mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
0af4e77a38
Signed-off-by: Tavi <tavi@divested.dev>
67 lines
3.4 KiB
Diff
67 lines
3.4 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Nan Wu <wnan@google.com>
|
|
Date: Fri, 25 Aug 2023 15:02:28 +0000
|
|
Subject: [PATCH] RESTRICT AUTOMERGE Log to detect usage of whitelistToken when
|
|
sending non-PI target
|
|
|
|
Log ActivityManagerService.sendIntentSender if the target is not a
|
|
PendingIntent and a non-null whitelistToken is sent to the client.
|
|
This is simply to detect if there are real cases this would happen
|
|
before we decide simply remove whitelistToken in that case.
|
|
|
|
Do not pass whitelistToken when sending non-PI target
|
|
|
|
In ActivityManagerService.sendIntentSender, if the target is not a
|
|
PendingIntent, do not send whitelistToken to the client.
|
|
|
|
Bug: 279428283
|
|
Test: Manual test
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:5f12deecd46e79212deba584a1afea97d401dd52)
|
|
Merged-In: I017486354a1ab2f14d0472c355583d53c27c4810
|
|
Change-Id: I017486354a1ab2f14d0472c355583d53c27c4810
|
|
---
|
|
.../server/am/ActivityManagerService.java | 19 ++++++++++++++++---
|
|
1 file changed, 16 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
|
|
index 847beb87408d..e1159493fe24 100644
|
|
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
|
|
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
|
|
@@ -8625,12 +8625,12 @@ public class ActivityManagerService extends IActivityManager.Stub
|
|
}
|
|
|
|
@Override
|
|
- public int sendIntentSender(IIntentSender target, IBinder whitelistToken, int code,
|
|
+ public int sendIntentSender(IIntentSender target, IBinder allowlistToken, int code,
|
|
Intent intent, String resolvedType,
|
|
IIntentReceiver finishedReceiver, String requiredPermission, Bundle options) {
|
|
if (target instanceof PendingIntentRecord) {
|
|
return ((PendingIntentRecord)target).sendWithResult(code, intent, resolvedType,
|
|
- whitelistToken, finishedReceiver, requiredPermission, options);
|
|
+ allowlistToken, finishedReceiver, requiredPermission, options);
|
|
} else {
|
|
if (intent == null) {
|
|
// Weird case: someone has given us their own custom IIntentSender, and now
|
|
@@ -8642,7 +8642,20 @@ public class ActivityManagerService extends IActivityManager.Stub
|
|
intent = new Intent(Intent.ACTION_MAIN);
|
|
}
|
|
try {
|
|
- target.send(code, intent, resolvedType, whitelistToken, null,
|
|
+ if (allowlistToken != null) {
|
|
+ final int callingUid = Binder.getCallingUid();
|
|
+ final String packageName;
|
|
+ final long token = Binder.clearCallingIdentity();
|
|
+ try {
|
|
+ packageName = AppGlobals.getPackageManager().getNameForUid(callingUid);
|
|
+ } finally {
|
|
+ Binder.restoreCallingIdentity(token);
|
|
+ }
|
|
+ Slog.wtf(TAG, "Send a non-null allowlistToken to a non-PI target."
|
|
+ + " Calling package: " + packageName + "; intent: " + intent
|
|
+ + "; options: " + options);
|
|
+ }
|
|
+ target.send(code, intent, resolvedType, null, null,
|
|
requiredPermission, options);
|
|
} catch (RemoteException e) {
|
|
}
|