diff options
| author | Daniel Sandler <dsandler@android.com> | 2013-06-10 12:06:51 -0400 |
|---|---|---|
| committer | Daniel Sandler <dsandler@android.com> | 2013-06-10 12:19:16 -0400 |
| commit | 7c011302b64f3a623030f09346b3b81214c2480a (patch) | |
| tree | 5ab5869202315bd7b1db5ddeab9ac98308f3b0ee /services | |
| parent | 38bdf107ba0abcce8b87bc87653c73191566d002 (diff) | |
| download | frameworks_base-7c011302b64f3a623030f09346b3b81214c2480a.zip frameworks_base-7c011302b64f3a623030f09346b3b81214c2480a.tar.gz frameworks_base-7c011302b64f3a623030f09346b3b81214c2480a.tar.bz2 | |
Do not block notifications or toasts for SYSTEM_UID or PHONE_UID.
The specific bug is this: SIM PIN unlock attempt toasts are
sent from com.android.settings/.IccLockSettings which runs
as the phone process; NoMan wasn't having any of that and
was blocking the toasts.
With this change we treat SYSTEM_UID and PHONE_UID the same
for all security checks, and furthermore we guarantee that
all notifications and toasts from those UIDs will be
permitted.
Bug: 9098802
Change-Id: Idc788527aa2cb38e015fe92773766a514167999e
Diffstat (limited to 'services')
| -rw-r--r-- | services/java/com/android/server/NotificationManagerService.java | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/services/java/com/android/server/NotificationManagerService.java b/services/java/com/android/server/NotificationManagerService.java index 04773db..5dc8e0c 100644 --- a/services/java/com/android/server/NotificationManagerService.java +++ b/services/java/com/android/server/NotificationManagerService.java @@ -1390,7 +1390,7 @@ public class NotificationManagerService extends INotificationManager.Stub return ; } - final boolean isSystemToast = ("android".equals(pkg)); + final boolean isSystemToast = isCallerSystem() || ("android".equals(pkg)); if (ENABLE_BLOCKED_TOASTS && !noteNotificationOp(pkg, Binder.getCallingUid())) { if (!isSystemToast) { @@ -1606,7 +1606,7 @@ public class NotificationManagerService extends INotificationManager.Stub Slog.v(TAG, "enqueueNotificationInternal: pkg=" + pkg + " id=" + id + " notification=" + notification); } checkCallerIsSystemOrSameApp(pkg); - final boolean isSystemNotification = ("android".equals(pkg)); + final boolean isSystemNotification = isCallerSystem() || ("android".equals(pkg)); userId = ActivityManager.handleIncomingUser(callingPid, callingUid, userId, true, false, "enqueueNotification", pkg); @@ -2082,19 +2082,26 @@ public class NotificationManagerService extends INotificationManager.Stub cancelAllNotificationsInt(pkg, 0, Notification.FLAG_FOREGROUND_SERVICE, true, userId); } + // Return true if the caller is a system or phone UID and therefore should not have + // any notifications or toasts blocked. + boolean isCallerSystem() { + final int uid = Binder.getCallingUid(); + final int appid = UserHandle.getAppId(uid); + return (appid == Process.SYSTEM_UID || appid == Process.PHONE_UID || uid == 0); + } + void checkCallerIsSystem() { - int uid = Binder.getCallingUid(); - if (UserHandle.getAppId(uid) == Process.SYSTEM_UID || uid == 0) { + if (isCallerSystem()) { return; } - throw new SecurityException("Disallowed call for uid " + uid); + throw new SecurityException("Disallowed call for uid " + Binder.getCallingUid()); } void checkCallerIsSystemOrSameApp(String pkg) { - int uid = Binder.getCallingUid(); - if (UserHandle.getAppId(uid) == Process.SYSTEM_UID || uid == 0) { + if (isCallerSystem()) { return; } + final int uid = Binder.getCallingUid(); try { ApplicationInfo ai = AppGlobals.getPackageManager().getApplicationInfo( pkg, 0, UserHandle.getCallingUserId()); |