Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 67f11e65 authored Apr 21, 2021 by Pavel Grafov

Make sure DPC knows if revoke fails

Bug: 183098396
Test: atest MixedDeviceOwnerTest#testKeyManagement
Change-Id: I89b51a1fb4be3b53eb46a7c194924b5255cd262b

parent 952b75ea

keystore/java/android/security/IKeyChainService.aidl

+2 −1

Original line number	Diff line number	Diff line
		@@ -66,7 +66,8 @@ interface IKeyChainService {
		boolean isCredentialManagementApp(String packageName);

		// APIs used by KeyChainActivity
		void setGrant(int uid, String alias, boolean value);
		// setGrant may fail with value=false when ungrant operation fails in KeyStore.
		boolean setGrant(int uid, String alias, boolean value);
		boolean hasGrant(int uid, String alias);

		// API used by Wifi

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+1 −2

Original line number	Diff line number	Diff line
		@@ -5657,8 +5657,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		try (KeyChainConnection keyChainConnection =
		KeyChain.bindAsUser(mContext, userHandle)) {
		IKeyChainService keyChain = keyChainConnection.getService();
		keyChain.setGrant(granteeUid, alias, hasGrant);
		return true;
		return keyChain.setGrant(granteeUid, alias, hasGrant);
		} catch (RemoteException e) {
		Slogf.e(LOG_TAG, "Setting grant for package.", e);
		return false;