diff options
| -rw-r--r-- | services/core/java/com/android/server/statusbar/StatusBarManagerService.java | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/services/core/java/com/android/server/statusbar/StatusBarManagerService.java b/services/core/java/com/android/server/statusbar/StatusBarManagerService.java index 3df8f584fef1..16567d8e693e 100644 --- a/services/core/java/com/android/server/statusbar/StatusBarManagerService.java +++ b/services/core/java/com/android/server/statusbar/StatusBarManagerService.java @@ -16,12 +16,15 @@ package com.android.server.statusbar; +import static android.Manifest.permission.INTERACT_ACROSS_USERS; +import static android.Manifest.permission.INTERACT_ACROSS_USERS_FULL; import static android.app.StatusBarManager.DISABLE2_GLOBAL_ACTIONS; import static android.app.StatusBarManager.DISABLE2_NOTIFICATION_SHADE; import static android.app.StatusBarManager.NAV_BAR_MODE_DEFAULT; import static android.app.StatusBarManager.NAV_BAR_MODE_KIDS; import static android.app.StatusBarManager.NavBarMode; import static android.app.StatusBarManager.SessionFlags; +import static android.content.pm.PackageManager.PERMISSION_GRANTED; import static android.view.Display.DEFAULT_DISPLAY; import static android.view.WindowManagerPolicyConstants.NAV_BAR_MODE_3BUTTON_OVERLAY; @@ -1285,6 +1288,11 @@ public class StatusBarManagerService extends IStatusBarService.Stub implements D "StatusBarManagerService"); } + private boolean doesCallerHoldInteractAcrossUserPermission() { + return mContext.checkCallingPermission(INTERACT_ACROSS_USERS_FULL) == PERMISSION_GRANTED + || mContext.checkCallingPermission(INTERACT_ACROSS_USERS) == PERMISSION_GRANTED; + } + /** * For targetSdk S+ we require STATUS_BAR. For targetSdk < S, we only require EXPAND_STATUS_BAR * but also require that it falls into one of the allowed use-cases to lock down abuse vector. @@ -1296,7 +1304,7 @@ public class StatusBarManagerService extends IStatusBarService.Stub implements D enforceStatusBar(); } else { if (mContext.checkPermission(Manifest.permission.STATUS_BAR, pid, uid) - != PackageManager.PERMISSION_GRANTED) { + != PERMISSION_GRANTED) { enforceExpandStatusBar(); if (!mActivityTaskManager.canCloseSystemDialogs(pid, uid)) { Slog.e(TAG, "Permission Denial: Method " + method + "() requires permission " @@ -2002,6 +2010,11 @@ public class StatusBarManagerService extends IStatusBarService.Stub implements D } final int userId = mCurrentUserId; + final int callingUserId = UserHandle.getUserId(Binder.getCallingUid()); + if (mCurrentUserId != callingUserId && !doesCallerHoldInteractAcrossUserPermission()) { + throw new SecurityException("Calling user id: " + callingUserId + + ", cannot call on behalf of current user id: " + mCurrentUserId + "."); + } final long userIdentity = Binder.clearCallingIdentity(); try { Settings.Secure.putIntForUser(mContext.getContentResolver(), |