diff options
author | Janis Danisevskis <jdanis@google.com> | 2020-01-21 14:33:30 -0800 |
---|---|---|
committer | Anis Assi <anisassi@google.com> | 2020-03-12 13:42:59 -0700 |
commit | 4ea871ac86ea4c1f0309672e73527a54b36d4f67 (patch) | |
tree | baf1589b49e8761512fff75afc4ee6110456dc1a | |
parent | 2dc81ad6f07dd0ec3b8d7f0a1b33423eef1c9677 (diff) | |
download | security-4ea871ac86ea4c1f0309672e73527a54b36d4f67.tar.gz |
Add permission check on onKeyguardVisibilityChangedandroid-security-10.0.0_r49android-security-10.0.0_r48android-10.0.0_r47android-10.0.0_r46
Without this permission check any app can toggle the locked state of
keymaster once it has been unlocked for the first time.
Bug: 144285084
Test: Manually tested with debugger that the requred code paths are
run.
Merged-In: Idb8a200dc2963e1085e9fddd0c565c5172465e65
Change-Id: Idb8a200dc2963e1085e9fddd0c565c5172465e65
(cherry picked from commit 21f452c3722ad7fa39c7d84c4723bcbb723ab164)
(cherry picked from commit ed9a255fc6e66715d7f14cc44f1ccbd767c0f3c5)
-rw-r--r-- | keystore/key_store_service.cpp | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp index 5e7efab0..e0ee9374 100644 --- a/keystore/key_store_service.cpp +++ b/keystore/key_store_service.cpp @@ -1354,12 +1354,23 @@ bool KeyStoreService::checkAllowedOperationParams(const hidl_vec<KeyParameter>& } Status KeyStoreService::onKeyguardVisibilityChanged(bool isShowing, int32_t userId, - int32_t* aidl_return) { + int32_t* _aidl_return) { KEYSTORE_SERVICE_LOCK; + if (isShowing) { + if (!checkBinderPermission(P_LOCK, UID_SELF)) { + LOG(WARNING) << "onKeyguardVisibilityChanged called with isShowing == true but " + "without LOCK permission"; + return AIDL_RETURN(ResponseCode::PERMISSION_DENIED); + } + } else { + if (!checkBinderPermission(P_UNLOCK, UID_SELF)) { + LOG(WARNING) << "onKeyguardVisibilityChanged called with isShowing == false but " + "without UNLOCK permission"; + return AIDL_RETURN(ResponseCode::PERMISSION_DENIED); + } + } mKeyStore->getEnforcementPolicy().set_device_locked(isShowing, userId); - *aidl_return = static_cast<int32_t>(ResponseCode::NO_ERROR); - - return Status::ok(); + return AIDL_RETURN(ResponseCode::NO_ERROR); } } // namespace keystore |