From 5e2931c6569aa8084be9d0690a1ca30534f49c46 Mon Sep 17 00:00:00 2001
From: John Reck <jreck@google.com>
Date: Mon, 6 Jul 2020 16:10:49 -0700
Subject: [PATCH] Add missing isShellUser check

Bug: 160390416
Test: verified command still works from shell
Change-Id: I23bb06e00f1623e4f27c02d7eb2c0d273b40771b
(cherry picked from commit 03542611973e4ce3ddca522ee12bcc85e59ce901)
Merged-In: I23bb06e00f1623e4f27c02d7eb2c0d273b40771b
---
 .../com/android/server/am/ActivityManagerService.java    | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index e0ac45adb3f41..d77c55059e50e 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -4251,9 +4251,18 @@ public class ActivityManagerService extends IActivityManager.Stub
         return procState;
     }
 
+    private boolean isCallerShell() {
+        final int callingUid = Binder.getCallingUid();
+        return callingUid == SHELL_UID || callingUid == ROOT_UID;
+    }
+
     @Override
     public boolean setProcessMemoryTrimLevel(String process, int userId, int level)
             throws RemoteException {
+        if (!isCallerShell()) {
+            EventLog.writeEvent(0x534e4554, 160390416, Binder.getCallingUid(), "");
+            throw new SecurityException("Only shell can call it");
+        }
         synchronized (this) {
             final ProcessRecord app = findProcessLocked(process, userId, "setProcessMemoryTrimLevel");
             if (app == null) {