diff options
| author | 2022-10-26 17:03:33 -0700 | |
|---|---|---|
| committer | 2022-10-27 23:11:49 +0000 | |
| commit | 76db1db57e911ed3651e75815fcb66723d6677ae (patch) | |
| tree | 9e9d5c4016d1f5ee406730c0c1939e684f204e3b /libs/androidfw/ResourceTimer.cpp | |
| parent | 2be2258f1f8f1348fcf126b4772bc3fc2ca3062b (diff) | |
[SettingsProvider] workaround for DevicePolicyResourcesManager
DevicePolicyResourcesManager.getString() was added in T and called in
many places inside system server. However, it uses
DeviceConfig.getBoolean to determine if a feature is enabled or not. In
the places where it is called from inside system server,
`clearCallingIdentity` was not always called, which can result in
DeviceConfig.getBoolean throwing SecurityException due to mismatched
AttributionSource (calling uid is the caller from the binder client,
while the context is "android" which should have calling uid 0). Context
is "android" because it is inside the system server where the
DevicePolicyManager instance is created. This bug might lead to
unexpected behavior such as packages failing to be uninstalled by admin.
The easiest fix is to place a bypass in SettingsProvider and manually clear
the calling uid there. This fix also allows for the cleanest backporting as
it can be cherry-picked into T without touching all the places where
DevicePolicyResourcesManager.getString() is called in the system server.
BUG: 252663068
Test: manual
Merged-In: I37a6ceb29575593018b93093562c85d49770a43c
Change-Id: I37a6ceb29575593018b93093562c85d49770a43c
(cherry picked from commit b127850fda23698be0247e5b2110cdd01fff8fd7)
Diffstat (limited to 'libs/androidfw/ResourceTimer.cpp')
0 files changed, 0 insertions, 0 deletions