Loading gatekeeperd/IGateKeeperService.cpp +7 −0 Original line number Diff line number Diff line Loading @@ -123,6 +123,13 @@ status_t BnGateKeeperService::onTransact( reply->writeInt64(sid); return NO_ERROR; } case CLEAR_SECURE_USER_ID: { CHECK_INTERFACE(IGateKeeperService, data, reply); uint32_t uid = data.readInt32(); clearSecureUserId(uid); reply->writeNoException(); return NO_ERROR; } default: return BBinder::onTransact(code, data, reply, flags); } Loading gatekeeperd/IGateKeeperService.h +6 −0 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ public: VERIFY = IBinder::FIRST_CALL_TRANSACTION + 1, VERIFY_CHALLENGE = IBinder::FIRST_CALL_TRANSACTION + 2, GET_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 3, CLEAR_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 4, }; // DECLARE_META_INTERFACE - C++ client interface not needed Loading Loading @@ -70,6 +71,11 @@ public: * Returns the secure user ID for the provided android user */ virtual uint64_t getSecureUserId(uint32_t uid) = 0; /** * Clears the secure user ID associated with the user. */ virtual void clearSecureUserId(uint32_t uid) = 0; }; // ---------------------------------------------------------------------------- Loading gatekeeperd/gatekeeperd.cpp +11 −0 Original line number Diff line number Diff line Loading @@ -173,6 +173,17 @@ public: return read_sid(uid); } virtual void clearSecureUserId(uint32_t uid) { IPCThreadState* ipc = IPCThreadState::self(); const int calling_pid = ipc->getCallingPid(); const int calling_uid = ipc->getCallingUid(); if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) { ALOGE("%s: permission denied for [%d:%d]", __func__, calling_pid, calling_uid); return; } store_sid(uid, 0); } virtual status_t dump(int fd, const Vector<String16> &) { IPCThreadState* ipc = IPCThreadState::self(); const int pid = ipc->getCallingPid(); Loading Loading
gatekeeperd/IGateKeeperService.cpp +7 −0 Original line number Diff line number Diff line Loading @@ -123,6 +123,13 @@ status_t BnGateKeeperService::onTransact( reply->writeInt64(sid); return NO_ERROR; } case CLEAR_SECURE_USER_ID: { CHECK_INTERFACE(IGateKeeperService, data, reply); uint32_t uid = data.readInt32(); clearSecureUserId(uid); reply->writeNoException(); return NO_ERROR; } default: return BBinder::onTransact(code, data, reply, flags); } Loading
gatekeeperd/IGateKeeperService.h +6 −0 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ public: VERIFY = IBinder::FIRST_CALL_TRANSACTION + 1, VERIFY_CHALLENGE = IBinder::FIRST_CALL_TRANSACTION + 2, GET_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 3, CLEAR_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 4, }; // DECLARE_META_INTERFACE - C++ client interface not needed Loading Loading @@ -70,6 +71,11 @@ public: * Returns the secure user ID for the provided android user */ virtual uint64_t getSecureUserId(uint32_t uid) = 0; /** * Clears the secure user ID associated with the user. */ virtual void clearSecureUserId(uint32_t uid) = 0; }; // ---------------------------------------------------------------------------- Loading
gatekeeperd/gatekeeperd.cpp +11 −0 Original line number Diff line number Diff line Loading @@ -173,6 +173,17 @@ public: return read_sid(uid); } virtual void clearSecureUserId(uint32_t uid) { IPCThreadState* ipc = IPCThreadState::self(); const int calling_pid = ipc->getCallingPid(); const int calling_uid = ipc->getCallingUid(); if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) { ALOGE("%s: permission denied for [%d:%d]", __func__, calling_pid, calling_uid); return; } store_sid(uid, 0); } virtual status_t dump(int fd, const Vector<String16> &) { IPCThreadState* ipc = IPCThreadState::self(); const int pid = ipc->getCallingPid(); Loading
