Clear identity when checking BiometricService#isStrongBiometric()

Fixes: 159042356
Fixes: 159462355

Test: atest FingerprintManagerTest
Test: atest AccessibilityFingerprintGestureTest
Change-Id: Ib8eefba810038af7c69ec6bf864ad5d0a202e132

1 files changed, 9 insertions, 1 deletions

diff --git a/services/core/java/com/android/server/biometrics/sensors/fingerprint/FingerprintService.java b/services/core/java/com/android/server/biometrics/sensors/fingerprint/FingerprintService.java
index a4bf22566e98..b4478cbd0a6a 100644
--- a/services/core/java/com/android/server/biometrics/sensors/fingerprint/FingerprintService.java
+++ b/services/core/java/com/android/server/biometrics/sensors/fingerprint/FingerprintService.java
@@ -183,6 +183,14 @@ public class FingerprintService extends BiometricServiceBase {
                 return;
             }
 
+            final boolean isStrongBiometric;
+            final long ident = Binder.clearCallingIdentity();
+            try {
+                isStrongBiometric = isStrongBiometric();
+            } finally {
+                Binder.restoreCallingIdentity(ident);
+            }
+
             final boolean restricted = isRestricted();
             final int statsClient = isKeyguard(opPackageName) ? BiometricsProtoEnums.CLIENT_KEYGUARD
                     : BiometricsProtoEnums.CLIENT_FINGERPRINT_MANAGER;
@@ -190,7 +198,7 @@ public class FingerprintService extends BiometricServiceBase {
                     mClientFinishCallback, getContext(), daemon, token,
                     new ClientMonitorCallbackConverter(receiver), userId, opId, restricted,
                     opPackageName, 0 /* cookie */, false /* requireConfirmation */, getSensorId(),
-                    isStrongBiometric(), surface, statsClient, mTaskStackListener, mLockoutTracker);
+                    isStrongBiometric, surface, statsClient, mTaskStackListener, mLockoutTracker);
             authenticateInternal(client, opPackageName);
         }