Loading services/core/java/com/android/server/UiModeManagerService.java +45 −0 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ import static android.app.UiModeManager.PROJECTION_TYPE_AUTOMOTIVE; import static android.app.UiModeManager.PROJECTION_TYPE_NONE; import static android.os.UserHandle.USER_SYSTEM; import static android.os.UserHandle.getCallingUserId; import static android.os.UserManager.isVisibleBackgroundUsersEnabled; import static android.provider.Settings.Secure.CONTRAST_LEVEL; import static android.util.TimeUtils.isTimeBetween; Loading Loading @@ -99,6 +100,7 @@ import com.android.internal.app.DisableCarModeActivity; import com.android.internal.messages.nano.SystemMessageProto.SystemMessage; import com.android.internal.notification.SystemNotificationChannels; import com.android.internal.util.DumpUtils; import com.android.server.pm.UserManagerService; import com.android.server.twilight.TwilightListener; import com.android.server.twilight.TwilightManager; import com.android.server.twilight.TwilightState; Loading Loading @@ -848,6 +850,8 @@ final class UiModeManagerService extends SystemService { } final int user = UserHandle.getCallingUserId(); enforceValidCallingUser(user); final long ident = Binder.clearCallingIdentity(); try { synchronized (mLock) { Loading Loading @@ -910,6 +914,8 @@ final class UiModeManagerService extends SystemService { @AttentionModeThemeOverlayType int attentionModeThemeOverlayType) { setAttentionModeThemeOverlay_enforcePermission(); enforceValidCallingUser(UserHandle.getCallingUserId()); synchronized (mLock) { if (mAttentionModeThemeOverlay != attentionModeThemeOverlayType) { mAttentionModeThemeOverlay = attentionModeThemeOverlayType; Loading Loading @@ -999,6 +1005,8 @@ final class UiModeManagerService extends SystemService { return false; } final int user = Binder.getCallingUserHandle().getIdentifier(); enforceValidCallingUser(user); if (user != mCurrentUser && getContext().checkCallingOrSelfPermission( android.Manifest.permission.INTERACT_ACROSS_USERS) != PackageManager.PERMISSION_GRANTED) { Loading Loading @@ -1056,6 +1064,8 @@ final class UiModeManagerService extends SystemService { return; } final int user = UserHandle.getCallingUserId(); enforceValidCallingUser(user); final long ident = Binder.clearCallingIdentity(); try { LocalTime newTime = LocalTime.ofNanoOfDay(time * 1000); Loading Loading @@ -1084,6 +1094,8 @@ final class UiModeManagerService extends SystemService { return; } final int user = UserHandle.getCallingUserId(); enforceValidCallingUser(user); final long ident = Binder.clearCallingIdentity(); try { LocalTime newTime = LocalTime.ofNanoOfDay(time * 1000); Loading @@ -1104,6 +1116,8 @@ final class UiModeManagerService extends SystemService { assertLegit(callingPackage); assertSingleProjectionType(projectionType); enforceProjectionTypePermissions(projectionType); enforceValidCallingUser(getCallingUserId()); synchronized (mLock) { if (mProjectionHolders == null) { mProjectionHolders = new SparseArray<>(1); Loading Loading @@ -1148,6 +1162,8 @@ final class UiModeManagerService extends SystemService { assertLegit(callingPackage); assertSingleProjectionType(projectionType); enforceProjectionTypePermissions(projectionType); enforceValidCallingUser(getCallingUserId()); return releaseProjectionUnchecked(projectionType, callingPackage); } Loading Loading @@ -1187,6 +1203,9 @@ final class UiModeManagerService extends SystemService { if (projectionType == PROJECTION_TYPE_NONE) { return; } enforceValidCallingUser(getCallingUserId()); synchronized (mLock) { if (mProjectionListeners == null) { mProjectionListeners = new SparseArray<>(1); Loading Loading @@ -1234,6 +1253,32 @@ final class UiModeManagerService extends SystemService { } }; // This method validates whether calling user is valid in visible background users // feature. Valid user is the current user or the system or in the same profile group as // the current user. private void enforceValidCallingUser(int userId) { if (!isVisibleBackgroundUsersEnabled()) { return; } if (LOG) { Slog.d(TAG, "enforceValidCallingUser: userId=" + userId + " isSystemUser=" + (userId == USER_SYSTEM) + " current user=" + mCurrentUser + " callingPid=" + Binder.getCallingPid() + " callingUid=" + mInjector.getCallingUid()); } long ident = Binder.clearCallingIdentity(); try { if (userId != USER_SYSTEM && userId != mCurrentUser && !UserManagerService.getInstance().isSameProfileGroup(userId, mCurrentUser)) { throw new SecurityException( "Calling user is not valid for level-1 compatibility in MUMD. " + "callingUserId=" + userId + " currentUserId=" + mCurrentUser); } } finally { Binder.restoreCallingIdentity(ident); } } private void enforceProjectionTypePermissions(@UiModeManager.ProjectionType int p) { if ((p & PROJECTION_TYPE_AUTOMOTIVE) != 0) { getContext().enforceCallingPermission( Loading Loading
