From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Makoto Onuki <omakoto@google.com>
Date: Tue, 19 Apr 2022 10:54:18 -0700
Subject: [PATCH] Only allow the system server to connect to sync adapters

Bug: 203229608
Test: Manual test with changing the check logic + debug log
Change-Id: If18009f61360564d02dcda9b1e5fa15685e3250f
(cherry picked from commit 58270527d11ac7e5f07d337a402d8edf046a63ee)
(cherry picked from commit 7d1397a54475ed7fee632339ef7c60b432f0fbff)
Merged-In: If18009f61360564d02dcda9b1e5fa15685e3250f
---
 .../content/AbstractThreadedSyncAdapter.java    | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/core/java/android/content/AbstractThreadedSyncAdapter.java b/core/java/android/content/AbstractThreadedSyncAdapter.java
index 2629929e91ce..be78f4047ab1 100644
--- a/core/java/android/content/AbstractThreadedSyncAdapter.java
+++ b/core/java/android/content/AbstractThreadedSyncAdapter.java
@@ -17,6 +17,7 @@
 package android.content;
 
 import android.accounts.Account;
+import android.os.Binder;
 import android.os.Build;
 import android.os.Bundle;
 import android.os.IBinder;
@@ -165,15 +166,28 @@ public abstract class AbstractThreadedSyncAdapter {
     }
 
     private class ISyncAdapterImpl extends ISyncAdapter.Stub {
+        private boolean isCallerSystem() {
+            final long callingUid = Binder.getCallingUid();
+            if (callingUid != Process.SYSTEM_UID) {
+                android.util.EventLog.writeEvent(0x534e4554, "203229608", -1, "");
+                return false;
+            }
+            return true;
+        }
+
         @Override
         public void startSync(ISyncContext syncContext, String authority, Account account,
                 Bundle extras) {
+            if (!isCallerSystem()) {
+                return;
+            }
             if (ENABLE_LOG) {
                 if (extras != null) {
                     extras.size(); // Unparcel so its toString() will show the contents.
                 }
                 Log.d(TAG, "startSync() start " + authority + " " + account + " " + extras);
             }
+
             try {
                 final SyncContext syncContextClient = new SyncContext(syncContext);
 
@@ -229,6 +243,9 @@ public abstract class AbstractThreadedSyncAdapter {
 
         @Override
         public void cancelSync(ISyncContext syncContext) {
+            if (!isCallerSystem()) {
+                return;
+            }
             try {
                 // synchronize to make sure that mSyncThreads doesn't change between when we
                 // check it and when we use it