(callingUid);
|
||
|
+ } finally {
|
||
|
+ Binder.restoreCallingIdentity(token);
|
||
|
+ }
|
||
|
+ Slog.wtf(TAG, "Send a non-null allowlistToken to a non-PI target."
|
||
|
+ + " Calling package: " + packageName + "; intent: " + intent
|
||
|
+ + "; options: " + options);
|
||
|
+ }
|
||
|
+ target.send(code, intent, resolvedType, null, null,
|
||
|
requiredPermission, options);
|
||
|
} catch (RemoteException e) {
|
||
|
}
|