frameworks/base
修订版 | 10c01c2f95f9d7539c0823c83b27c2de681fa99c (tree) |
---|---|
时间 | 2020-10-29 02:55:33 |
作者 | John Reck <jreck@goog...> |
Commiter | Kevin Haggerty |
Add missing isShellUser check
Bug: 160390416
Test: verified command still works from shell
[basilgello: Back-port to 14.1:
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
Change-Id: I23bb06e00f1623e4f27c02d7eb2c0d273b40771b
(cherry picked from commit 03542611973e4ce3ddca522ee12bcc85e59ce901)
Merged-In: I23bb06e00f1623e4f27c02d7eb2c0d273b40771b
(cherry picked from commit 5e2931c6569aa8084be9d0690a1ca30534f49c46)
(cherry picked from commit 4a31000e6072c14608ec1c59321481c8aa330313)
@@ -4306,8 +4306,17 @@ public final class ActivityManagerService extends ActivityManagerNative | ||
4306 | 4306 | return procState; |
4307 | 4307 | } |
4308 | 4308 | |
4309 | + private boolean isCallerShell() { | |
4310 | + final int callingUid = Binder.getCallingUid(); | |
4311 | + return callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID; | |
4312 | + } | |
4313 | + | |
4309 | 4314 | @Override |
4310 | 4315 | public boolean setProcessMemoryTrimLevel(String process, int userId, int level) { |
4316 | + if (!isCallerShell()) { | |
4317 | + EventLog.writeEvent(0x534e4554, 160390416, Binder.getCallingUid(), ""); | |
4318 | + throw new SecurityException("Only shell can call it"); | |
4319 | + } | |
4311 | 4320 | synchronized (this) { |
4312 | 4321 | final ProcessRecord app = findProcessLocked(process, userId, "setProcessMemoryTrimLevel"); |
4313 | 4322 | if (app == null) { |