diff options
| author | 2024-08-19 16:26:04 -0700 | |
|---|---|---|
| committer | 2024-08-21 13:04:06 -0700 | |
| commit | b9cb014ded90ff9f1bacb8c95b6728057d524e56 (patch) | |
| tree | b633019a208570b83262b93bb008a5e79ef119bb | |
| parent | 8642a8dbb0c88ed86dcf6eba472d2bfc6a8a5d4c (diff) | |
Modify A11yMS to satisfy level-1 compatibility for MUMD
- Modify system action registration and unregistration to work
only for the driver.
- Track only the display of the driver when tracking windows
- Modify notifyAccessibilityButtonClicked,
notifyAccessibilityButtonVisibilityChanged to work only for
the driver.
- Block the registration of passenger's AccessibilityDisplayProxy.
- Modify UiAutomation#performGlobalAction to work only for the driver.
- Modify UiAutomation#setAnimationScale to work only for the driver.
Bug: 346195390
Test: atest CtsAccessibilityServiceTestCases
atest FrameworksServicesTests
atest CtsUiAutomationTestCases
atest --user-type secondary_user_on_secondary_display CtsUiAutomationTestCases
Flag: EXEMPT bug fix
(cherrypick of https://partner-android-review.git.corp.google.com/c/platform/frameworks/base/+/2841242)
Change-Id: I970732e3a581275d4c4ca5e95c1c3235b27d32c1
3 files changed, 84 insertions, 6 deletions
diff --git a/services/accessibility/java/com/android/server/accessibility/AbstractAccessibilityServiceConnection.java b/services/accessibility/java/com/android/server/accessibility/AbstractAccessibilityServiceConnection.java index edb6390ea874..3224b27d5803 100644 --- a/services/accessibility/java/com/android/server/accessibility/AbstractAccessibilityServiceConnection.java +++ b/services/accessibility/java/com/android/server/accessibility/AbstractAccessibilityServiceConnection.java @@ -34,6 +34,7 @@ import static android.view.accessibility.AccessibilityNodeInfo.ACTION_CLEAR_ACCE import static android.view.accessibility.AccessibilityNodeInfo.ACTION_CLICK; import static android.view.accessibility.AccessibilityNodeInfo.ACTION_LONG_CLICK; +import static com.android.server.pm.UserManagerService.enforceCurrentUserIfVisibleBackgroundEnabled; import static com.android.window.flags.Flags.deleteCaptureDisplay; import android.accessibilityservice.AccessibilityGestureEvent; @@ -1100,11 +1101,14 @@ abstract class AbstractAccessibilityServiceConnection extends IAccessibilityServ if (svcConnTracingEnabled()) { logTraceSvcConn("performGlobalAction", "action=" + action); } + int currentUserId; synchronized (mLock) { if (!hasRightsToCurrentUserLocked()) { return false; } + currentUserId = mSystemSupport.getCurrentUserIdLocked(); } + enforceCurrentUserIfVisibleBackgroundEnabled(currentUserId); final long identity = Binder.clearCallingIdentity(); try { return mSystemActionPerformer.performSystemAction(action); @@ -2750,6 +2754,11 @@ abstract class AbstractAccessibilityServiceConnection extends IAccessibilityServ @RequiresNoPermission @Override public void setAnimationScale(float scale) { + int currentUserId; + synchronized (mLock) { + currentUserId = mSystemSupport.getCurrentUserIdLocked(); + } + enforceCurrentUserIfVisibleBackgroundEnabled(currentUserId); final long identity = Binder.clearCallingIdentity(); try { Settings.Global.putFloat( diff --git a/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java b/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java index 45fcf6b756cf..6ca3435f2140 100644 --- a/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java +++ b/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java @@ -58,6 +58,7 @@ import static com.android.internal.accessibility.util.AccessibilityStatsLogUtils import static com.android.internal.util.FunctionalUtils.ignoreRemoteException; import static com.android.internal.util.function.pooled.PooledLambda.obtainMessage; import static com.android.server.accessibility.AccessibilityUserState.doesShortcutTargetsStringContain; +import static com.android.server.pm.UserManagerService.enforceCurrentUserIfVisibleBackgroundEnabled; import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin; import android.accessibilityservice.AccessibilityGestureEvent; @@ -304,6 +305,8 