Allow BAL from explicit start methods.
All changed methods start intents on behalf of the caller and already pass in a parameter to allow BAL (which now is gated on the caller allowing this in the ActivityOptions).
Test: atest BackgroundActivityLaunchTest SystemDreamTest
Bug: 270612197
Change-Id: I3b3fd4b41981711d64ef31cf48803b6d23b82b75
diff --git a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
index 12fe6a0..7df7baa 100644
--- a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
+++ b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java
@@ -1504,7 +1504,7 @@
.setCallingPid(callingPid)
.setCallingPackage(intent.getPackage())
.setActivityInfo(a)
- .setActivityOptions(options.toBundle())
+ .setActivityOptions(createSafeActivityOptionsWithBalAllowed(options))
// To start the dream from background, we need to start it from a persistent
// system process. Here we set the real calling uid to the system server uid
.setRealCallingUid(Binder.getCallingUid())
@@ -1652,7 +1652,7 @@
.setResultWho(resultWho)
.setRequestCode(requestCode)
.setStartFlags(startFlags)
- .setActivityOptions(bOptions)
+ .setActivityOptions(createSafeActivityOptionsWithBalAllowed(bOptions))
.setUserId(userId)
.setIgnoreTargetSecurity(ignoreTargetSecurity)
.setFilterCallingUid(isResolver ? 0 /* system */ : targetUid)
@@ -1702,7 +1702,7 @@
.setVoiceInteractor(interactor)
.setStartFlags(startFlags)
.setProfilerInfo(profilerInfo)
- .setActivityOptions(bOptions)
+ .setActivityOptions(createSafeActivityOptionsWithBalAllowed(bOptions))
.setUserId(userId)
.setBackgroundStartPrivileges(BackgroundStartPrivileges.ALLOW_BAL)
.execute();
@@ -1729,7 +1729,7 @@
.setCallingPackage(callingPackage)
.setCallingFeatureId(callingFeatureId)
.setResolvedType(resolvedType)
- .setActivityOptions(bOptions)
+ .setActivityOptions(createSafeActivityOptionsWithBalAllowed(bOptions))
.setUserId(userId)
.setBackgroundStartPrivileges(BackgroundStartPrivileges.ALLOW_BAL)
.execute();
@@ -5527,6 +5527,31 @@
return checkPermission(permission, -1, sourceUid) == PackageManager.PERMISSION_GRANTED;
}
+ /**
+ * Wrap the {@link ActivityOptions} in {@link SafeActivityOptions} and attach caller options
+ * that allow using the callers permissions to start background activities.
+ */
+ private SafeActivityOptions createSafeActivityOptionsWithBalAllowed(
+ @Nullable ActivityOptions options) {
+ if (options == null) {
+ options = ActivityOptions.makeBasic().setPendingIntentBackgroundActivityStartMode(
+ ActivityOptions.MODE_BACKGROUND_ACTIVITY_START_ALLOWED);
+ } else if (options.getPendingIntentBackgroundActivityStartMode()
+ == ActivityOptions.MODE_BACKGROUND_ACTIVITY_START_SYSTEM_DEFINED) {
+ options.setPendingIntentBackgroundActivityStartMode(
+ ActivityOptions.MODE_BACKGROUND_ACTIVITY_START_ALLOWED);
+ }
+ return new SafeActivityOptions(options);
+ }
+
+ /**
+ * Wrap the options {@link Bundle} in {@link SafeActivityOptions} and attach caller options
+ * that allow using the callers permissions to start background activities.
+ */
+ private SafeActivityOptions createSafeActivityOptionsWithBalAllowed(@Nullable Bundle bOptions) {
+ return createSafeActivityOptionsWithBalAllowed(ActivityOptions.fromBundle(bOptions));
+ }
+
final class H extends Handler {
static final int REPORT_TIME_TRACKER_MSG = 1;
static final int UPDATE_PROCESS_ANIMATING_STATE = 2;