From 296861f2357646c5381cec999fca44a7bc6166d6 Mon Sep 17 00:00:00 2001 From: ccaapton Date: Thu, 9 Feb 2023 19:06:05 +0800 Subject: [PATCH 1/3] Restrict contentprovider from starting new process Currently background service will not started if a new process will start and the app is in background restriction state, but not for content providers. This leave a loophole for bad apps to wake up each other. This patch fix this problem. --- .../java/com/android/server/am/ContentProviderHelper.java | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/services/core/java/com/android/server/am/ContentProviderHelper.java b/services/core/java/com/android/server/am/ContentProviderHelper.java index 453385938aca..3e375e5b0854 100644 --- a/services/core/java/com/android/server/am/ContentProviderHelper.java +++ b/services/core/java/com/android/server/am/ContentProviderHelper.java @@ -497,6 +497,13 @@ private ContentProviderHolder getContentProviderImpl(IApplicationThread caller, PROVIDER_ACQUISITION_EVENT_REPORTED__PROC_START_TYPE__PROCESS_START_TYPE_WARM); } else { checkTime(startTime, "getContentProviderImpl: before start process"); + final int allowed = mService.getAppStartModeLOSP(cpr.appInfo.uid, cpr.appInfo.packageName, + cpr.appInfo.targetSdkVersion, + Binder.getCallingPid(), + false, false, false); + if (allowed != ActivityManager.APP_START_MODE_NORMAL) { + return null; + } proc = mService.startProcessLocked( cpi.processName, cpr.appInfo, false, 0, new HostingRecord(HostingRecord.HOSTING_TYPE_CONTENT_PROVIDER, From 513989c4e83d835d51b52ec106e20fe1e9b1c66f Mon Sep 17 00:00:00 2001 From: ccaapton Date: Fri, 10 Feb 2023 02:04:27 +0800 Subject: [PATCH 2/3] Restrict background contentprovider from starting new process, part 2 --- .../java/com/android/server/am/ContentProviderHelper.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/services/core/java/com/android/server/am/ContentProviderHelper.java b/services/core/java/com/android/server/am/ContentProviderHelper.java index 3e375e5b0854..ab3508044971 100644 --- a/services/core/java/com/android/server/am/ContentProviderHelper.java +++ b/services/core/java/com/android/server/am/ContentProviderHelper.java @@ -497,11 +497,12 @@ private ContentProviderHolder getContentProviderImpl(IApplicationThread caller, PROVIDER_ACQUISITION_EVENT_REPORTED__PROC_START_TYPE__PROCESS_START_TYPE_WARM); } else { checkTime(startTime, "getContentProviderImpl: before start process"); + final boolean caller_is_bg = ActivityManager.isProcStateBackground(r.mState.getCurProcState()); final int allowed = mService.getAppStartModeLOSP(cpr.appInfo.uid, cpr.appInfo.packageName, cpr.appInfo.targetSdkVersion, Binder.getCallingPid(), - false, false, false); - if (allowed != ActivityManager.APP_START_MODE_NORMAL) { + false, false, caller_is_bg); + if (caller_is_bg && allowed != ActivityManager.APP_START_MODE_NORMAL) { return null; } proc = mService.startProcessLocked( From ece550ffedd7e36ad9e01179abfb127f976bbd70 Mon Sep 17 00:00:00 2001 From: ccaapton Date: Fri, 10 Feb 2023 11:24:37 +0800 Subject: [PATCH 3/3] Restrict background contentprovider from starting new process: part 3 improve logging --- .../core/java/com/android/server/am/ContentProviderHelper.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/services/core/java/com/android/server/am/ContentProviderHelper.java b/services/core/java/com/android/server/am/ContentProviderHelper.java index ab3508044971..b2fa699a1235 100644 --- a/services/core/java/com/android/server/am/ContentProviderHelper.java +++ b/services/core/java/com/android/server/am/ContentProviderHelper.java @@ -503,6 +503,9 @@ private ContentProviderHolder getContentProviderImpl(IApplicationThread caller, Binder.getCallingPid(), false, false, caller_is_bg); if (caller_is_bg && allowed != ActivityManager.APP_START_MODE_NORMAL) { + Slog.d(TAG, "Stopped " + r.info.packageName + + " from starting content provider in " + + cpr.appInfo.packageName); return null; } proc = mService.startProcessLocked(