Merge s-mpr-2022-04

Change-Id: I2325ba5c76e7dba314bdcd5b53fdc36b5e90fb31
author: Eric Arseneau <earseneau@google.com> 2022-04-07 14:35:44 -0700
committer: Eric Arseneau <earseneau@google.com> 2022-04-14 23:09:16 -0700
commit: 26017c68ee11d3f2d54ca731119c8dc4ddb842cf (patch)
tree: 618c91b7f65c846bb711714d5f4af6e3d1b9f8fa /core/java
parent: 6dae96de34f3d951be8458b61441bfb762fb79b9 (diff)
parent: df1c9c98e12490d61dab288937bb84d2fa1cedb2 (diff)
6 files changed, 56 insertions, 12 deletions
diff --git a/core/java/android/app/ContextImpl.java b/core/java/android/app/ContextImpl.java
index fc34faccf3be..06af6b180d07 100644
--- a/core/java/android/app/ContextImpl.java
+++ b/core/java/android/app/ContextImpl.java
@@ -2987,7 +2987,7 @@ class ContextImpl extends Context {
         // WindowContainer. We should detach from WindowContainer when the Context is finalized
         // if this Context is not a WindowContext. WindowContext finalization is handled in
         // WindowContext class.
-        if (mToken instanceof WindowTokenClient && mContextType != CONTEXT_TYPE_WINDOW_CONTEXT) {
+        if (mToken instanceof WindowTokenClient && mOwnsToken) {
             ((WindowTokenClient) mToken).detachFromWindowContainerIfNeeded();
         }
         super.finalize();
diff --git a/core/java/android/content/AttributionSource.java b/core/java/android/content/AttributionSource.java
index bdb7900b5bb9..2f61fee88e9f 100644
--- a/core/java/android/content/AttributionSource.java
+++ b/core/java/android/content/AttributionSource.java
@@ -154,8 +154,8 @@ public final class AttributionSource implements Parcelable {
         this(AttributionSourceState.CREATOR.createFromParcel(in));
 
         // Since we just unpacked this object as part of it transiting a Binder
-        // call, this is the perfect time to enforce that its UID can be trusted
-        enforceCallingUid();
+        // call, this is the perfect time to enforce that its UID and PID can be trusted
+        enforceCallingUidAndPid();
     }
 
     /** @hide */
@@ -226,13 +226,24 @@ public final class AttributionSource implements Parcelable {
     }
 
     /**
+     * If you are handling an IPC and you don't trust the caller you need to validate whether the
+     * attribution source is one for the calling app to prevent the caller to pass you a source from
+     * another app without including themselves in the attribution chain.
+     *
+     * @throws SecurityException if the attribution source cannot be trusted to be from the caller.
+     */
+    private void enforceCallingUidAndPid() {
+        enforceCallingUid();
+        enforceCallingPid();
+    }
+
+    /**
      * If you are handling an IPC and you don't trust the caller you need to validate
      * whether the attribution source is one for the calling app to prevent the caller
      * to pass you a source from another app without including themselves in the
      * attribution chain.
      *
-     * @throws SecurityException if the attribution source cannot be trusted to be
-     * from the caller.
+     * @throws SecurityException if the attribution source cannot be trusted to be from the caller.
      */
     public void enforceCallingUid() {
         if (!checkCallingUid()) {
@@ -261,6 +272,33 @@ public final class AttributionSource implements Parcelable {
         return true;
     }
 
