2 files changed, 32 insertions, 9 deletions

diff --git a/core/java/android/os/image/IDynamicSystemService.aidl b/core/java/android/os/image/IDynamicSystemService.aidl
index a5a40ad55853..4e69952fac2f 100644
--- a/core/java/android/os/image/IDynamicSystemService.aidl
+++ b/core/java/android/os/image/IDynamicSystemService.aidl
@@ -26,6 +26,7 @@ interface IDynamicSystemService
      * @param dsuSlot Name used to identify this installation
      * @return true if the call succeeds
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     boolean startInstallation(@utf8InCpp String dsuSlot);
 
     /**
@@ -36,6 +37,7 @@ interface IDynamicSystemService
      * @param readOnly True if this partition is readOnly
      * @return true if the call succeeds
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     boolean createPartition(@utf8InCpp String name, long size, boolean readOnly);
 
     /**
@@ -43,12 +45,14 @@ interface IDynamicSystemService
      *
      * @return true if the partition installation completes without error.
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     boolean closePartition();
 
     /**
      * Finish a previously started installation. Installations without
      * a cooresponding finishInstallation() will be cleaned up during device boot.
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     boolean finishInstallation();
 
     /**
@@ -57,6 +61,7 @@ interface IDynamicSystemService
      *
      * @return GsiProgress
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     GsiProgress getInstallationProgress();
 
     /**
@@ -66,21 +71,25 @@ interface IDynamicSystemService
      *
      * @return true if the call succeeds
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     boolean abort();
 
     /**
      * @return true if the device is running an DynamicAnroid image
      */
+    @RequiresNoPermission
     boolean isInUse();
 
     /**
      * @return true if the device has an DynamicSystem image installed
      */
+    @RequiresNoPermission
     boolean isInstalled();
 
     /**
      * @return true if the device has an DynamicSystem image enabled
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     boolean isEnabled();
 
     /**
@@ -88,6 +97,7 @@ interface IDynamicSystemService
      *
      * @return true if the call succeeds
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     boolean remove();
 
     /**
@@ -97,6 +107,7 @@ interface IDynamicSystemService
      *
      * @return true if the call succeeds
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     boolean setEnable(boolean enable, boolean oneShot);
 
     /**
@@ -106,6 +117,7 @@ interface IDynamicSystemService
      * @param fd            fd that points to a ashmem
      * @param size          size of the ashmem file
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     boolean setAshmem(in ParcelFileDescriptor fd, long size);
 
     /**
@@ -115,6 +127,7 @@ interface IDynamicSystemService
      * @param bytes         number of bytes that can be read from stream.
      * @return              true on success, false otherwise.
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     boolean submitFromAshmem(long bytes);
 
     /**
@@ -124,10 +137,12 @@ interface IDynamicSystemService
      * @return              true on success, false if partition doesn't have a
      *                      valid VBMeta block to retrieve the AVB key from.
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     boolean getAvbPublicKey(out AvbPublicKey dst);
 
     /**
      * Returns the suggested scratch partition size for overlayFS.
      */
+    @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
     long suggestScratchSize();
 }
diff --git a/services/core/java/com/android/server/DynamicSystemService.java b/services/core/java/com/android/server/DynamicSystemService.java
index e29e894a5cc0..e924012c8892 100644
--- a/services/core/java/com/android/server/DynamicSystemService.java
+++ b/services/core/java/com/android/server/DynamicSystemService.java
@@ -16,8 +16,9 @@
 
 package com.android.server;
 
+import android.annotation.EnforcePermission;
+import android.annotation.RequiresNoPermission;
 import android.content.Context;
-import android.content.pm.PackageManager;
 import android.gsi.AvbPublicKey;
 import android.gsi.GsiProgress;
 import android.gsi.IGsiService;
@@ -53,20 +54,12 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     private IGsiService getGsiService() {
-        checkPermission();
         if (mGsiService != null) {
             return mGsiService;
         }
         return IGsiService.Stub.asInterface(ServiceManager.waitForService("gsiservice"));
     }
 
-    private void checkPermission() {
-        if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
-                != PackageManager.PERMISSION_GRANTED) {
-            throw new SecurityException("Requires MANAGE_DYNAMIC_SYSTEM permission");
-        }
-    }
-
     class GsiServiceCallback extends IGsiServiceCallback.Stub {
         // 0 for success
         private int mResult = -1;
@@ -82,6 +75,7 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public boolean startInstallation(String dsuSlot) throws RemoteException {
         IGsiService service = getGsiService();
         mGsiService = service;
@@ -124,6 +118,7 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public boolean createPartition(String name, long size, boolean readOnly)
             throws RemoteException {
         IGsiService service = getGsiService();
@@ -135,6 +130,7 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public boolean closePartition() throws RemoteException {
         IGsiService service = getGsiService();
         if (service.closePartition() != 0) {
@@ -145,6 +141,7 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public boolean finishInstallation() throws RemoteException {
         IGsiService service = getGsiService();
         if (service.closeInstall() != 0) {
@@ -155,21 +152,25 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public GsiProgress getInstallationProgress() throws RemoteException {
         return getGsiService().getInstallProgress();
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public boolean abort() throws RemoteException {
         return getGsiService().cancelGsiInstall();
     }
 
     @Override
+    @RequiresNoPermission
     public boolean isInUse() {
         return SystemProperties.getBoolean("ro.gsid.image_running", false);
     }
 
     @Override
+    @RequiresNoPermission
     public boolean isInstalled() {
         boolean installed = SystemProperties.getBoolean("gsid.image_installed", false);
         Slog.i(TAG, "isInstalled(): " + installed);
@@ -177,11 +178,13 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public boolean isEnabled() throws RemoteException {
         return getGsiService().isGsiEnabled();
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public boolean remove() throws RemoteException {
         try {
             GsiServiceCallback callback = new GsiServiceCallback();
@@ -197,6 +200,7 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public boolean setEnable(boolean enable, boolean oneShot) throws RemoteException {
         IGsiService gsiService = getGsiService();
         if (enable) {
@@ -220,6 +224,7 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public boolean setAshmem(ParcelFileDescriptor ashmem, long size) {
         try {
             return getGsiService().setGsiAshmem(ashmem, size);
@@ -229,6 +234,7 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public boolean submitFromAshmem(long size) {
         try {
             return getGsiService().commitGsiChunkFromAshmem(size);
@@ -238,6 +244,7 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public boolean getAvbPublicKey(AvbPublicKey dst) {
         try {
             return getGsiService().getAvbPublicKey(dst) == 0;
@@ -247,6 +254,7 @@ public class DynamicSystemService extends IDynamicSystemService.Stub {
     }
 
     @Override
+    @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
     public long suggestScratchSize() throws RemoteException {
         return getGsiService().suggestScratchSize();
     }