Only allow sysui or system to set a Task to always-on-top

Set task always-on-top was introduced in commit 8a16890 and no permission check was added. Luckily, the attribute only works if the Task is in multi-window mode. Bug: 379791774 Test: SafeActivityOptionsTest Flag: EXEMPT bugfix Change-Id: I0ca7a3a2e9100c0eae781cac483594dbdf090987
author: Louis Chang <louischang@google.com> 2024-11-19 06:26:45 +0000
committer: Louis Chang <louischang@google.com> 2024-11-21 00:56:11 +0000
commit: 096fce8b465a3e5043b3674933ed6181ce605b0f (patch)
tree: 36e291567220d42897dc09908163d68b2a4b59ae
parent: 662f37eaac19a550b50fd20ef513337aa49da4fb (diff)
2 files changed, 9 insertions, 2 deletions
diff --git a/services/core/java/com/android/server/wm/SafeActivityOptions.java b/services/core/java/com/android/server/wm/SafeActivityOptions.java
index 70b214cc71b5..88e534351e2e 100644
--- a/services/core/java/com/android/server/wm/SafeActivityOptions.java
+++ b/services/core/java/com/android/server/wm/SafeActivityOptions.java
@@ -361,10 +361,13 @@ public class SafeActivityOptions {
         }
 
         // If launched from bubble is specified, then ensure that the caller is system or sysui.
-        if (options.getLaunchedFromBubble() && !isSystemOrSystemUI(callingPid, callingUid)) {
+        if ((options.getLaunchedFromBubble() || options.getTaskAlwaysOnTop())
+                && !isSystemOrSystemUI(callingPid, callingUid)) {
             final String msg = "Permission Denial: starting " + getIntentString(intent)
                     + " from " + callerApp + " (pid=" + callingPid
-                    + ", uid=" + callingUid + ") with launchedFromBubble=true";
+                    + ", uid=" + callingUid + ") with"
+                    + (options.getLaunchedFromBubble() ? " launchedFromBubble=true" : "")
+                    + (options.getTaskAlwaysOnTop() ? " taskAlwaysOnTop=true" : "");
             Slog.w(TAG, msg);
             throw new SecurityException(msg);
         }
diff --git a/services/tests/wmtests/src/com/android/server/wm/SafeActivityOptionsTest.java b/services/tests/wmtests/src/com/android/server/wm/SafeActivityOptionsTest.java
index 791b5b59535a..a92fe3afbd78 100644
--- a/services/tests/wmtests/src/com/android/server/wm/SafeActivityOptionsTest.java
+++ b/services/tests/wmtests/src/com/android/server/wm/SafeActivityOptionsTest.java
@@ -162,6 +162,10 @@ public class SafeActivityOptionsTest {
             verifySecureExceptionThrown(activityOptions, taskSupervisor);
 
             activityOptions = ActivityOptions.makeBasic();
+            activityOptions.setTaskAlwaysOnTop(true);
+            verifySecureExceptionThrown(activityOptions, taskSupervisor);
+
+            activityOptions = ActivityOptions.makeBasic();
             activityOptions.setLaunchDisplayId(DEFAULT_DISPLAY);
             verifySecureExceptionThrown(activityOptions, taskSupervisor);
author	Louis Chang <louischang@google.com>	2024-11-19 06:26:45 +0000
committer	Louis Chang <louischang@google.com>	2024-11-21 00:56:11 +0000
commit	096fce8b465a3e5043b3674933ed6181ce605b0f (patch)
tree	36e291567220d42897dc09908163d68b2a4b59ae
parent	662f37eaac19a550b50fd20ef513337aa49da4fb (diff)