Merge "Clear caller identity before updating restrictions" into main am: a5d896cd29
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/3290150
Change-Id: Id641c247d86db5597d748988fc844bbcb3f50575
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
index a6f4c0e..2a3be1e 100644
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
@@ -3100,11 +3100,16 @@
}
synchronized (mUidRulesFirstLock) {
- final int oldPolicy = mUidPolicy.get(uid, POLICY_NONE);
- policy |= oldPolicy;
- if (oldPolicy != policy) {
- setUidPolicyUncheckedUL(uid, oldPolicy, policy, true);
- mLogger.uidPolicyChanged(uid, oldPolicy, policy);
+ final long token = Binder.clearCallingIdentity();
+ try {
+ final int oldPolicy = mUidPolicy.get(uid, POLICY_NONE);
+ policy |= oldPolicy;
+ if (oldPolicy != policy) {
+ setUidPolicyUncheckedUL(uid, oldPolicy, policy, true);
+ mLogger.uidPolicyChanged(uid, oldPolicy, policy);
+ }
+ } finally {
+ Binder.restoreCallingIdentity(token);
}
}
}
@@ -3119,11 +3124,16 @@
}
synchronized (mUidRulesFirstLock) {
- final int oldPolicy = mUidPolicy.get(uid, POLICY_NONE);
- policy = oldPolicy & ~policy;
- if (oldPolicy != policy) {
- setUidPolicyUncheckedUL(uid, oldPolicy, policy, true);
- mLogger.uidPolicyChanged(uid, oldPolicy, policy);
+ final long token = Binder.clearCallingIdentity();
+ try {
+ final int oldPolicy = mUidPolicy.get(uid, POLICY_NONE);
+ policy = oldPolicy & ~policy;
+ if (oldPolicy != policy) {
+ setUidPolicyUncheckedUL(uid, oldPolicy, policy, true);
+ mLogger.uidPolicyChanged(uid, oldPolicy, policy);
+ }
+ } finally {
+ Binder.restoreCallingIdentity(token);
}
}
}