Clear calling identity when binding a11y services
When a UiAutomation is destroyed, accessibility services may get
enabled as a side effect. That was causing these services to be
enabled in a binder thread, which threw a SecurityException.
Bug: 28268310
Bug: 28163652
Change-Id: Ie25ab05569b5b21b5f30e7d7eed24ef73b7ba159
diff --git a/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java b/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java
index d900b37..4e5bb21 100644
--- a/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java
+++ b/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java
@@ -2298,11 +2298,16 @@
public boolean bindLocked() {
UserState userState = getUserStateLocked(mUserId);
if (!mIsAutomation) {
- if (mService == null && mContext.bindServiceAsUser(
- mIntent, this,
- Context.BIND_AUTO_CREATE | Context.BIND_FOREGROUND_SERVICE_WHILE_AWAKE,
- new UserHandle(mUserId))) {
- userState.mBindingServices.add(mComponentName);
+ final long identity = Binder.clearCallingIdentity();
+ try {
+ if (mService == null && mContext.bindServiceAsUser(
+ mIntent, this,
+ Context.BIND_AUTO_CREATE | Context.BIND_FOREGROUND_SERVICE_WHILE_AWAKE,
+ new UserHandle(mUserId))) {
+ userState.mBindingServices.add(mComponentName);
+ }
+ } finally {
+ Binder.restoreCallingIdentity(identity);
}
} else {
userState.mBindingServices.add(mComponentName);