From f2d4787451c80b47e6af8ebf274394e2388b713b Mon Sep 17 00:00:00 2001 From: Jeff Chang Date: Tue, 8 Feb 2022 18:02:34 +0800 Subject: [RESTRICT AUTOMERGE] Do not resume activity if behind a translucent task The top-focusable activity resides in the RESUMED state while the app process is newly created and attached. The behavior may enable UI hijacking attacks against apps implementing authentication. This CL disallows the system to resume the activity for the case if it is not visible or is occluded by other translucent tasks. Bug: 211481342 Test: atest CtsWindowManagerDeviceTestCases:ActivityLifecycleTests Change-Id: I7903494cf928b5b5613700262b7c5fff10f3c5a0 --- services/core/java/com/android/server/wm/ActivityStack.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/services/core/java/com/android/server/wm/ActivityStack.java b/services/core/java/com/android/server/wm/ActivityStack.java index 764b92929de0..81fbcbf093c0 100644 --- a/services/core/java/com/android/server/wm/ActivityStack.java +++ b/services/core/java/com/android/server/wm/ActivityStack.java @@ -2145,7 +2145,9 @@ class ActivityStack extends ConfigurationContainer { boolean aboveTop = top != null; final boolean stackShouldBeVisible = shouldBeVisible(starting); boolean behindFullscreenActivity = !stackShouldBeVisible; - boolean resumeNextActivity = isFocusable() && isInStackLocked(starting) == null; + boolean resumeNextActivity = isFocusable() + && getVisibility(starting) == STACK_VISIBILITY_VISIBLE + && isInStackLocked(starting) == null; for (int taskNdx = mTaskHistory.size() - 1; taskNdx >= 0; --taskNdx) { final TaskRecord task = mTaskHistory.get(taskNdx); final ArrayList activities = task.mActivities; -- cgit v1.2.3-59-g8ed1b