diff options
author | Kenny Root <kroot@google.com> | 2014-07-31 23:09:44 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2014-07-31 19:45:19 +0000 |
commit | a62474699a202588609d7051e677f23734151900 (patch) | |
tree | c8047628401f1511fde644634a206d5b28ecb73d | |
parent | 931fac098f2ae35aa1da26ced57962c9a21f95cf (diff) | |
parent | 007cb236ada4b3d70815f03dd07116a5e187f4dd (diff) | |
download | security-a62474699a202588609d7051e677f23734151900.tar.gz |
Merge "keystore: allow system to clear keys even while encrypted" into lmp-dev
-rw-r--r-- | keystore/keystore.cpp | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp index fd6af0dd..4335f8a0 100644 --- a/keystore/keystore.cpp +++ b/keystore/keystore.cpp @@ -298,6 +298,15 @@ static bool is_granted_to(uid_t callingUid, uid_t targetUid) { return false; } +/** + * Allow the system to perform some privileged tasks that have to do with + * system maintenance. This should not be used for any function that uses + * the keys in any way (e.g., signing). + */ +static bool is_self_or_system(uid_t callingUid, uid_t targetUid) { + return callingUid == targetUid || callingUid == AID_SYSTEM; +} + /* Here is the encoding of keys. This is necessary in order to allow arbitrary * characters in keys. Characters in [0-~] are not encoded. Others are encoded * into two bytes. The first byte is one of [+-.] which represents the first @@ -2305,15 +2314,10 @@ public: return ::PERMISSION_DENIED; } - State state = mKeyStore->getState(callingUid); - if (!isKeystoreUnlocked(state)) { - ALOGD("calling clear_uid in state: %d", state); - return state; - } - if (targetUid64 == -1) { targetUid = callingUid; - } else if (!is_granted_to(callingUid, targetUid)) { + } else if (!is_self_or_system(callingUid, targetUid)) { + ALOGW("permission denied for %d: clear_uid %d", callingUid, targetUid); return ::PERMISSION_DENIED; } |