Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 346eed73 authored by Hui Yu's avatar Hui Yu
Browse files

RESTRICT AUTOMERGE: Set mAllowWhileInUsePermissionInFgs correctly when... 

RESTRICT AUTOMERGE: Set mAllowWhileInUsePermissionInFgs correctly when bindService() from background.

Pass original callingPid and callingUid into
shouldAllowWhileInUsePermissionInFgsLocked() after
Binder.clearCallingIdentity().

Bug: 163084228, 173516292
Test: atest cts/tests/app/src/android/app/cts/ActivityManagerFgsBgStartTest.java#testFgsLocationStartFromBGWithBind
Change-Id: I7a240621267648ea54e7dc737ebc55bc665e39b6
Merged-In: I7a240621267648ea54e7dc737ebc55bc665e39b6
(cherry picked from commit 86bd39db)
parent 0d8b71b1

services/core/java/com/android/server/am/ActiveServices.java

+8 −6
Original line number Diff line number Diff line
@@ -1836,11 +1836,13 @@ public final class ActiveServices { 
        if (DEBUG_SERVICE) Slog.v(TAG_SERVICE, "bindService: " + service

                + " type=" + resolvedType + " conn=" + connection.asBinder()

                + " flags=0x" + Integer.toHexString(flags));

        final int callingPid = Binder.getCallingPid();

        final int callingUid = Binder.getCallingUid();

        final ProcessRecord callerApp = mAm.getRecordForAppLocked(caller);

        if (callerApp == null) {

            throw new SecurityException(

                    "Unable to find app for caller " + caller

                    + " (pid=" + Binder.getCallingPid()

                    + " (pid=" + callingPid

                    + ") when binding service " + service);

        }
@@ -1880,19 +1882,19 @@ public final class ActiveServices { 
        }



        if ((flags & Context.BIND_SCHEDULE_LIKE_TOP_APP) != 0 && !isCallerSystem) {

            throw new SecurityException("Non-system caller (pid=" + Binder.getCallingPid()

            throw new SecurityException("Non-system caller (pid=" + callingPid

                    + ") set BIND_SCHEDULE_LIKE_TOP_APP when binding service " + service);

        }



        if ((flags & Context.BIND_ALLOW_WHITELIST_MANAGEMENT) != 0 && !isCallerSystem) {

            throw new SecurityException(

                    "Non-system caller " + caller + " (pid=" + Binder.getCallingPid()

                    "Non-system caller " + caller + " (pid=" + callingPid

                    + ") set BIND_ALLOW_WHITELIST_MANAGEMENT when binding service " + service);

        }



        if ((flags & Context.BIND_ALLOW_INSTANT) != 0 && !isCallerSystem) {

            throw new SecurityException(

                    "Non-system caller " + caller + " (pid=" + Binder.getCallingPid()

                    "Non-system caller " + caller + " (pid=" + callingPid

                            + ") set BIND_ALLOW_INSTANT when binding service " + service);

        }
@@ -1908,7 +1910,7 @@ public final class ActiveServices { 


        ServiceLookupResult res =

            retrieveServiceLocked(service, instanceName, resolvedType, callingPackage,

                    Binder.getCallingPid(), Binder.getCallingUid(), userId, true,

                    callingPid, callingUid, userId, true,

                    callerFg, isBindExternal, allowInstant);

        if (res == null) {

            return 0;
@@ -2068,7 +2070,7 @@ public final class ActiveServices { 
            if (!s.mAllowWhileInUsePermissionInFgs) {

                s.mAllowWhileInUsePermissionInFgs =

                        shouldAllowWhileInUsePermissionInFgsLocked(callingPackage,

                                Binder.getCallingPid(), Binder.getCallingUid(),

                                callingPid, callingUid,

                                service, s, false);

            }