[CDM] Check if it's system UID for hidden Perm Sync APIs
Bug: 371975420
Test: Manual test
Flag: EXEMPT bugfix
Change-Id: I9771ce38728d40b026d94cb6785d55f144c66790
Merged-In: I9771ce38728d40b026d94cb6785d55f144c66790
diff --git a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
index a3f6665..143bdeb 100644
--- a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
+++ b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
@@ -798,18 +798,27 @@
@Override
public void enablePermissionsSync(int associationId) {
getAssociationWithCallerChecks(associationId);
+ if (getCallingUid() != SYSTEM_UID) {
+ throw new SecurityException("Caller must be system UID");
+ }
mSystemDataTransferProcessor.enablePermissionsSync(associationId);
}
@Override
public void disablePermissionsSync(int associationId) {
getAssociationWithCallerChecks(associationId);
+ if (getCallingUid() != SYSTEM_UID) {
+ throw new SecurityException("Caller must be system UID");
+ }
mSystemDataTransferProcessor.disablePermissionsSync(associationId);
}
@Override
public PermissionSyncRequest getPermissionSyncRequest(int associationId) {
getAssociationWithCallerChecks(associationId);
+ if (getCallingUid() != SYSTEM_UID) {
+ throw new SecurityException("Caller must be system UID");
+ }
return mSystemDataTransferProcessor.getPermissionSyncRequest(associationId);
}