Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix DevicePolicyManager.isBackupServiceEnabled() breakage.

Browse Source 
http://ag/12885739 introduced a enforceCallingPermission(BACKUP) check
but callers of this API do not hold that permission. This CL fixes
this by changing the check to enforceCallingOrSelfPermission(BACKUP),
and clearing the binder identity in DevicePolicyManagerService, which
makes the system server process the owner of that call.

Bug: 158482162
Bug: 172466964
Test: atest com.android.cts.devicepolicy.{Device,Profile}OwnerTest#testBackupServiceEnabling
Change-Id: I11d863229c4d62a058aaf37446a694b9c73ae5b8
Merged-In: I11d863229c4d62a058aaf37446a694b9c73ae5b8
(cherry picked from commit 630dec9eb4)
This commit is contained in:
Tobias Thierer
2020-12-10 13:46:08 +00:00
parent b50cdde5f0
commit d8b61b5159
2 changed files with 11 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
services/backup/java/com/android/server/backup/BackupManagerService.java
View File

@@ -510,7 +510,7 @@ public class BackupManagerService extends IBackupManager.Stub {
int callingUid = Binder.getCallingUid();
if (CompatChanges.isChangeEnabled(
BackupManager.IS_BACKUP_SERVICE_ACTIVE_ENFORCE_PERMISSION_IN_SERVICE, callingUid)) {
mContext.enforceCallingPermission(android.Manifest.permission.BACKUP,
mContext.enforceCallingOrSelfPermission(android.Manifest.permission.BACKUP,
"isBackupServiceActive");
}
synchronized (mStateLock) {

18
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
View File

@@ -14438,15 +14438,17 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
}
enforceProfileOrDeviceOwner(admin);
synchronized (getLockObject()) {
try {
IBackupManager ibm = mInjector.getIBackupManager();
return ibm != null && ibm.isBackupServiceActive(
mInjector.userHandleGetCallingUserId());
} catch (RemoteException e) {
throw new IllegalStateException("Failed requesting backup service state.", e);
final int userId = mInjector.userHandleGetCallingUserId();
return mInjector.binderWithCleanCallingIdentity(() -> {
synchronized (getLockObject()) {
try {
IBackupManager ibm = mInjector.getIBackupManager();
return ibm != null && ibm.isBackupServiceActive(userId);
} catch (RemoteException e) {
throw new IllegalStateException("Failed requesting backup service state.", e);
}
}
}
});
}
@Override