Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 0f7712407d96a847845b10eef34d9a259c687533^1..0f7712407d96a847845b10eef34d9a259c687533 / .
commit0f7712407d96a847845b10eef34d9a259c687533[log] [tgz]
authorWale Ogunwale <ogunwale@google.com>Wed May 27 05:35:52 2015 +0000
committerAndroid Git Automerger <android-git-automerger@android.com>Wed May 27 05:35:52 2015 +0000
treed2caa7605411ce820916f1fcfac4d077d014aa3c
parentd4e00d2b9d29e62b1ad989afb1fe2bfe3b519891 [diff]
parentbf0439a7e8824b4288f52c952a6808c8bdaf3235 [diff]
am bf0439a7: am 02f3cf79: am 523a19bf: am c9a0c0b9: Lockdown AM.getRunningAppProcesses API with permission.REAL_GET_TASKS

* commit 'bf0439a7e8824b4288f52c952a6808c8bdaf3235':
  Lockdown AM.getRunningAppProcesses API with permission.REAL_GET_TASKS

diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index ae2d5f7..4844aa9 100755
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java

@@ -8126,7 +8126,7 @@
         }
         if (!allowed) {
             Slog.w(TAG, caller + ": caller " + callingUid
-                    + " does not hold GET_TASKS; limiting output");
+                    + " does not hold REAL_GET_TASKS; limiting output");
         }
         return allowed;
     }
@@ -12250,16 +12250,23 @@
 
     public List<ActivityManager.RunningAppProcessInfo> getRunningAppProcesses() {
         enforceNotIsolatedCaller("getRunningAppProcesses");
+
+        final int callingUid = Binder.getCallingUid();
+
         // Lazy instantiation of list
         List<ActivityManager.RunningAppProcessInfo> runList = null;
         final boolean allUsers = ActivityManager.checkUidPermission(INTERACT_ACROSS_USERS_FULL,
-                Binder.getCallingUid()) == PackageManager.PERMISSION_GRANTED;
-        int userId = UserHandle.getUserId(Binder.getCallingUid());
+                callingUid) == PackageManager.PERMISSION_GRANTED;
+        final int userId = UserHandle.getUserId(callingUid);
+        final boolean allUids = isGetTasksAllowed(
+                "getRunningAppProcesses", Binder.getCallingPid(), callingUid);
+
         synchronized (this) {
             // Iterate across all processes
-            for (int i=mLruProcesses.size()-1; i>=0; i--) {
+            for (int i = mLruProcesses.size() - 1; i >= 0; i--) {
                 ProcessRecord app = mLruProcesses.get(i);
-                if (!allUsers && app.userId != userId) {
+                if ((!allUsers && app.userId != userId)
+                        || (!allUids && app.uid != callingUid)) {
                     continue;
                 }
                 if ((app.thread != null) && (!app.crashing && !app.notResponding)) {
@@ -12283,7 +12290,7 @@
                     //Slog.v(TAG, "Proc " + app.processName + ": imp=" + currApp.importance
                     //        + " lru=" + currApp.lru);
                     if (runList == null) {
-                        runList = new ArrayList<ActivityManager.RunningAppProcessInfo>();
+                        runList = new ArrayList<>();
                     }
                     runList.add(currApp);
                 }