diff options
author | android-build-team Robot <android-build-team-robot@google.com> | 2020-03-12 23:13:48 +0000 |
---|---|---|
committer | android-build-team Robot <android-build-team-robot@google.com> | 2020-03-12 23:13:48 +0000 |
commit | f681280e75ebeede9cd237828f4dd76412960a9e (patch) | |
tree | ea9f8801f52894c5b097f93cdc2ba8fc8aeeda95 | |
parent | 0a62361d9ffd460afcaa32d8550f357e9c1e0812 (diff) | |
parent | 7033e889beba67cc1e888533ba3453a93ca378b3 (diff) | |
download | security-f681280e75ebeede9cd237828f4dd76412960a9e.tar.gz |
Snap for 6290189 from 7033e889beba67cc1e888533ba3453a93ca378b3 to qt-qpr3-releaseandroid-10.0.0_r41android-10.0.0_r40android-10.0.0_r39android-10.0.0_r38android-10.0.0_r37android10-qpr3-s1-releaseandroid10-qpr3-release
Change-Id: Icfd209df9f015e3d375717a668018f45e4117237
-rw-r--r-- | keystore/key_store_service.cpp | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp index 2336e570..b6b72952 100644 --- a/keystore/key_store_service.cpp +++ b/keystore/key_store_service.cpp @@ -1359,12 +1359,23 @@ bool KeyStoreService::checkAllowedOperationParams(const hidl_vec<KeyParameter>& } Status KeyStoreService::onKeyguardVisibilityChanged(bool isShowing, int32_t userId, - int32_t* aidl_return) { + int32_t* _aidl_return) { KEYSTORE_SERVICE_LOCK; + if (isShowing) { + if (!checkBinderPermission(P_LOCK, UID_SELF)) { + LOG(WARNING) << "onKeyguardVisibilityChanged called with isShowing == true but " + "without LOCK permission"; + return AIDL_RETURN(ResponseCode::PERMISSION_DENIED); + } + } else { + if (!checkBinderPermission(P_UNLOCK, UID_SELF)) { + LOG(WARNING) << "onKeyguardVisibilityChanged called with isShowing == false but " + "without UNLOCK permission"; + return AIDL_RETURN(ResponseCode::PERMISSION_DENIED); + } + } mKeyStore->getEnforcementPolicy().set_device_locked(isShowing, userId); - *aidl_return = static_cast<int32_t>(ResponseCode::NO_ERROR); - - return Status::ok(); + return AIDL_RETURN(ResponseCode::NO_ERROR); } } // namespace keystore |