ActivityStartInterceptor.java revision 26704957fe48d75a5b4f3a51cff520a9e4d8b82c 
1/*
2 * Copyright (C) 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server.am;
18
19import static android.app.ActivityManager.INTENT_SENDER_ACTIVITY;
20import static android.app.PendingIntent.FLAG_CANCEL_CURRENT;
21import static android.app.PendingIntent.FLAG_IMMUTABLE;
22import static android.app.PendingIntent.FLAG_ONE_SHOT;
23import static android.content.Context.KEYGUARD_SERVICE;
24import static android.content.Intent.EXTRA_INTENT;
25import static android.content.Intent.EXTRA_PACKAGE_NAME;
26import static android.content.Intent.EXTRA_TASK_ID;
27import static android.content.Intent.FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS;
28import static android.content.Intent.FLAG_ACTIVITY_NEW_TASK;
29import static android.content.Intent.FLAG_ACTIVITY_TASK_ON_HOME;
30import static android.content.pm.ApplicationInfo.FLAG_SUSPENDED;
31
32import android.app.ActivityOptions;
33import android.app.KeyguardManager;
34import android.app.admin.DevicePolicyManagerInternal;
35import android.content.IIntentSender;
36import android.content.Intent;
37import android.content.IntentSender;
38import android.content.pm.ActivityInfo;
39import android.content.pm.ResolveInfo;
40import android.content.pm.UserInfo;
41import android.os.Binder;
42import android.os.UserHandle;
43import android.os.UserManager;
44
45import com.android.internal.app.UnlaunchableAppActivity;
46import com.android.server.LocalServices;
47
48/**
49 * A class that contains activity intercepting logic for {@link ActivityStarter#startActivityLocked}
50 * It's initialized
51 */
52class ActivityStartInterceptor {
53
54    private final ActivityManagerService mService;
55    private UserManager mUserManager;
56    private final ActivityStackSupervisor mSupervisor;
57
58    /*
59     * Per-intent states loaded from ActivityStarter than shouldn't be changed by any
60     * interception routines.
61     */
62    private int mRealCallingPid;
63    private int mRealCallingUid;
64    private int mUserId;
65    private int mStartFlags;
66    private String mCallingPackage;
67
68    /*
69     * Per-intent states that were load from ActivityStarter and are subject to modifications
70     * by the interception routines. After calling {@link #intercept} the caller should assign
71     * these values back to {@link ActivityStarter#startActivityLocked}'s local variables.
72     */
73    Intent mIntent;
74    int mCallingPid;
75    int mCallingUid;
76    ResolveInfo mRInfo;
77    ActivityInfo mAInfo;
78    String mResolvedType;
79    TaskRecord mInTask;
80    ActivityOptions mActivityOptions;
81
82    ActivityStartInterceptor(ActivityManagerService service, ActivityStackSupervisor supervisor) {
83        mService = service;
84        mSupervisor = supervisor;
85    }
86
87    void setStates(int userId, int realCallingPid, int realCallingUid, int startFlags,
88            String callingPackage) {
89        mRealCallingPid = realCallingPid;
90        mRealCallingUid = realCallingUid;
91        mUserId = userId;
92        mStartFlags = startFlags;
93        mCallingPackage = callingPackage;
94    }
95
96    void intercept(Intent intent, ResolveInfo rInfo, ActivityInfo aInfo, String resolvedType,
97            TaskRecord inTask, int callingPid, int callingUid, ActivityOptions activityOptions) {
98        mUserManager = UserManager.get(mService.mContext);
99        mIntent = intent;
100        mCallingPid = callingPid;
101        mCallingUid = callingUid;
102        mRInfo = rInfo;
103        mAInfo = aInfo;
104        mResolvedType = resolvedType;
105        mInTask = inTask;
106        mActivityOptions = activityOptions;
107        if (interceptSuspendPackageIfNeed()) {
108            // Skip the rest of interceptions as the package is suspended by device admin so
109            // no user action can undo this.
110            return;
111        }
112        if (interceptQuietProfileIfNeeded()) {
113            // If work profile is turned off, skip the work challenge since the profile can only
114            // be unlocked when profile's user is running.
