commit 8f1d5cbabb3bc4ef61b9c2edc70fcfd5d75efec8
author Ruben Brunk <rubenbrunk@google.com> Tue Mar 22 18:08:41 2016 -0700
committer Ruben Brunk <rubenbrunk@google.com> Wed Mar 23 08:23:15 2016 -0700
tree bb112f96bdd5a7e48b6455dbd12ead0c3630f2e7
parent 482c7da6ab5a95a28ee64cb4a0365b85e8681afb

Allow current VrListenerService to read thermal info.

Bug: 27549685
Bug: 22855417
Change-Id: I2d0cb85b54767876bcbf503b5f198bd7f4065680

services/core/java/com/android/server/HardwarePropertiesManagerService.java

diff --git a/services/core/java/com/android/server/HardwarePropertiesManagerService.java b/services/core/java/com/android/server/HardwarePropertiesManagerService.java
index 575d99e..23cf64a 100644
--- a/services/core/java/com/android/server/HardwarePropertiesManagerService.java
+++ b/services/core/java/com/android/server/HardwarePropertiesManagerService.java
@@ -23,6 +23,8 @@
 import android.os.CpuUsageInfo;
 import android.os.IHardwarePropertiesManager;
 import android.os.Process;
+import android.os.UserHandle;
+import com.android.server.vr.VrManagerInternal;
 
 import java.util.Arrays;
 
@@ -78,14 +80,15 @@
      *
      * @param callingPackage The calling package name.
      *
-     * @throws SecurityException if a non profile or device owner or system tries to retrieve
-     * information provided by the service.
+     * @throws SecurityException if something other than the profile or device owner, or the
+     *        current VR service tries to retrieve information provided by this service.
      */
     private void enforceHardwarePropertiesRetrievalAllowed(String callingPackage)
             throws SecurityException {
         final PackageManager pm = mContext.getPackageManager();
+        int uid = 0;
         try {
-            final int uid = pm.getPackageUid(callingPackage, 0);
+            uid = pm.getPackageUid(callingPackage, 0);
             if (Binder.getCallingUid() != uid) {
                 throw new SecurityException("The caller has faked the package name.");
             }
@@ -93,10 +96,13 @@
             throw new SecurityException("The caller has faked the package name.");
         }
 
+        final int userId = UserHandle.getUserId(uid);
+        final VrManagerInternal vrService = LocalServices.getService(VrManagerInternal.class);
         final DevicePolicyManager dpm = mContext.getSystemService(DevicePolicyManager.class);
         if (!dpm.isDeviceOwnerApp(callingPackage) && !dpm.isProfileOwnerApp(callingPackage)
-                && Binder.getCallingUid() != Process.SYSTEM_UID) {
-            throw new SecurityException("The caller is not a device or profile owner or system.");
+                && !vrService.isCurrentVrListener(callingPackage, userId)) {
+            throw new SecurityException("The caller is not a device or profile owner or bound "
+                + "VrListenerService.");
         }
     }
 }