Allow system UID to call isSecurityLoggingEnabled()
This CL allows code running under the system UID to call
isSecurityLoggingEnabled(), so that Settings can find out whether
logging is on or off.
Bug: 36584321
Test: m RunSettingsRoboTests
Change-Id: Icf8b7d6cef0f4e23f57bcf0498ffdcf124d16d38
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 391885d..6d8d5e9 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -7207,7 +7207,7 @@
* @return {@code true} if security logging is enabled by device owner, {@code false} otherwise.
* @throws SecurityException if {@code admin} is not a device owner.
*/
- public boolean isSecurityLoggingEnabled(@NonNull ComponentName admin) {
+ public boolean isSecurityLoggingEnabled(@Nullable ComponentName admin) {
throwIfParentInstance("isSecurityLoggingEnabled");
try {
return mService.isSecurityLoggingEnabled(admin);
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index ecbd312..ab86966 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -10088,9 +10088,11 @@
return false;
}
- Preconditions.checkNotNull(admin);
synchronized (this) {
- getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);
+ if (!isCallerWithSystemUid()) {
+ Preconditions.checkNotNull(admin);
+ getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);
+ }
return mInjector.securityLogGetLoggingEnabledProperty();
}
}