summaryrefslogtreecommitdiffstats
path: root/gatekeeperd
diff options
context:
space:
mode:
authorPavel Grafov <pgrafov@google.com>2017-06-28 19:03:58 +0100
committerPavel Grafov <pgrafov@google.com>2017-06-28 20:38:33 +0100
commit9890f89ca2ec281709da9a002ac4dca163d27aa5 (patch)
tree9152f321dcd4a819a02b324fa9bc88901ec839ae /gatekeeperd
parent667a2a4b82637b36811103b902136fdb55166310 (diff)
downloadcore-9890f89ca2ec281709da9a002ac4dca163d27aa5.tar.gz
core-9890f89ca2ec281709da9a002ac4dca163d27aa5.tar.bz2
core-9890f89ca2ec281709da9a002ac4dca163d27aa5.zip
Don't look up parent user SID.
This is a revert of http://ag/741442 Every user now has their own SID, so there is no need to look up profile parent anymore. Bug: 38259874 Test: manual, using ConfirmCredential sample app in work profile. Test: manual, making sure keys survive N->O-MR1 upgrade. Change-Id: Ib2f52baeb7c5bfeec95431fccfd6ddd537019954
Diffstat (limited to 'gatekeeperd')
-rw-r--r--gatekeeperd/Android.mk3
-rw-r--r--gatekeeperd/IUserManager.cpp57
-rw-r--r--gatekeeperd/IUserManager.h46
-rw-r--r--gatekeeperd/gatekeeperd.cpp19
4 files changed, 2 insertions, 123 deletions
diff --git a/gatekeeperd/Android.mk b/gatekeeperd/Android.mk
index 0dfd9d8a9..28f0b07ab 100644
--- a/gatekeeperd/Android.mk
+++ b/gatekeeperd/Android.mk
@@ -21,8 +21,7 @@ LOCAL_CFLAGS := -Wall -Wextra -Werror -Wunused
LOCAL_SRC_FILES := \
SoftGateKeeperDevice.cpp \
IGateKeeperService.cpp \
- gatekeeperd.cpp \
- IUserManager.cpp
+ gatekeeperd.cpp
LOCAL_MODULE := gatekeeperd
LOCAL_SHARED_LIBRARIES := \
diff --git a/gatekeeperd/IUserManager.cpp b/gatekeeperd/IUserManager.cpp
deleted file mode 100644
index 8167d1919..000000000
--- a/gatekeeperd/IUserManager.cpp
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#define LOG_TAG "IUserManager"
-#include <stdint.h>
-#include <sys/types.h>
-#include <utils/Log.h>
-#include <binder/Parcel.h>
-
-#include "IUserManager.h"
-
-namespace android {
-
-class BpUserManager : public BpInterface<IUserManager>
-{
-public:
- explicit BpUserManager(const sp<IBinder>& impl) :
- BpInterface<IUserManager>(impl) {
- }
- virtual int32_t getCredentialOwnerProfile(int32_t user_id) {
- Parcel data, reply;
- data.writeInterfaceToken(IUserManager::getInterfaceDescriptor());
- data.writeInt32(user_id);
- status_t rc = remote()->transact(GET_CREDENTIAL_OWNER_PROFILE, data, &reply, 0);
- if (rc != NO_ERROR) {
- ALOGE("%s: failed (%d)\n", __func__, rc);
- return -1;
- }
-
- int32_t exception = reply.readExceptionCode();
- if (exception != 0) {
- ALOGE("%s: got exception (%d)\n", __func__, exception);
- return -1;
- }
-
- return reply.readInt32();
- }
-
-};
-
-IMPLEMENT_META_INTERFACE(UserManager, "android.os.IUserManager");
-
-}; // namespace android
-
diff --git a/gatekeeperd/IUserManager.h b/gatekeeperd/IUserManager.h
deleted file mode 100644
index 640e9b511..000000000
--- a/gatekeeperd/IUserManager.h
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef IUSERMANAGER_H_
-#define IUSERMANAGER_H_
-
-#include <inttypes.h>
-#include <utils/Errors.h>
-#include <binder/IInterface.h>
-#include <binder/Parcel.h>
-#include <utils/Vector.h>
-
-namespace android {
-
-/*
-* Communication channel to UserManager
-*/
-class IUserManager : public IInterface {
- public:
- // must be kept in sync with IUserManager.aidl
- enum {
- GET_CREDENTIAL_OWNER_PROFILE = IBinder::FIRST_CALL_TRANSACTION + 0,
- };
-
- virtual int32_t getCredentialOwnerProfile(int32_t user_id) = 0;
-
- DECLARE_META_INTERFACE(UserManager);
-};
-
-}; // namespace android
-
-#endif // IUSERMANAGER_H_
-
diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp
index c6369f9ed..184c6d222 100644
--- a/gatekeeperd/gatekeeperd.cpp
+++ b/gatekeeperd/gatekeeperd.cpp
@@ -37,7 +37,6 @@
#include <utils/String16.h>
#include "SoftGateKeeperDevice.h"
-#include "IUserManager.h"
#include <hidl/HidlSupport.h>
#include <android/hardware/gatekeeper/1.0/IGatekeeper.h>
@@ -334,23 +333,7 @@ public:
return ret;
}
- virtual uint64_t getSecureUserId(uint32_t uid) {
- uint64_t sid = read_sid(uid);
- if (sid == 0) {
- // might be a work profile, look up the parent
- sp<IServiceManager> sm = defaultServiceManager();
- sp<IBinder> binder = sm->getService(String16("user"));
- sp<IUserManager> um = interface_cast<IUserManager>(binder);
- int32_t parent = um->getCredentialOwnerProfile(uid);
- if (parent < 0) {
- return 0;
- } else if (parent != (int32_t) uid) {
- return read_sid(parent);
- }
- }
- return sid;
-
- }
+ virtual uint64_t getSecureUserId(uint32_t uid) { return read_sid(uid); }
virtual void clearSecureUserId(uint32_t uid) {
IPCThreadState* ipc = IPCThreadState::self();