From b776aa9e89573499db8655e23e477484c2d097ec Mon Sep 17 00:00:00 2001
From: mattgilbride <mattgilbride@google.com>
Date: Fri, 2 Dec 2022 13:58:33 +0000
Subject: Add hidden Binder.getCallingUidOrWtf

Binder.getCallingUidOrThrow throws if the caller is NOT:
1) Called from within a binder transaction OR
2) Called from within a
   Binder.clearCallingIdentity/restoreCallingIdentity block

Number 2 was added in I162db933f9e52cd6f9f46796bda11ad6216d3d66
to allow us to migrate from Binder.getCallingUid to it. There are
many use cases where callers are not in a Binder transaction, but
have set the calling UID "explicitly" by calling clearCallingIdentity.

In order to further ease the migration from Binder.getCallingUid to
Binder.getCallingUidOrThrow, this hidden API behaves similarly,
but logs at WTF level instead of throwing IllegalStateException.

The motivation is to first migrate to the WTF version, so that
system_server will log and continue. The goal is to only use this
in the system (hence @hide). It will provide early signals as to the
feasibility of a given migration.

For example, its desirable to migrate the permission checking in code
generated by the @EnforcePermission annotation (via the AIDL compiler).
This call site is widely used, and itself subject to mass migrations to
@EnforcePermission instead of manual permission enforcement.

Bug: 252975769
Test: TH
Change-Id: I11ea3fdf889689d76211506e81420e694238ee68
---
 core/java/android/os/Binder.java | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/core/java/android/os/Binder.java b/core/java/android/os/Binder.java
index 0f3ed19e091c..2d244a9b469d 100644
--- a/core/java/android/os/Binder.java
+++ b/core/java/android/os/Binder.java
@@ -354,6 +354,26 @@ public class Binder implements IBinder {
         return getCallingUid();
     }
 
+    /**
+     * Return the Linux UID assigned to the process that sent the transaction
+     * currently being processed.
+     *
+     * Logs WTF if the current thread is not currently
+     * executing an incoming transaction and the calling identity has not been
+     * explicitly set with {@link #clearCallingIdentity()}
+     *
+     * @hide
+     */
+    public static final int getCallingUidOrWtf() {
+        if (!isDirectlyHandlingTransaction() && !hasExplicitIdentity()) {
+            Log.wtf(TAG,
+                    "Thread is not in a binder transaction, "
+                            + "and the calling identity has not been "
+                            + "explicitly set with clearCallingIdentity");
+        }
+        return getCallingUid();
+    }
+
     /**
      * Return the UserHandle assigned to the process that sent you the
      * current transaction that is being processed. This is the user
-- 
cgit v1.2.3-59-g8ed1b