diff options
| author | Shashwat Razdan <srazdan@google.com> | 2021-03-11 14:29:45 -0800 |
|---|---|---|
| committer | Shashwat Razdan <srazdan@google.com> | 2021-03-11 14:37:30 -0800 |
| commit | dc1662c6597247be60d2f294401e96138e16b9c4 (patch) | |
| tree | 771925206442a1be764b29e0e1441bd323a6bf0e | |
| parent | cc82a02df92d0b1270d0eb7436dfb90c029ee976 (diff) | |
Adding a permission based check in SmartspaceManagerService
Test: Added the permission to SysUI and checked that it is working
Bug: 182330864
Change-Id: I1a545d39bee3fec6423149f4f3146551c220fd30
Change-Id: I7ceafd9c530d4386e29cab96256e8aa3035d302d
| -rw-r--r-- | services/smartspace/java/com/android/server/smartspace/SmartspaceManagerService.java | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/services/smartspace/java/com/android/server/smartspace/SmartspaceManagerService.java b/services/smartspace/java/com/android/server/smartspace/SmartspaceManagerService.java index 169b85eb7e06..b07fe19393b2 100644 --- a/services/smartspace/java/com/android/server/smartspace/SmartspaceManagerService.java +++ b/services/smartspace/java/com/android/server/smartspace/SmartspaceManagerService.java @@ -19,6 +19,7 @@ package com.android.server.smartspace; import static android.Manifest.permission.MANAGE_SMARTSPACE; import static android.app.ActivityManagerInternal.ALLOW_NON_FULL; import static android.content.Context.SMARTSPACE_SERVICE; +import static android.content.pm.PackageManager.PERMISSION_GRANTED; import android.annotation.NonNull; import android.annotation.Nullable; @@ -161,11 +162,13 @@ public class SmartspaceManagerService extends Slog.d(TAG, "runForUserLocked:" + func + " from pid=" + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid()); } - if (!(mServiceNameResolver.isTemporary(userId) + Context ctx = getContext(); + if (!(ctx.checkCallingPermission(MANAGE_SMARTSPACE) == PERMISSION_GRANTED + || mServiceNameResolver.isTemporary(userId) || mActivityTaskManagerInternal.isCallerRecents(Binder.getCallingUid()))) { - String msg = "Permission Denial: " + func + " from pid=" + Binder.getCallingPid() - + ", uid=" + Binder.getCallingUid(); + String msg = "Permission Denial: Cannot call " + func + " from pid=" + + Binder.getCallingPid() + ", uid=" + Binder.getCallingUid(); Slog.w(TAG, msg); throw new SecurityException(msg); } |