Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fe1b4627 authored by Andres Morales's avatar Andres Morales Committed by Android Git Automerger
Browse files

am 19f223f3: Merge "[gatekeeperd] Check parent profile for SID lookups" into mnc-dev

* commit '19f223f3':
  [gatekeeperd] Check parent profile for SID lookups
parents 779a38a5 19f223f3
Loading
Loading
Loading
Loading
+6 −1
Original line number Diff line number Diff line
@@ -18,7 +18,12 @@ LOCAL_PATH := $(call my-dir)

include $(CLEAR_VARS)
LOCAL_CFLAGS := -Wall -Wextra -Werror -Wunused
LOCAL_SRC_FILES := SoftGateKeeperDevice.cpp IGateKeeperService.cpp gatekeeperd.cpp
LOCAL_SRC_FILES := \
	SoftGateKeeperDevice.cpp \
	IGateKeeperService.cpp \
	gatekeeperd.cpp \
	IUserManager.cpp

LOCAL_MODULE := gatekeeperd
LOCAL_SHARED_LIBRARIES := \
	libbinder \
+57 −0
Original line number Diff line number Diff line
/*
 * Copyright (C) 2015 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#define LOG_TAG "IUserManager"
#include <stdint.h>
#include <sys/types.h>
#include <utils/Log.h>
#include <binder/Parcel.h>

#include "IUserManager.h"

namespace android {

class BpUserManager : public BpInterface<IUserManager>
{
public:
    BpUserManager(const sp<IBinder>& impl) :
            BpInterface<IUserManager>(impl) {
    }
    virtual int32_t getCredentialOwnerProfile(int32_t user_id) {
        Parcel data, reply;
        data.writeInterfaceToken(IUserManager::getInterfaceDescriptor());
        data.writeInt32(user_id);
        status_t rc = remote()->transact(GET_CREDENTIAL_OWNER_PROFILE, data, &reply, 0);
        if (rc != NO_ERROR) {
            ALOGE("%s: failed (%d)\n", __func__, rc);
            return -1;
        }

        int32_t exception = reply.readExceptionCode();
        if (exception != 0) {
            ALOGE("%s: got exception (%d)\n", __func__, exception);
            return -1;
        }

        return reply.readInt32();
    }

};

IMPLEMENT_META_INTERFACE(UserManager, "android.os.IUserManager");

}; // namespace android
+46 −0
Original line number Diff line number Diff line
/*
 * Copyright (C) 2015 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#ifndef IUSERMANAGER_H_
#define IUSERMANAGER_H_

#include <inttypes.h>
#include <utils/Errors.h>
#include <binder/IInterface.h>
#include <binder/Parcel.h>
#include <utils/Vector.h>

namespace android {

/*
* Communication channel to UserManager
*/
class IUserManager : public IInterface {
    public:
        // must be kept in sync with IUserManager.aidl
        enum {
            GET_CREDENTIAL_OWNER_PROFILE = IBinder::FIRST_CALL_TRANSACTION + 0,
        };

        virtual int32_t getCredentialOwnerProfile(int32_t user_id) = 0;

        DECLARE_META_INTERFACE(UserManager);
};

}; // namespace android

#endif // IUSERMANAGER_H_
+16 −1
Original line number Diff line number Diff line
@@ -40,6 +40,7 @@
#include <hardware/hw_auth_token.h>

#include "SoftGateKeeperDevice.h"
#include "IUserManager.h"

namespace android {

@@ -263,7 +264,21 @@ public:
    }

    virtual uint64_t getSecureUserId(uint32_t uid) {
        return read_sid(uid);
        uint64_t sid = read_sid(uid);
         if (sid == 0) {
            // might be a work profile, look up the parent
            sp<IServiceManager> sm = defaultServiceManager();
            sp<IBinder> binder = sm->getService(String16("user"));
            sp<IUserManager> um = interface_cast<IUserManager>(binder);
            int32_t parent = um->getCredentialOwnerProfile(uid);
            if (parent < 0) {
                return 0;
            } else if (parent != (int32_t) uid) {
                return read_sid(parent);
            }
        }
        return sid;

    }

    virtual void clearSecureUserId(uint32_t uid) {