Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 713a9239 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "LockSettings: Enforce permission check on... 

Merge "LockSettings: Enforce permission check on havePattern/havePassword/systemReady" into oc-mr1-dev
parents fde112a2 b953e188

services/core/java/com/android/server/locksettings/LockSettingsService.java

+15 −0
Original line number Diff line number Diff line
@@ -19,6 +19,7 @@ package com.android.server.locksettings; 
import static android.Manifest.permission.ACCESS_KEYGUARD_SECURE_STORAGE;

import static android.Manifest.permission.READ_CONTACTS;

import static android.content.Context.KEYGUARD_SERVICE;

import static android.content.pm.PackageManager.PERMISSION_GRANTED;



import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_LOCKOUT;

import static com.android.internal.widget.LockPatternUtils.SYNTHETIC_PASSWORD_ENABLED_KEY;
@@ -77,6 +78,7 @@ import android.service.gatekeeper.GateKeeperResponse; 
import android.service.gatekeeper.IGateKeeperService;

import android.text.TextUtils;

import android.util.ArrayMap;

import android.util.EventLog;

import android.util.Log;

import android.util.Slog;
@@ -559,6 +561,10 @@ public class LockSettingsService extends ILockSettings.Stub { 


    @Override // binder interface

    public void systemReady() {

        if (mContext.checkCallingOrSelfPermission(PERMISSION) != PERMISSION_GRANTED) {

            EventLog.writeEvent(0x534e4554, "28251513", getCallingUid(), "");  // SafetyNet

        }

        checkWritePermission(UserHandle.USER_SYSTEM);

        migrateOldData();

        try {

            getGateKeeperService();
@@ -805,6 +811,13 @@ public class LockSettingsService extends ILockSettings.Stub { 
        mContext.enforceCallingOrSelfPermission(PERMISSION, "LockSettingsRead");

    }



    private final void checkPasswordHavePermission(int userId) {

        if (mContext.checkCallingOrSelfPermission(PERMISSION) != PERMISSION_GRANTED) {

            EventLog.writeEvent(0x534e4554, "28251513", getCallingUid(), "");  // SafetyNet

        }

        mContext.enforceCallingOrSelfPermission(PERMISSION, "LockSettingsHave");

    }



    private final void checkReadPermission(String requestedKey, int userId) {

        final int callingUid = Binder.getCallingUid();
@@ -934,6 +947,7 @@ public class LockSettingsService extends ILockSettings.Stub { 


    @Override

    public boolean havePassword(int userId) throws RemoteException {

        checkPasswordHavePermission(userId);

        synchronized (mSpManager) {

            if (isSyntheticPasswordBasedCredentialLocked(userId)) {

                long handle = getSyntheticPasswordHandleLocked(userId);
@@ -947,6 +961,7 @@ public class LockSettingsService extends ILockSettings.Stub { 


    @Override

    public boolean havePattern(int userId) throws RemoteException {

        checkPasswordHavePermission(userId);

        synchronized (mSpManager) {

            if (isSyntheticPasswordBasedCredentialLocked(userId)) {

                long handle = getSyntheticPasswordHandleLocked(userId);