Merge "Fix the misuse of calling user id as group id" into nyc-dev (66e640d8) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/fingerprint/AuthenticationClient.java

+2 −2

Original line number	Diff line number	Diff line
		@@ -39,9 +39,9 @@ public abstract class AuthenticationClient extends ClientMonitor {
		public abstract void resetFailedAttempts();

		public AuthenticationClient(Context context, long halDeviceId, IBinder token,
		IFingerprintServiceReceiver receiver, int userId, int groupId, long opId,
		IFingerprintServiceReceiver receiver, int callingUserId, int groupId, long opId,
		boolean restricted, String owner) {
		super(context, halDeviceId, token, receiver, userId, groupId, restricted, owner);
		super(context, halDeviceId, token, receiver, callingUserId, groupId, restricted, owner);
		mOpId = opId;
		}

services/core/java/com/android/server/fingerprint/ClientMonitor.java

+6 −6

Original line number	Diff line number	Diff line
		@@ -38,7 +38,7 @@ public abstract class ClientMonitor implements IBinder.DeathRecipient {
		protected static final boolean DEBUG = FingerprintService.DEBUG;
		private IBinder mToken;
		private IFingerprintServiceReceiver mReceiver;
		private int mUserId;
		private int mCallingUserId;
		private int mGroupId;
		private boolean mIsRestricted; // True if client does not have MANAGE_FINGERPRINT permission
		private String mOwner;
		@@ -50,20 +50,20 @@ public abstract class ClientMonitor implements IBinder.DeathRecipient {
		* @param halDeviceId the HAL device ID of the associated fingerprint hardware
		* @param token a unique token for the client
		* @param receiver recipient of related events (e.g. authentication)
		* @param userId userId for the fingerprint set
		* @param callingUserId user id of calling user
		* @param groupId groupId for the fingerprint set
		* @param restricted whether or not client has the {@link Manifest#MANAGE_FINGERPRINT}
		* permission
		* @param owner name of the client that owns this
		*/
		public ClientMonitor(Context context, long halDeviceId, IBinder token,
		IFingerprintServiceReceiver receiver, int userId, int groupId,boolean restricted,
		IFingerprintServiceReceiver receiver, int callingUserId, int groupId,boolean restricted,
		String owner) {
		mContext = context;
		mHalDeviceId = halDeviceId;
		mToken = token;
		mReceiver = receiver;
		mUserId = userId;
		mCallingUserId = callingUserId;
		mGroupId = groupId;
		mIsRestricted = restricted;
		mOwner = owner;
		@@ -197,8 +197,8 @@ public abstract class ClientMonitor implements IBinder.DeathRecipient {
		return mIsRestricted;
		}

		public final int getUserId() {
		return mUserId;
		public final int getCallingUserId() {
		return mCallingUserId;
		}

		public final int getGroupId() {

services/core/java/com/android/server/fingerprint/EnrollClient.java

+5 −2

Original line number	Diff line number	Diff line
		@@ -46,9 +46,12 @@ public abstract class EnrollClient extends ClientMonitor {

		@Override
		public boolean onEnrollResult(int fingerId, int groupId, int remaining) {
		if (groupId != getGroupId()) {
		Slog.w(TAG, "groupId != getGroupId(), groupId: " + groupId +
		" getGroupId():" + getGroupId());
		}
		if (remaining == 0) {
		FingerprintUtils.getInstance().addFingerprintForUser(getContext(), fingerId,
		getUserId());
		FingerprintUtils.getInstance().addFingerprintForUser(getContext(), fingerId, groupId);
		}
		return sendEnrollResult(fingerId, groupId, remaining);
		}

services/core/java/com/android/server/fingerprint/EnumerateClient.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -41,7 +41,7 @@ public abstract class EnumerateClient extends ClientMonitor {
		try {
		final int result = daemon.enumerate();
		if (result != 0) {
		Slog.w(TAG, "start enumerate for user " + getUserId()
		Slog.w(TAG, "start enumerate for user " + getCallingUserId()
		+ " failed, result=" + result);
		onError(FingerprintManager.FINGERPRINT_ERROR_HW_UNAVAILABLE);
		return result;

services/core/java/com/android/server/fingerprint/FingerprintService.java

+17 −17

Original line number	Diff line number	Diff line
		@@ -356,7 +356,7 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe
		}
		}

		void startRemove(IBinder token, int fingerId, int userId, int groupId,
		void startRemove(IBinder token, int fingerId, int callingUserId, int groupId,
		IFingerprintServiceReceiver receiver, boolean restricted) {
		IFingerprintDaemon daemon = getFingerprintDaemon();
		if (daemon == null) {
		@@ -364,7 +364,7 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe
		return;
		}
		RemovalClient client = new RemovalClient(getContext(), mHalDeviceId, token,
		receiver, userId, groupId, fingerId, restricted, token.toString()) {
		receiver, callingUserId, groupId, fingerId, restricted, token.toString()) {
		@Override
		public void notifyUserActivity() {
		FingerprintService.this.userActivity();
		@@ -372,8 +372,7 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe

