Add missing isShellUser check
Bug: 160390416
Test: verified command still works from shell
Change-Id: I23bb06e00f1623e4f27c02d7eb2c0d273b40771b
(cherry picked from commit 03542611973e4ce3ddca522ee12bcc85e59ce901)
Merged-In: I23bb06e00f1623e4f27c02d7eb2c0d273b40771b
(cherry picked from commit 5e2931c6569aa8084be9d0690a1ca30534f49c46)
(cherry picked from commit 4a31000e6072c14608ec1c59321481c8aa330313)
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index a2ea8e0..a6d1031 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -4818,9 +4818,18 @@
return procState;
}
+ private boolean isCallerShell() {
+ final int callingUid = Binder.getCallingUid();
+ return callingUid == SHELL_UID || callingUid == ROOT_UID;
+ }
+
@Override
public boolean setProcessMemoryTrimLevel(String process, int userId, int level)
throws RemoteException {
+ if (!isCallerShell()) {
+ EventLog.writeEvent(0x534e4554, 160390416, Binder.getCallingUid(), "");
+ throw new SecurityException("Only shell can call it");
+ }
synchronized (this) {
final ProcessRecord app = findProcessLocked(process, userId, "setProcessMemoryTrimLevel");
if (app == null) {