mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2025-01-06 13:18:02 -05:00
59bf3b75c7
https://review.lineageos.org/c/LineageOS/android_frameworks_base/+/353117 https://review.lineageos.org/q/topic:Q_asb_2023-03 https://review.lineageos.org/q/topic:Q_asb_2023-04 https://review.lineageos.org/q/topic:Q_asb_2023-05 https://review.lineageos.org/q/topic:Q_asb_2023-06 https://review.lineageos.org/q/topic:Q_asb_2023-07 https://review.lineageos.org/q/topic:Q_asb_2023-08 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376560 https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376561 https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376562 https://review.lineageos.org/q/topic:Q_asb_2023-09 https://review.lineageos.org/q/topic:Q_asb_2023-10 https://review.lineageos.org/q/topic:Q_asb_2023-11 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376563 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_webp/+/376568 https://review.lineageos.org/q/topic:Q_asb_2023-12 https://review.lineageos.org/q/topic:Q_asb_2024-01 https://review.lineageos.org/q/topic:Q_asb_2024-02 https://review.lineageos.org/q/topic:Q_asb_2024-03 Signed-off-by: Tavi <tavi@divested.dev>
75 lines
3.7 KiB
Diff
75 lines
3.7 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Nan Wu <wnan@google.com>
|
|
Date: Fri, 25 Aug 2023 15:02:28 +0000
|
|
Subject: [PATCH] RESTRICT AUTOMERGE Log to detect usage of whitelistToken when
|
|
sending non-PI target
|
|
|
|
Log ActivityManagerService.sendIntentSender if the target is not a
|
|
PendingIntent and a non-null whitelistToken is sent to the client.
|
|
This is simply to detect if there are real cases this would happen
|
|
before we decide simply remove whitelistToken in that case.
|
|
|
|
Do not pass whitelistToken when sending non-PI target
|
|
|
|
In ActivityManagerService.sendIntentSender, if the target is not a
|
|
PendingIntent, do not send whitelistToken to the client.
|
|
|
|
Bug: 279428283
|
|
Test: Manual test
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:5f12deecd46e79212deba584a1afea97d401dd52)
|
|
Merged-In: I017486354a1ab2f14d0472c355583d53c27c4810
|
|
Change-Id: I017486354a1ab2f14d0472c355583d53c27c4810
|
|
---
|
|
.../server/am/ActivityManagerService.java | 20 +++++++++++++++----
|
|
1 file changed, 16 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
|
|
index faeb5f348834..41b1ddaf887b 100644
|
|
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
|
|
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
|
|
@@ -160,7 +160,6 @@ import android.app.AppOpsManager;
|
|
import android.app.AppOpsManagerInternal.CheckOpsDelegate;
|
|
import android.app.ApplicationErrorReport;
|
|
import android.app.ApplicationThreadConstants;
|
|
-import android.app.AppOpsManager;
|
|
import android.app.BroadcastOptions;
|
|
import android.app.ContentProviderHolder;
|
|
import android.app.Dialog;
|
|
@@ -5465,12 +5464,12 @@ public class ActivityManagerService extends IActivityManager.Stub
|
|
}
|
|
|
|
@Override
|
|
- public int sendIntentSender(IIntentSender target, IBinder whitelistToken, int code,
|
|
+ public int sendIntentSender(IIntentSender target, IBinder allowlistToken, int code,
|
|
Intent intent, String resolvedType,
|
|
IIntentReceiver finishedReceiver, String requiredPermission, Bundle options) {
|
|
if (target instanceof PendingIntentRecord) {
|
|
return ((PendingIntentRecord)target).sendWithResult(code, intent, resolvedType,
|
|
- whitelistToken, finishedReceiver, requiredPermission, options);
|
|
+ allowlistToken, finishedReceiver, requiredPermission, options);
|
|
} else {
|
|
if (intent == null) {
|
|
// Weird case: someone has given us their own custom IIntentSender, and now
|
|
@@ -5482,7 +5481,20 @@ public class ActivityManagerService extends IActivityManager.Stub
|
|
intent = new Intent(Intent.ACTION_MAIN);
|
|
}
|
|
try {
|
|
- target.send(code, intent, resolvedType, whitelistToken, null,
|
|
+ if (allowlistToken != null) {
|
|
+ final int callingUid = Binder.getCallingUid();
|
|
+ final String packageName;
|
|
+ final long token = Binder.clearCallingIdentity();
|
|
+ try {
|
|
+ packageName = AppGlobals.getPackageManager().getNameForUid(callingUid);
|
|
+ } finally {
|
|
+ Binder.restoreCallingIdentity(token);
|
|
+ }
|
|
+ Slog.wtf(TAG, "Send a non-null allowlistToken to a non-PI target."
|
|
+ + " Calling package: " + packageName + "; intent: " + intent
|
|
+ + "; options: " + options);
|
|
+ }
|
|
+ target.send(code, intent, resolvedType, null, null,
|
|
requiredPermission, options);
|
|
} catch (RemoteException e) {
|
|
}
|