Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5ef2bae3 authored by Arthur Ishiguro's avatar Arthur Ishiguro
Browse files

Add logic to use system server UID for noteOp call 

Bug: 194285834
Test: Verify CHQTS pass on AIDL HAL
Change-Id: I76457a6f6108e4bd8f3b1bf49fdd7ef9e8611641
parent 72c5e35c

services/core/java/com/android/server/location/contexthub/ContextHubClientBroker.java

+5 −0
Original line number Diff line number Diff line
@@ -605,6 +605,9 @@ public class ContextHubClientBroker extends IContextHubClient.Stub 
        for (String permission : permissions) {

            int opCode = mAppOpsManager.permissionToOpCode(permission);

            if (opCode != AppOpsManager.OP_NONE) {

                // The noteOp call may check for required permissions. Use the below logic to ensure

                // that the system server permission is enforced at the call.

                long token = Binder.setCallingWorkSourceUid(android.os.Process.myUid());

                try {

                    if (mAppOpsManager.noteOp(opCode, mUid, mPackage, mAttributionTag, noteMessage)

                            != AppOpsManager.MODE_ALLOWED) {
@@ -614,6 +617,8 @@ public class ContextHubClientBroker extends IContextHubClient.Stub 
                    Log.e(TAG, "SecurityException: noteOp for pkg " + mPackage + " opcode "

                            + opCode + ": " + e.getMessage());

                    return false;

                } finally {

                    Binder.restoreCallingWorkSource(token);

                }

            }

        }