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub private final PowerManager mPowerManager; + private final UserManager mUserManager; + private final WindowManagerInternal mWindowManagerService; private final AccessibilitySecurityPolicy mSecurityPolicy; @@ -502,6 +505,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub super(permissionEnforcer); mContext = context; mPowerManager = (PowerManager) mContext.getSystemService(Context.POWER_SERVICE); + mUserManager = mContext.getSystemService(UserManager.class); mWindowManagerService = LocalServices.getService(WindowManagerInternal.class); mTraceManager = AccessibilityTraceManager.getInstance( mWindowManagerService.getAccessibilityController(), this, mLock); @@ -537,6 +541,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub super(PermissionEnforcer.fromContext(context)); mContext = context; mPowerManager = context.getSystemService(PowerManager.class); + mUserManager = context.getSystemService(UserManager.class); mWindowManagerService = LocalServices.getService(WindowManagerInternal.class); mTraceManager = AccessibilityTraceManager.getInstance( mWindowManagerService.getAccessibilityController(), this, mLock); @@ -1257,6 +1262,11 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub @EnforcePermission(MANAGE_ACCESSIBILITY) public void registerSystemAction(RemoteAction action, int actionId) { registerSystemAction_enforcePermission(); + int currentUserId; + synchronized (mLock) { + currentUserId = mCurrentUserId; + } + enforceCurrentUserIfVisibleBackgroundEnabled(currentUserId); if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) { mTraceManager.logTrace(LOG_TAG + ".registerSystemAction", FLAGS_ACCESSIBILITY_MANAGER, "action=" + action + ";actionId=" + actionId); @@ -1273,6 +1283,11 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub @EnforcePermission(MANAGE_ACCESSIBILITY) public void unregisterSystemAction(int actionId) { unregisterSystemAction_enforcePermission(); + int currentUserId; + synchronized (mLock) { + currentUserId = mCurrentUserId; + } + enforceCurrentUserIfVisibleBackgroundEnabled(currentUserId); if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) { mTraceManager.logTrace(LOG_TAG + ".unregisterSystemAction", FLAGS_ACCESSIBILITY_MANAGER, "actionId=" + actionId); @@ -1600,6 +1615,11 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub @EnforcePermission(STATUS_BAR_SERVICE) public void notifyAccessibilityButtonClicked(int displayId, String targetName) { notifyAccessibilityButtonClicked_enforcePermission(); + int currentUserId; + synchronized (mLock) { + currentUserId = mCurrentUserId; + } + enforceCurrentUserIfVisibleBackgroundEnabled(currentUserId); if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) { mTraceManager.logTrace(LOG_TAG + ".notifyAccessibilityButtonClicked", FLAGS_ACCESSIBILITY_MANAGER, @@ -1628,6 +1648,11 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub @EnforcePermission(STATUS_BAR_SERVICE) public void notifyAccessibilityButtonVisibilityChanged(boolean shown) { notifyAccessibilityButtonVisibilityChanged_enforcePermission(); + int currentUserId; + synchronized (mLock) { + currentUserId = mCurrentUserId; + } + enforceCurrentUserIfVisibleBackgroundEnabled(currentUserId); if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) { mTraceManager.logTrace(LOG_TAG + ".notifyAccessibilityButtonVisibilityChanged", FLAGS_ACCESSIBILITY_MANAGER, "shown=" + shown); @@ -1968,9 +1993,8 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub this, 0, oldUserState.mUserId)); } - // Announce user changes only if more that one exist. - UserManager userManager = (UserManager) mContext.getSystemService(Context.USER_SERVICE); - final boolean announceNewUser = userManager.getUsers().size() > 1; + // Announce user changes only if more than one exist. + final boolean announceNewUser = mUserManager.getUsers().size() > 1; // The user changed. mCurrentUserId = userId; @@ -2008,10 +2032,8 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub synchronized (mLock) { AccessibilityUserState userState = getCurrentUserStateLocked(); if (userState.isHandlingAccessibilityEventsLocked()) { - UserManager userManager = (UserManager) mContext.getSystemService( - Context.USER_SERVICE); String message = mContext.getString(R.string.user_switched, - userManager.getUserInfo(mCurrentUserId).name); + mUserManager.getUserInfo(mCurrentUserId).name); AccessibilityEvent event = AccessibilityEvent.obtain( AccessibilityEvent.TYPE_ANNOUNCEMENT); event.getText().add(message); @@ -3113,6 +3135,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub } } + @GuardedBy("mLock") private void updateWindowsForAccessibilityCallbackLocked(AccessibilityUserState userState) { // We observe windows for accessibility only if there is at least // one bound service that can retrieve window content that specified @@ -3139,6 +3162,14 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub for (int i = 0; i < displays.size(); i++) { final Display display = displays.get(i); if (display != null) { + // When supporting visible background users, only track windows on the display + // assigned to the current user. The proxy displays are registered only to the + // current user. + if (UserManager.isVisibleBackgroundUsersEnabled() + && !mProxyManager.isProxyedDisplay(display.getDisplayId()) + && !mUmi.isUserVisible(mCurrentUserId, display.getDisplayId())) { + continue; + } if (observingWindows) { mA11yWindowManager.startTrackingWindows(display.getDisplayId(), mProxyManager.isProxyedDisplay(display.getDisplayId())); @@ -4710,6 +4741,11 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub throws RemoteException { registerProxyForDisplay_enforcePermission(); mSecurityPolicy.checkForAccessibilityPermissionOrRole(); + int currentUserId; + synchronized (mLock) { + currentUserId = mCurrentUserId; + } + enforceCurrentUserIfVisibleBackgroundEnabled(currentUserId); if (client == null) { return false; } diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java index 2b639fa43c69..94e149805cd8 100644 --- a/services/core/java/com/android/server/pm/UserManagerService.java +++ b/services/core/java/com/android/server/pm/UserManagerService.java @@ -25,6 +25,7 @@ import static android.content.pm.PackageManager.FEATURE_AUTOMOTIVE; import static android.content.pm.PackageManager.FEATURE_EMBEDDED; import static android.content.pm.PackageManager.FEATURE_LEANBACK; import static android.content.pm.PackageManager.FEATURE_WATCH; +import static android.os.UserHandle.USER_SYSTEM; import static android.os.UserManager.DEV_CREATE_OVERRIDE_PROPERTY; import static android.os.UserManager.DISALLOW_USER_SWITCH; import static android.os.UserManager.SYSTEM_USER_MODE_EMULATION_PROPERTY; @@ -2514,6 +2515,38 @@ public class UserManagerService extends IUserManager.Stub { } /** + * This method validates whether calling user is valid in visible background users feature. + * Valid user is the current user or the system or in the same profile group as the current + * user. Visible background users are not valid calling users. + */ + public static void enforceCurrentUserIfVisibleBackgroundEnabled(@UserIdInt int currentUserId) { + if (!UserManager.isVisibleBackgroundUsersEnabled()) { + return; + } + final int callingUserId = UserHandle.getCallingUserId(); + if (DBG) { + Slog.d(LOG_TAG, "enforceValidCallingUser: callingUserId=" + callingUserId + + " isSystemUser=" + (callingUserId == USER_SYSTEM) + + " currentUserId=" + currentUserId + + " callingPid=" + Binder.getCallingPid() + + " callingUid=" + Binder.getCallingUid()); + } + final long ident = Binder.clearCallingIdentity(); + try { + if (callingUserId != USER_SYSTEM && callingUserId != currentUserId + && !UserManagerService.getInstance() + .isSameProfileGroup(callingUserId, currentUserId)) { + throw new SecurityException( + "Invalid calling user on devices that enable visible background users. " + + "callingUserId=" + callingUserId + " currentUserId=" + + currentUserId); + } + } finally { + Binder.restoreCallingIdentity(ident); + } + } + + /** * Gets the current and target user ids as a {@link Pair}, calling * {@link ActivityManagerInternal} directly (and without performing any permission check). * |