Merge "Merge "Further restrict activity launch on virtual displays" into oc-dev am: 36dbd3d43f am: c8cccd7621" into oc-dr1-dev-plus-aosp

am: 559d50b84a Change-Id: If91d888368684a6778ad80a91a71b2808881648d
author: Andrii Kulian <akulian@google.com> 2017-06-29 02:41:45 +0000
committer: android-build-merger <android-build-merger@google.com> 2017-06-29 02:41:45 +0000
commit: cabb638640b55b9f66a43279218a43d55199b0e9 (patch)
tree: 88d1feb89166406b9eaec86a832b02ef80b378fd
parent: 7ac5c0024665cfab36660a21d6595792e9f03281 (diff)
parent: 559d50b84a78137262a32118378dd828e29a690a (diff)
2 files changed, 7 insertions, 8 deletions
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index f51947832604..209c6be5dea8 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -20,6 +20,7 @@ import static android.Manifest.permission.CHANGE_CONFIGURATION;
 import static android.Manifest.permission.CHANGE_DEVICE_IDLE_TEMP_WHITELIST;
 import static android.Manifest.permission.INTERACT_ACROSS_USERS;
 import static android.Manifest.permission.INTERACT_ACROSS_USERS_FULL;
+import static android.Manifest.permission.INTERNAL_SYSTEM_WINDOW;
 import static android.Manifest.permission.MANAGE_ACTIVITY_STACKS;
 import static android.Manifest.permission.READ_FRAME_BUFFER;
 import static android.Manifest.permission.START_TASKS_FROM_RECENTS;
@@ -10320,7 +10321,7 @@ public class ActivityManagerService extends IActivityManager.Stub
 
     @Override
     public void moveStackToDisplay(int stackId, int displayId) {
-        enforceCallingPermission(MANAGE_ACTIVITY_STACKS, "moveStackToDisplay()");
+        enforceCallingPermission(INTERNAL_SYSTEM_WINDOW, "moveStackToDisplay()");
 
         synchronized (this) {
             final long ident = Binder.clearCallingIdentity();
diff --git a/services/core/java/com/android/server/am/ActivityStackSupervisor.java b/services/core/java/com/android/server/am/ActivityStackSupervisor.java
index ead8f60c3428..e0f2a751604a 100644
--- a/services/core/java/com/android/server/am/ActivityStackSupervisor.java
+++ b/services/core/java/com/android/server/am/ActivityStackSupervisor.java
@@ -16,6 +16,7 @@
 
 package com.android.server.am;
 
+import static android.Manifest.permission.INTERNAL_SYSTEM_WINDOW;
 import static android.Manifest.permission.MANAGE_ACTIVITY_STACKS;
 import static android.Manifest.permission.START_ANY_ACTIVITY;
 import static android.Manifest.permission.START_TASKS_FROM_RECENTS;
@@ -1672,8 +1673,7 @@ public class ActivityStackSupervisor extends ConfigurationContainer implements D
             // owner.
             final int launchDisplayId = options.getLaunchDisplayId();
             if (launchDisplayId != INVALID_DISPLAY
-                    && !isCallerAllowedToLaunchOnDisplay(callingPid, callingUid, launchDisplayId,
-                    aInfo)) {
+                    && !isCallerAllowedToLaunchOnDisplay(callingPid, callingUid, launchDisplayId)) {
                 final String msg = "Permission Denial: starting " + intent.toString()
                         + " from " + callerApp + " (pid=" + callingPid
                         + ", uid=" + callingUid + ") with launchDisplayId="
@@ -1687,8 +1687,7 @@ public class ActivityStackSupervisor extends ConfigurationContainer implements D
     }
 
     /** Check if caller is allowed to launch activities on specified display. */
-    boolean isCallerAllowedToLaunchOnDisplay(int callingPid, int callingUid, int launchDisplayId,
-            ActivityInfo aInfo) {
+    boolean isCallerAllowedToLaunchOnDisplay(int callingPid, int callingUid, int launchDisplayId) {
         if (DEBUG_TASKS) Slog.d(TAG, "Launch on display check: displayId=" + launchDisplayId
                 + " callingPid=" + callingPid + " callingUid=" + callingUid);
 
@@ -1699,7 +1698,7 @@ public class ActivityStackSupervisor extends ConfigurationContainer implements D
         }
 
         // Check if the caller can manage activity stacks.
-        final int startAnyPerm = mService.checkPermission(MANAGE_ACTIVITY_STACKS, callingPid,
+        final int startAnyPerm = mService.checkPermission(INTERNAL_SYSTEM_WINDOW, callingPid,
                 callingUid);
         if (startAnyPerm == PERMISSION_GRANTED) {
             if (DEBUG_TASKS) Slog.d(TAG, "Launch on display check:"
@@ -1708,8 +1707,7 @@ public class ActivityStackSupervisor extends ConfigurationContainer implements D
         }
 
         if (activityDisplay.mDisplay.getType() == TYPE_VIRTUAL
-                && activityDisplay.mDisplay.getOwnerUid() != SYSTEM_UID
-                && (aInfo.flags & ActivityInfo.FLAG_ALLOW_EMBEDDED) == 0) {
+                && activityDisplay.mDisplay.getOwnerUid() != SYSTEM_UID) {
             // Limit launching on virtual displays, because their contents can be read from Surface
             // by apps that created them.
             if (DEBUG_TASKS) Slog.d(TAG, "Launch on display check:"
author	Andrii Kulian <akulian@google.com>	2017-06-29 02:41:45 +0000
committer	android-build-merger <android-build-merger@google.com>	2017-06-29 02:41:45 +0000
commit	cabb638640b55b9f66a43279218a43d55199b0e9 (patch)
tree	88d1feb89166406b9eaec86a832b02ef80b378fd
parent	7ac5c0024665cfab36660a21d6595792e9f03281 (diff)
parent	559d50b84a78137262a32118378dd828e29a690a (diff)