Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9890f89c authored by Pavel Grafov's avatar Pavel Grafov
Browse files

Don't look up parent user SID. 

This is a revert of http://ag/741442

Every user now has their own SID, so there is no need to look up
profile parent anymore.

Bug: 38259874
Test: manual, using ConfirmCredential sample app in work profile.
Test: manual, making sure keys survive N->O-MR1 upgrade.
Change-Id: Ib2f52baeb7c5bfeec95431fccfd6ddd537019954
parent 667a2a4b

gatekeeperd/Android.mk

+1 −2
Original line number Diff line number Diff line
@@ -21,8 +21,7 @@ LOCAL_CFLAGS := -Wall -Wextra -Werror -Wunused 
LOCAL_SRC_FILES := \

	SoftGateKeeperDevice.cpp \

	IGateKeeperService.cpp \

	gatekeeperd.cpp \

	IUserManager.cpp

	gatekeeperd.cpp



LOCAL_MODULE := gatekeeperd

LOCAL_SHARED_LIBRARIES := \

gatekeeperd/IUserManager.cpp

deleted100644 → 0
+0 −57
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2015 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */



#define LOG_TAG "IUserManager"

#include <stdint.h>

#include <sys/types.h>

#include <utils/Log.h>

#include <binder/Parcel.h>



#include "IUserManager.h"



namespace android {



class BpUserManager : public BpInterface<IUserManager>

{

public:

    explicit BpUserManager(const sp<IBinder>& impl) :

            BpInterface<IUserManager>(impl) {

    }

    virtual int32_t getCredentialOwnerProfile(int32_t user_id) {

        Parcel data, reply;

        data.writeInterfaceToken(IUserManager::getInterfaceDescriptor());

        data.writeInt32(user_id);

        status_t rc = remote()->transact(GET_CREDENTIAL_OWNER_PROFILE, data, &reply, 0);

        if (rc != NO_ERROR) {

            ALOGE("%s: failed (%d)\n", __func__, rc);

            return -1;

        }



        int32_t exception = reply.readExceptionCode();

        if (exception != 0) {

            ALOGE("%s: got exception (%d)\n", __func__, exception);

            return -1;

        }



        return reply.readInt32();

    }



};



IMPLEMENT_META_INTERFACE(UserManager, "android.os.IUserManager");



}; // namespace android

gatekeeperd/IUserManager.h

deleted100644 → 0
+0 −46
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2015 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */



#ifndef IUSERMANAGER_H_

#define IUSERMANAGER_H_



#include <inttypes.h>

#include <utils/Errors.h>

#include <binder/IInterface.h>

#include <binder/Parcel.h>

#include <utils/Vector.h>



namespace android {



/*

* Communication channel to UserManager

*/

class IUserManager : public IInterface {

    public:

        // must be kept in sync with IUserManager.aidl

        enum {

            GET_CREDENTIAL_OWNER_PROFILE = IBinder::FIRST_CALL_TRANSACTION + 0,

        };



        virtual int32_t getCredentialOwnerProfile(int32_t user_id) = 0;



        DECLARE_META_INTERFACE(UserManager);

};



}; // namespace android



#endif // IUSERMANAGER_H_

gatekeeperd/gatekeeperd.cpp

+1 −18
Original line number Diff line number Diff line
@@ -37,7 +37,6 @@ 
#include <utils/String16.h>



#include "SoftGateKeeperDevice.h"

#include "IUserManager.h"



#include <hidl/HidlSupport.h>

#include <android/hardware/gatekeeper/1.0/IGatekeeper.h>
@@ -334,23 +333,7 @@ public: 
        return ret;

    }



    virtual uint64_t getSecureUserId(uint32_t uid) {

        uint64_t sid = read_sid(uid);

         if (sid == 0) {

            // might be a work profile, look up the parent

            sp<IServiceManager> sm = defaultServiceManager();

            sp<IBinder> binder = sm->getService(String16("user"));

            sp<IUserManager> um = interface_cast<IUserManager>(binder);

            int32_t parent = um->getCredentialOwnerProfile(uid);

            if (parent < 0) {

                return 0;

            } else if (parent != (int32_t) uid) {

                return read_sid(parent);

            }

        }

        return sid;



    }

    virtual uint64_t getSecureUserId(uint32_t uid) { return read_sid(uid); }



    virtual void clearSecureUserId(uint32_t uid) {

        IPCThreadState* ipc = IPCThreadState::self();