From 18fb750cc54c26de452b40414ffe8199e20b47c5 Mon Sep 17 00:00:00 2001
From: Tianjie <xunchang@google.com>
Date: Tue, 23 Mar 2021 11:40:08 -0700
Subject: Clear caller id when reading device config

Reading the DeviceConfig with the gmscore call id will result in a
security exception.

Also clear the caller identity when before calling into locksettings
to armRebootEscrow. This is inline with the other usage for RoR
preparation.

Bug: 183475757
Test: trigger RoR from gmscore
Change-Id: Ifc65625fc7aba05d016c127cf6672922a5ffb000
---
 .../recoverysystem/RecoverySystemService.java      | 23 +++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java b/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java
index 0a6772bd8f6a..fe21201f5cb7 100644
--- a/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java
+++ b/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java
@@ -734,7 +734,15 @@ public class RecoverySystemService extends IRecoverySystem.Stub implements Reboo
             return REBOOT_ERROR_SLOT_MISMATCH;
         }
 
-        if (!mInjector.getLockSettingsService().armRebootEscrow()) {
+        final long origId = Binder.clearCallingIdentity();
+        boolean result;
+        try {
+            result = mInjector.getLockSettingsService().armRebootEscrow();
+        } finally {
+            Binder.restoreCallingIdentity(origId);
+        }
+
+        if (!result) {
             Slog.w(TAG, "Failure to escrow key for reboot");
             return REBOOT_ERROR_ARM_REBOOT_ESCROW_FAILURE;
         }
@@ -742,11 +750,20 @@ public class RecoverySystemService extends IRecoverySystem.Stub implements Reboo
         return REBOOT_ERROR_NONE;
     }
 
+    private boolean useServerBasedRoR() {
+        final long origId = Binder.clearCallingIdentity();
+        try {
+            return DeviceConfig.getBoolean(DeviceConfig.NAMESPACE_OTA,
+                    "server_based_ror_enabled", false);
+        } finally {
+            Binder.restoreCallingIdentity(origId);
+        }
+    }
+
     private void reportMetricsOnRebootWithLskf(String packageName, boolean slotSwitch,
             @ResumeOnRebootRebootErrorCode int errorCode) {
         int uid = mInjector.getUidFromPackageName(packageName);
-        boolean serverBased = DeviceConfig.getBoolean(DeviceConfig.NAMESPACE_OTA,
-                "server_based_ror_enabled", false);
+        boolean serverBased = useServerBasedRoR();
         int preparedClientCount;
         synchronized (this) {
             preparedClientCount = mCallerPreparedForReboot.size();
-- 
cgit v1.2.3-59-g8ed1b