Merge changes from topic "toast-security-fix-sc-dev" into sc-dev

* changes: Drop input for toast and child surfaces SurfaceControl: Add setDropInputMode api
author: Vishnu Nair <vishnun@google.com> 2022-02-07 23:22:22 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2022-02-07 23:22:22 +0000
commit: 799f0a7f66a356b7a2956dee4cc834c60b937f08 (patch)
tree: de669cf97a9a51a95ba53ded18b12303ad27476e
parent: 537621f52832a9916c13e1f0e4a540a5223165a1 (diff)
parent: 6ac8376cd79ff485dd5531fca3dff2b093c5ea15 (diff)
download: base-799f0a7f66a356b7a2956dee4cc834c60b937f08.tar.gz
5 files changed, 40 insertions, 1 deletions
diff --git a/Android.bp b/Android.bp
index 3af2f07884e5..3f7581cf17c6 100644
--- a/Android.bp
+++ b/Android.bp
@@ -113,6 +113,7 @@ filegroup {
         ":gatekeeper_aidl",
         ":gsiservice_aidl",
         ":idmap2_aidl",
+        ":guiconstants_aidl",
         ":idmap2_core_aidl",
         ":incidentcompanion_aidl",
         ":inputconstants_aidl",
diff --git a/core/java/android/view/SurfaceControl.java b/core/java/android/view/SurfaceControl.java
index 8143cf953f19..4dc9807aca5d 100644
--- a/core/java/android/view/SurfaceControl.java
+++ b/core/java/android/view/SurfaceControl.java
@@ -41,6 +41,7 @@ import android.graphics.PixelFormat;
 import android.graphics.Point;
 import android.graphics.Rect;
 import android.graphics.Region;
+import android.gui.DropInputMode;
 import android.hardware.HardwareBuffer;
 import android.hardware.display.DeviceProductInfo;
 import android.hardware.display.DisplayedContentSample;
@@ -150,7 +151,8 @@ public final class SurfaceControl implements Parcelable {
             float childRelativeTop, float childRelativeRight, float childRelativeBottom);
     private static native void nativeSetTrustedOverlay(long transactionObj, long nativeObject,
             boolean isTrustedOverlay);
-
+    private static native void nativeSetDropInputMode(
+            long transactionObj, long nativeObject, int flags);
     private static native boolean nativeClearContentFrameStats(long nativeObject);
     private static native boolean nativeGetContentFrameStats(long nativeObject, WindowContentFrameStats outStats);
     private static native boolean nativeClearAnimationFrameStats();
@@ -3426,6 +3428,17 @@ public final class SurfaceControl implements Parcelable {
             return this;
         }
 
+        /**
+         * Sets the input event drop mode on this SurfaceControl and its children. The caller must
+         * hold the ACCESS_SURFACE_FLINGER permission. See {@code InputEventDropMode}.
+         * @hide
+         */
+        public Transaction setDropInputMode(SurfaceControl sc, @DropInputMode int mode) {
+            checkPreconditions(sc);
+            nativeSetDropInputMode(mNativeObject, sc.mNativeObject, mode);
+            return this;
+        }
+
          /**
          * Merge the other transaction into this transaction, clearing the
          * other transaction as if it had been applied.
diff --git a/core/jni/android_view_SurfaceControl.cpp b/core/jni/android_view_SurfaceControl.cpp
index 8d12df226ffe..7f99e2998b13 100644
--- a/core/jni/android_view_SurfaceControl.cpp
+++ b/core/jni/android_view_SurfaceControl.cpp
@@ -868,6 +868,13 @@ static void nativeSetFixedTransformHint(JNIEnv* env, jclass clazz, jlong transac
     transaction->setFixedTransformHint(ctrl, transformHint);
 }
 
+static void nativeSetDropInputMode(JNIEnv* env, jclass clazz, jlong transactionObj,
+                                   jlong nativeObject, jint mode) {
+    auto transaction = reinterpret_cast<SurfaceComposerClient::Transaction*>(transactionObj);
+    SurfaceControl* const ctrl = reinterpret_cast<SurfaceControl*>(nativeObject);
+    transaction->setDropInputMode(ctrl, static_cast<gui::DropInputMode>(mode));
+}
+
 static jlongArray nativeGetPhysicalDisplayIds(JNIEnv* env, jclass clazz) {
     const auto displayIds = SurfaceComposerClient::getPhysicalDisplayIds();
     jlongArray array = env->NewLongArray(displayIds.size());
@@ -1994,6 +2001,8 @@ static const JNINativeMethod sSurfaceControlMethods[] = {
             (void*)nativeGetTransformHint },
     {"nativeSetTrustedOverlay", "(JJZ)V",
             (void*)nativeSetTrustedOverlay },
+    {"nativeSetDropInputMode", "(JJI)V",
+            (void*)nativeSetDropInputMode},
         // clang-format on
 };
 
diff --git a/services/core/java/com/android/server/wm/DisplayPolicy.java b/services/core/java/com/android/server/wm/DisplayPolicy.java
index 73d31bf7e0c8..1eb7281d37ed 100644
--- a/services/core/java/com/android/server/wm/DisplayPolicy.java
+++ b/services/core/java/com/android/server/wm/DisplayPolicy.java
@@ -124,6 +124,7 @@ import android.graphics.Insets;
 import android.graphics.PixelFormat;
 import android.graphics.Rect;
 import android.graphics.Region;
+import android.gui.DropInputMode;
 import android.hardware.power.Boost;
 import android.os.Handler;
 import android.os.IBinder;
@@ -928,6 +929,20 @@ public class DisplayPolicy {
     }
 
     /**
+     * Add additional policy if needed to ensure the window or its children should not receive any
+     * input.
+     */
+    public void setDropInputModePolicy(WindowState win, LayoutParams attrs) {
+        if (attrs.type == TYPE_TOAST
+                && (attrs.privateFlags & PRIVATE_FLAG_TRUSTED_OVERLAY) == 0) {
+            // Toasts should not receive input. These windows should not have any children, so
+            // force this hierarchy of windows to drop all input.
+            mService.mTransactionFactory.get()
+                    .setDropInputMode(win.getSurfaceControl(), DropInputMode.ALL).apply();
+        }
+    }
+
+    /**
      * Check if a window can be added to the system.
      *
      * Currently enforces that two window types are singletons per display:
diff --git a/services/core/java/com/android/server/wm/WindowManagerService.java b/services/core/java/com/android/server/wm/WindowManagerService.java
index 4281568b44d9..fac953910e92 100644
--- a/services/core/java/com/android/server/wm/WindowManagerService.java
+++ b/services/core/java/com/android/server/wm/WindowManagerService.java
@@ -1780,6 +1780,7 @@ public class WindowManagerService extends IWindowManager.Stub
 
             win.mToken.addWindow(win);
             displayPolicy.addWindowLw(win, attrs);
+            displayPolicy.setDropInputModePolicy(win, win.mAttrs);
             if (type == TYPE_INPUT_METHOD) {
                 displayContent.setInputMethodWindowLocked(win);
                 imMayMove = false;
author	Vishnu Nair <vishnun@google.com>	2022-02-07 23:22:22 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2022-02-07 23:22:22 +0000
commit	799f0a7f66a356b7a2956dee4cc834c60b937f08 (patch)
tree	de669cf97a9a51a95ba53ded18b12303ad27476e
parent	537621f52832a9916c13e1f0e4a540a5223165a1 (diff)
parent	6ac8376cd79ff485dd5531fca3dff2b093c5ea15 (diff)
download	base-799f0a7f66a356b7a2956dee4cc834c60b937f08.tar.gz