Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4c021972 authored by Eric Biggers's avatar Eric Biggers
Browse files

Don't clear calling identity before setCeStorageProtection() 

Now that http://ag/34834390 has moved
IStorageManager#setCeStorageProtection() to
StorageManagerInternal#setCeStorageProtection(), it no longer requires
the STORAGE_INTERNAL permission.  Therefore, it is no longer necessary
for LockSettingsService#setCeStorageProtection() to clear and restore
the calling identity.

(It may have been unnecessary even before that CL, since the callers of
LockSettingsService#setCeStorageProtection() should have already had a
cleared calling identity anyway.)

Bug: 434738842
Flag: EXEMPT refactor
Test: atest FrameworksServicesTests:com.android.server.locksettings
Change-Id: I5ad7fb8ef5f84cc67a2bd8b49d4124d57f8f6b97
parent 431671f1

services/core/java/com/android/server/locksettings/LockSettingsService.java

+0 −2
Original line number Diff line number Diff line
@@ -2163,13 +2163,11 @@ public class LockSettingsService extends ILockSettings.Stub { 


    private void setCeStorageProtection(@UserIdInt int userId, SyntheticPassword sp) {

        final byte[] secret = sp.deriveFileBasedEncryptionKey();

        final long callingId = Binder.clearCallingIdentity();

        try {

            mStorageManagerInternal.setCeStorageProtection(userId, secret);

        } catch (RuntimeException e) {

            throw new IllegalStateException("Failed to protect CE key for user " + userId, e);

        } finally {

            Binder.restoreCallingIdentity(callingId);

            ArrayUtils.zeroize(secret);

        }

    }