[Fix getAccounts MANAGE_USERS permission]
Make code having potential to call userInfo inside clearIdentity.
Bug: 22917218
Change-Id: If95fb7c0ec36a2f5c737f04bc7d8af95b44fea22
diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
index 83e8db0..aab6374 100644
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -2604,7 +2604,8 @@
// Prune the list down to just the requested type.
visibleAccountTypes = new ArrayList<>();
visibleAccountTypes.add(type);
- } // else aggregate all the visible accounts (it won't matter if the list is empty).
+ } // else aggregate all the visible accounts (it won't matter if the
+ // list is empty).
long identityToken = clearCallingIdentity();
try {
@@ -3788,8 +3789,15 @@
private List<String> getTypesForCaller(
int callingUid, int userId, boolean isOtherwisePermitted) {
List<String> managedAccountTypes = new ArrayList<>();
+ long identityToken = Binder.clearCallingIdentity();
+ Collection<RegisteredServicesCache.ServiceInfo<AuthenticatorDescription>> serviceInfos;
+ try {
+ serviceInfos = mAuthenticatorCache.getAllServices(userId);
+ } finally {
+ Binder.restoreCallingIdentity(identityToken);
+ }
for (RegisteredServicesCache.ServiceInfo<AuthenticatorDescription> serviceInfo :
- mAuthenticatorCache.getAllServices(userId)) {
+ serviceInfos) {
final int sigChk = mPackageManager.checkSignatures(serviceInfo.uid, callingUid);
if (isOtherwisePermitted || sigChk == PackageManager.SIGNATURE_MATCH) {
managedAccountTypes.add(serviceInfo.type.type);