Check USB device/accessory perms with sys identity

As checking the permissions might call UsbDevice/UsbAccessory.getSerial again, we have to make sure that in this code paths we run with the system's identity so that we can always resolve the serial number. Test: CtsVerifier UsbAccessory/UsbDevice test Fixes: 117606509 Change-Id: I777be10b806ab02046f99805806ae1a16ebb0203
author: Philip P. Moltmann <moltmann@google.com> 2019-05-24 15:56:17 -0700
committer: Philip P. Moltmann <moltmann@google.com> 2019-05-28 17:51:39 +0000
commit: e89688fcd7076f6a531ce7b91458f6c3159996bb (patch)
tree: 212b41e3bcea219f669d6dfe12e47990cec1c5bb /services/usb/java
parent: 3fb12ba4902605668faa22a93f0881ab333ec11d (diff)
1 files changed, 12 insertions, 12 deletions
diff --git a/services/usb/java/com/android/server/usb/UsbSerialReader.java b/services/usb/java/com/android/server/usb/UsbSerialReader.java
index 32fc796e7e05..8ca77f0c63dc 100644
--- a/services/usb/java/com/android/server/usb/UsbSerialReader.java
+++ b/services/usb/java/com/android/server/usb/UsbSerialReader.java
@@ -85,22 +85,22 @@ class UsbSerialReader extends IUsbSerialReader.Stub {
                     throw new RemoteException("package " + packageName + " cannot be found");
                 }
                 packageTargetSdkVersion = pkg.applicationInfo.targetSdkVersion;
-            } finally {
-                Binder.restoreCallingIdentity(token);
-            }
 
-            if (packageTargetSdkVersion >= Build.VERSION_CODES.Q) {
-                if (mContext.checkPermission(android.Manifest.permission.MANAGE_USB, pid, uid)
-                        == PackageManager.PERMISSION_DENIED) {
-                    UsbUserSettingsManager settings = mSettingsManager.getSettingsForUser(
-                            UserHandle.getUserId(uid));
+                if (packageTargetSdkVersion >= Build.VERSION_CODES.Q) {
+                    if (mContext.checkPermission(android.Manifest.permission.MANAGE_USB, pid, uid)
+                            == PackageManager.PERMISSION_DENIED) {
+                        UsbUserSettingsManager settings = mSettingsManager.getSettingsForUser(
+                                UserHandle.getUserId(uid));
 
-                    if (mDevice instanceof UsbDevice) {
-                        settings.checkPermission((UsbDevice) mDevice, packageName, uid);
-                    } else {
-                        settings.checkPermission((UsbAccessory) mDevice, uid);
+                        if (mDevice instanceof UsbDevice) {
+                            settings.checkPermission((UsbDevice) mDevice, packageName, uid);
+                        } else {
+                            settings.checkPermission((UsbAccessory) mDevice, uid);
+                        }
                     }
                 }
+            } finally {
+                Binder.restoreCallingIdentity(token);
             }
         }
author	Philip P. Moltmann <moltmann@google.com>	2019-05-24 15:56:17 -0700
committer	Philip P. Moltmann <moltmann@google.com>	2019-05-28 17:51:39 +0000
commit	e89688fcd7076f6a531ce7b91458f6c3159996bb (patch)
tree	212b41e3bcea219f669d6dfe12e47990cec1c5bb /services/usb/java
parent	3fb12ba4902605668faa22a93f0881ab333ec11d (diff)