commit dd7c749fb3b2b0f855f9639c3de84295b73ec945
author Tianjie <xunchang@google.com> Tue Mar 23 11:40:08 2021 -0700
committer android-build-team Robot <android-build-team-robot@google.com> Wed Mar 24 04:57:38 2021 +0000
tree 8c466d08a9b1d659492081f6585b6704572ca1c8
parent 357b0106721870ce180a69b9725ea8b43eefe900

Clear caller id when reading device config

Reading the DeviceConfig with the gmscore call id will result in a
security exception.

Also clear the caller identity when before calling into locksettings
to armRebootEscrow. This is inline with the other usage for RoR
preparation.

Bug: 183475757
Test: trigger RoR from gmscore
Change-Id: Ifc65625fc7aba05d016c127cf6672922a5ffb000
(cherry picked from commit 18fb750cc54c26de452b40414ffe8199e20b47c5)

services/core/java/com/android/server/recoverysystem/RecoverySystemService.java

diff --git a/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java b/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java
index 0a6772b..fe21201 100644
--- a/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java
+++ b/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java
@@ -734,7 +734,15 @@
             return REBOOT_ERROR_SLOT_MISMATCH;
         }
 
-        if (!mInjector.getLockSettingsService().armRebootEscrow()) {
+        final long origId = Binder.clearCallingIdentity();
+        boolean result;
+        try {
+            result = mInjector.getLockSettingsService().armRebootEscrow();
+        } finally {
+            Binder.restoreCallingIdentity(origId);
+        }
+
+        if (!result) {
             Slog.w(TAG, "Failure to escrow key for reboot");
             return REBOOT_ERROR_ARM_REBOOT_ESCROW_FAILURE;
         }
@@ -742,11 +750,20 @@
         return REBOOT_ERROR_NONE;
     }
 
+    private boolean useServerBasedRoR() {
+        final long origId = Binder.clearCallingIdentity();
+        try {
+            return DeviceConfig.getBoolean(DeviceConfig.NAMESPACE_OTA,
+                    "server_based_ror_enabled", false);
+        } finally {
+            Binder.restoreCallingIdentity(origId);
+        }
+    }
+
     private void reportMetricsOnRebootWithLskf(String packageName, boolean slotSwitch,
             @ResumeOnRebootRebootErrorCode int errorCode) {
         int uid = mInjector.getUidFromPackageName(packageName);
-        boolean serverBased = DeviceConfig.getBoolean(DeviceConfig.NAMESPACE_OTA,
-                "server_based_ror_enabled", false);
+        boolean serverBased = useServerBasedRoR();
         int preparedClientCount;
         synchronized (this) {
             preparedClientCount = mCallerPreparedForReboot.size();