Merge "Only allow the system to bind to the visual query detection service." into udc-dev

                        + ", uid=" + callingUid

                        + " requires " + r.permission);

                return new ServiceLookupResult(r.permission);

            } else if (Manifest.permission.BIND_HOTWORD_DETECTION_SERVICE.equals(r.permission)

            } else if ((Manifest.permission.BIND_HOTWORD_DETECTION_SERVICE.equals(r.permission)

                    || Manifest.permission.BIND_VISUAL_QUERY_DETECTION_SERVICE.equals(r.permission))

                    && callingUid != Process.SYSTEM_UID) {

                // Hotword detection must run in its own sandbox, and we don't even trust

                // its enclosing application to bind to it - only the system.

                // Hotword detection and visual query detection must run in its own sandbox, and we

                // don't even trust its enclosing application to bind to it - only the system.

                // TODO(b/185746653) remove this special case and generalize

                Slog.w(TAG, "Permission Denial: Accessing service " + r.shortInstanceName

                        + " from pid=" + callingPid