Google Git
Sign in
android / platform / frameworks / base / 7c01130^! / .
commit7c011302b64f3a623030f09346b3b81214c2480a[log] [tgz]
authorDaniel Sandler <dsandler@android.com>Mon Jun 10 12:06:51 2013 -0400
committerDaniel Sandler <dsandler@android.com>Mon Jun 10 12:19:16 2013 -0400
tree5ab5869202315bd7b1db5ddeab9ac98308f3b0ee
parent38bdf107ba0abcce8b87bc87653c73191566d002 [diff]
Do not block notifications or toasts for SYSTEM_UID or PHONE_UID.

The specific bug is this: SIM PIN unlock attempt toasts are
sent from com.android.settings/.IccLockSettings which runs
as the phone process; NoMan wasn't having any of that and
was blocking the toasts.

With this change we treat SYSTEM_UID and PHONE_UID the same
for all security checks, and furthermore we guarantee that
all notifications and toasts from those UIDs will be
permitted.

Bug: 9098802
Change-Id: Idc788527aa2cb38e015fe92773766a514167999e

diff --git a/services/java/com/android/server/NotificationManagerService.java b/services/java/com/android/server/NotificationManagerService.java
index 04773db..5dc8e0c 100644
--- a/services/java/com/android/server/NotificationManagerService.java
+++ b/services/java/com/android/server/NotificationManagerService.java

@@ -1390,7 +1390,7 @@
             return ;
         }
 
-        final boolean isSystemToast = ("android".equals(pkg));
+        final boolean isSystemToast = isCallerSystem() || ("android".equals(pkg));
 
         if (ENABLE_BLOCKED_TOASTS && !noteNotificationOp(pkg, Binder.getCallingUid())) {
             if (!isSystemToast) {
@@ -1606,7 +1606,7 @@
             Slog.v(TAG, "enqueueNotificationInternal: pkg=" + pkg + " id=" + id + " notification=" + notification);
         }
         checkCallerIsSystemOrSameApp(pkg);
-        final boolean isSystemNotification = ("android".equals(pkg));
+        final boolean isSystemNotification = isCallerSystem() || ("android".equals(pkg));
 
         userId = ActivityManager.handleIncomingUser(callingPid,
                 callingUid, userId, true, false, "enqueueNotification", pkg);
@@ -2082,19 +2082,26 @@
         cancelAllNotificationsInt(pkg, 0, Notification.FLAG_FOREGROUND_SERVICE, true, userId);
     }
 
+    // Return true if the caller is a system or phone UID and therefore should not have
+    // any notifications or toasts blocked.
+    boolean isCallerSystem() {
+        final int uid = Binder.getCallingUid();
+        final int appid = UserHandle.getAppId(uid);
+        return (appid == Process.SYSTEM_UID || appid == Process.PHONE_UID || uid == 0);
+    }
+
     void checkCallerIsSystem() {
-        int uid = Binder.getCallingUid();
-        if (UserHandle.getAppId(uid) == Process.SYSTEM_UID || uid == 0) {
+        if (isCallerSystem()) {
             return;
         }
-        throw new SecurityException("Disallowed call for uid " + uid);
+        throw new SecurityException("Disallowed call for uid " + Binder.getCallingUid());
     }
 
     void checkCallerIsSystemOrSameApp(String pkg) {
-        int uid = Binder.getCallingUid();
-        if (UserHandle.getAppId(uid) == Process.SYSTEM_UID || uid == 0) {
+        if (isCallerSystem()) {
             return;
         }
+        final int uid = Binder.getCallingUid();
         try {
             ApplicationInfo ai = AppGlobals.getPackageManager().getApplicationInfo(
                     pkg, 0, UserHandle.getCallingUserId());