Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d39113ea authored by Robin Lee's avatar Robin Lee
Browse files

Replace broken UserHandle.SYSTEM check in LPU 

ActivityManager.getCurrentUser returns the user currently in the
foreground, not the calling or affected process.

Note:
---
This is just an API for setting the default suggestion when choosing a
new lock type in Settings, so it's not much of a security problem
(background users/profiles could only modify the suggestion, not the
 actual encryption setting).

Change-Id: I98c62be7c5726f99fea0ec9320ad9d85cce850ef
parent eb6c0237

core/java/com/android/internal/widget/LockPatternUtils.java

+4 −6
Original line number Original line Diff line number Diff line
@@ -17,7 +17,6 @@ 
package com.android.internal.widget;

package com.android.internal.widget;





import android.annotation.IntDef;

import android.annotation.IntDef;

import android.app.ActivityManager;

import android.app.admin.DevicePolicyManager;

import android.app.admin.DevicePolicyManager;

import android.app.trust.IStrongAuthTracker;

import android.app.trust.IStrongAuthTracker;

import android.app.trust.TrustManager;

import android.app.trust.TrustManager;
@@ -478,9 +477,8 @@ public class LockPatternUtils { 
        if (userHandle == UserHandle.USER_SYSTEM) {

        if (userHandle == UserHandle.USER_SYSTEM) {

            // Set the encryption password to default.

            // Set the encryption password to default.

            updateEncryptionPassword(StorageManager.CRYPT_TYPE_DEFAULT, null);

            updateEncryptionPassword(StorageManager.CRYPT_TYPE_DEFAULT, null);

        }



            setCredentialRequiredToDecrypt(false);

            setCredentialRequiredToDecrypt(false);

        }





        getDevicePolicyManager().setActivePasswordState(

        getDevicePolicyManager().setActivePasswordState(

                DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0, userHandle);

                DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0, userHandle);
@@ -1308,9 +1306,9 @@ public class LockPatternUtils { 
    }

    }





    public void setCredentialRequiredToDecrypt(boolean required) {

    public void setCredentialRequiredToDecrypt(boolean required) {

        if (ActivityManager.getCurrentUser() != UserHandle.USER_SYSTEM) {

        if (!(getUserManager().isSystemUser() || getUserManager().isPrimaryUser())) {

            Log.w(TAG, "Only device owner may call setCredentialRequiredForDecrypt()");

            throw new IllegalStateException(

            return;

                    "Only the system or primary user may call setCredentialRequiredForDecrypt()");

        }

        }





        if (isDeviceEncryptionEnabled()){

        if (isDeviceEncryptionEnabled()){