+    /**
+     * Validate that the pid being claimed for the calling app is not spoofed
+     *
+     * @throws SecurityException if the attribution source cannot be trusted to be from the caller.
+     * @hide
+     */
+    @TestApi
+    public void enforceCallingPid() {
+        if (!checkCallingPid()) {
+            throw new SecurityException("Calling pid: " + Binder.getCallingPid()
+                    + " doesn't match source pid: " + mAttributionSourceState.pid);
+        }
+    }
+
+    /**
+     * Validate that the pid being claimed for the calling app is not spoofed
+     *
+     * @return if the attribution source cannot be trusted to be from the caller.
+     */
+    private boolean checkCallingPid() {
+        final int callingPid = Binder.getCallingPid();
+        if (mAttributionSourceState.pid != -1 && callingPid != mAttributionSourceState.pid) {
+            return false;
+        }
+        return true;
+    }
+
     @Override
     public String toString() {
         if (Build.IS_DEBUGGABLE) {
diff --git a/core/java/android/content/pm/LauncherApps.java b/core/java/android/content/pm/LauncherApps.java
index a8a5837385cb..0f9acadb11f9 100644
--- a/core/java/android/content/pm/LauncherApps.java
+++ b/core/java/android/content/pm/LauncherApps.java
@@ -739,7 +739,7 @@ public class LauncherApps {
      * {@link #startMainActivity(ComponentName, UserHandle, Rect, Bundle)}.
      *
      * @param component The ComponentName of the activity to launch
-     * @param startActivityOptions Options to pass to startActivity
+     * @param startActivityOptions This parameter is no longer supported
      * @param user The UserHandle of the profile
      * @hide
      */
@@ -751,7 +751,8 @@ public class LauncherApps {
             Log.i(TAG, "GetMainActivityLaunchIntent " + component + " " + user);
         }
         try {
-            return mService.getActivityLaunchIntent(component, startActivityOptions, user);
+            // due to b/209607104, startActivityOptions will be ignored
+            return mService.getActivityLaunchIntent(component, null /* opts */, user);
         } catch (RemoteException re) {
             throw re.rethrowFromSystemServer();
         }
@@ -846,7 +847,7 @@ public class LauncherApps {
      *
      * @param packageName The packageName of the shortcut
      * @param shortcutId The id of the shortcut
-     * @param opts Options to pass to the PendingIntent
+     * @param opts This parameter is no longer supported
      * @param user The UserHandle of the profile
      */
     @Nullable
@@ -858,8 +859,9 @@ public class LauncherApps {
             Log.i(TAG, "GetShortcutIntent " + packageName + "/" + shortcutId + " " + user);
         }
         try {
+            // due to b/209607104, opts will be ignored
             return mService.getShortcutIntent(
-                    mContext.getPackageName(), packageName, shortcutId, opts, user);
+                    mContext.getPackageName(), packageName, shortcutId, null /* opts */, user);
         } catch (RemoteException re) {
             throw re.rethrowFromSystemServer();
         }
diff --git a/core/java/android/debug/AdbManager.java b/core/java/android/debug/AdbManager.java
index 7714dd80f910..243f80187185 100644
--- a/core/java/android/debug/AdbManager.java
+++ b/core/java/android/debug/AdbManager.java
@@ -38,6 +38,7 @@ public class AdbManager {
      *
      * @hide
      */
+    @RequiresPermission(android.Manifest.permission.MANAGE_DEBUGGING)
     public static final String WIRELESS_DEBUG_STATE_CHANGED_ACTION =
             "com.android.server.adb.WIRELESS_DEBUG_STATUS";
 
@@ -46,6 +47,7 @@ public class AdbManager {
      *
      * @hide
      */
+    @RequiresPermission(android.Manifest.permission.MANAGE_DEBUGGING)
     public static final String WIRELESS_DEBUG_PAIRED_DEVICES_ACTION =
             "com.android.server.adb.WIRELESS_DEBUG_PAIRED_DEVICES";
 
@@ -59,6 +61,7 @@ public class AdbManager {
      *
      * @hide
      */
+    @RequiresPermission(android.Manifest.permission.MANAGE_DEBUGGING)
     public static final String WIRELESS_DEBUG_PAIRING_RESULT_ACTION =
             "com.android.server.adb.WIRELESS_DEBUG_PAIRING_RESULT";
 
diff --git a/core/java/android/view/SurfaceControl.java b/core/java/android/view/SurfaceControl.java
index 9d79ed9e3441..960d23d7afb0 100644
--- a/core/java/android/view/SurfaceControl.java
+++ b/core/java/android/view/SurfaceControl.java
@@ -635,9 +635,6 @@ public final class SurfaceControl implements Parcelable {
      */
     public static final int DISPLAY_RECEIVES_INPUT = 0x01;
 
-    /* built-in physical display ids (keep in sync with ISurfaceComposer.h)
-     * these are different from the logical display ids used elsewhere in the framework */
-
     // Display power modes.
     /**
      * Display power mode off: used while blanking the screen.
diff --git a/core/java/com/android/internal/app/HarmfulAppWarningActivity.java b/core/java/com/android/internal/app/HarmfulAppWarningActivity.java
index ce2d229d41b3..33209e110123 100644
--- a/core/java/com/android/internal/app/HarmfulAppWarningActivity.java
+++ b/core/java/com/android/internal/app/HarmfulAppWarningActivity.java
@@ -16,6 +16,8 @@
 
 package com.android.internal.app;
 
+import static android.view.WindowManager.LayoutParams.SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS;
+
 import android.content.Context;
 import android.content.DialogInterface;
 import android.content.Intent;
@@ -27,6 +29,7 @@ import android.os.Bundle;
 import android.util.Log;
 import android.view.View;
 import android.widget.TextView;
+
 import com.android.internal.R;
 
 /**
@@ -48,6 +51,7 @@ public class HarmfulAppWarningActivity extends AlertActivity implements
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
 
+        getWindow().addSystemFlags(SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS);
         final Intent intent = getIntent();
         mPackageName = intent.getStringExtra(Intent.EXTRA_PACKAGE_NAME);
         mTarget = intent.getParcelableExtra(Intent.EXTRA_INTENT);
author	Eric Arseneau <earseneau@google.com>	2022-04-07 14:35:44 -0700
committer	Eric Arseneau <earseneau@google.com>	2022-04-14 23:09:16 -0700
commit	26017c68ee11d3f2d54ca731119c8dc4ddb842cf (patch)
tree	618c91b7f65c846bb711714d5f4af6e3d1b9f8fa /core/java
parent	6dae96de34f3d951be8458b61441bfb762fb79b9 (diff)
parent	df1c9c98e12490d61dab288937bb84d2fa1cedb2 (diff)