diff options
| author | 2022-01-25 11:57:46 +0800 | |
|---|---|---|
| committer | 2022-01-25 12:00:57 +0800 | |
| commit | 51d287d831364cb158330e132cd11b4c596c04c2 (patch) | |
| tree | 27f7bfbcc83451d3cb9bca1ba36ee281bf57e09b | |
| parent | 6dcb9e28beeafcef26966e47e76d83d8efd0f37a (diff) | |
[RESTRICT AUTOMERGE] Do not resume activity if behind a translucent task
The top-focusable activity resides in the RESUMED state while the app
process is newly created and attached. The behavior may enable UI
hijacking attacks against apps implementing authentication.
This CL disallows the system to resume the activity for the case if it
is not visible or is occluded by other translucent tasks.
Bug: 211481342
Test: atest CtsWindowManagerDeviceTestCases:ActivityLifecycleTests
Change-Id: I7903494cf928b5b5613700262b7c5fff10f3c5a0
3 files changed, 14 insertions, 2 deletions
diff --git a/services/core/java/com/android/server/wm/EnsureActivitiesVisibleHelper.java b/services/core/java/com/android/server/wm/EnsureActivitiesVisibleHelper.java index 316c20ba5c47..e08816117f2b 100644 --- a/services/core/java/com/android/server/wm/EnsureActivitiesVisibleHelper.java +++ b/services/core/java/com/android/server/wm/EnsureActivitiesVisibleHelper.java @@ -93,7 +93,7 @@ class EnsureActivitiesVisibleHelper { // activities are actually behind other fullscreen activities, but still required // to be visible (such as performing Recents animation). final boolean resumeTopActivity = mTop != null && !mTop.mLaunchTaskBehind - && mTask.isTopActivityFocusable() + && mTask.canBeResumed(starting) && (starting == null || !starting.isDescendantOf(mTask)); mTask.forAllActivities(a -> { diff --git a/services/core/java/com/android/server/wm/RootWindowContainer.java b/services/core/java/com/android/server/wm/RootWindowContainer.java index bd688a618c63..01c1989a80cb 100644 --- a/services/core/java/com/android/server/wm/RootWindowContainer.java +++ b/services/core/java/com/android/server/wm/RootWindowContainer.java @@ -1948,7 +1948,8 @@ class RootWindowContainer extends WindowContainer<DisplayContent> try { if (mTaskSupervisor.realStartActivityLocked(r, app, - top == r && r.isFocusable() /*andResume*/, true /*checkConfig*/)) { + top == r && r.getTask().canBeResumed(r) /*andResume*/, + true /*checkConfig*/)) { mTmpBoolean = true; } } catch (RemoteException e) { diff --git a/services/core/java/com/android/server/wm/Task.java b/services/core/java/com/android/server/wm/Task.java index c0e339f8a6b7..2e641717cb7f 100644 --- a/services/core/java/com/android/server/wm/Task.java +++ b/services/core/java/com/android/server/wm/Task.java @@ -4241,6 +4241,17 @@ class Task extends WindowContainer<WindowContainer> { } /** + * Returns {@code true} is the activity in this Task can be resumed. + * + * @param starting The currently starting activity or {@code null} if there is none. + */ + boolean canBeResumed(@Nullable ActivityRecord starting) { + // No need to resume activity in Task that is not visible. + return isTopActivityFocusable() + && getVisibility(starting) == TASK_VISIBILITY_VISIBLE; + } + + /** * Returns true if the task should be visible. * * @param starting The currently starting activity or null if there is none. |