Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dabbcf59 authored by Tobias Thierer's avatar Tobias Thierer
Browse files

Fix DevicePolicyManager.isBackupServiceEnabled() breakage. 

http://ag/12885739 introduced a enforceCallingPermission(BACKUP) check
but callers of this API do not hold that permission. This CL fixes
this by changing the check to enforceCallingOrSelfPermission(BACKUP),
and clearing the binder identity in DevicePolicyManagerService, which
makes the system server process the owner of that call.

Bug: 158482162
Bug: 172466964
Test: atest com.android.cts.devicepolicy.{Device,Profile}OwnerTest#testBackupServiceEnabling
Change-Id: I11d863229c4d62a058aaf37446a694b9c73ae5b8
Merged-In: I11d863229c4d62a058aaf37446a694b9c73ae5b8
(cherry picked from commit 630dec9e)
parent c6d18392

services/backup/java/com/android/server/backup/BackupManagerService.java

+1 −1
Original line number Diff line number Diff line
@@ -510,7 +510,7 @@ public class BackupManagerService extends IBackupManager.Stub { 
        int callingUid = Binder.getCallingUid();

        if (CompatChanges.isChangeEnabled(

                BackupManager.IS_BACKUP_SERVICE_ACTIVE_ENFORCE_PERMISSION_IN_SERVICE, callingUid)) {

            mContext.enforceCallingPermission(android.Manifest.permission.BACKUP,

            mContext.enforceCallingOrSelfPermission(android.Manifest.permission.BACKUP,

                    "isBackupServiceActive");

        }

        synchronized (mStateLock) {

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+10 −8
Original line number Diff line number Diff line
@@ -14454,15 +14454,17 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
        }















        enforceProfileOrDeviceOwner(admin);













        final int userId = mInjector.userHandleGetCallingUserId();













        return mInjector.binderWithCleanCallingIdentity(() -> {















            synchronized (getLockObject()) {















                try {















                    IBackupManager ibm = mInjector.getIBackupManager();













                return ibm != null && ibm.isBackupServiceActive(













                    mInjector.userHandleGetCallingUserId());













                    return ibm != null && ibm.isBackupServiceActive(userId);















                } catch (RemoteException e) {















                    throw new IllegalStateException("Failed requesting backup service state.", e);















                }















            }













        });















    }





























    @Override