Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c75a1774 authored by Leonid Baraz's avatar Leonid Baraz Committed by Android (Google) Code Review
Browse files

Merge "Add missing lock to areAllUsersAffiliatedWithDeviceLocked" into main

parents 0a415b7b 26e845bd

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+19 −11
Original line number Original line Diff line number Diff line
@@ -4152,9 +4152,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
    }

    }

















    private void checkAllUsersAreAffiliatedWithDevice() {







    private void checkAllUsersAreAffiliatedWithDevice() {














        synchronized (getLockObject()) {











            Preconditions.checkCallAuthorization(areAllUsersAffiliatedWithDeviceLocked(),







            Preconditions.checkCallAuthorization(areAllUsersAffiliatedWithDeviceLocked(),











                    "operation not allowed when device has unaffiliated users");







                    "operation not allowed when device has unaffiliated users");











        }







        }














    }



























    @Override







    @Override











    public boolean isAdminActive(ComponentName adminReceiver, int userHandle) {







    public boolean isAdminActive(ComponentName adminReceiver, int userHandle) {










@@ -18213,6 +18215,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {









        return false;







        return false;











    }







    }






























    @GuardedBy("getLockObject()")











    private boolean areAllUsersAffiliatedWithDeviceLocked() {







    private boolean areAllUsersAffiliatedWithDeviceLocked() {











        return mInjector.binderWithCleanCallingIdentity(() -> {







        return mInjector.binderWithCleanCallingIdentity(() -> {











            final List<UserInfo> userInfos = mUserManager.getAliveUsers();







            final List<UserInfo> userInfos = mUserManager.getAliveUsers();










@@ -18310,10 +18313,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {

























        final CallerIdentity caller = getCallerIdentity(admin, packageName);







        final CallerIdentity caller = getCallerIdentity(admin, packageName);











        if (isPermissionCheckFlagEnabled()) {







        if (isPermissionCheckFlagEnabled()) {














            synchronized (getLockObject()) {











                Preconditions.checkCallAuthorization(isOrganizationOwnedDeviceWithManagedProfile()







                Preconditions.checkCallAuthorization(isOrganizationOwnedDeviceWithManagedProfile()











                        || areAllUsersAffiliatedWithDeviceLocked());







                        || areAllUsersAffiliatedWithDeviceLocked());











                enforcePermission(MANAGE_DEVICE_POLICY_SECURITY_LOGGING, caller.getPackageName(),







                enforcePermission(MANAGE_DEVICE_POLICY_SECURITY_LOGGING, caller.getPackageName(),











                        UserHandle.USER_ALL);







                        UserHandle.USER_ALL);














            }











        } else {







        } else {











            if (admin != null) {







            if (admin != null) {











                Preconditions.checkCallAuthorization(







                Preconditions.checkCallAuthorization(









@@ -18325,9 +18330,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {









                        isCallerDelegate(caller, DELEGATION_SECURITY_LOGGING));







                        isCallerDelegate(caller, DELEGATION_SECURITY_LOGGING));











            }







            }






























            synchronized (getLockObject()) {











                Preconditions.checkCallAuthorization(isOrganizationOwnedDeviceWithManagedProfile()







                Preconditions.checkCallAuthorization(isOrganizationOwnedDeviceWithManagedProfile()











                        || areAllUsersAffiliatedWithDeviceLocked());







                        || areAllUsersAffiliatedWithDeviceLocked());











            }







            }














        }



























        DevicePolicyEventLogger







        DevicePolicyEventLogger











                .createEvent(DevicePolicyEnums.RETRIEVE_PRE_REBOOT_SECURITY_LOGS)







                .createEvent(DevicePolicyEnums.RETRIEVE_PRE_REBOOT_SECURITY_LOGS)










@@ -24541,6 +24548,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {









        });







        });











    }







    }






























    @GuardedBy("getLockObject()")











    private void migrateUserControlDisabledPackagesLocked() {







    private void migrateUserControlDisabledPackagesLocked() {











        Binder.withCleanCallingIdentity(() -> {







        Binder.withCleanCallingIdentity(() -> {











            List<UserInfo> users = mUserManager.getUsers();







            List<UserInfo> users = mUserManager.getUsers();