summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author shafik <shafik@google.com> 2019-03-25 14:10:32 +0000
committer shafik <shafik@google.com> 2019-03-25 16:26:09 +0000
commit3be41a9f0474d30cd4cff0b8893c81a5ec283f25 (patch)
tree46fd87dbb170844fb19dc1f16249396978f74ba0
parent1c3ef21ab8db3cf661b2af5390809bcf9935f190 (diff)
Make sure only SYSTEM can call notifyStaged(Apk)Session
This is sufficient to prevent malicious callers from enabling rollback for a session that they otherwise wouldn't be allowed to enable rollback for. Fixes: 128669197 Test: atest StagedRollbackTest Change-Id: I9fa8527fadbbfd58cdee0479cae97ca11a0efd9d
Diffstat
-rw-r--r--services/core/java/com/android/server/rollback/RollbackManagerServiceImpl.java6
1 files changed, 6 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/rollback/RollbackManagerServiceImpl.java b/services/core/java/com/android/server/rollback/RollbackManagerServiceImpl.java
index d6327494a24d..6630926b8bfe 100644
--- a/services/core/java/com/android/server/rollback/RollbackManagerServiceImpl.java
+++ b/services/core/java/com/android/server/rollback/RollbackManagerServiceImpl.java
@@ -1015,6 +1015,9 @@ class RollbackManagerServiceImpl extends IRollbackManager.Stub {
@Override
public boolean notifyStagedSession(int sessionId) {
+ if (Binder.getCallingUid() != Process.SYSTEM_UID) {
+ throw new SecurityException("notifyStagedSession may only be called by the system.");
+ }
final LinkedBlockingQueue<Boolean> result = new LinkedBlockingQueue<>();
// NOTE: We post this runnable on the RollbackManager's binder thread because we'd prefer
@@ -1066,6 +1069,9 @@ class RollbackManagerServiceImpl extends IRollbackManager.Stub {
@Override
public void notifyStagedApkSession(int originalSessionId, int apkSessionId) {
+ if (Binder.getCallingUid() != Process.SYSTEM_UID) {
+ throw new SecurityException("notifyStagedApkSession may only be called by the system.");
+ }
getHandler().post(() -> {
RollbackData rd = null;
synchronized (mLock) {
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-07 09:45:00 +0000