diff options
author | Mugdha Lakhani <nator@google.com> | 2022-12-29 15:18:07 +0000 |
---|---|---|
committer | Mugdha Lakhani <nator@google.com> | 2023-03-02 11:12:05 +0000 |
commit | ca49ddc03fc161e11e4ea99a3e70ef766715410f (patch) | |
tree | 794fff4ac42747b517a2e665bd04ad3dc4ea2a56 | |
parent | cfc1526aaccbd9a4311530ddafdf6417d68ae012 (diff) | |
download | base-ca49ddc03fc161e11e4ea99a3e70ef766715410f.tar.gz |
DO NOT MERGE Isolated processes must fail registering BRs.
Broadcast Receivers should not be allowed to be registered by
isolated processes.
Bug: b/263358101
Test: atest SdkSandboxRestrictionsHostTest
Change-Id: I5bb2ee3ce8a447105a18851fdffa5a769cc3fe49
(cherry picked from commit 43b8a91b0584dd1c6a136702e68e1f0cd519cb51)
-rw-r--r-- | services/core/java/com/android/server/am/ActivityManagerService.java | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java index 9c7d9447a1a6..40c0057fb3ed 100644 --- a/services/core/java/com/android/server/am/ActivityManagerService.java +++ b/services/core/java/com/android/server/am/ActivityManagerService.java @@ -13053,12 +13053,17 @@ public class ActivityManagerService extends IActivityManager.Stub public Intent registerReceiverWithFeature(IApplicationThread caller, String callerPackage, String callerFeatureId, String receiverId, IIntentReceiver receiver, IntentFilter filter, String permission, int userId, int flags) { + enforceNotIsolatedCaller("registerReceiver"); + // Allow Sandbox process to register only unexported receivers. - if ((flags & Context.RECEIVER_NOT_EXPORTED) != 0) { - enforceNotIsolatedCaller("registerReceiver"); - } else if (mSdkSandboxSettings.isBroadcastReceiverRestrictionsEnforced()) { - enforceNotIsolatedOrSdkSandboxCaller("registerReceiver"); + boolean unexported = (flags & Context.RECEIVER_NOT_EXPORTED) != 0; + if (mSdkSandboxSettings.isBroadcastReceiverRestrictionsEnforced() + && Process.isSdkSandboxUid(Binder.getCallingUid()) + && !unexported) { + throw new SecurityException("SDK sandbox process not allowed to call " + + "registerReceiver"); } + ArrayList<Intent> stickyIntents = null; ProcessRecord callerApp = null; final boolean visibleToInstantApps |