diff options
author | 2024-03-08 19:18:20 +0000 | |
---|---|---|
committer | 2024-03-08 23:21:58 +0000 | |
commit | ef762be9a6158465e7d2841b7000262255a11c5d (patch) | |
tree | 9a765dd26426b231752f13b6c2a72071472b6888 | |
parent | 3deff6ae11350315db00a83f086e0eec72469a46 (diff) |
Fix isSystemUi to avoid System services
We previously switched to checking just status bar permission to
determine whether a service was system UI, but system services also pass
the status bar permissions check, so we still need to retain the
!isCallerSystemOrPhone check.
Bug: 299448097
Test: Flash+build manual test
Flag: ACONFIG android.app.lifetime_extension_refactor STAGING
Change-Id: I8a4304781f4e1bc4f52c9d7b14381d78a8ad5f1d
-rwxr-xr-x | services/core/java/com/android/server/notification/NotificationManagerService.java | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/services/core/java/com/android/server/notification/NotificationManagerService.java b/services/core/java/com/android/server/notification/NotificationManagerService.java index ba5882cc7e98..7042bdde8f13 100755 --- a/services/core/java/com/android/server/notification/NotificationManagerService.java +++ b/services/core/java/com/android/server/notification/NotificationManagerService.java @@ -12050,10 +12050,17 @@ public class NotificationManagerService extends SystemService { @Override public void onServiceAdded(ManagedServiceInfo info) { if (lifetimeExtensionRefactor()) { - // We explicitly check the status bar permission for the uid in the info object. - // We can't use the calling uid here because it's probably always system server. - // Note that this will also be true for the shell. - info.isSystemUi = getContext().checkPermission( + // Generally, only System or System UI should have the permissions to call + // registerSystemService. + // isCallerSystemOrPhone tells us whether the caller is System. We negate this, + // to eliminate cases where the service was added by the system. This leaves + // services registered by system server. + // To identify system UI, we explicitly check the status bar permission for the + // uid in the info object. + // We can't use the calling uid here because it belongs to system server. + // Note that this will also return true for the shell, but we deem this + // acceptable, for the purposes of testing. + info.isSystemUi = !isCallerSystemOrPhone() && getContext().checkPermission( android.Manifest.permission.STATUS_BAR_SERVICE, -1, info.uid) == PERMISSION_GRANTED; } |