diff options
| -rw-r--r-- | services/core/java/com/android/server/am/ActiveServices.java | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/am/ActiveServices.java b/services/core/java/com/android/server/am/ActiveServices.java index c7994c36d7d8..37f71ca88b2b 100644 --- a/services/core/java/com/android/server/am/ActiveServices.java +++ b/services/core/java/com/android/server/am/ActiveServices.java @@ -70,6 +70,7 @@ import static com.android.server.am.ActivityManagerDebugConfig.POSTFIX_SERVICE_E import static com.android.server.am.ActivityManagerDebugConfig.TAG_AM; import static com.android.server.am.ActivityManagerDebugConfig.TAG_WITH_CLASS_NAME; +import android.Manifest; import android.annotation.NonNull; import android.annotation.Nullable; import android.annotation.UptimeMillisLong; @@ -3078,6 +3079,18 @@ public final class ActiveServices { + ", uid=" + callingUid + " requires " + r.permission); return new ServiceLookupResult(null, r.permission); + } else if (Manifest.permission.BIND_HOTWORD_DETECTION_SERVICE.equals(r.permission) + && callingUid != Process.SYSTEM_UID) { + // Hotword detection must run in its own sandbox, and we don't even trust + // its enclosing application to bind to it - only the system. + // TODO(b/185746653) remove this special case and generalize + Slog.w(TAG, "Permission Denial: Accessing service " + r.shortInstanceName + + " from pid=" + callingPid + + ", uid=" + callingUid + + " requiring permission " + r.permission + + " can only be bound to from the system."); + return new ServiceLookupResult(null, "can only be bound to " + + "by the system."); } else if (r.permission != null && callingPackage != null) { final int opCode = AppOpsManager.permissionToOpCode(r.permission); if (opCode != AppOpsManager.OP_NONE && mAm.getAppOpsManager().checkOpNoThrow( |