diff options
-rw-r--r-- | keystore/key_store_service.cpp | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp index eb5fe86b..f6786b88 100644 --- a/keystore/key_store_service.cpp +++ b/keystore/key_store_service.cpp @@ -693,6 +693,8 @@ KeyStoreServiceReturnCode KeyStoreService::generateKey(const String16& name, const hidl_vec<uint8_t>& entropy, int uid, int flags, KeyCharacteristics* outCharacteristics) { + // TODO(jbires): remove this getCallingUid call upon implementation of b/25646100 + uid_t originalUid = IPCThreadState::self()->getCallingUid(); uid = getEffectiveUid(uid); KeyStoreServiceReturnCode rc = checkBinderPermissionAndKeystoreState(P_INSERT, uid, flags & KEYSTORE_FLAG_ENCRYPTED); @@ -703,9 +705,11 @@ KeyStoreServiceReturnCode KeyStoreService::generateKey(const String16& name, ALOGE("Non-system uid %d cannot set FLAG_CRITICAL_TO_DEVICE_ENCRYPTION", uid); return ResponseCode::PERMISSION_DENIED; } - if (containsTag(params, Tag::INCLUDE_UNIQUE_ID)) { - if (!checkBinderPermission(P_GEN_UNIQUE_ID)) return ResponseCode::PERMISSION_DENIED; + if (!checkBinderPermission(P_GEN_UNIQUE_ID) || + originalUid != IPCThreadState::self()->getCallingUid()) { + return ResponseCode::PERMISSION_DENIED; + } } bool usingFallback = false; |