From f20473553bd83cfe30bdddf4b1960002af18ab4c Mon Sep 17 00:00:00 2001
From: Guojing Yuan <guojing@google.com>
Date: Thu, 14 Dec 2023 19:30:04 +0000
Subject: [CDM][CMD] Check permissions for CDM shell commands

Override handleShellCommand instead of onShellCommand because
Binder.onShellCommand checks the necessary permissions of the caller.

Bug: 313428840

Test: manually tested CDM shell commands
Change-Id: I5539b3594feb5544c458c0fd1061b51a0a808900
Merged-In: I5539b3594feb5544c458c0fd1061b51a0a808900
(cherry picked from commit 1761a0fee9c2cd9787bbb7fbdbe30b4c2b03396e)
---
 .../companion/CompanionDeviceManagerService.java     | 20 ++++++++------------
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
index 41546d2bdc38..05c29d7e446a 100644
--- a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
+++ b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
@@ -75,12 +75,11 @@ import android.os.Environment;
 import android.os.Handler;
 import android.os.Message;
 import android.os.Parcel;
+import android.os.ParcelFileDescriptor;
 import android.os.PowerWhitelistManager;
 import android.os.RemoteCallbackList;
 import android.os.RemoteException;
-import android.os.ResultReceiver;
 import android.os.ServiceManager;
-import android.os.ShellCallback;
 import android.os.SystemProperties;
 import android.os.UserHandle;
 import android.os.UserManager;
@@ -827,16 +826,13 @@ public class CompanionDeviceManagerService extends SystemService {
         }
 
         @Override
-        public void onShellCommand(FileDescriptor in, FileDescriptor out, FileDescriptor err,
-                String[] args, ShellCallback callback, ResultReceiver resultReceiver)
-                throws RemoteException {
-            enforceCallerCanManageCompanionDevice(getContext(), "onShellCommand");
-
-            final CompanionDeviceShellCommand cmd = new CompanionDeviceShellCommand(
-                    CompanionDeviceManagerService.this,
-                    mAssociationStore,
-                    mDevicePresenceMonitor);
-            cmd.exec(this, in, out, err, args, callback, resultReceiver);
+        public int handleShellCommand(@NonNull ParcelFileDescriptor in,
+                @NonNull ParcelFileDescriptor out, @NonNull ParcelFileDescriptor err,
+                @NonNull String[] args) {
+            return new CompanionDeviceShellCommand(CompanionDeviceManagerService.this,
+                    mAssociationStore, mDevicePresenceMonitor)
+                    .exec(this, in.getFileDescriptor(), out.getFileDescriptor(),
+                            err.getFileDescriptor(), args);
         }
 
         @Override
-- 
cgit v1.2.3-59-g8ed1b