2024-06-19 18:43:50 -04:00
|
|
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
2024-06-19 18:14:14 -04:00
|
|
|
From: Jing Ji <jji@google.com>
|
|
|
|
Date: Tue, 25 Oct 2022 22:39:52 -0700
|
|
|
|
Subject: [PATCH] DO NOT MERGE: ActivityManager#killBackgroundProcesses can
|
|
|
|
kill caller's own app only
|
|
|
|
|
|
|
|
unless it's a system app.
|
|
|
|
|
|
|
|
Bug: 239423414
|
|
|
|
Bug: 223376078
|
|
|
|
Test: atest CtsAppTestCases:ActivityManagerTest
|
|
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d1c95670b248df945784b0f2830acf83b5682de3)
|
|
|
|
Merged-In: Iac6baa889965b8ffecd9a43179a4c96632ad1d02
|
|
|
|
AOSP-Change-Id: Iac6baa889965b8ffecd9a43179a4c96632ad1d02
|
|
|
|
|
|
|
|
Change-Id: I41cd6fa1f71e950db18a9fd450355c4e6f80ec7d
|
|
|
|
---
|
|
|
|
.../server/am/ActivityManagerService.java | 16 ++++++++++++++++
|
|
|
|
1 file changed, 16 insertions(+)
|
|
|
|
|
|
|
|
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
|
2024-06-19 18:43:50 -04:00
|
|
|
index 98d7cecd81ca..bcb7276b4014 100644
|
2024-06-19 18:14:14 -04:00
|
|
|
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
|
|
|
|
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
|
2024-06-19 18:43:50 -04:00
|
|
|
@@ -4217,6 +4217,22 @@ public class ActivityManagerService extends IActivityManager.Stub
|
2024-06-19 18:14:14 -04:00
|
|
|
throw new SecurityException(msg);
|
|
|
|
}
|
|
|
|
|
|
|
|
+ final int callingUid = Binder.getCallingUid();
|
|
|
|
+ final int callingPid = Binder.getCallingPid();
|
|
|
|
+
|
|
|
|
+ ProcessRecord proc;
|
|
|
|
+ synchronized (mPidsSelfLocked) {
|
|
|
|
+ proc = mPidsSelfLocked.get(callingPid);
|
|
|
|
+ }
|
|
|
|
+ if (callingUid >= FIRST_APPLICATION_UID
|
|
|
|
+ && (proc == null || !proc.info.isSystemApp())) {
|
|
|
|
+ final String msg = "Permission Denial: killAllBackgroundProcesses() from pid="
|
|
|
|
+ + callingPid + ", uid=" + callingUid + " is not allowed";
|
|
|
|
+ Slog.w(TAG, msg);
|
|
|
|
+ // Silently return to avoid existing apps from crashing.
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
final long callingId = Binder.clearCallingIdentity();
|
|
|
|
try {
|
|
|
|
synchronized (this) {
|