Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6b59ccc9 authored by Rubin Xu's avatar Rubin Xu
Browse files

Clear Gatekeeper state before a new enrollment 

On some devices gatekeeper would fail after certain enrollments due to
some persistent state left around. Call clearSecureUserId() to clear
these state would solve the problem.

Bug: 37704110
Test: execute adb shell cmd lock_settings set-password --old 1234 1234 many times
Change-Id: I0344d6e5bf8b08dd7f1314451bc6d5e3c8c68bab
Merged-In: I0344d6e5bf8b08dd7f1314451bc6d5e3c8c68bab
parent ecabc596

services/core/java/com/android/server/SyntheticPasswordManager.java

+4 −1
Original line number Diff line number Diff line
@@ -346,11 +346,14 @@ public class SyntheticPasswordManager { 
        PasswordData pwd = PasswordData.create(credentialType);

        byte[] pwdToken = computePasswordToken(credential, pwd);



        // In case GK enrollment leaves persistent state around (in RPMB), this will nuke them

        // to prevent them from accumulating and causing problems.

        gatekeeper.clearSecureUserId(fakeUid(userId));

        GateKeeperResponse response = gatekeeper.enroll(fakeUid(userId), null, null,

                passwordTokenToGkInput(pwdToken));

        if (response.getResponseCode() != GateKeeperResponse.RESPONSE_OK) {

            Log.e(TAG, "Fail to enroll user password when creating SP for user " + userId);

            return 0;

            return DEFAULT_HANDLE;

        }

        pwd.passwordHandle = response.getPayload();

        long sid = sidFromPasswordHandle(pwd.passwordHandle);