mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2025-01-18 10:57:10 -05:00
082bc48c32
https://review.lineageos.org/q/topic:P_asb_2022-05 https://review.lineageos.org/q/topic:P_asb_2022-06 https://review.lineageos.org/q/topic:P_asb_2022-07 https://review.lineageos.org/q/topic:P_asb_2022-08 https://review.lineageos.org/q/topic:P_asb_2022-09 https://review.lineageos.org/q/topic:P_asb_2022-10 https://review.lineageos.org/q/topic:P_asb_2022-11 https://review.lineageos.org/q/topic:P_asb_2022-12 https://review.lineageos.org/q/topic:P_asb_2023-01 https://review.lineageos.org/q/topic:P_asb_2023-02 https://review.lineageos.org/q/topic:P_asb_2023-03 https://review.lineageos.org/q/topic:P_asb_2023-04 https://review.lineageos.org/q/topic:P_asb_2023-05 https://review.lineageos.org/q/topic:P_asb_2023-06 https://review.lineageos.org/q/topic:P_asb_2023-07 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/361250 https://review.lineageos.org/q/topic:P_asb_2023-08 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/364606 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/365328 https://review.lineageos.org/q/topic:P_asb_2023-09 https://review.lineageos.org/q/topic:P_asb_2023-10 https://review.lineageos.org/q/topic:P_asb_2023-11 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/374916 https://review.lineageos.org/q/topic:P_asb_2023-12 https://review.lineageos.org/q/topic:P_asb_2024-01 https://review.lineageos.org/q/topic:P_asb_2024-02 https://review.lineageos.org/q/topic:P_asb_2024-03 https://review.lineageos.org/q/topic:P_asb_2024-04 Signed-off-by: Tavi <tavi@divested.dev>
110 lines
4.9 KiB
Diff
110 lines
4.9 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Jing Ji <jji@google.com>
|
|
Date: Tue, 25 Oct 2022 22:39:52 -0700
|
|
Subject: [PATCH] DO NOT MERGE: ActivityManager#killBackgroundProcesses can
|
|
kill caller's own app only
|
|
|
|
unless it's a system app.
|
|
|
|
Bug: 239423414
|
|
Bug: 223376078
|
|
Test: atest CtsAppTestCases:ActivityManagerTest
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8b382775b258220466a977453905797521e159de)
|
|
Merged-In: Iac6baa889965b8ffecd9a43179a4c96632ad1d02
|
|
Change-Id: Iac6baa889965b8ffecd9a43179a4c96632ad1d02
|
|
---
|
|
core/java/android/app/ActivityManager.java | 3 ++
|
|
core/res/AndroidManifest.xml | 6 +++-
|
|
.../server/am/ActivityManagerService.java | 32 +++++++++++++++++--
|
|
3 files changed, 38 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/core/java/android/app/ActivityManager.java b/core/java/android/app/ActivityManager.java
|
|
index 83630f4c3693..51411c9e208e 100644
|
|
--- a/core/java/android/app/ActivityManager.java
|
|
+++ b/core/java/android/app/ActivityManager.java
|
|
@@ -3615,6 +3615,9 @@ public class ActivityManager {
|
|
* processes to reclaim memory; the system will take care of restarting
|
|
* these processes in the future as needed.
|
|
*
|
|
+ * <p class="note">Third party applications can only use this API to kill their own processes.
|
|
+ * </p>
|
|
+ *
|
|
* @param packageName The name of the package whose processes are to
|
|
* be killed.
|
|
*/
|
|
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
|
|
index 0aafab66dabd..d23501a86b79 100644
|
|
--- a/core/res/AndroidManifest.xml
|
|
+++ b/core/res/AndroidManifest.xml
|
|
@@ -2092,7 +2092,11 @@
|
|
android:protectionLevel="normal" />
|
|
|
|
<!-- Allows an application to call
|
|
- {@link android.app.ActivityManager#killBackgroundProcesses}.
|
|
+ {@link android.app.ActivityManager#killBackgroundProcesses}.
|
|
+
|
|
+ <p class="note">Third party applications can only use this API to kill their own
|
|
+ processes.</p>
|
|
+
|
|
<p>Protection level: normal
|
|
-->
|
|
<permission android:name="android.permission.KILL_BACKGROUND_PROCESSES"
|
|
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
|
|
index f522b20f7ccd..44761a523abb 100644
|
|
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
|
|
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
|
|
@@ -6810,8 +6810,20 @@ public class ActivityManagerService extends IActivityManager.Stub
|
|
Slog.w(TAG, msg);
|
|
throw new SecurityException(msg);
|
|
}
|
|
+ final int callingUid = Binder.getCallingUid();
|
|
+ final int callingPid = Binder.getCallingPid();
|
|
+ final int callingAppId = UserHandle.getAppId(callingUid);
|
|
|
|
- userId = mUserController.handleIncomingUser(Binder.getCallingPid(), Binder.getCallingUid(),
|
|
+ ProcessRecord proc;
|
|
+ synchronized (mPidsSelfLocked) {
|
|
+ proc = mPidsSelfLocked.get(callingPid);
|
|
+ }
|
|
+ final boolean hasKillAllPermission = PERMISSION_GRANTED == checkPermission(
|
|
+ android.Manifest.permission.FORCE_STOP_PACKAGES, callingPid, callingUid)
|
|
+ || UserHandle.isCore(callingUid)
|
|
+ || (proc != null && proc.info.isSystemApp());
|
|
+
|
|
+ userId = mUserController.handleIncomingUser(callingPid, callingUid,
|
|
userId, true, ALLOW_FULL_ONLY, "killBackgroundProcesses", null);
|
|
final int[] userIds = mUserController.expandUserId(userId);
|
|
|
|
@@ -6826,7 +6838,7 @@ public class ActivityManagerService extends IActivityManager.Stub
|
|
targetUserId));
|
|
} catch (RemoteException e) {
|
|
}
|
|
- if (appId == -1) {
|
|
+ if (appId == -1 || (!hasKillAllPermission && appId != callingAppId)) {
|
|
Slog.w(TAG, "Invalid packageName: " + packageName);
|
|
return;
|
|
}
|
|
@@ -6851,6 +6863,22 @@ public class ActivityManagerService extends IActivityManager.Stub
|
|
throw new SecurityException(msg);
|
|
}
|
|
|
|
+ final int callingUid = Binder.getCallingUid();
|
|
+ final int callingPid = Binder.getCallingPid();
|
|
+
|
|
+ ProcessRecord proc;
|
|
+ synchronized (mPidsSelfLocked) {
|
|
+ proc = mPidsSelfLocked.get(callingPid);
|
|
+ }
|
|
+ if (callingUid >= FIRST_APPLICATION_UID
|
|
+ && (proc == null || !proc.info.isSystemApp())) {
|
|
+ final String msg = "Permission Denial: killAllBackgroundProcesses() from pid="
|
|
+ + callingPid + ", uid=" + callingUid + " is not allowed";
|
|
+ Slog.w(TAG, msg);
|
|
+ // Silently return to avoid existing apps from crashing.
|
|
+ return;
|
|
+ }
|
|
+
|
|
final long callingId = Binder.clearCallingIdentity();
|
|
try {
|
|
synchronized (this) {
|