From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Makoto Onuki <omakoto@google.com> Date: Tue, 19 Apr 2022 10:54:18 -0700 Subject: [PATCH] Only allow the system server to connect to sync adapters Bug: 203229608 Test: Manual test with changing the check logic + debug log Change-Id: If18009f61360564d02dcda9b1e5fa15685e3250f (cherry picked from commit 58270527d11ac7e5f07d337a402d8edf046a63ee) (cherry picked from commit 7d1397a54475ed7fee632339ef7c60b432f0fbff) Merged-In: If18009f61360564d02dcda9b1e5fa15685e3250f --- .../content/AbstractThreadedSyncAdapter.java | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/core/java/android/content/AbstractThreadedSyncAdapter.java b/core/java/android/content/AbstractThreadedSyncAdapter.java index a086a308d0d9..da4ecdd8c1f2 100644 --- a/core/java/android/content/AbstractThreadedSyncAdapter.java +++ b/core/java/android/content/AbstractThreadedSyncAdapter.java @@ -21,6 +21,7 @@ import static com.android.internal.util.function.pooled.PooledLambda.obtainMessa import android.accounts.Account; import android.annotation.MainThread; import android.annotation.NonNull; +import android.os.Binder; import android.os.Build; import android.os.Bundle; import android.os.Handler; @@ -171,8 +172,20 @@ public abstract class AbstractThreadedSyncAdapter { } private class ISyncAdapterImpl extends ISyncAdapter.Stub { + private boolean isCallerSystem() { + final long callingUid = Binder.getCallingUid(); + if (callingUid != Process.SYSTEM_UID) { + android.util.EventLog.writeEvent(0x534e4554, "203229608", -1, ""); + return false; + } + return true; + } + @Override public void onUnsyncableAccount(ISyncAdapterUnsyncableAccountCallback cb) { + if (!isCallerSystem()) { + return; + } Handler.getMain().sendMessage(obtainMessage( AbstractThreadedSyncAdapter::handleOnUnsyncableAccount, AbstractThreadedSyncAdapter.this, cb)); @@ -181,12 +194,16 @@ public abstract class AbstractThreadedSyncAdapter { @Override public void startSync(ISyncContext syncContext, String authority, Account account, Bundle extras) { + if (!isCallerSystem()) { + return; + } if (ENABLE_LOG) { if (extras != null) { extras.size(); // Unparcel so its toString() will show the contents. } Log.d(TAG, "startSync() start " + authority + " " + account + " " + extras); } + try { final SyncContext syncContextClient = new SyncContext(syncContext); @@ -242,6 +259,9 @@ public abstract class AbstractThreadedSyncAdapter { @Override public void cancelSync(ISyncContext syncContext) { + if (!isCallerSystem()) { + return; + } try { // synchronize to make sure that mSyncThreads doesn't change between when we // check it and when we use it