diff options
| author | 2023-06-29 12:26:32 +0000 | |
|---|---|---|
| committer | 2023-06-29 12:59:44 +0000 | |
| commit | 1ac1ad281fd4fc7c417b63f89bf75be5ec9518f2 (patch) | |
| tree | 98b375db9fae2164e90e4d933dc6841e0a4da1f9 | |
| parent | 4a30c1d21b4455637d93f536b8bdd0c0528d0057 (diff) | |
Make SDK sandbox BAL check multi-user aware
The existing logic does not work for multi-user apps, as the
BAL logic checks whether the user 0 app uid has an active
visible window. Instead, use the multi-user uid for this check.
Test: Manual
Test: atest ActivityStarterTests
Bug: 287476371
Change-Id: I2e2bffb4c38ad43d50f48fa71345d9b7bb605272
Merged-In: I2e2bffb4c38ad43d50f48fa71345d9b7bb605272
| -rw-r--r-- | services/core/java/com/android/server/wm/BackgroundActivityStartController.java | 2 | ||||
| -rw-r--r-- | services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java | 47 |
2 files changed, 47 insertions, 2 deletions
diff --git a/services/core/java/com/android/server/wm/BackgroundActivityStartController.java b/services/core/java/com/android/server/wm/BackgroundActivityStartController.java index dc49e8cea18b..f57e4c6c5c05 100644 --- a/services/core/java/com/android/server/wm/BackgroundActivityStartController.java +++ b/services/core/java/com/android/server/wm/BackgroundActivityStartController.java @@ -279,7 +279,7 @@ public class BackgroundActivityStartController { // visible window. if (Process.isSdkSandboxUid(realCallingUid)) { int realCallingSdkSandboxUidToAppUid = - Process.getAppUidForSdkSandboxUid(UserHandle.getAppId(realCallingUid)); + Process.getAppUidForSdkSandboxUid(realCallingUid); if (mService.hasActiveVisibleWindow(realCallingSdkSandboxUidToAppUid)) { return logStartAllowedAndReturnCode(BAL_ALLOW_SDK_SANDBOX, diff --git a/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java b/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java index 2671e771aa59..ad0877732503 100644 --- a/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java +++ b/services/tests/wmtests/src/com/android/server/wm/ActivityStarterTests.java @@ -74,7 +74,6 @@ import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertThat; import static org.junit.Assert.assertTrue; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyBoolean; @@ -103,6 +102,7 @@ import android.os.Binder; import android.os.IBinder; import android.os.Process; import android.os.RemoteException; +import android.os.UserHandle; import android.platform.test.annotations.Presubmit; import android.provider.DeviceConfig; import android.service.voice.IVoiceInteractionSession; @@ -159,6 +159,9 @@ public class ActivityStarterTests extends WindowTestsBase { private static final String FAKE_CALLING_PACKAGE = "com.whatever.dude"; private static final int UNIMPORTANT_UID = 12345; private static final int UNIMPORTANT_UID2 = 12346; + private static final int SDK_SANDBOX_UID = Process.toSdkSandboxUid(UNIMPORTANT_UID); + private static final int SECONDARY_USER_SDK_SANDBOX_UID = + UserHandle.getUid(10, SDK_SANDBOX_UID); private static final int CURRENT_IME_UID = 12347; protected final DeviceConfigStateHelper mDeviceConfig = new DeviceConfigStateHelper( @@ -958,6 +961,48 @@ public class ActivityStarterTests extends WindowTestsBase { mockingSession.finishMocking(); } + + @Test + public void testBackgroundActivityStartsAllowed_sdkSandboxClientAppHasVisibleWindow() { + doReturn(false).when(mAtm).isBackgroundActivityStartsEnabled(); + // The SDK's associated client app has a visible window + doReturn(true).when(mAtm).hasActiveVisibleWindow( + Process.getAppUidForSdkSandboxUid(SDK_SANDBOX_UID)); + runAndVerifyBackgroundActivityStartsSubtest( + "allowed_sdkSandboxClientAppHasVisibleWindow", false, SDK_SANDBOX_UID, + false, PROCESS_STATE_TOP, SDK_SANDBOX_UID, false, + PROCESS_STATE_TOP, true, false, false, + false, false, false, false, false); + } + + @Test + public void testBackgroundActivityStartsDisallowed_sdkSandboxClientHasNoVisibleWindow() { + doReturn(false).when(mAtm).isBackgroundActivityStartsEnabled(); + // The SDK's associated client app does not have a visible window + doReturn(false).when(mAtm).hasActiveVisibleWindow( + Process.getAppUidForSdkSandboxUid(SDK_SANDBOX_UID)); + runAndVerifyBackgroundActivityStartsSubtest( + "disallowed_sdkSandboxClientHasNoVisibleWindow", true, SDK_SANDBOX_UID, + false, PROCESS_STATE_TOP, SDK_SANDBOX_UID, false, + PROCESS_STATE_TOP, true, false, false, + false, false, false, false, false); + + } + + @Test + public void testBackgroundActivityStartsAllowed_sdkSandboxMultiUserClientHasVisibleWindow() { + doReturn(false).when(mAtm).isBackgroundActivityStartsEnabled(); + // The SDK's associated client app has a visible window + doReturn(true).when(mAtm).hasActiveVisibleWindow( + Process.getAppUidForSdkSandboxUid(SECONDARY_USER_SDK_SANDBOX_UID)); + runAndVerifyBackgroundActivityStartsSubtest( + "allowed_sdkSandboxMultiUserClientHasVisibleWindow", false, + SECONDARY_USER_SDK_SANDBOX_UID, false, PROCESS_STATE_TOP, + SECONDARY_USER_SDK_SANDBOX_UID, false, PROCESS_STATE_TOP, + false, false, false, false, + false, false, false, false); + } + private void runAndVerifyBackgroundActivityStartsSubtest(String name, boolean shouldHaveAborted, int callingUid, boolean callingUidHasVisibleWindow, int callingUidProcState, int realCallingUid, boolean realCallingUidHasVisibleWindow, int realCallingUidProcState, |