Block assist when screenshots are disabled by policy
When a device or profile owner disables screen capture, we also want to
block context data being collected for the assist structure.
Bug: 21797707
Change-Id: Ib8716c6dd71d538a027c04e1e907c87e2afa0ac8
diff --git a/core/java/android/app/ActivityManagerNative.java b/core/java/android/app/ActivityManagerNative.java
index 3035e3d..2bb4e76 100644
--- a/core/java/android/app/ActivityManagerNative.java
+++ b/core/java/android/app/ActivityManagerNative.java
@@ -2217,6 +2217,14 @@
return true;
}
+ case IS_SCREEN_CAPTURE_ALLOWED_ON_CURRENT_ACTIVITY_TRANSACTION: {
+ data.enforceInterface(IActivityManager.descriptor);
+ boolean res = isScreenCaptureAllowedOnCurrentActivity();
+ reply.writeNoException();
+ reply.writeInt(res ? 1 : 0);
+ return true;
+ }
+
case KILL_UID_TRANSACTION: {
data.enforceInterface(IActivityManager.descriptor);
int uid = data.readInt();
@@ -5409,6 +5417,18 @@
return res;
}
+ public boolean isScreenCaptureAllowedOnCurrentActivity() throws RemoteException {
+ Parcel data = Parcel.obtain();
+ Parcel reply = Parcel.obtain();
+ data.writeInterfaceToken(IActivityManager.descriptor);
+ mRemote.transact(IS_SCREEN_CAPTURE_ALLOWED_ON_CURRENT_ACTIVITY_TRANSACTION, data, reply, 0);
+ reply.readException();
+ boolean res = reply.readInt() != 0;
+ data.recycle();
+ reply.recycle();
+ return res;
+ }
+
public void killUid(int uid, String reason) throws RemoteException {
Parcel data = Parcel.obtain();
Parcel reply = Parcel.obtain();
diff --git a/core/java/android/app/IActivityManager.java b/core/java/android/app/IActivityManager.java
index 0328708..1423e4b 100644
--- a/core/java/android/app/IActivityManager.java
+++ b/core/java/android/app/IActivityManager.java
@@ -441,6 +441,8 @@
public boolean launchAssistIntent(Intent intent, int requestType, String hint, int userHandle,
Bundle args) throws RemoteException;
+ public boolean isScreenCaptureAllowedOnCurrentActivity() throws RemoteException;
+
public void killUid(int uid, String reason) throws RemoteException;
public void hang(IBinder who, boolean allowRestart) throws RemoteException;
@@ -852,4 +854,6 @@
int KEYGUARD_GOING_AWAY_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+296;
int REGISTER_UID_OBSERVER_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+297;
int UNREGISTER_UID_OBSERVER_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION+298;
+ int IS_SCREEN_CAPTURE_ALLOWED_ON_CURRENT_ACTIVITY_TRANSACTION
+ = IBinder.FIRST_CALL_TRANSACTION+299;
}
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 83e06d6..7de2189 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -2402,6 +2402,9 @@
* <p>The calling device admin must be a device or profile owner. If it is not, a
* security exception will be thrown.
*
+ * <p>From version {@link android.os.Build.VERSION_CODES#MNC} disabling screen capture also
+ * blocks assist requests for all activities of the relevant user.
+ *
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
* @param disabled Whether screen capture is disabled or not.
*/
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index f031694..432f5d6 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -142,6 +142,7 @@
import android.app.NotificationManager;
import android.app.PendingIntent;
import android.app.backup.IBackupManager;
+import android.app.admin.DevicePolicyManager;
import android.content.ActivityNotFoundException;
import android.content.BroadcastReceiver;
import android.content.ClipData;
@@ -10688,6 +10689,21 @@
}
@Override
+ public boolean isScreenCaptureAllowedOnCurrentActivity() {
+ int userId = mCurrentUserId;
+ synchronized (this) {
+ ActivityRecord activity = getFocusedStack().topActivity();
+ if (activity == null) {
+ return false;
+ }
+ userId = activity.userId;
+ }
+ DevicePolicyManager dpm = (DevicePolicyManager) mContext.getSystemService(
+ Context.DEVICE_POLICY_SERVICE);
+ return (dpm == null) || (!dpm.getScreenCaptureDisabled(null, userId));
+ }
+
+ @Override
public void requestAssistContextExtras(int requestType, IResultReceiver receiver) {
enqueueAssistContext(requestType, null, null, receiver, UserHandle.getCallingUserId(),
null, PENDING_ASSIST_EXTRAS_LONG_TIMEOUT);
diff --git a/services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionSessionConnection.java b/services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionSessionConnection.java
index cc6a9c5..549a511 100644
--- a/services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionSessionConnection.java
+++ b/services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionSessionConnection.java
@@ -193,8 +193,14 @@
new UserHandle(mUser));
}
mShown = true;
- boolean allDataEnabled = Settings.Secure.getIntForUser(mContext.getContentResolver(),
- Settings.Secure.ASSIST_STRUCTURE_ENABLED, 1, mUser) != 0;
+ boolean isScreenCaptureAllowed = true;
+ try {
+ isScreenCaptureAllowed = mAm.isScreenCaptureAllowedOnCurrentActivity();
+ } catch (RemoteException e) {
+ }
+ boolean allDataEnabled = (Settings.Secure.getIntForUser(mContext.getContentResolver(),
+ Settings.Secure.ASSIST_STRUCTURE_ENABLED, 1, mUser) != 0)
+ && isScreenCaptureAllowed;
mShowArgs = args;
mShowFlags = flags;
mHaveAssistData = false;