services/core/java/com/android/server/UiModeManagerService.java +45 −0 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ import static android.app.UiModeManager.PROJECTION_TYPE_AUTOMOTIVE; import static android.app.UiModeManager.PROJECTION_TYPE_NONE; import static android.os.UserHandle.USER_SYSTEM; import static android.os.UserHandle.getCallingUserId; import static android.os.UserManager.isVisibleBackgroundUsersEnabled; import static android.provider.Settings.Secure.CONTRAST_LEVEL; import static android.util.TimeUtils.isTimeBetween; Loading Loading @@ -99,6 +100,7 @@ import com.android.internal.app.DisableCarModeActivity; import com.android.internal.messages.nano.SystemMessageProto.SystemMessage; import com.android.internal.notification.SystemNotificationChannels; import com.android.internal.util.DumpUtils; import com.android.server.pm.UserManagerService; import com.android.server.twilight.TwilightListener; import com.android.server.twilight.TwilightManager; import com.android.server.twilight.TwilightState; Loading Loading @@ -848,6 +850,8 @@ final class UiModeManagerService extends SystemService { } final int user = UserHandle.getCallingUserId(); enforceValidCallingUser(user); final long ident = Binder.clearCallingIdentity(); try { synchronized (mLock) { Loading Loading @@ -910,6 +914,8 @@ final class UiModeManagerService extends SystemService { @AttentionModeThemeOverlayType int attentionModeThemeOverlayType) { setAttentionModeThemeOverlay_enforcePermission(); enforceValidCallingUser(UserHandle.getCallingUserId()); synchronized (mLock) { if (mAttentionModeThemeOverlay != attentionModeThemeOverlayType) { mAttentionModeThemeOverlay = attentionModeThemeOverlayType; Loading Loading @@ -999,6 +1005,8 @@ final class UiModeManagerService extends SystemService { return false; } final int user = Binder.getCallingUserHandle().getIdentifier(); enforceValidCallingUser(user); if (user != mCurrentUser && getContext().checkCallingOrSelfPermission( android.Manifest.permission.INTERACT_ACROSS_USERS) != PackageManager.PERMISSION_GRANTED) { Loading Loading @@ -1056,6 +1064,8 @@ final class UiModeManagerService extends SystemService { return; } final int user = UserHandle.getCallingUserId(); enforceValidCallingUser(user); final long ident = Binder.clearCallingIdentity(); try { LocalTime newTime = LocalTime.ofNanoOfDay(time * 1000); Loading Loading @@ -1084,6 +1094,8 @@ final class UiModeManagerService extends SystemService { return; } final int user = UserHandle.getCallingUserId(); enforceValidCallingUser(user); final long ident = Binder.clearCallingIdentity(); try { LocalTime newTime = LocalTime.ofNanoOfDay(time * 1000); Loading @@ -1104,6 +1116,8 @@ final class UiModeManagerService extends SystemService { assertLegit(callingPackage); assertSingleProjectionType(projectionType); enforceProjectionTypePermissions(projectionType); enforceValidCallingUser(getCallingUserId()); synchronized (mLock) { if (mProjectionHolders == null) { mProjectionHolders = new SparseArray<>(1); Loading Loading @@ -1148,6 +1162,8 @@ final class UiModeManagerService extends SystemService { assertLegit(callingPackage); assertSingleProjectionType(projectionType); enforceProjectionTypePermissions(projectionType); enforceValidCallingUser(getCallingUserId()); return releaseProjectionUnchecked(projectionType, callingPackage); } Loading Loading @@ -1187,6 +1203,9 @@ final class UiModeManagerService extends SystemService { if (projectionType == PROJECTION_TYPE_NONE) { return; } enforceValidCallingUser(getCallingUserId()); synchronized (mLock) { if (mProjectionListeners == null) { mProjectionListeners = new SparseArray<>(1); Loading Loading @@ -1234,6 +1253,32 @@ final class UiModeManagerService extends SystemService { } }; // This method validates whether calling user is valid in visible background users // feature. Valid user is the current user or the system or in the same profile group as // the current user. private void enforceValidCallingUser(int userId) { if (!isVisibleBackgroundUsersEnabled()) { return; } if (LOG) { Slog.d(TAG, "enforceValidCallingUser: userId=" + userId + " isSystemUser=" + (userId == USER_SYSTEM) + " current user=" + mCurrentUser + " callingPid=" + Binder.getCallingPid() + " callingUid=" + mInjector.getCallingUid()); } long ident = Binder.clearCallingIdentity(); try { if (userId != USER_SYSTEM && userId != mCurrentUser && !UserManagerService.getInstance().isSameProfileGroup(userId, mCurrentUser)) { throw new SecurityException( "Calling user is not valid for level-1 compatibility in MUMD. " + "callingUserId=" + userId + " currentUserId=" + mCurrentUser); } } finally { Binder.restoreCallingIdentity(ident); } } private void enforceProjectionTypePermissions(@UiModeManager.ProjectionType int p) { if ((p & PROJECTION_TYPE_AUTOMOTIVE) != 0) { getContext().enforceCallingPermission( Loading
