Fix UserManagerService.setUserIcon throwing expt.
setUserIcon sends a broadcast that requires INTERACT_ACROSS_USERS.
Since the function directly checks MANAGE_USERS permission, added
a clear calling identity.
Alternative solution would be to make function check for one of
INTERACT_ACROSS_USERS permissions before performing any actions.
Change-Id: Ibbf27d4e188d059671024e4bb62f92a2daea3661
diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index 194e85d..64288a5 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java
@@ -394,16 +394,21 @@
@Override
public void setUserIcon(int userId, Bitmap bitmap) {
checkManageUsersPermission("update users");
- synchronized (mPackagesLock) {
- UserInfo info = mUsers.get(userId);
- if (info == null || info.partial) {
- Slog.w(LOG_TAG, "setUserIcon: unknown user #" + userId);
- return;
+ long ident = Binder.clearCallingIdentity();
+ try {
+ synchronized (mPackagesLock) {
+ UserInfo info = mUsers.get(userId);
+ if (info == null || info.partial) {
+ Slog.w(LOG_TAG, "setUserIcon: unknown user #" + userId);
+ return;
+ }
+ writeBitmapLocked(info, bitmap);
+ writeUserLocked(info);
}
- writeBitmapLocked(info, bitmap);
- writeUserLocked(info);
+ sendUserInfoChangedBroadcast(userId);
+ } finally {
+ Binder.restoreCallingIdentity(ident);
}
- sendUserInfoChangedBroadcast(userId);
}
private void sendUserInfoChangedBroadcast(int userId) {