Require that the caller has INTERACT_ACROSS_USERS in order to retrieve
home tasks of other users.
This prevents users from observing home tasks of other users on the device.
bug: 140274903
Test: cts-tradefed run cts-dev -m CtsPermissionTestCases -t android.permission.cts.NoActivityRelatedPermissionTest#testGetTask
cts-tradefed run cts-dev -m CtsWindowManagerDeviceTestCases
cts-tradefed run cts-dev -m CtsAppTestCases
Change-Id: Ia5fdb1ba1ab7d9ec27d1afbb3a359b454c7075c0
Merged-In: Ia5fdb1ba1ab7d9ec27d1afbb3a359b454c7075c0
diff --git a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
index 747837b..59ae9ac 100644
--- a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
+++ b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
@@ -19,6 +19,8 @@
import static android.Manifest.permission.BIND_VOICE_INTERACTION;
import static android.Manifest.permission.CHANGE_CONFIGURATION;
import static android.Manifest.permission.CONTROL_REMOTE_APP_TRANSITION_ANIMATIONS;
+import static android.Manifest.permission.INTERACT_ACROSS_USERS;
+import static android.Manifest.permission.INTERACT_ACROSS_USERS_FULL;
import static android.Manifest.permission.INTERNAL_SYSTEM_WINDOW;
import static android.Manifest.permission.MANAGE_ACTIVITY_STACKS;
import static android.Manifest.permission.READ_FRAME_BUFFER;
@@ -2522,15 +2524,16 @@
@WindowConfiguration.ActivityType int ignoreActivityType,
@WindowConfiguration.WindowingMode int ignoreWindowingMode) {
final int callingUid = Binder.getCallingUid();
+ final int callingPid = Binder.getCallingPid();
+ final boolean crossUser = isCrossUserAllowed(callingPid, callingUid);
ArrayList<ActivityManager.RunningTaskInfo> list = new ArrayList<>();
synchronized (mGlobalLock) {
if (DEBUG_ALL) Slog.v(TAG, "getTasks: max=" + maxNum);
- final boolean allowed = isGetTasksAllowed("getTasks", Binder.getCallingPid(),
- callingUid);
+ final boolean allowed = isGetTasksAllowed("getTasks", callingPid, callingUid);
mRootActivityContainer.getRunningTasks(maxNum, list, ignoreActivityType,
- ignoreWindowingMode, callingUid, allowed);
+ ignoreWindowingMode, callingUid, allowed, crossUser);
}
return list;
@@ -3587,6 +3590,11 @@
return allowed;
}
+ boolean isCrossUserAllowed(int pid, int uid) {
+ return checkPermission(INTERACT_ACROSS_USERS, pid, uid) == PERMISSION_GRANTED
+ || checkPermission(INTERACT_ACROSS_USERS_FULL, pid, uid) == PERMISSION_GRANTED;
+ }
+
private PendingAssistExtras enqueueAssistContext(int requestType, Intent intent, String hint,
IAssistDataReceiver receiver, Bundle receiverExtras, IBinder activityToken,
boolean focused, boolean newSessionId, int userHandle, Bundle args, long timeout,