am bf0439a7: am 02f3cf79: am 523a19bf: am c9a0c0b9: Lockdown AM.getRunningAppProcesses API with permission.REAL_GET_TASKS

* commit 'bf0439a7e8824b4288f52c952a6808c8bdaf3235': Lockdown AM.getRunningAppProcesses API with permission.REAL_GET_TASKS
author: Wale Ogunwale <ogunwale@google.com> 2015-05-27 05:35:52 +0000
committer: Android Git Automerger <android-git-automerger@android.com> 2015-05-27 05:35:52 +0000
commit: 0f7712407d96a847845b10eef34d9a259c687533 (patch)
tree: d2caa7605411ce820916f1fcfac4d077d014aa3c
parent: d4e00d2b9d29e62b1ad989afb1fe2bfe3b519891 (diff)
parent: bf0439a7e8824b4288f52c952a6808c8bdaf3235 (diff)
1 files changed, 13 insertions, 6 deletions
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index ae2d5f7fc3fb..4844aa99d98d 100755
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -8126,7 +8126,7 @@ public final class ActivityManagerService extends ActivityManagerNative
         }
         if (!allowed) {
             Slog.w(TAG, caller + ": caller " + callingUid
-                    + " does not hold GET_TASKS; limiting output");
+                    + " does not hold REAL_GET_TASKS; limiting output");
         }
         return allowed;
     }
@@ -12250,16 +12250,23 @@ public final class ActivityManagerService extends ActivityManagerNative
 
     public List<ActivityManager.RunningAppProcessInfo> getRunningAppProcesses() {
         enforceNotIsolatedCaller("getRunningAppProcesses");
+
+        final int callingUid = Binder.getCallingUid();
+
         // Lazy instantiation of list
         List<ActivityManager.RunningAppProcessInfo> runList = null;
         final boolean allUsers = ActivityManager.checkUidPermission(INTERACT_ACROSS_USERS_FULL,
-                Binder.getCallingUid()) == PackageManager.PERMISSION_GRANTED;
-        int userId = UserHandle.getUserId(Binder.getCallingUid());
+                callingUid) == PackageManager.PERMISSION_GRANTED;
+        final int userId = UserHandle.getUserId(callingUid);
+        final boolean allUids = isGetTasksAllowed(
+                "getRunningAppProcesses", Binder.getCallingPid(), callingUid);
+
         synchronized (this) {
             // Iterate across all processes
-            for (int i=mLruProcesses.size()-1; i>=0; i--) {
+            for (int i = mLruProcesses.size() - 1; i >= 0; i--) {
                 ProcessRecord app = mLruProcesses.get(i);
-                if (!allUsers && app.userId != userId) {
+                if ((!allUsers && app.userId != userId)
+                        || (!allUids && app.uid != callingUid)) {
                     continue;
                 }
                 if ((app.thread != null) && (!app.crashing && !app.notResponding)) {
@@ -12283,7 +12290,7 @@ public final class ActivityManagerService extends ActivityManagerNative
                     //Slog.v(TAG, "Proc " + app.processName + ": imp=" + currApp.importance
                     //        + " lru=" + currApp.lru);
                     if (runList == null) {
-                        runList = new ArrayList<ActivityManager.RunningAppProcessInfo>();
+                        runList = new ArrayList<>();
                     }
                     runList.add(currApp);
                 }
author	Wale Ogunwale <ogunwale@google.com>	2015-05-27 05:35:52 +0000
committer	Android Git Automerger <android-git-automerger@android.com>	2015-05-27 05:35:52 +0000
commit	0f7712407d96a847845b10eef34d9a259c687533 (patch)
tree	d2caa7605411ce820916f1fcfac4d077d014aa3c
parent	d4e00d2b9d29e62b1ad989afb1fe2bfe3b519891 (diff)
parent	bf0439a7e8824b4288f52c952a6808c8bdaf3235 (diff)