Commit 1163e15e authored Mar 18, 2025 by Eric Biggers

UserManagerService: clear calling identity in getCredentialOwnerProfile()

Add the missing Binder.clearCallingIdentity() to
UserManagerService#getCredentialOwnerProfile(), just after the
checkManageUsersPermission().  This avoids a warning in
UserManager#getUserProperties() about the system fetching UserProperties
on behalf of another uid.  Since checkManageUsersPermission() ensures
that the caller can see all the user properties anyway, the actual
result should remain the same (besides the warning message going away).

Bug: 403355811
Test: atest FrameworksServicesTests:UserManagerServiceTest
Flag: EXEMPT bugfix
Change-Id: I635a15afef5fa9d0b1b04c5a203e19a6df30fdb7

parent 9d8c6297

services/core/java/com/android/server/pm/UserManagerService.java

+10 −6

Original line number	Diff line number	Diff line
		@@ -1698,6 +1698,8 @@ public class UserManagerService extends IUserManager.Stub {
		@Override
		public int getCredentialOwnerProfile(@UserIdInt int userId) {
		checkManageUsersPermission("get the credential owner");
		final long identity = Binder.clearCallingIdentity();
		try {
		if (!mLockPatternUtils.isSeparateProfileChallengeEnabled(userId)) {
		synchronized (mUsersLock) {
		UserInfo profileParent = getProfileParentLU(userId);
		@@ -1706,7 +1708,9 @@ public class UserManagerService extends IUserManager.Stub {
		}
		}
		}

		} finally {
		Binder.restoreCallingIdentity(identity);
		}
		return userId;
		}