Merge "DO NOT MERGE: Context#startInstrumentation could be started from SHELL only now." into sc-v2-dev

author: Jing Ji <jji@google.com> 2022-11-14 22:11:38 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2022-11-14 22:11:38 +0000
commit: a268a9908323e2fe2bbe0c7a58ac6b7420c59441 (patch)
tree: dd2a83c6116c5e1f80ec7ae4adfe54c82c8e789a
parent: 5354054d12a24ca7d05b0b0ba96c8efb6fc0bbb4 (diff)
parent: 74b6e62aedd9bcf081a4571706ce2856bb300edc (diff)
1 files changed, 34 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index 19f933c8c986..10b52e6bf529 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -13851,6 +13851,17 @@ public class ActivityManagerService extends IActivityManager.Stub
                     throw new SecurityException(msg);
                 }
             }
+            if (!Build.IS_DEBUGGABLE && callingUid != ROOT_UID && callingUid != SHELL_UID
+                    && callingUid != SYSTEM_UID && !hasActiveInstrumentationLocked(callingPid)) {
+                // If it's not debug build and not called from root/shell/system uid, reject it.
+                final String msg = "Permission Denial: instrumentation test "
+                        + className + " from pid=" + callingPid + ", uid=" + callingUid
+                        + ", pkgName=" + getPackageNameByPid(callingPid)
+                        + " not allowed because it's not started from SHELL";
+                Slog.wtfQuiet(TAG, msg);
+                reportStartInstrumentationFailureLocked(watcher, className, msg);
+                throw new SecurityException(msg);
+            }
 
             ActiveInstrumentation activeInstr = new ActiveInstrumentation(this);
             activeInstr.mClass = className;
@@ -13949,6 +13960,29 @@ public class ActivityManagerService extends IActivityManager.Stub
         }
     }
 
+    @GuardedBy("this")
+    private boolean hasActiveInstrumentationLocked(int pid) {
+        if (pid == 0) {
+            return false;
+        }
+        synchronized (mPidsSelfLocked) {
+            ProcessRecord process = mPidsSelfLocked.get(pid);
+            return process != null && process.getActiveInstrumentation() != null;
+        }
+    }
+
+    private String getPackageNameByPid(int pid) {
+        synchronized (mPidsSelfLocked) {
+            final ProcessRecord app = mPidsSelfLocked.get(pid);
+
+            if (app != null && app.info != null) {
+                return app.info.packageName;
+            }
+
+            return null;
+        }
+    }
+
     private boolean isCallerShell() {
         final int callingUid = Binder.getCallingUid();
         return callingUid == SHELL_UID || callingUid == ROOT_UID;
author	Jing Ji <jji@google.com>	2022-11-14 22:11:38 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2022-11-14 22:11:38 +0000
commit	a268a9908323e2fe2bbe0c7a58ac6b7420c59441 (patch)
tree	dd2a83c6116c5e1f80ec7ae4adfe54c82c8e789a
parent	5354054d12a24ca7d05b0b0ba96c8efb6fc0bbb4 (diff)
parent	74b6e62aedd9bcf081a4571706ce2856bb300edc (diff)