Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / ac116df5181b6bf82b501c2141f65633a935d9f0
commitac116df5181b6bf82b501c2141f65633a935d9f0[log] [tgz]
authorMichal Karpinski <mkarpinski@google.com>Mon Dec 10 17:51:42 2018 +0000
committerMichal Karpinski <mkarpinski@google.com>Thu Jan 03 12:26:43 2019 +0000
tree1284a922cb217b9dfa325457e8828d68eda9e58e
parent67b5e2ae1af0a3ce036d9cb8288e683a6ff86ccb [diff]
Block activity starts from background when realCallingUid is
a persistent system process and the start wasn't explicitly
whitelisted by the sender

Also, adds mechanism to temporary whitelist processes when
broadcast-based PendingIntent was whitelisted, so that
activities can be opened for the duration of the broadcast
being processed.

For now, all this is only wired for notifications.

Note: those whitelists are separate - only UI elements like
notifications will leverage both in order to support trampolines.
Other system-based PendingIntent senders should only use the
activity-based whitelist when they want an activity to be opened
from background.

Bug: 110956953
Test: atest WmTests:ActivityStarterTests
Test: manual with Play notifications that are known
      for doing trampolines

Change-Id: Ibab91cdbe7afc0aed29d430dd41327272020925b
15 files changed
tree: 1284a922cb217b9dfa325457e8828d68eda9e58e
  1. apct-tests/
  2. api/
  3. cmds/
  4. config/
  5. core/
  6. data/
  7. docs/
  8. drm/
  9. graphics/
  10. keystore/
  11. libs/
  12. location/
  13. lowpan/
  14. media/
  15. native/
  16. nfc-extras/
  17. obex/
  18. opengl/
  19. packages/
  20. proto/
  21. rs/
  22. samples/
  23. sax/
  24. services/
  25. startop/
  26. telecomm/
  27. telephony/
  28. test-base/
  29. test-legacy/
  30. test-mock/
  31. test-runner/
  32. tests/
  33. tools/
  34. wifi/
  35. .gitignore
  36. Android.bp
  37. Android.mk
  38. CleanSpec.mk
  39. MODULE_LICENSE_APACHE2
  40. NOTICE
  41. pathmap.mk
  42. PREUPLOAD.cfg