Merge "Fix crash for cross-process embedding" into tm-dev am: 450a25477f

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/17951966 Change-Id: I212b48636715702e1161fc33dbcdc4fe5068639a Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
author: Chris Li <lihongyu@google.com> 2022-04-27 10:24:09 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2022-04-27 10:24:09 +0000
commit: 0ef5142b6bc2a46e5af76cd92e04a2786681f47d (patch)
tree: 21173cac607d2a670dd153c6ea6980ebf334c019
parent: 27f98c6c1dcf79d527c6f8b66391be4b181399b8 (diff)
parent: 450a25477fd508493b2c41696a4b05f7acdcb0d4 (diff)
3 files changed, 31 insertions, 3 deletions
diff --git a/services/core/java/com/android/server/wm/TaskFragment.java b/services/core/java/com/android/server/wm/TaskFragment.java
index 1beb32cfdd52..4cb4e9175534 100644
--- a/services/core/java/com/android/server/wm/TaskFragment.java
+++ b/services/core/java/com/android/server/wm/TaskFragment.java
@@ -591,8 +591,9 @@ class TaskFragment extends WindowContainer<WindowContainer> {
      * @see #isAllowedToEmbedActivityInTrustedMode(ActivityRecord)
      */
     boolean isAllowedToBeEmbeddedInTrustedMode() {
-        final Predicate<ActivityRecord> callback = this::isAllowedToEmbedActivityInTrustedMode;
-        return forAllActivities(callback);
+        // Traverse all activities to see if any of them are not in the trusted mode.
+        final Predicate<ActivityRecord> callback = r -> !isAllowedToEmbedActivityInTrustedMode(r);
+        return !forAllActivities(callback);
     }
 
     /**
diff --git a/services/core/java/com/android/server/wm/WindowOrganizerController.java b/services/core/java/com/android/server/wm/WindowOrganizerController.java
index 7de8ed597762..137a3ac81b9b 100644
--- a/services/core/java/com/android/server/wm/WindowOrganizerController.java
+++ b/services/core/java/com/android/server/wm/WindowOrganizerController.java
@@ -1438,7 +1438,8 @@ class WindowOrganizerController extends IWindowOrganizerController.Stub
         }
         final WindowConfiguration requestedWindowConfig = requestedConfig.windowConfiguration;
         final WindowConfiguration parentWindowConfig = parentConfig.windowConfiguration;
-        if (!parentWindowConfig.getBounds().contains(requestedWindowConfig.getBounds())) {
+        if (!requestedWindowConfig.getBounds().isEmpty()
+                && !parentWindowConfig.getBounds().contains(requestedWindowConfig.getBounds())) {
             String msg = "Permission Denial: " + func + " from pid="
                     + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid()
                     + " trying to apply bounds outside of parent for non-trusted host,"
@@ -1447,6 +1448,7 @@ class WindowOrganizerController extends IWindowOrganizerController.Stub
             throw new SecurityException(msg);
         }
         if (requestedWindowConfig.getAppBounds() != null
+                && !requestedWindowConfig.getAppBounds().isEmpty()
                 && parentWindowConfig.getAppBounds() != null
                 && !parentWindowConfig.getAppBounds().contains(
                         requestedWindowConfig.getAppBounds())) {
diff --git a/services/tests/wmtests/src/com/android/server/wm/TaskFragmentTest.java b/services/tests/wmtests/src/com/android/server/wm/TaskFragmentTest.java
index 3c14777cd7d1..b2043c38d00a 100644
--- a/services/tests/wmtests/src/com/android/server/wm/TaskFragmentTest.java
+++ b/services/tests/wmtests/src/com/android/server/wm/TaskFragmentTest.java
@@ -403,4 +403,29 @@ public class TaskFragmentTest extends WindowTestsBase {
         assertFalse(activity0.hasOverlayOverUntrustedModeEmbedded());
         assertFalse(activity1.hasOverlayOverUntrustedModeEmbedded());
     }
+
+    @Test
+    public void testIsAllowedToBeEmbeddedInTrustedMode() {
+        final TaskFragment taskFragment = new TaskFragmentBuilder(mAtm)
+                .setCreateParentTask()
+                .createActivityCount(2)
+                .build();
+        final ActivityRecord activity0 = taskFragment.getBottomMostActivity();
+        final ActivityRecord activity1 = taskFragment.getTopMostActivity();
+
+        // Allowed if all children activities are allowed.
+        doReturn(true).when(taskFragment).isAllowedToEmbedActivityInTrustedMode(activity0);
+        doReturn(true).when(taskFragment).isAllowedToEmbedActivityInTrustedMode(activity1);
+
+        assertTrue(taskFragment.isAllowedToBeEmbeddedInTrustedMode());
+
+        // Disallowed if any child activity is not allowed.
+        doReturn(false).when(taskFragment).isAllowedToEmbedActivityInTrustedMode(activity0);
+
+        assertFalse(taskFragment.isAllowedToBeEmbeddedInTrustedMode());
+
+        doReturn(false).when(taskFragment).isAllowedToEmbedActivityInTrustedMode(activity1);
+
+        assertFalse(taskFragment.isAllowedToBeEmbeddedInTrustedMode());
+    }
 }
author	Chris Li <lihongyu@google.com>	2022-04-27 10:24:09 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-27 10:24:09 +0000
commit	0ef5142b6bc2a46e5af76cd92e04a2786681f47d (patch)
tree	21173cac607d2a670dd153c6ea6980ebf334c019
parent	27f98c6c1dcf79d527c6f8b66391be4b181399b8 (diff)
parent	450a25477fd508493b2c41696a4b05f7acdcb0d4 (diff)