Add Binder.clearCallingIdentity to TracingServiceProxy
The TracingServiceProxy is called by traced, which runs as UID 9999 and therefore doesn't have the required permissions to start a foreground service. So, clear that calling identity so that the identity checked for this permission is system_server, which does have the correct permissions. We'll ensure that no other processes can utilize this path via selinux rules. Bug: 191391382 Test: Manually tested that before this change, I saw an 'ActivityManager: startForegroundService() not allowed' error when taking a bugreport while a trace is running, while after this change the bugreport was taken successfully with no errors, and the trace was included in the bugreport. Change-Id: I472fe8acc2e59e93afd8475f51b5f347cd3ccc5d
Please register or sign in to comment