Snap for 4527419 from e5bfaa9cebdbbf4c43be6ac430cd38d0e92d9b6d to oc-m2-releaseandroid-8.1.0_r52 android-8.1.0_r50 android-8.1.0_r47 android-8.1.0_r46 android-8.1.0_r43 android-8.1.0_r41 android-8.1.0_r36 android-8.1.0_r35 android-8.1.0_r33 android-8.1.0_r30 android-8.1.0_r26 android-8.1.0_r25 android-8.1.0_r20 oreo-m7-release oreo-m6-s4-release oreo-m6-s3-release oreo-m6-s2-release oreo-m2-s5-release oreo-m2-s4-release oreo-m2-s3-release oreo-m2-s2-release oreo-m2-s1-release oreo-m2-release

Change-Id: I886605a8a7ea170a37e1cb6770f6b8a2fee90b68
author: android-build-team Robot <android-build-team-robot@google.com> 2018-01-05 18:58:01 +0000
committer: android-build-team Robot <android-build-team-robot@google.com> 2018-01-05 18:58:01 +0000
commit: 8b84e6d77fbd69a71fb051f21eb64b597927cbb1 (patch)
tree: 3900cb904f3230c37f4c41e2a7de8e4fcfcc003f
parent: 9108e61da167e65265986eead444903ec311af74 (diff)
parent: e5bfaa9cebdbbf4c43be6ac430cd38d0e92d9b6d (diff)
download: security-oreo-m6-s4-release.tar.gz
1 files changed, 6 insertions, 2 deletions
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index eb5fe86b..f6786b88 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -693,6 +693,8 @@ KeyStoreServiceReturnCode KeyStoreService::generateKey(const String16& name,
                                                        const hidl_vec<uint8_t>& entropy, int uid,
                                                        int flags,
                                                        KeyCharacteristics* outCharacteristics) {
+    // TODO(jbires): remove this getCallingUid call upon implementation of b/25646100
+    uid_t originalUid = IPCThreadState::self()->getCallingUid();
     uid = getEffectiveUid(uid);
     KeyStoreServiceReturnCode rc =
         checkBinderPermissionAndKeystoreState(P_INSERT, uid, flags & KEYSTORE_FLAG_ENCRYPTED);
@@ -703,9 +705,11 @@ KeyStoreServiceReturnCode KeyStoreService::generateKey(const String16& name,
         ALOGE("Non-system uid %d cannot set FLAG_CRITICAL_TO_DEVICE_ENCRYPTION", uid);
         return ResponseCode::PERMISSION_DENIED;
     }
-
     if (containsTag(params, Tag::INCLUDE_UNIQUE_ID)) {
-        if (!checkBinderPermission(P_GEN_UNIQUE_ID)) return ResponseCode::PERMISSION_DENIED;
+        if (!checkBinderPermission(P_GEN_UNIQUE_ID) ||
+              originalUid != IPCThreadState::self()->getCallingUid()) {
+            return ResponseCode::PERMISSION_DENIED;
+        }
     }
 
     bool usingFallback = false;
author	android-build-team Robot <android-build-team-robot@google.com>	2018-01-05 18:58:01 +0000
committer	android-build-team Robot <android-build-team-robot@google.com>	2018-01-05 18:58:01 +0000
commit	8b84e6d77fbd69a71fb051f21eb64b597927cbb1 (patch)
tree	3900cb904f3230c37f4c41e2a7de8e4fcfcc003f
parent	9108e61da167e65265986eead444903ec311af74 (diff)
parent	e5bfaa9cebdbbf4c43be6ac430cd38d0e92d9b6d (diff)
download	security-oreo-m6-s4-release.tar.gz