From 0a82690868b58fde22d6aaaebe1d01b7bb9b8658 Mon Sep 17 00:00:00 2001 From: Christopher Tate Date: Fri, 25 May 2018 15:15:44 -0700 Subject: Guard pre-O apps from malicious startForegroundService() Don't enforce the startForegroundService() requirement to transition to foreground when the app hosting the service doesn't yet target the API level at which this semantic was introduced. Bug: 79377529 Test: manual (ApiDemos is pre-O) Test: atest CtsAndroidAppTestCases Change-Id: Ib0b970211d4ee6a86e22c89aff47b05403907ed5 --- services/core/java/com/android/server/am/ActiveServices.java | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/services/core/java/com/android/server/am/ActiveServices.java b/services/core/java/com/android/server/am/ActiveServices.java index faa245c58d61..ca715b51a328 100644 --- a/services/core/java/com/android/server/am/ActiveServices.java +++ b/services/core/java/com/android/server/am/ActiveServices.java @@ -501,6 +501,18 @@ public final class ActiveServices { } } + // At this point we've applied allowed-to-start policy based on whether this was + // an ordinary startService() or a startForegroundService(). Now, only require that + // the app follow through on the startForegroundService() -> startForeground() + // contract if it actually targets O+. + if (r.appInfo.targetSdkVersion < Build.VERSION_CODES.O && fgRequired) { + if (DEBUG_BACKGROUND_CHECK || DEBUG_FOREGROUND_SERVICE) { + Slog.i(TAG, "startForegroundService() but host targets " + + r.appInfo.targetSdkVersion + " - not requiring startForeground()"); + } + fgRequired = false; + } + NeededUriGrants neededGrants = mAm.checkGrantUriPermissionFromIntentLocked( callingUid, r.packageName, service, service.getFlags(), null, r.userId); -- cgit v1.2.3-59-g8ed1b