Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7dba93c0 authored by Todd Kennedy's avatar Todd Kennedy
Browse files

DO NOT MERGE Restore calling identity before checking permission 

Using the system service identity to check the CHANGE_CONFIGURATION
permission isn't likely to catch a security violation. Changing
back to the original caller and then checking permissions is
preferred.

Cherry picked from lmp. Fixes bug 15989465.

Change-Id: Iff08d04422bcc052a487194154f1fd0d727d38f4
parent 1c2b0d52

services/java/com/android/server/am/ActivityStack.java

+2 −2
Original line number Diff line number Diff line
@@ -3208,6 +3208,8 @@ final class ActivityStack { 
                    aInfo, resultTo, resultWho, requestCode, callingPid, callingUid,

                    callingPackage, startFlags, options, componentSpecified, null);

            

            Binder.restoreCallingIdentity(origId);



            if (mConfigWillChange && mMainStack) {

                // If the caller also wants to switch to a new configuration,

                // do so now.  This allows a clean switch, as we are waiting
@@ -3221,8 +3223,6 @@ final class ActivityStack { 
                mService.updateConfigurationLocked(config, null, false, false);

            }

            

            Binder.restoreCallingIdentity(origId);

            

            if (outResult != null) {

                outResult.result = res;

                if (res == ActivityManager.START_SUCCESS) {