Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 1eb64e20bfcf787b701cfaf36361a04f718bdcb1^! / .
commit1eb64e20bfcf787b701cfaf36361a04f718bdcb1[log] [tgz]
authorJeff Chang <chengjeff@google.com>Tue Feb 08 14:06:14 2022 +0800
committerAndroid Build Coastguard Worker <android-build-coastguard-worker@google.com>Thu Mar 10 19:04:20 2022 +0000
tree8101b77ae62c1cde6d38335a34f7b01dee3623aa
parent8613ca36464c885ec9db1a1c5391fbcbdeb2ae06 [diff]
[RESTRICT AUTOMERGE] Do not resume activity if behind a translucent task

The top-focusable activity resides in the RESUMED state while the app
process is newly created and attached. The behavior may enable UI
hijacking attacks against apps implementing authentication.

This CL disallows the system to resume the activity for the case if it
is not visible or is occluded by other translucent tasks.

Bug: 211481342
Test: atest CtsWindowManagerDeviceTestCases:ActivityLifecycleTests
Change-Id: I7903494cf928b5b5613700262b7c5fff10f3c5a0
(cherry picked from commit 43b8bcc01474bce480642acae2c554393c3bfb6a)
Merged-In: I7903494cf928b5b5613700262b7c5fff10f3c5a0

diff --git a/services/core/java/com/android/server/wm/EnsureActivitiesVisibleHelper.java b/services/core/java/com/android/server/wm/EnsureActivitiesVisibleHelper.java
index c4e03f5..c49a1c9 100644
--- a/services/core/java/com/android/server/wm/EnsureActivitiesVisibleHelper.java
+++ b/services/core/java/com/android/server/wm/EnsureActivitiesVisibleHelper.java

@@ -95,7 +95,7 @@
         // activities are actually behind other fullscreen activities, but still required
         // to be visible (such as performing Recents animation).
         final boolean resumeTopActivity = mTop != null && !mTop.mLaunchTaskBehind
-                && mContiner.isTopActivityFocusable()
+                && mContiner.canBeResumed(starting)
                 && (starting == null || !starting.isDescendantOf(mContiner));
 
         final PooledConsumer f = PooledLambda.obtainConsumer(

diff --git a/services/core/java/com/android/server/wm/RootWindowContainer.java b/services/core/java/com/android/server/wm/RootWindowContainer.java
index 15bd650..145b1bd 100644
--- a/services/core/java/com/android/server/wm/RootWindowContainer.java
+++ b/services/core/java/com/android/server/wm/RootWindowContainer.java

@@ -1963,7 +1963,8 @@
         }
 
         try {
-            if (mStackSupervisor.realStartActivityLocked(r, app, top == r /*andResume*/,
+            if (mStackSupervisor.realStartActivityLocked(r, app,
+                    top == r && r.getTask().canBeResumed(r) /*andResume*/,
                     true /*checkConfig*/)) {
                 mTmpBoolean = true;
             }

diff --git a/services/core/java/com/android/server/wm/Task.java b/services/core/java/com/android/server/wm/Task.java
index 6785127..7e8221d 100644
--- a/services/core/java/com/android/server/wm/Task.java
+++ b/services/core/java/com/android/server/wm/Task.java

@@ -3639,6 +3639,17 @@
     }
 
     /**
+     * Returns {@code true} is the activity in this Task can be resumed.
+     *
+     * @param starting The currently starting activity or {@code null} if there is none.
+     */
+    boolean canBeResumed(@Nullable ActivityRecord starting) {
+        // No need to resume activity in Task that is not visible.
+        return isTopActivityFocusable()
+                && getVisibility(starting) == STACK_VISIBILITY_VISIBLE;
+    }
+
+    /**
      * Returns true if the task should be visible.
      *
      * @param starting The currently starting activity or null if there is none.