115            return;
116        }
117        interceptWorkProfileChallengeIfNeeded();
118    }
119
120    private boolean interceptQuietProfileIfNeeded() {
121        // Do not intercept if the user has not turned off the profile
122        if (!mUserManager.isQuietModeEnabled(UserHandle.of(mUserId))) {
123            return false;
124        }
125        IIntentSender target = mService.getIntentSenderLocked(
126                INTENT_SENDER_ACTIVITY, mCallingPackage, mCallingUid, mUserId, null, null, 0,
127                new Intent[] {mIntent}, new String[] {mResolvedType},
128                FLAG_CANCEL_CURRENT | FLAG_ONE_SHOT, null);
129
130        mIntent = UnlaunchableAppActivity.createInQuietModeDialogIntent(mUserId,
131                new IntentSender(target));
132        mCallingPid = mRealCallingPid;
133        mCallingUid = mRealCallingUid;
134        mResolvedType = null;
135
136        final UserInfo parent = mUserManager.getProfileParent(mUserId);
137        mRInfo = mSupervisor.resolveIntent(mIntent, mResolvedType, parent.id);
138        mAInfo = mSupervisor.resolveActivity(mIntent, mRInfo, mStartFlags, null /*profilerInfo*/);
139        return true;
140    }
141
142    private boolean interceptSuspendPackageIfNeed() {
143        // Do not intercept if the admin did not suspend the package
144        if (mAInfo == null || mAInfo.applicationInfo == null ||
145                (mAInfo.applicationInfo.flags & FLAG_SUSPENDED) == 0) {
146            return false;
147        }
148        DevicePolicyManagerInternal devicePolicyManager = LocalServices.getService(
149                DevicePolicyManagerInternal.class);
150        if (devicePolicyManager == null) {
151            return false;
152        }
153        mIntent = devicePolicyManager.createPackageSuspendedDialogIntent(
154                mAInfo.packageName, mUserId);
155        mCallingPid = mRealCallingPid;
156        mCallingUid = mRealCallingUid;
157        mResolvedType = null;
158
159        final UserInfo parent = mUserManager.getProfileParent(mUserId);
160        if (parent != null) {
161            mRInfo = mSupervisor.resolveIntent(mIntent, mResolvedType, parent.id);
162        } else {
163            mRInfo = mSupervisor.resolveIntent(mIntent, mResolvedType, mUserId);
164        }
165        mAInfo = mSupervisor.resolveActivity(mIntent, mRInfo, mStartFlags, null /*profilerInfo*/);
166        return true;
167    }
168
169    private boolean interceptWorkProfileChallengeIfNeeded() {
170        final Intent interceptingIntent = interceptWithConfirmCredentialsIfNeeded(mIntent,
171                mResolvedType, mAInfo, mCallingPackage, mUserId);
172        if (interceptingIntent == null) {
173            return false;
174        }
175        mIntent = interceptingIntent;
176        mCallingPid = mRealCallingPid;
177        mCallingUid = mRealCallingUid;
178        mResolvedType = null;
179        // If we are intercepting and there was a task, convert it into an extra for the
180        // ConfirmCredentials intent and unassign it, as otherwise the task will move to
181        // front even if ConfirmCredentials is cancelled.
182        if (mInTask != null) {
183            mIntent.putExtra(EXTRA_TASK_ID, mInTask.taskId);
184            mInTask = null;
185        }
186        if (mActivityOptions == null) {
187            mActivityOptions = ActivityOptions.makeBasic();
188        }
189        // Showing credential confirmation activity in home task to avoid stopping multi-windowed
190        // mode after showing the full-screen credential confirmation activity.
191        mActivityOptions.setLaunchTaskId(mSupervisor.getHomeActivity().task.taskId);
192
193        final UserInfo parent = mUserManager.getProfileParent(mUserId);
194        mRInfo = mSupervisor.resolveIntent(mIntent, mResolvedType, parent.id);
195        mAInfo = mSupervisor.resolveActivity(mIntent, mRInfo, mStartFlags, null /*profilerInfo*/);
196        return true;
197    }
198
199    /**
200     * Creates an intent to intercept the current activity start with Confirm Credentials if needed.
201     *
202     * @return The intercepting intent if needed.
203     */
204    private Intent interceptWithConfirmCredentialsIfNeeded(Intent intent, String resolvedType,
205            ActivityInfo aInfo, String callingPackage, int userId) {
206        if (!mService.mUserController.shouldConfirmCredentials(userId)) {
207            return null;
208        }
209        final IIntentSender target = mService.getIntentSenderLocked(
210                INTENT_SENDER_ACTIVITY, callingPackage,
211                Binder.getCallingUid(), userId, null, null, 0, new Intent[]{ intent },
212                new String[]{ resolvedType },
213                FLAG_CANCEL_CURRENT | FLAG_ONE_SHOT | FLAG_IMMUTABLE, null);
214        final KeyguardManager km = (KeyguardManager) mService.mContext
215                .getSystemService(KEYGUARD_SERVICE);
216        final Intent newIntent = km.createConfirmDeviceCredentialIntent(null, null, userId);
217        if (newIntent == null) {
218            return null;
219        }
220        newIntent.setFlags(FLAG_ACTIVITY_NEW_TASK | FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS |
221                FLAG_ACTIVITY_TASK_ON_HOME);
222        newIntent.putExtra(EXTRA_PACKAGE_NAME, aInfo.packageName);
223        newIntent.putExtra(EXTRA_INTENT, new IntentSender(target));
224        return newIntent;
225    }
226
227}
228