diff options
| author | 2024-04-30 17:20:29 +0000 | |
|---|---|---|
| committer | 2024-07-20 00:03:26 +0000 | |
| commit | cd6b6687ab2bcccc542a524a8abca306cefad3d3 (patch) | |
| tree | 4a3565e0de92bc2a5f5eab71281562626a021e72 | |
| parent | 0f321a944eaa13d9a9c9050e0f9d426bf7742210 (diff) | |
RESTRICT AUTOMERGE Backport preventing BAL bypass via bound service
Apply similar fix for WallpaperService to TextToSpeech Service,
Job Service, Print Service, Sync Service and MediaRoute2Provider Service
Bug: 232798473, 232798676, 336490997
Test: Manual test. BackgroundActivityLaunchTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8fdf4a345e140eba9b4e736d24ab95c67c55a247)
Merged-In: Ib113e45aa18296b4475b90d6dcec5dd5664f4c80
Change-Id: Ib113e45aa18296b4475b90d6dcec5dd5664f4c80
6 files changed, 13 insertions, 7 deletions
diff --git a/apex/jobscheduler/service/java/com/android/server/job/JobServiceContext.java b/apex/jobscheduler/service/java/com/android/server/job/JobServiceContext.java index 90baa8e54220..8a7c365be130 100644 --- a/apex/jobscheduler/service/java/com/android/server/job/JobServiceContext.java +++ b/apex/jobscheduler/service/java/com/android/server/job/JobServiceContext.java @@ -291,11 +291,13 @@ public final class JobServiceContext implements ServiceConnection { bindFlags = Context.BIND_AUTO_CREATE | Context.BIND_NOT_FOREGROUND | Context.BIND_ALMOST_PERCEPTIBLE | Context.BIND_BYPASS_POWER_NETWORK_RESTRICTIONS - | Context.BIND_NOT_APP_COMPONENT_USAGE; + | Context.BIND_NOT_APP_COMPONENT_USAGE + | Context.BIND_DENY_ACTIVITY_STARTS; } else { bindFlags = Context.BIND_AUTO_CREATE | Context.BIND_NOT_FOREGROUND | Context.BIND_NOT_PERCEPTIBLE - | Context.BIND_NOT_APP_COMPONENT_USAGE; + | Context.BIND_NOT_APP_COMPONENT_USAGE + | Context.BIND_DENY_ACTIVITY_STARTS; } binding = mContext.bindServiceAsUser(intent, this, bindFlags, UserHandle.of(job.getUserId())); diff --git a/core/java/android/speech/tts/TextToSpeech.java b/core/java/android/speech/tts/TextToSpeech.java index 7e8622a0e694..2e162b685ac9 100644 --- a/core/java/android/speech/tts/TextToSpeech.java +++ b/core/java/android/speech/tts/TextToSpeech.java @@ -2379,7 +2379,8 @@ public class TextToSpeech { boolean connect(String engine) { Intent intent = new Intent(Engine.INTENT_ACTION_TTS_SERVICE); intent.setPackage(engine); - return mContext.bindService(intent, this, Context.BIND_AUTO_CREATE); + return mContext.bindService(intent, this, + Context.BIND_AUTO_CREATE | Context.BIND_DENY_ACTIVITY_STARTS); } @Override diff --git a/services/core/java/com/android/server/content/SyncManager.java b/services/core/java/com/android/server/content/SyncManager.java index 53c13c7a1268..58652f1e16f7 100644 --- a/services/core/java/com/android/server/content/SyncManager.java +++ b/services/core/java/com/android/server/content/SyncManager.java @@ -221,7 +221,8 @@ public class SyncManager { /** Flags used when connecting to a sync adapter service */ private static final int SYNC_ADAPTER_CONNECTION_FLAGS = Context.BIND_AUTO_CREATE - | Context.BIND_NOT_FOREGROUND | Context.BIND_ALLOW_OOM_MANAGEMENT; + | Context.BIND_NOT_FOREGROUND | Context.BIND_ALLOW_OOM_MANAGEMENT + | Context.BIND_DENY_ACTIVITY_STARTS; /** Singleton instance. */ @GuardedBy("SyncManager.class") diff --git a/services/core/java/com/android/server/media/MediaRoute2ProviderServiceProxy.java b/services/core/java/com/android/server/media/MediaRoute2ProviderServiceProxy.java index 21f61ca3978a..30d374e5e59f 100644 --- a/services/core/java/com/android/server/media/MediaRoute2ProviderServiceProxy.java +++ b/services/core/java/com/android/server/media/MediaRoute2ProviderServiceProxy.java @@ -238,7 +238,8 @@ final class MediaRoute2ProviderServiceProxy extends MediaRoute2Provider service.setComponent(mComponentName); try { mBound = mContext.bindServiceAsUser(service, this, - Context.BIND_AUTO_CREATE | Context.BIND_FOREGROUND_SERVICE, + Context.BIND_AUTO_CREATE | Context.BIND_FOREGROUND_SERVICE + | Context.BIND_DENY_ACTIVITY_STARTS, new UserHandle(mUserId)); if (!mBound && DEBUG) { Slog.d(TAG, this + ": Bind failed"); diff --git a/services/print/java/com/android/server/print/RemotePrintService.java b/services/print/java/com/android/server/print/RemotePrintService.java index 502cd2c60f4a..702ddbb9f912 100644 --- a/services/print/java/com/android/server/print/RemotePrintService.java +++ b/services/print/java/com/android/server/print/RemotePrintService.java @@ -572,7 +572,8 @@ final class RemotePrintService implements DeathRecipient { boolean wasBound = mContext.bindServiceAsUser(mIntent, mServiceConnection, Context.BIND_AUTO_CREATE | Context.BIND_FOREGROUND_SERVICE - | Context.BIND_INCLUDE_CAPABILITIES | Context.BIND_ALLOW_INSTANT, + | Context.BIND_INCLUDE_CAPABILITIES | Context.BIND_ALLOW_INSTANT + | Context.BIND_DENY_ACTIVITY_STARTS, new UserHandle(mUserId)); if (!wasBound) { diff --git a/services/texttospeech/java/com/android/server/texttospeech/TextToSpeechManagerPerUserService.java b/services/texttospeech/java/com/android/server/texttospeech/TextToSpeechManagerPerUserService.java index 55cbc7261e64..c87d6be49405 100644 --- a/services/texttospeech/java/com/android/server/texttospeech/TextToSpeechManagerPerUserService.java +++ b/services/texttospeech/java/com/android/server/texttospeech/TextToSpeechManagerPerUserService.java @@ -95,7 +95,7 @@ final class TextToSpeechManagerPerUserService extends ITextToSpeechSessionCallback callback) { super(context, new Intent(TextToSpeech.Engine.INTENT_ACTION_TTS_SERVICE).setPackage(engine), - Context.BIND_AUTO_CREATE, + Context.BIND_AUTO_CREATE | Context.BIND_DENY_ACTIVITY_STARTS, userId, ITextToSpeechService.Stub::asInterface); mEngine = engine; |