Fix the binder calling identity in setVrMode

When an app calls setVrMode, we end up moving the task stack which needs MANAGE_ACTIVITY_STACKS permission which the app can never get. So, clear the binder identity of the app while making this call. Testing: android.vr.cts.VrSetFIFOThreadTest Bug: 65743448 Change-Id: Id37968f4fb5531edadb0726e5fc04b2470d2d0e5 Signed-off-by: Karthik Ravi Shankar <karthikrs@google.com> (cherry picked from commit ac214bbfa2ebd8863cb36e3f002760ef3293b0da)
2017-12-06 18:06:21 -08:00
parent bd24572e17
commit 96090ef9dc
1 changed files with 12 additions and 6 deletions
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -14288,14 +14288,20 @@ public class ActivityManagerService extends IActivityManager.Stub
            return err;
        }

-        synchronized(this) {
-            r.requestedVrComponent = (enabled) ? packageName : null;
+        // Clear the binder calling uid since this path may call moveToTask().
+        final long callingId = Binder.clearCallingIdentity();
+        try {
+            synchronized(this) {
+                r.requestedVrComponent = (enabled) ? packageName : null;

-            // Update associated state if this activity is currently focused
-            if (r == mStackSupervisor.getResumedActivityLocked()) {
-                applyUpdateVrModeLocked(r);
+                // Update associated state if this activity is currently focused
+                if (r == mStackSupervisor.getResumedActivityLocked()) {
+                    applyUpdateVrModeLocked(r);
+                }
+                return 0;
            }
-            return 0;
+        } finally {
+            Binder.restoreCallingIdentity(callingId);
        }
    }