Clear calling identity when checking if NLS is trusted

This method is sometimes called on binder threads, and checks privileged
APIs

Fixes: 319601292
Test: CallExtrasTest#testCsPutIntExtra
Change-Id: I8ac8aa3ad26d487cb7183626a6c88a564a5a7c4c

1 files changed, 3 insertions, 0 deletions

diff --git a/services/core/java/com/android/server/notification/NotificationManagerService.java b/services/core/java/com/android/server/notification/NotificationManagerService.java
index 7aa7b7e1bfc1..13ff46a2675e 100755
--- a/services/core/java/com/android/server/notification/NotificationManagerService.java
+++ b/services/core/java/com/android/server/notification/NotificationManagerService.java
@@ -12103,6 +12103,7 @@ public class NotificationManagerService extends SystemService {
                 return true;
             }
 
+            long token = Binder.clearCallingIdentity();
             try {
                 if (mPackageManager.checkUidPermission(RECEIVE_SENSITIVE_NOTIFICATIONS, uid)
                         == PERMISSION_GRANTED || mPackageManagerInternal.isPlatformSigned(pkg)) {
@@ -12129,6 +12130,8 @@ public class NotificationManagerService extends SystemService {
                 }
             } catch (RemoteException e) {
                 Slog.e(TAG, "Failed to check trusted status of listener", e);
+            } finally {
+                Binder.restoreCallingIdentity(token);
             }
             return false;
         }