Allow asm finishTask restriction to be enabled.
Allows the new go/activity-security restrictions to be enabled when
finishing a task based on feature flags.
Test: atest ActivitySecurityModelTest
Bug: 246738504
Change-Id: If5e633d1910c0b1588bfd1493907080b30e7c7d6
diff --git a/services/core/java/com/android/server/wm/ActivitySecurityModelFeatureFlags.java b/services/core/java/com/android/server/wm/ActivitySecurityModelFeatureFlags.java
index 64af9dd..47e78f0 100644
--- a/services/core/java/com/android/server/wm/ActivitySecurityModelFeatureFlags.java
+++ b/services/core/java/com/android/server/wm/ActivitySecurityModelFeatureFlags.java
@@ -72,7 +72,7 @@
}
@GuardedBy("ActivityTaskManagerService.mGlobalLock")
- static boolean shouldBlockActivityStart(int uid) {
+ static boolean shouldRestrictActivitySwitch(int uid) {
return flagEnabledForUid(sAsmRestrictionsEnabled, uid);
}
diff --git a/services/core/java/com/android/server/wm/ActivityStarter.java b/services/core/java/com/android/server/wm/ActivityStarter.java
index 7776e5c..d6d3dc7 100644
--- a/services/core/java/com/android/server/wm/ActivityStarter.java
+++ b/services/core/java/com/android/server/wm/ActivityStarter.java
@@ -1972,7 +1972,7 @@
);
boolean shouldBlockActivityStart =
- ActivitySecurityModelFeatureFlags.shouldBlockActivityStart(mCallingUid);
+ ActivitySecurityModelFeatureFlags.shouldRestrictActivitySwitch(mCallingUid);
if (ActivitySecurityModelFeatureFlags.shouldShowToast(mCallingUid)) {
UiThread.getHandler().post(() -> Toast.makeText(mService.mContext,
@@ -2127,7 +2127,7 @@
ActivityRecord targetTaskTop = targetTask.getTopNonFinishingActivity();
if (targetTaskTop != null && targetTaskTop.getUid() != startingUid) {
boolean shouldBlockActivityStart = ActivitySecurityModelFeatureFlags
- .shouldBlockActivityStart(callingUid);
+ .shouldRestrictActivitySwitch(callingUid);
int[] finishCount = new int[0];
if (shouldBlockActivityStart) {
ActivityRecord activity = targetTask.getActivity(
diff --git a/services/core/java/com/android/server/wm/ActivityTaskSupervisor.java b/services/core/java/com/android/server/wm/ActivityTaskSupervisor.java
index 8149e1c..0f1f51f 100644
--- a/services/core/java/com/android/server/wm/ActivityTaskSupervisor.java
+++ b/services/core/java/com/android/server/wm/ActivityTaskSupervisor.java
@@ -137,6 +137,7 @@
import android.util.SparseArray;
import android.util.SparseIntArray;
import android.view.Display;
+import android.widget.Toast;
import com.android.internal.R;
import com.android.internal.annotations.GuardedBy;
@@ -147,6 +148,7 @@
import com.android.internal.util.FrameworkStatsLog;
import com.android.internal.util.function.pooled.PooledLambda;
import com.android.server.LocalServices;
+import com.android.server.UiThread;
import com.android.server.am.ActivityManagerService;
import com.android.server.am.HostingRecord;
import com.android.server.am.UserState;
@@ -1628,16 +1630,16 @@
// Prevent recursion.
return;
}
+ boolean passesAsmChecks = true;
// We may have already checked that the callingUid has additional clearTask privileges, and
// cleared the calling identify. If so, we infer we do not need further restrictions here.
// TODO(b/263368846) Move to live with the rest of the ASM logic.
if (callingUid != SYSTEM_UID) {
- boolean passesAsmChecks = doesTopActivityMatchingUidExistForAsm(task, callingUid,
+ passesAsmChecks = doesTopActivityMatchingUidExistForAsm(task, callingUid,
null);
if (!passesAsmChecks) {
ActivityRecord topActivity = task.getActivity(ar ->
!ar.isState(FINISHING) && !ar.isAlwaysOnTop());
- Slog.i(TAG, "Finishing task from background. t: " + task);
FrameworkStatsLog.write(FrameworkStatsLog.ACTIVITY_ACTION_BLOCKED,
/* caller_uid */
callingUid,
@@ -1676,6 +1678,28 @@
if (task.isPersistable) {
mService.notifyTaskPersisterLocked(null, true);
}
+ if (!passesAsmChecks) {
+ boolean shouldRestrictActivitySwitch =
+ ActivitySecurityModelFeatureFlags.shouldRestrictActivitySwitch(callingUid);
+
+ if (ActivitySecurityModelFeatureFlags.shouldShowToast(callingUid)) {
+ UiThread.getHandler().post(() -> Toast.makeText(mService.mContext,
+ (shouldRestrictActivitySwitch
+ ? "Returning home due to "
+ : "Would return home due to ")
+ + ActivitySecurityModelFeatureFlags.DOC_LINK,
+ Toast.LENGTH_SHORT).show());
+ }
+
+ // If the activity switch should be restricted, return home rather than the
+ // previously top task, to prevent users from being confused which app they're
+ // viewing
+ if (shouldRestrictActivitySwitch) {
+ Slog.w(TAG, "Return to home as source uid: " + callingUid
+ + "is not on top of task t: " + task);
+ task.getTaskDisplayArea().moveHomeActivityToTop("taskRemoved");
+ }
+ }
} finally {
task.mInRemoveTask = false;
}
