Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d04aaa32 authored by Amith Yamasani's avatar Amith Yamasani
Browse files

More thorough cleansing of expired users 

If any /data/system_[c|d]e folders were not erased
when the user was removed (maybe due to a reboot),
make sure they're cleaned up on restart as well
as when the userId is recycled later.

Mark the users' system folders with the correct
serial number for later verification.

AccountManager shouldn't be querying accounts of
partially created/destroyed users.

Change-Id: I4313756b7464f34cd5ce4fb296d61daa50b41fcb
Fixes: 29285673
parent d5f7bf80

core/java/android/content/Context.java

+6 −0
Original line number Diff line number Diff line
@@ -3645,6 +3645,12 @@ public abstract class Context { 
     */

    public static final String SYSTEM_HEALTH_SERVICE = "systemhealth";



    /**

     * Gatekeeper Service.

     * @hide

     */

    public static final String GATEKEEPER_SERVICE = "android.service.gatekeeper.IGateKeeperService";



    /**

     * Determine whether the given permission is allowed for a particular

     * process and user ID running in the system.

core/java/android/os/Environment.java

+16 −0
Original line number Diff line number Diff line
@@ -240,6 +240,22 @@ public class Environment { 
        return new File(getDataDirectory(), "system");

    }



    /**

     * Returns the base directory for per-user system directory, device encrypted.

     * {@hide}

     */

    public static File getDataSystemDeDirectory() {

        return buildPath(getDataDirectory(), "system_de");

    }



    /**

     * Returns the base directory for per-user system directory, credential encrypted.

     * {@hide}

     */

    public static File getDataSystemCeDirectory() {

        return buildPath(getDataDirectory(), "system_ce");

    }



    /** {@hide} */

    public static File getDataSystemCeDirectory(int userId) {

        return buildPath(getDataDirectory(), "system_ce", String.valueOf(userId));

core/java/android/os/UserManager.java

+3 −1
Original line number Diff line number Diff line
@@ -1496,7 +1496,9 @@ public class UserManager { 
    }



    /**

     * Returns information for all users on this device.

     * Returns information for all users on this device, including ones marked for deletion.

     * To retrieve only users that are alive, use {@link #getUsers(boolean)}.

     * <p>

     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.

     * @return the list of users that exist on the device.

     * @hide

keystore/java/android/security/GateKeeper.java

+2 −1
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ 


package android.security;



import android.content.Context;

import android.os.RemoteException;

import android.os.ServiceManager;

import android.os.UserHandle;
@@ -32,7 +33,7 @@ public abstract class GateKeeper { 


    public static IGateKeeperService getService() {

        IGateKeeperService service = IGateKeeperService.Stub.asInterface(

                ServiceManager.getService("android.service.gatekeeper.IGateKeeperService"));

                ServiceManager.getService(Context.GATEKEEPER_SERVICE));

        if (service == null) {

            throw new IllegalStateException("Gatekeeper service not available");

        }

services/core/java/com/android/server/LockSettingsService.java

+1 −1
Original line number Diff line number Diff line
@@ -1588,7 +1588,7 @@ public class LockSettingsService extends ILockSettings.Stub { 
        }



        final IBinder service =

            ServiceManager.getService("android.service.gatekeeper.IGateKeeperService");

            ServiceManager.getService(Context.GATEKEEPER_SERVICE);

        if (service != null) {

            service.linkToDeath(new GateKeeperDiedRecipient(), 0);

            mGateKeeperService = IGateKeeperService.Stub.asInterface(service);