FP permission checks should not crash system process (33fdf11c) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/fingerprint/FingerprintService.java

+28 −25

Original line number	Diff line number	Diff line
		@@ -1079,18 +1079,19 @@ public class FingerprintService extends SystemService implements IHwBinder.Death
		final IFingerprintServiceReceiver receiver, final int flags,
		final String opPackageName) {
		final int callingUid = Binder.getCallingUid();
		final int callingPid = Binder.getCallingPid();
		final int callingUserId = UserHandle.getCallingUserId();
		final int pid = Binder.getCallingPid();
		final boolean restricted = isRestricted();
		mHandler.post(new Runnable() {
		@Override
		public void run() {
		if (!canUseFingerprint(opPackageName, true /* foregroundOnly */,
		callingUid, pid, callingUserId)) {

		if (!canUseFingerprint(opPackageName, true /* foregroundOnly */, callingUid, callingPid,
		callingUserId)) {
		if (DEBUG) Slog.v(TAG, "authenticate(): reject " + opPackageName);
		return;
		}

		mHandler.post(new Runnable() {
		@Override
		public void run() {
		MetricsLogger.histogram(mContext, "fingerprint_token", opId != 0L ? 1 : 0);

		// Get performance stats object for this user.
		@@ -1111,16 +1112,19 @@ public class FingerprintService extends SystemService implements IHwBinder.Death

		@Override // Binder call
		public void cancelAuthentication(final IBinder token, final String opPackageName) {
		final int uid = Binder.getCallingUid();
		final int pid = Binder.getCallingPid();
		final int callingUid = Binder.getCallingUid();
		final int callingPid = Binder.getCallingPid();
		final int callingUserId = UserHandle.getCallingUserId();

		if (!canUseFingerprint(opPackageName, true /* foregroundOnly */, callingUid, callingPid,
		callingUserId)) {
		if (DEBUG) Slog.v(TAG, "cancelAuthentication(): reject " + opPackageName);
		return;
		}

		mHandler.post(new Runnable() {
		@Override
		public void run() {
		if (!canUseFingerprint(opPackageName, true /* foregroundOnly */, uid, pid,
		callingUserId)) {
		if (DEBUG) Slog.v(TAG, "cancelAuthentication(): reject " + opPackageName);
		} else {
		ClientMonitor client = mCurrentClient;
		if (client instanceof AuthenticationClient) {
		if (client.getToken() == token) {
		@@ -1135,7 +1139,6 @@ public class FingerprintService extends SystemService implements IHwBinder.Death
		+ client.getOwnerString());
		}
		}
		}
		});
		}