summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--services/core/java/com/android/server/SensitiveContentProtectionManagerService.java32
1 files changed, 27 insertions, 5 deletions
diff --git a/services/core/java/com/android/server/SensitiveContentProtectionManagerService.java b/services/core/java/com/android/server/SensitiveContentProtectionManagerService.java
index ecd14ce67d7e..948306b2f6a2 100644
--- a/services/core/java/com/android/server/SensitiveContentProtectionManagerService.java
+++ b/services/core/java/com/android/server/SensitiveContentProtectionManagerService.java
@@ -69,6 +69,8 @@ public final class SensitiveContentProtectionManagerService extends SystemServic
final Object mSensitiveContentProtectionLock = new Object();
+ private final ArraySet<PackageInfo> mPackagesShowingSensitiveContent = new ArraySet<>();
+
@GuardedBy("mSensitiveContentProtectionLock")
private boolean mProjectionActive = false;
@@ -204,6 +206,10 @@ public final class SensitiveContentProtectionManagerService extends SystemServic
if (sensitiveNotificationAppProtection()) {
updateAppsThatShouldBlockScreenCapture();
}
+
+ if (sensitiveContentAppProtection() && mPackagesShowingSensitiveContent.size() > 0) {
+ mWindowManager.addBlockScreenCaptureForApps(mPackagesShowingSensitiveContent);
+ }
}
}
@@ -351,17 +357,27 @@ public final class SensitiveContentProtectionManagerService extends SystemServic
void setSensitiveContentProtection(IBinder windowToken, String packageName, int uid,
boolean isShowingSensitiveContent) {
synchronized (mSensitiveContentProtectionLock) {
+ // The window token distinguish this package from packages added for notifications.
+ PackageInfo packageInfo = new PackageInfo(packageName, uid, windowToken);
+ // track these packages to protect when screen share starts.
+ if (isShowingSensitiveContent) {
+ mPackagesShowingSensitiveContent.add(packageInfo);
+ if (mPackagesShowingSensitiveContent.size() > 100) {
+ Log.w(TAG, "Unexpectedly large number of sensitive windows, count: "
+ + mPackagesShowingSensitiveContent.size());
+ }
+ } else {
+ mPackagesShowingSensitiveContent.remove(packageInfo);
+ }
if (!mProjectionActive) {
return;
}
if (DEBUG) {
- Log.d(TAG, "setSensitiveContentProtection - windowToken=" + windowToken
- + ", package=" + packageName + ", uid=" + uid
- + ", isShowingSensitiveContent=" + isShowingSensitiveContent);
+ Log.d(TAG, "setSensitiveContentProtection - current package=" + packageInfo
+ + ", isShowingSensitiveContent=" + isShowingSensitiveContent
+ + ", sensitive packages=" + mPackagesShowingSensitiveContent);
}
- // The window token distinguish this package from packages added for notifications.
- PackageInfo packageInfo = new PackageInfo(packageName, uid, windowToken);
ArraySet<PackageInfo> packageInfos = new ArraySet<>();
packageInfos.add(packageInfo);
if (isShowingSensitiveContent) {
@@ -389,6 +405,12 @@ public final class SensitiveContentProtectionManagerService extends SystemServic
verifyCallingPackage(callingUid, packageName);
final long identity = Binder.clearCallingIdentity();
try {
+ if (isShowingSensitiveContent
+ && mWindowManager.getWindowName(windowToken) == null) {
+ Log.e(TAG, "window token is not know to WMS, can't apply protection,"
+ + " token: " + windowToken + ", package: " + packageName);
+ return;
+ }
SensitiveContentProtectionManagerService.this.setSensitiveContentProtection(
windowToken, packageName, callingUid, isShowingSensitiveContent);
} finally {
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-01 04:25:34 +0000