diff options
| author | 2021-08-20 00:53:43 +0000 | |
|---|---|---|
| committer | 2021-08-20 00:53:43 +0000 | |
| commit | 3814b044037e740100ea75e0192e0757b1a93b0b (patch) | |
| tree | 452a1585e187b90642583f122cd2646cd3d7788d | |
| parent | 45319d558ca284d8ae01f39229a312566cb05193 (diff) | |
| parent | c7de46c8e45b0a81da65bb63220f1e502cf04921 (diff) | |
Merge "Restrict cross-user wallpaper inspection" into sc-qpr1-dev
| -rw-r--r-- | services/core/java/com/android/server/wallpaper/WallpaperManagerService.java | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/wallpaper/WallpaperManagerService.java b/services/core/java/com/android/server/wallpaper/WallpaperManagerService.java index 771332071756..80bc16a9b052 100644 --- a/services/core/java/com/android/server/wallpaper/WallpaperManagerService.java +++ b/services/core/java/com/android/server/wallpaper/WallpaperManagerService.java @@ -16,6 +16,7 @@ package com.android.server.wallpaper; +import static android.Manifest.permission.INTERACT_ACROSS_USERS_FULL; import static android.app.WallpaperManager.COMMAND_REAPPLY; import static android.app.WallpaperManager.FLAG_LOCK; import static android.app.WallpaperManager.FLAG_SYSTEM; @@ -2045,7 +2046,21 @@ public class WallpaperManagerService extends IWallpaperManager.Stub } } + private boolean hasCrossUserPermission() { + final int interactPermission = + mContext.checkCallingPermission(INTERACT_ACROSS_USERS_FULL); + return interactPermission == PackageManager.PERMISSION_GRANTED; + } + + @Override public boolean hasNamedWallpaper(String name) { + final int callingUser = UserHandle.getCallingUserId(); + final boolean allowCrossUser = hasCrossUserPermission(); + if (DEBUG) { + Slog.d(TAG, "hasNamedWallpaper() caller " + Binder.getCallingUid() + + " cross-user?: " + allowCrossUser); + } + synchronized (mLock) { List<UserInfo> users; final long ident = Binder.clearCallingIdentity(); @@ -2055,6 +2070,11 @@ public class WallpaperManagerService extends IWallpaperManager.Stub Binder.restoreCallingIdentity(ident); } for (UserInfo user: users) { + if (!allowCrossUser && callingUser != user.id) { + // No cross-user information for callers without permission + continue; + } + // ignore managed profiles if (user.isManagedProfile()) { continue; |