Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2ab33060 authored by Varun Shah's avatar Varun Shah Committed by Huizi Yang
Browse files

RESTRICT AUTOMERGE 

Ensure caller identity is restored in CP quick-path.

Bug: 172935267
Test: PoC in bug
Change-Id: I469bde7d0a0f89c94f1234cf40983395048962e2
(cherry picked from commit 79062d79)
parent 154a06ca

services/core/java/com/android/server/am/ActivityManagerService.java

+57 −56
Original line number Original line Diff line number Diff line
@@ -11535,11 +11535,10 @@ public class ActivityManagerService extends IActivityManager.Stub 
                }

                }

















                final long origId = Binder.clearCallingIdentity();







                final long origId = Binder.clearCallingIdentity();

















                try {











                    checkTime(startTime, "getContentProviderImpl: incProviderCountLocked");







                    checkTime(startTime, "getContentProviderImpl: incProviderCountLocked");



























                // In this case the provider instance already exists, so we can







                    // Return the provider instance right away since it already exists.











                // return it right away.














                    conn = incProviderCountLocked(r, cpr, token, stable);







                    conn = incProviderCountLocked(r, cpr, token, stable);











                    if (conn != null && (conn.stableCount+conn.unstableCount) == 1) {







                    if (conn != null && (conn.stableCount+conn.unstableCount) == 1) {











                        if (cpr.proc != null && r.setAdj <= ProcessList.PERCEPTIBLE_APP_ADJ) {







                        if (cpr.proc != null && r.setAdj <= ProcessList.PERCEPTIBLE_APP_ADJ) {









@@ -11561,7 +11560,8 @@ public class ActivityManagerService extends IActivityManager.Stub









                    // it, we will check whether the process still exists.  Note that this doesn't







                    // it, we will check whether the process still exists.  Note that this doesn't











                    // completely get rid of races with LMK killing the process, but should make







                    // completely get rid of races with LMK killing the process, but should make











                    // them much smaller.







                    // them much smaller.











                if (success && verifiedAdj != cpr.proc.setAdj && !isProcessAliveLocked(cpr.proc)) {







                    if (success && verifiedAdj != cpr.proc.setAdj














                            && !isProcessAliveLocked(cpr.proc)) {











                        success = false;







                        success = false;











                    }







                    }











                    maybeUpdateProviderUsageStatsLocked(r, cpr.info.packageName, name);







                    maybeUpdateProviderUsageStatsLocked(r, cpr.info.packageName, name);










@@ -11592,9 +11592,10 @@ public class ActivityManagerService extends IActivityManager.Stub









                    } else {







                    } else {











                        cpr.proc.verifiedAdj = cpr.proc.setAdj;







                        cpr.proc.verifiedAdj = cpr.proc.setAdj;











                    }







                    }

















                } finally {











                    Binder.restoreCallingIdentity(origId);







                    Binder.restoreCallingIdentity(origId);











                }







                }














            }



























            if (!providerRunning) {







            if (!providerRunning) {











                try {







                try {