Do not block notifications or toasts for SYSTEM_UID or PHONE_UID.
The specific bug is this: SIM PIN unlock attempt toasts are
sent from com.android.settings/.IccLockSettings which runs
as the phone process; NoMan wasn't having any of that and
was blocking the toasts.
With this change we treat SYSTEM_UID and PHONE_UID the same
for all security checks, and furthermore we guarantee that
all notifications and toasts from those UIDs will be
permitted.
Bug: 9098802
Change-Id: Idc788527aa2cb38e015fe92773766a514167999e
diff --git a/services/java/com/android/server/NotificationManagerService.java b/services/java/com/android/server/NotificationManagerService.java
index 04773db..5dc8e0c 100644
--- a/services/java/com/android/server/NotificationManagerService.java
+++ b/services/java/com/android/server/NotificationManagerService.java
@@ -1390,7 +1390,7 @@
return ;
}
- final boolean isSystemToast = ("android".equals(pkg));
+ final boolean isSystemToast = isCallerSystem() || ("android".equals(pkg));
if (ENABLE_BLOCKED_TOASTS && !noteNotificationOp(pkg, Binder.getCallingUid())) {
if (!isSystemToast) {
@@ -1606,7 +1606,7 @@
Slog.v(TAG, "enqueueNotificationInternal: pkg=" + pkg + " id=" + id + " notification=" + notification);
}
checkCallerIsSystemOrSameApp(pkg);
- final boolean isSystemNotification = ("android".equals(pkg));
+ final boolean isSystemNotification = isCallerSystem() || ("android".equals(pkg));
userId = ActivityManager.handleIncomingUser(callingPid,
callingUid, userId, true, false, "enqueueNotification", pkg);
@@ -2082,19 +2082,26 @@
cancelAllNotificationsInt(pkg, 0, Notification.FLAG_FOREGROUND_SERVICE, true, userId);
}
+ // Return true if the caller is a system or phone UID and therefore should not have
+ // any notifications or toasts blocked.
+ boolean isCallerSystem() {
+ final int uid = Binder.getCallingUid();
+ final int appid = UserHandle.getAppId(uid);
+ return (appid == Process.SYSTEM_UID || appid == Process.PHONE_UID || uid == 0);
+ }
+
void checkCallerIsSystem() {
- int uid = Binder.getCallingUid();
- if (UserHandle.getAppId(uid) == Process.SYSTEM_UID || uid == 0) {
+ if (isCallerSystem()) {
return;
}
- throw new SecurityException("Disallowed call for uid " + uid);
+ throw new SecurityException("Disallowed call for uid " + Binder.getCallingUid());
}
void checkCallerIsSystemOrSameApp(String pkg) {
- int uid = Binder.getCallingUid();
- if (UserHandle.getAppId(uid) == Process.SYSTEM_UID || uid == 0) {
+ if (isCallerSystem()) {
return;
}
+ final int uid = Binder.getCallingUid();
try {
ApplicationInfo ai = AppGlobals.getPackageManager().getApplicationInfo(
pkg, 0, UserHandle.getCallingUserId());