		@Override
		public IFingerprintDaemon getFingerprintDaemon() {
		FingerprintService.this.getFingerprintDaemon();
		return null;
		return FingerprintService.this.getFingerprintDaemon();
		}
		};
		startClient(client, true);
		@@ -494,7 +493,7 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe
		}
		}

		private void startAuthentication(IBinder token, long opId, int realUserId, int groupId,
		private void startAuthentication(IBinder token, long opId, int callingUserId, int groupId,
		IFingerprintServiceReceiver receiver, int flags, boolean restricted,
		String opPackageName) {
		updateActiveGroup(groupId, opPackageName);
		@@ -502,7 +501,7 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe
		if (DEBUG) Slog.v(TAG, "startAuthentication(" + opPackageName + ")");

		AuthenticationClient client = new AuthenticationClient(getContext(), mHalDeviceId, token,
		receiver, realUserId, groupId, opId, restricted, opPackageName) {
		receiver, callingUserId, groupId, opId, restricted, opPackageName) {
		@Override
		public boolean handleFailedAttempt() {
		mFailedAttempts++;
		@@ -541,13 +540,13 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe
		startClient(client, true /* initiatedByClient */);
		}

		private void startEnrollment(IBinder token, byte [] cryptoToken, int userId, int groupId,
		private void startEnrollment(IBinder token, byte [] cryptoToken, int callingUserId, int groupId,
		IFingerprintServiceReceiver receiver, int flags, boolean restricted,
		String opPackageName) {
		updateActiveGroup(groupId, opPackageName);

		EnrollClient client = new EnrollClient(getContext(), mHalDeviceId, token, receiver,
		userId, groupId, cryptoToken, restricted, opPackageName) {
		callingUserId, groupId, cryptoToken, restricted, opPackageName) {

		@Override
		public IFingerprintDaemon getFingerprintDaemon() {
		@@ -687,9 +686,9 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe
		checkPermission(MANAGE_FINGERPRINT);
		final int limit = mContext.getResources().getInteger(
		com.android.internal.R.integer.config_fingerprintMaxTemplatesPerUser);
		final int callingUid = Binder.getCallingUid();
		final int userId = UserHandle.getUserId(callingUid);
		final int enrolled = FingerprintService.this.getEnrolledFingerprints(userId).size();
		final int callingUserId = UserHandle.getCallingUserId();
		final int enrolled = FingerprintService.this.
		getEnrolledFingerprints(callingUserId).size();
		if (enrolled >= limit) {
		Slog.w(TAG, "Too many fingerprints registered");
		return;
		@@ -705,7 +704,7 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe
		mHandler.post(new Runnable() {
		@Override
		public void run() {
		startEnrollment(token, cryptoToken, userId, groupId, receiver, flags,
		startEnrollment(token, cryptoToken, callingUserId, groupId, receiver, flags,
		restricted, opPackageName);
		}
		});
		@@ -735,7 +734,8 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe
		public void authenticate(final IBinder token, final long opId, final int groupId,
		final IFingerprintServiceReceiver receiver, final int flags,
		final String opPackageName) {
		final int realUserId = Binder.getCallingUid();
		final int callingUid = Binder.getCallingUid();
		final int callingUserId = UserHandle.getCallingUserId();
		final int pid = Binder.getCallingPid();
		final boolean restricted = isRestricted();
		mHandler.post(new Runnable() {
		@@ -743,11 +743,11 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe
		public void run() {
		MetricsLogger.histogram(mContext, "fingerprint_token", opId != 0L ? 1 : 0);
		if (!canUseFingerprint(opPackageName, true /* foregroundOnly */,
		realUserId, pid)) {
		callingUid, pid)) {
		if (DEBUG) Slog.v(TAG, "authenticate(): reject " + opPackageName);
		return;
		}
		startAuthentication(token, opId, realUserId, groupId, receiver,
		startAuthentication(token, opId, callingUserId, groupId, receiver,
		flags, restricted, opPackageName);
		}
		});
		@@ -797,11 +797,11 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe
		final IFingerprintServiceReceiver receiver) {
		checkPermission(MANAGE_FINGERPRINT); // TODO: Maybe have another permission
		final boolean restricted = isRestricted();
		final int realUserId = Binder.getCallingUid();
		final int callingUserId = UserHandle.getCallingUserId();
		mHandler.post(new Runnable() {
		@Override
		public void run() {
		startRemove(token, fingerId, realUserId, groupId, receiver, restricted);
		startRemove(token, fingerId, callingUserId, groupId, receiver, restricted);
		}
		});