Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 25645d8b authored by Jim Miller's avatar Jim Miller
Browse files

Remove UID checks from LockPatternUtils 

The UID checks should be unnecessary because LockPatternUtils already relies
on system permission checks in Settings, LockSettings, DevicePolicyManager
and Keystore.  These checks should already catch illegal operations.

This was interfering with the stand-alone test app for keyguard.

Change-Id: I2da2a729ca29feae9e962c2e360ec47490bcbbf0
parent 3034d451

core/java/com/android/internal/widget/LockPatternUtils.java

+13 −27
Original line number Diff line number Diff line
@@ -215,15 +215,10 @@ public class LockPatternUtils { 
    }



    public void setCurrentUser(int userId) {

        if (Process.myUid() == Process.SYSTEM_UID) {

        mCurrentUserId = userId;

        } else {

            throw new SecurityException("Only the system process can set the current user");

        }

    }



    public int getCurrentUser() {

        if (Process.myUid() == Process.SYSTEM_UID) {

        if (mCurrentUserId != UserHandle.USER_NULL) {

            // Someone is regularly updating using setCurrentUser() use that value.

            return mCurrentUserId;
@@ -233,20 +228,15 @@ public class LockPatternUtils { 
        } catch (RemoteException re) {

            return UserHandle.USER_OWNER;

        }

        } else {

            throw new SecurityException("Only the system process can get the current user");

        }

    }



    public void removeUser(int userId) {

        if (Process.myUid() == Process.SYSTEM_UID) {

        try {

            getLockSettings().removeUser(userId);

        } catch (RemoteException re) {

            Log.e(TAG, "Couldn't remove lock settings for user " + userId);

        }

    }

    }



    private int getCurrentOrCallingUserId() {

        int callingUid = Binder.getCallingUid();
@@ -591,10 +581,6 @@ public class LockPatternUtils { 
        // Compute the hash

        final byte[] hash = passwordToHash(password);

        try {

            if (Process.myUid() != Process.SYSTEM_UID && userHandle != UserHandle.myUserId()) {

                throw new SecurityException(

                        "Only the system process can save lock password for another user");

            }

            getLockSettings().setLockPassword(hash, userHandle);

            DevicePolicyManager dpm = getDevicePolicyManager();

            KeyStore keyStore = KeyStore.getInstance();